urlscan.io logo urlscan.io
SecurityTrails logo

www.mlive.com Open in urlscan Pro
2a02:26f0:480:f::213:7ec5  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.mlive.com/
Submission Tags: @phishunt_io
Submission: On March 31 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 116 IPs in 12 countries across 82 domains to perform 385 HTTP transactions. The main IP is 2a02:26f0:480:f::213:7ec5, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.mlive.com. The Cisco Umbrella rank of the primary domain is 54122.
TLS certificate: Issued by R3 on March 20th 2023. Valid for: 3 months.
This is the only time www.mlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
37 2a02:26f0:480... 20940 (AKAMAI-ASN1)
10 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:1901:0:3... 15169 (GOOGLE)
1 13.32.121.87 16509 (AMAZON-02)
1 18.66.122.27 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
4 35.71.130.31 16509 (AMAZON-02)
1 2600:9000:21a... 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2.18.232.7 16625 (AKAMAI-AS)
13 52.222.236.124 16509 (AMAZON-02)
5 88.221.169.143 16625 (AKAMAI-AS)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.32.99.57 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 52.222.250.70 16509 (AMAZON-02)
1 23.35.237.64 16625 (AKAMAI-AS)
2 13.32.99.23 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 146.75.116.157 54113 (FASTLY)
1 108.138.15.119 16509 (AMAZON-02)
1 2 107.178.250.234 396982 (GOOGLE-CL...)
1 104.111.217.42 16625 (AKAMAI-AS)
1 18.66.100.58 16509 (AMAZON-02)
2 13.32.99.35 16509 (AMAZON-02)
2 50.16.113.20 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
3 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 104.244.42.133 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
7 18.203.205.156 16509 (AMAZON-02)
3 34.205.216.79 14618 (AMAZON-AES)
1 52.17.99.225 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f11... 32934 (FACEBOOK)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
5 2a00:1450:400... 15169 (GOOGLE)
2 2.19.70.117 16625 (AKAMAI-AS)
3 108.138.1.25 16509 (AMAZON-02)
3 18.66.97.88 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 34.248.100.85 16509 (AMAZON-02)
3 52.210.50.80 16509 (AMAZON-02)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 34.234.4.175 14618 (AMAZON-AES)
1 104.77.32.87 16625 (AKAMAI-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 52.20.189.46 14618 (AMAZON-AES)
1 108.138.4.150 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.18.25.185 13335 (CLOUDFLAR...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 52.19.161.80 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 162.19.138.82 16276 (OVH)
5 162.19.138.118 16276 (OVH)
4 35.71.131.137 16509 (AMAZON-02)
46 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 54.159.56.141 14618 (AMAZON-AES)
1 35.186.255.72 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.50.106.221 16625 (AKAMAI-AS)
1 2620:100:a001::4 19750 (AS-CRITEO)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a02:26f0:350... 20940 (AKAMAI-ASN1)
9 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
16 41 142.250.184.226 15169 (GOOGLE)
7 17 185.80.39.216 27381 (CASALE-MEDIA)
9 12 185.89.210.153 29990 (ASN-APPNEX)
6 34.149.12.213 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
1 34.98.64.218 396982 (GOOGLE-CL...)
3 142.250.186.70 15169 (GOOGLE)
2 52.28.240.14 16509 (AMAZON-02)
6 142.250.74.194 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.186.253.211 15169 (GOOGLE)
4 6 69.173.144.165 26667 (RUBICONPR...)
1 1 51.89.9.253 16276 (OVH)
4 4 52.208.99.252 16509 (AMAZON-02)
1 18.181.178.82 16509 (AMAZON-02)
6 6 3.64.167.250 16509 (AMAZON-02)
2 2 151.101.194.49 54113 (FASTLY)
3 3 213.155.156.184 1299 (TWELVE99 ...)
1 1 2600:9000:211... 16509 (AMAZON-02)
1 2 23.35.228.23 16625 (AKAMAI-AS)
1 1 20.127.253.7 8075 (MICROSOFT...)
2 2 185.29.134.248 30419 (MEDIAMATH...)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 216.52.2.91 32475 (SINGLEHOP...)
2 2 13.248.245.213 16509 (AMAZON-02)
1 143.204.89.56 16509 (AMAZON-02)
1 2600:1901:0:8... ()
1 3 54.154.146.140 ()
1 34.120.133.55 396982 (GOOGLE-CL...)
2 88.221.168.201 16625 (AKAMAI-AS)
1 88.221.168.23 16625 (AKAMAI-AS)
2 104.126.125.209 ()
2 104.18.11.47 13335 (CLOUDFLAR...)
1 2 185.64.189.115 ()
2 4 52.46.143.56 ()
1 2 2a05:d018:d29... ()
1 63.251.232.165 ()
1 2a05:d018:cc3... ()
2 2 98.98.134.241 ()
2 2 34.111.113.62 ()
1 1 185.183.112.148 ()
4 185.64.189.110 ()
3 185.64.190.80 ()
1 1 178.250.1.9 ()
1 1 2620:116:800d... ()
2 4 52.95.122.74 ()
2 2 34.111.129.221 ()
1 34.111.131.239 ()
3 4 34.204.165.144 ()
3 3 37.157.3.20 ()
1 34.91.62.186 ()
4 4 69.173.144.138 ()
1 185.64.190.81 ()
385 116
37    2a02:26f0:480:f::213:7ec5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.mlive.com
10    2606:4700::6813:bc61 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    2600:1901:0:328a::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
satisfycork.com
1    13.32.121.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-87.fra60.r.cloudfront.net
cdn.sophi.io
1    18.66.122.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-27.fra60.r.cloudfront.net
apps.sophi.io
1    2a02:26f0:3500:592::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    35.71.130.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8fd921d2017b5f79.awsglobalaccelerator.com
ecollector-us-east.sophi.io
1    2600:9000:21a1:7200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    2606:4700:4400::ac40:9062 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
13    52.222.236.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-124.fra56.r.cloudfront.net
h312.mlive.com
5    88.221.169.143 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-143.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
3    2606:4700::6811:b9b1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
1    13.32.99.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-57.fra60.r.cloudfront.net
ats-wrapper.privacymanager.io
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
news.google.com
6    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
ampcid.google.com
1    52.222.250.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-70.fra60.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1    23.35.237.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-64.deploy.static.akamaitechnologies.com
s.ntv.io
2    13.32.99.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net
sb.scorecardresearch.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
2    107.178.250.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
1    104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com
at.teads.tv
1    18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net
cdn.parsely.com
2    13.32.99.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-35.fra60.r.cloudfront.net
geo.privacymanager.io
2    50.16.113.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-113-20.compute-1.amazonaws.com
advancelocal.blueconic.net
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    2600:9000:20eb:3400:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
7    18.203.205.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-205-156.eu-west-1.compute.amazonaws.com
jadserve.postrelease.com
3    34.205.216.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-216-79.compute-1.amazonaws.com
www.i.matheranalytics.com
1    52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
p1.parsely.com
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a02:26f0:480:184::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
5    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2.19.70.117 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-70-117.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
3    18.66.97.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-88.fra56.r.cloudfront.net
tags.crwdcntrl.net
3    2a00:1450:4001:806::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    34.248.100.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-100-85.eu-west-1.compute.amazonaws.com
privacy.crwdcntrl.net
3    52.210.50.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-50-80.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    2600:1f18:730:b140:318:4480:a19a:ad9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    34.234.4.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-4-175.compute-1.amazonaws.com
rp4.liadm.com
1    104.77.32.87 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-32-87.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    52.20.189.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-189-46.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
1    108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net
aax.amazon-adsystem.com
8    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
1    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    52.19.161.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-161-80.eu-west-1.compute.amazonaws.com
exchange.postrelease.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
5    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
4    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
46    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
18    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    54.159.56.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-56-141.compute-1.amazonaws.com
idx.liadm.com
1    35.186.255.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.255.186.35.bc.googleusercontent.com
app.matheranalytics.com
1    2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
1    23.50.106.221 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-106-221.deploy.static.akamaitechnologies.com
ead.mlive.com
1    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    2600:9000:2250:d400:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
6    2a02:26f0:3500:d::1732:83d6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
9    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
41    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
17    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
r.casalemedia.com
12    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
6    34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
3    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
ad.doubleclick.net
2    52.28.240.14 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-240-14.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
6    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
googleads4.g.doubleclick.net
3    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
6    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
4    52.208.99.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-99-252.eu-west-1.compute.amazonaws.com
match.360yield.com
1    18.181.178.82 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-181-178-82.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
6    3.64.167.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-167-250.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    213.155.156.184 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com
d5p.de17a.com
1    2600:9000:211e:b000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
cs.media.net
c21lg-d.media.net
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    143.204.89.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-56.fra50.r.cloudfront.net
check.analytics.rlcdn.com
1    2600:1901:0:8344:: (None, )

ASN- ()
lexicon.33across.com
3    54.154.146.140 (None, )

ASN- ()
id.crwdcntrl.net
sync.crwdcntrl.net
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
2    88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    88.221.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-23.deploy.static.akamaitechnologies.com
contextual.media.net
2    104.126.125.209 (None, )

ASN- ()
eus.rubiconproject.com
2    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    185.64.189.115 (None, )

ASN- ()
image6.pubmatic.com
4    52.46.143.56 (None, )

ASN- ()
s.amazon-adsystem.com
2    2a05:d018:d29:3605:229b:4d01:195a:9865 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
1    63.251.232.165 (None, )

ASN- ()
cm.adgrx.com
1    2a05:d018:cc3:fe05:6a35:1367:c4a4:921c (None, )

ASN- ()
d.adroll.com
2    98.98.134.241 (None, )

ASN- ()
pixel-sync.sitescout.com
2    34.111.113.62 (None, )

ASN- ()
pixel.tapad.com
1    185.183.112.148 (None, )

ASN- ()
sync.adotmob.com
4    185.64.189.110 (None, )

ASN- ()
image2.pubmatic.com
3    185.64.190.80 (None, )

ASN- ()
simage2.pubmatic.com
1    178.250.1.9 (None, )

ASN- ()
dis.criteo.com
1    2620:116:800d:21:7eb1:3826:be7e:d981 (None, )

ASN- ()
cms.quantserve.com
4    52.95.122.74 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
2    34.111.129.221 (None, )

ASN- ()
cr.frontend.weborama.fr
1    34.111.131.239 (None, )

ASN- ()
idsync.frontend.weborama.fr
4    34.204.165.144 (None, )

ASN- ()
a.audrte.com
3    37.157.3.20 (None, )

ASN- ()
dmp.adform.net
c1.adform.net
1    34.91.62.186 (None, )

ASN- ()
um.simpli.fi
4    69.173.144.138 (None, )

ASN- ()
token.rubiconproject.com
1    185.64.190.81 (None, )

ASN- ()
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
68 googlesyndication.com
309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 111
tpc.googlesyndication.com — Cisco Umbrella Rank: 145
351 KB
63 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 100
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 228
ad.doubleclick.net — Cisco Umbrella Rank: 172
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 335
294 KB
51 mlive.com
www.mlive.com — Cisco Umbrella Rank: 54122
h312.mlive.com — Cisco Umbrella Rank: 112234
ead.mlive.com — Cisco Umbrella Rank: 126657
1 MB
18 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 526
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 569
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
r.casalemedia.com
14 KB
17 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3210
ads.rubiconproject.com — Cisco Umbrella Rank: 2412
fastlane.rubiconproject.com — Cisco Umbrella Rank: 498
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2977
pixel.rubiconproject.com — Cisco Umbrella Rank: 340
eus.rubiconproject.com
token.rubiconproject.com
153 KB
13 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 500
ads.pubmatic.com — Cisco Umbrella Rank: 509
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
simage4.pubmatic.com
27 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
13 KB
12 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 505
rtb0.doubleverify.com — Cisco Umbrella Rank: 770
rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 17738
64 KB
12 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 309
aax.amazon-adsystem.com — Cisco Umbrella Rank: 412
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
67 KB
12 google.com
news.google.com — Cisco Umbrella Rank: 5830
ampcid.google.com — Cisco Umbrella Rank: 2399
accounts.google.com — Cisco Umbrella Rank: 87
adservice.google.com — Cisco Umbrella Rank: 90
www.google.com — Cisco Umbrella Rank: 2
145 KB
10 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1289
privacy.crwdcntrl.net — Cisco Umbrella Rank: 43034
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1006
id.crwdcntrl.net
sync.crwdcntrl.net
43 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 433
245 KB
9 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 198
235 KB
8 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1256
exchange.postrelease.com — Cisco Umbrella Rank: 7036
5 KB
7 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1045
id5-sync.com — Cisco Umbrella Rank: 437
37 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
region1.google-analytics.com — Cisco Umbrella Rank: 2284
40 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 323
3 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
340 B
6 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 11595
www.i.matheranalytics.com — Cisco Umbrella Rank: 11387
app.matheranalytics.com — Cisco Umbrella Rank: 17805
43 KB
6 sophi.io
cdn.sophi.io — Cisco Umbrella Rank: 23527
apps.sophi.io — Cisco Umbrella Rank: 36340
ecollector-us-east.sophi.io — Cisco Umbrella Rank: 30938
38 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 400
www.linkedin.com — Cisco Umbrella Rank: 579
px4.ads.linkedin.com — Cisco Umbrella Rank: 6196
3 KB
5 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1592
insight.adsrvr.org — Cisco Umbrella Rank: 633
match.adsrvr.org
3 KB
5 moatads.com
z.moatads.com — Cisco Umbrella Rank: 483
px.moatads.com — Cisco Umbrella Rank: 534
86 KB
4 audrte.com
a.audrte.com
3 KB
4 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2484
2 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 416
mug.criteo.com — Cisco Umbrella Rank: 2381
dis.criteo.com
8 KB
4 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2947
google-bidout-d.openx.net — Cisco Umbrella Rank: 2875
rtb.openx.net — Cisco Umbrella Rank: 1557
1022 B
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1373
cs.media.net — Cisco Umbrella Rank: 1502
contextual.media.net — Cisco Umbrella Rank: 616
c21lg-d.media.net
10 KB
3 adform.net
dmp.adform.net
c1.adform.net
2 KB
3 weborama.fr
cr.frontend.weborama.fr
idsync.frontend.weborama.fr
897 B
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5011
865 B
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 299
142 KB
3 liadm.com
rp.liadm.com — Cisco Umbrella Rank: 1648
rp4.liadm.com — Cisco Umbrella Rank: 6852
idx.liadm.com — Cisco Umbrella Rank: 2767
2 KB
3 google.de
ampcid.google.de — Cisco Umbrella Rank: 56011
adservice.google.de — Cisco Umbrella Rank: 7832
1 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
244 KB
3 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 4042
geo.privacymanager.io — Cisco Umbrella Rank: 1831
51 KB
3 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 8105
cdn.tinypass.com — Cisco Umbrella Rank: 5392
buy.tinypass.com — Cisco Umbrella Rank: 6529
108 KB
3 satisfycork.com
satisfycork.com — Cisco Umbrella Rank: 32860
22 KB
2 tapad.com
pixel.tapad.com
1 KB
2 sitescout.com
pixel-sync.sitescout.com
1 KB
2 yahoo.com
pr-bh.ybp.yahoo.com
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 650
cdn.indexww.com
2 KB
2 rlcdn.com
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4471
api.rlcdn.com — Cisco Umbrella Rank: 801
636 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 387
948 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 646
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 507
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 652
896 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 820
s.tribalfusion.com — Cisco Umbrella Rank: 2028
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1115
800 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 739
455 B
2 blueconic.net
advancelocal.blueconic.net — Cisco Umbrella Rank: 32318
2 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2812
p1.parsely.com — Cisco Umbrella Rank: 2202
21 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 162
3 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1399
at.teads.tv — Cisco Umbrella Rank: 4747
4 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 648
564 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
201 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1312
c.go-mpulse.net — Cisco Umbrella Rank: 662
50 KB
1 simpli.fi
um.simpli.fi
612 B
1 quantserve.com
cms.quantserve.com
588 B
1 adotmob.com
sync.adotmob.com
281 B
1 adroll.com
d.adroll.com
181 B
1 adgrx.com
cm.adgrx.com
283 B
1 33across.com
lexicon.33across.com
249 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 6349
554 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1522
708 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 759
444 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 5906
44 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 828
336 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3194
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3449
2 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 670
13 KB
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 5268
2 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1216
17 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 687
725 B
1 t.co
t.co — Cisco Umbrella Rank: 525
378 B
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1000
366 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 701
15 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 853
5 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3613
154 KB
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 591
482 B
385 82
Domain Requested by
46 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
pagead2.googlesyndication.com
ad.doubleclick.net
www.googletagservices.com
41 cm.g.doubleclick.net 16 redirects googleads.g.doubleclick.net
309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
37 www.mlive.com www.mlive.com
18 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
googleads.g.doubleclick.net
13 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
13 h312.mlive.com www.mlive.com
h312.mlive.com
12 ib.adnxs.com 9 redirects googleads.g.doubleclick.net
10 cdn.cookielaw.org www.mlive.com
cdn.cookielaw.org
9 www.googletagservices.com 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
cdn.doubleverify.com
www.googletagservices.com
7 jadserve.postrelease.com s.ntv.io
www.mlive.com
6 x.bidswitch.net 6 redirects
6 pixel.rubiconproject.com 4 redirects
6 googleads4.g.doubleclick.net ad.doubleclick.net
6 cdn.doubleverify.com 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
cdn.doubleverify.com
6 googleads.g.doubleclick.net 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
pagead2.googlesyndication.com
6 www.facebook.com www.mlive.com
5 id5-sync.com cdn.id5-sync.com
micro.rubiconproject.com
5 securepubads.g.doubleclick.net www.mlive.com
securepubads.g.doubleclick.net
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.mlive.com
4 token.rubiconproject.com 4 redirects
4 a.audrte.com 3 redirects
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
4 image2.pubmatic.com ads.pubmatic.com
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 match.360yield.com 4 redirects
4 www.google.com tpc.googlesyndication.com
309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
4 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 ecollector-us-east.sophi.io cdn.sophi.io
3 simage2.pubmatic.com ads.pubmatic.com
3 match.adsrvr.org ssum-sec.casalemedia.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 d5p.de17a.com 3 redirects
3 s0.2mdn.net 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
ad.doubleclick.net
3 ad.doubleclick.net www.googletagservices.com
3 rtbc-eu3.doubleverify.com cdn.doubleverify.com
3 rtb0.doubleverify.com cdn.doubleverify.com
3 px.moatads.com www.mlive.com
3 bcp.crwdcntrl.net tags.crwdcntrl.net
3 accounts.google.com www.mlive.com
accounts.google.com
3 tags.crwdcntrl.net www.mlive.com
securepubads.g.doubleclick.net
3 c.amazon-adsystem.com www.mlive.com
c.amazon-adsystem.com
3 www.i.matheranalytics.com www.mlive.com
3 px.ads.linkedin.com 2 redirects
3 connect.facebook.net www.mlive.com
connect.facebook.net
3 satisfycork.com www.mlive.com
satisfycork.com
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 pixel.tapad.com 2 redirects
2 sync.crwdcntrl.net 1 redirects
2 pixel-sync.sitescout.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
2 ads.pubmatic.com micro.rubiconproject.com
2 eb2.3lift.com 2 redirects
2 ap.lijit.com 2 redirects
2 sync.mathtag.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
micro.rubiconproject.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 cdn.id5-sync.com www.mlive.com
securepubads.g.doubleclick.net
2 stats.g.doubleclick.net www.google-analytics.com
2 region1.google-analytics.com www.googletagmanager.com
2 advancelocal.blueconic.net h312.mlive.com
2 geo.privacymanager.io ats-wrapper.privacymanager.io
2 js.matheranalytics.com 1 redirects www.mlive.com
2 sb.scorecardresearch.com www.mlive.com
2 news.google.com www.googletagmanager.com
news.google.com
2 z.moatads.com www.mlive.com
z.moatads.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 www.googletagmanager.com www.mlive.com
www.googletagmanager.com
1 simage4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr
1 cms.quantserve.com 1 redirects
1 dis.criteo.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 r.casalemedia.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 c21lg-d.media.net contextual.media.net
1 js-sec.indexww.com micro.rubiconproject.com
1 contextual.media.net micro.rubiconproject.com
1 api.rlcdn.com micro.rubiconproject.com
1 id.crwdcntrl.net micro.rubiconproject.com
1 lexicon.33across.com micro.rubiconproject.com
1 buy.tinypass.com cdn.tinypass.com
1 check.analytics.rlcdn.com micro.rubiconproject.com
1 ads.travelaudience.com 1 redirects
1 sync.inmobi.com 1 redirects
1 cs.media.net 1 redirects
1 s.ad.smaato.net 1 redirects
1 cc.adingo.jp 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
1 onetag-sys.com 1 redirects
1 rtb.openx.net 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 ead.mlive.com
1 c2.piano.io cdn.tinypass.com
1 app.matheranalytics.com js.matheranalytics.com
1 idx.liadm.com micro.rubiconproject.com
1 insight.adsrvr.org js.adsrvr.org
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 exchange.postrelease.com micro.rubiconproject.com
1 prebid.media.net micro.rubiconproject.com
1 fastlane.rubiconproject.com micro.rubiconproject.com
1 htlb.casalemedia.com micro.rubiconproject.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 secure.cdn.fastclick.net www.mlive.com
1 rp4.liadm.com
1 rp.liadm.com 1 redirects
1 ads.rubiconproject.com micro.rubiconproject.com
1 privacy.crwdcntrl.net tags.crwdcntrl.net
1 micro.rubiconproject.com www.mlive.com
1 c.go-mpulse.net s.go-mpulse.net
1 p1.parsely.com www.mlive.com
1 analytics.twitter.com www.mlive.com
1 t.co www.mlive.com
1 px4.ads.linkedin.com www.mlive.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 cdn.tinypass.com experience.tinypass.com
1 at.teads.tv a.teads.tv
1 js.adsrvr.org www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 s.ntv.io www.mlive.com
1 d1z2jf7jlzjs58.cloudfront.net www.mlive.com
1 ats-wrapper.privacymanager.io www.mlive.com
1 experience.tinypass.com www.mlive.com
1 a.teads.tv www.googletagmanager.com
1 static.adsafeprotected.com www.mlive.com
1 s.go-mpulse.net www.mlive.com
1 apps.sophi.io www.mlive.com
1 cdn.sophi.io www.mlive.com
385 151
Subject Issuer Validity Valid
advancelocal.web.arc-cdn.net
R3		 2023-03-20 -
2023-06-18		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
satisfycork.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
cdn.sophi.io
Amazon RSA 2048 M02		 2023-02-28 -
2023-11-15		 9 months crt.sh
apps.sophi.io
Amazon RSA 2048 M01		 2023-03-18 -
2024-04-15		 a year crt.sh
akstat.io
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-15 -
2023-04-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.sophi.io
Amazon RSA 2048 M01		 2023-02-20 -
2023-06-09		 4 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
teads.tv
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
h299.reckon.news
Amazon RSA 2048 M01		 2023-03-01 -
2023-07-30		 5 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-12 -
2023-09-12		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-24		 7 months crt.sh
*.news.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-24 -
2023-10-26		 a year crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-01-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-08 -
2023-04-08		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-07-04		 4 months crt.sh
*.blueconic.net
Amazon RSA 2048 M02		 2023-02-28 -
2023-08-06		 5 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-02-24 -
2023-08-06		 5 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-02-16		 a year crt.sh
www.i.matheranalytics.com
Amazon RSA 2048 M01		 2023-03-02 -
2024-01-13		 10 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M01		 2023-02-21 -
2023-10-29		 8 months crt.sh
app.matheranalytics.com
GTS CA 1D4		 2023-02-14 -
2023-05-15		 3 months crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
li.lisecurelink.com
R3		 2023-03-22 -
2023-06-20		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-02-25 -
2023-05-26		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-03-30 -
2023-06-28		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-06 -
2023-04-14		 a year crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2023-02-28 -
2023-08-25		 6 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-02-15 -
2023-05-17		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh

This page contains 33 frames:

Primary Page: https://www.mlive.com/
Frame ID: 43A41D56E069F5B66D65B2354644B7B7
Requests: 192 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 6BFD65DC95CCBADEAD4B8ADBF209D557
Requests: 1 HTTP requests in this frame

Frame: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7F859E378F45C581625FA3591A244624
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=4pdxx2d&ref=https%3A%2F%2Fwww.mlive.com%2F&upid=p5qqvcp&upv=1.1.0
Frame ID: CD79DBE17C32CC5492A3E6CDEF599A5C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E00C470AADDD2716F61D5D43E4A065F1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CAFF48D876F97936DA88C152C56650C6
Requests: 2 HTTP requests in this frame

Frame: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E727E3D36616F9AC0067E046FC087BAB
Requests: 27 HTTP requests in this frame

Frame: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CD8A8F15A713517C17F51E3225D09A8F
Requests: 27 HTTP requests in this frame

Frame: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E3129AAC0318770D647CC34C7FCF2D15
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGMCumuIBMAE&v=APEucNXz2Z_mJUJf3JvmTO8HYp02y0Yf5DBnF_jqhv2CIMxRwNjTVdPXCtlH_sY06krMRxZRFkDnFxLscsHGImHy82eWDEpODzKc27nxW4yjorXy1sKwWc7ec5N6u8PxZrDQRFGmaxLARxUgRYYpiKO3GyeG6YHWkYNMcvPJ5XIh_i8y1HqItVBsC_VTj7a8mE6qltAQlqX1
Frame ID: 61289391F6BD8C6AB5A4D059AC6A3739
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGMCumuIBMAE&v=APEucNXJhEo3V6L_uxNIXx7N-iZj22K7almfg5F5TdZJdyQbb6yyZOZeXoGiL1fEJYyy3_yM01aMcCE213gzZrkh97gLzXI1Q3CdhVI6_qjYJFdizAT-FennXgAuHrW4sDaWoTdjujQu35QP5OevoSyl2UrpZgb8ckzcyep6KR0K3BgBn7v2RIIWauQiSZ6-ufMNOt85RklW
Frame ID: 753114977829798D7ED64CDC50E8C03C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGMCumuIBMAE&v=APEucNW3GMciysCL3uhEgixXdUT9e1Lm-uOs5PMFyHbsw6ux2gfVWh5vHeQgnFDR8u_WJZMoqDSgvHjA8sSh_YHYfBvnJm_s-WujYFTIsbURtVpnNcVYeywiuMOuiPAg-2G8EE4pWqfQiWzWyWfoxMY_JN31v0CvgaxtWWwHlVBimJTozjiFVW9hN52-ZgIQ5IaRn9LkI6Ko
Frame ID: F130E1FD72D4C8079783772601C268E4
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AA3C55A72D427EFDA0218A2C41BC840B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A63A8124B767C4634FEFFFCC0FEFECDC
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mlive.com
Frame ID: 5196E6CB6839B9838D0628096BD59B7B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 85C09C025AC4FB66867CA5286ED77FAE
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 573A5B0414732BB33230ADF414BFC36D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 91F998E6035799535EC130A77F6F0C7A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 19904661F98761848D4E5FBB2742A3DB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B0CD60065360E780B11F8B68D3781FCE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FCCD27DC26DBF81925ACB8B094DB4B2C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A4329CBEEFFD2119394E8EB2BFF942AB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 16130FA3ED5558671360A115C7A70ABC
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Frame ID: 19221E153EF928D990BEEC1470F7E1E9
Requests: 12 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 0E3C6F696DE606D19217EBC2D943DDC0
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 23859377E36C46A6CD1274D72EB8EBB4
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D62E547FFE75B040EEBA123BEB565DC9
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 117C8D8EA41D431E3C98BAF2ED2C160F
Requests: 10 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8425551230365208022
Frame ID: 6AC987F510B1FD904488565AB556A650
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:72ec6427-3540-4b00-b665-9a3e9ed4e84a&gdpr=0&gdpr_consent=
Frame ID: E5BC03C38C5838F7C1299FC16B33751C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 752F5ED9EF95A82651A7795EB24D4D14
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=QCg0aUUpMm1bKz5pQnkrPRV9NWpbfzdmFXpYcvyE
Frame ID: 12F2CDE8D28DF9824C487DCAD4801872
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FEEAC148-E995-4A2A-BB9D-0D81B404E658&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 832907A99A0EE44D0062E587BE6D41D3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Michigan Local News, Breaking News, Sports & WeatherLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyBack ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

385
Requests

86 %
HTTPS

33 %
IPv6

82
Domains

151
Subdomains

116
IPs

12
Countries

4493 kB
Transfer

13220 kB
Size

108
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1621 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
Request Chain 73
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1680291132895&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1680291132895%26url%3Dhttps%253A%252F%252Fwww.mlive.com%252F%26tm%3Dgtmv2%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1680291132895&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1680291132895&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQKBE5GYwUSDdgAAAYc5J_fGIsugVbewNspcTW17nz5qrywKQTpth1uRd5uLs-WH0Qquv5jz2FkSGarnfuSrXuU4NOLg
Request Chain 131
  • https://rp.liadm.com/j?dtstmp=1680291133854&se=e30&duid=94c49eadf2ac--01gwwjfycw0c5c0jernr7x4h8s&pu=https%3A%2F%2Fwww.mlive.com%2F&us_privacy=1---&wpn=prebid HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1680291133854&se=e30&duid=94c49eadf2ac--01gwwjfycw0c5c0jernr7x4h8s&pu=https%3A%2F%2Fwww.mlive.com%2F&us_privacy=1---&wpn=prebid&i6=MmEwMjo2ZWEwOmM3MWI6MDoxMDExOjRlMzpjNzdjOmVjOTI%3D&n3pc=true
Request Chain 215
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
Request Chain 217
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZCc1P6clTk8FAfVMrMP3WQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBF9uQcKV4CsrFgH18X-OMk&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBF9uQcKV4CsrFgH18X-OMk%26google_cver%3D1
Request Chain 219
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxNzYxMzI0OTMzMTYzMTU2NA%3D%3D
Request Chain 220
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
Request Chain 221
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZCc1P6clTk8FAfVMrMP3WQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
Request Chain 222
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBF9uQcKV4CsrFgH18X-OMk&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBF9uQcKV4CsrFgH18X-OMk%26google_cver%3D1
Request Chain 223
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQzMzI4NDk1NjY2MTE3ODg1NQ%3D%3D
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
Request Chain 225
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZCc1P6clTk8FAfVMrMP3WQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
Request Chain 226
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBF9uQcKV4CsrFgH18X-OMk&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBF9uQcKV4CsrFgH18X-OMk%26google_cver%3D1
Request Chain 227
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxNDIxOTQ5MTQ2NzYzMDE5OA%3D%3D
Request Chain 254
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=mlive.com&sn=ChromeSyncframe&so=0&topUrl=www.mlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=zqRCnHxzMG5UMFd0Rm1NK0tFU3JMSUY3T2RiODJIK2JBTE8rZjNqM2lCSFFLb20xM0FjK2J6MDV1M0RCUEhGNlB3TDgxRExJcnFycU9EVm03RG02eHEwNmtlTUZvem5rMkdKNHJPUDNhd1VObGVOTVZ5TFBqT0s5U3lQT1hwcXB3eUwybkZxS09hS1owSU9jUXVLT1hrVTFGbWQ2TGVXYnhXUWFVNGdMQUZaWXhBLzRNSFplcnRabDdMTjY1TDM4SzVtU0FIUERyVk1uTHV4ZmwxQ0E0NENmM0RkcUlkU1ZrVHdtL0dURDZ6RTlnZ1VKcEgyYlA2TDlISUNLVW9OT3NvbnZSNkpTamNaL25lenoyeWk0MHVnVjlPQT09fA&cppv=2
Request Chain 293
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEEj4D2ZoDOPOI3KR0CQz4DE&google_cver=1&google_push=Aer7DvJrCChrEynLjj8QTvRkdyVUL_ft99hhF1BLSqVvIFEUsw7SeK0CMKJdR0AFIsAAl_oqtcMk5BNr2qMWgGO3Dk1L3FjqVgGz&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJrCChrEynLjj8QTvRkdyVUL_ft99hhF1BLSqVvIFEUsw7SeK0CMKJdR0AFIsAAl_oqtcMk5BNr2qMWgGO3Dk1L3FjqVgGz%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEj4D2ZoDOPOI3KR0CQz4DE&google_cver=1&google_push=Aer7DvJrCChrEynLjj8QTvRkdyVUL_ft99hhF1BLSqVvIFEUsw7SeK0CMKJdR0AFIsAAl_oqtcMk5BNr2qMWgGO3Dk1L3FjqVgGz&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJrCChrEynLjj8QTvRkdyVUL_ft99hhF1BLSqVvIFEUsw7SeK0CMKJdR0AFIsAAl_oqtcMk5BNr2qMWgGO3Dk1L3FjqVgGz%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 295
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBjRgfM-OSEa7CwHE4n8hlM&google_cver=1&google_push=Aer7DvKqeQyQuobXaD0qHB7X58hY0Mt0Pa1u80tVglUuGsswJdJafnCKCDn_ML58V5A0nDqmlYN0VWoGaFIgLaJOrXOc5YrnZynH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZXWFlHU1EtMUYtU0lE&google_push=Aer7DvKqeQyQuobXaD0qHB7X58hY0Mt0Pa1u80tVglUuGsswJdJafnCKCDn_ML58V5A0nDqmlYN0VWoGaFIgLaJOrXOc5YrnZynH
Request Chain 296
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEG12K9F8UxXmiahHs-Z_Zuc&google_cver=1&google_push=Aer7DvLlOjPsjeYpk5iHTS1_XjPUaYw708Tp0B-cUtBEPnXReglCa0iBU3AKgAyCxNeeRcogHXOD6YQH_wKxxgsvTOzzAuwu5Cqm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLlOjPsjeYpk5iHTS1_XjPUaYw708Tp0B-cUtBEPnXReglCa0iBU3AKgAyCxNeeRcogHXOD6YQH_wKxxgsvTOzzAuwu5Cqm
Request Chain 297
  • https://match.360yield.com/match/ebda?google_gid=CAESEJ66ZBvgSwprD_Q2qhHYrVI&google_cver=1&google_push=Aer7DvIyguqpl-ErE3fjH2DePMlvsx1JpEB7L0RtMMlRBzuLgVaLcm2oD8DNN5Xg87uwCPgRNYdbiGPn_TTWKYczdujAv6rmWO-XRw HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJ66ZBvgSwprD_Q2qhHYrVI&google_cver=1&google_push=Aer7DvIyguqpl-ErE3fjH2DePMlvsx1JpEB7L0RtMMlRBzuLgVaLcm2oD8DNN5Xg87uwCPgRNYdbiGPn_TTWKYczdujAv6rmWO-XRw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yzCd_-N-QDWwMuQf0iGn3g&google_push=Aer7DvIyguqpl-ErE3fjH2DePMlvsx1JpEB7L0RtMMlRBzuLgVaLcm2oD8DNN5Xg87uwCPgRNYdbiGPn_TTWKYczdujAv6rmWO-XRw
Request Chain 299
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJnJKh2NnQSjOLNUvv1NfWc&google_cver=1&google_push=Aer7DvKlZyUNtFU3drhhEM2uWi2hIj1tT2Aa-TQqqPHwWC4-axCmrQ-WrEE4a3EdlC4LuJvJ8_py12kqj3DWECsaEsASaW6h4CZXClw HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJnJKh2NnQSjOLNUvv1NfWc&google_cver=1&google_push=Aer7DvKlZyUNtFU3drhhEM2uWi2hIj1tT2Aa-TQqqPHwWC4-axCmrQ-WrEE4a3EdlC4LuJvJ8_py12kqj3DWECsaEsASaW6h4CZXClw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c9a50498-e218-42d3-b571-71fad94e6181&%%GOOGLE_PUSH_PAIR%%
Request Chain 303
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOLdbVMisyMQVZrcCb2jJe0&google_cver=1&google_push=Aer7DvKbjKxFNNdzg1cKloQLTrMTh7wIslmYd3aXCSugSS8a46-TCJsiK-xcIzkCQ5WxRr9zEIW6G2Vg6tvGL6SYGoFtLvOdODI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOLdbVMisyMQVZrcCb2jJe0&google_push=Aer7DvKbjKxFNNdzg1cKloQLTrMTh7wIslmYd3aXCSugSS8a46-TCJsiK-xcIzkCQ5WxRr9zEIW6G2Vg6tvGL6SYGoFtLvOdODI
Request Chain 304
  • https://d5p.de17a.com/cookies/google?google_gid=CAESED6ZWkrtyFT2u8Tg3Yh_hWY&google_cver=1&google_push=Aer7DvKBsLLY-7IAcgE8Zn7UAnX5-ov8imdKwFcqjQEXn7KRnISNdIZKyciEA2vQ29uybYyDJY1YyY9Tix8sbmh8AE4uoCfdTQY HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESED6ZWkrtyFT2u8Tg3Yh_hWY&google_cver=1&google_push=Aer7DvKBsLLY-7IAcgE8Zn7UAnX5-ov8imdKwFcqjQEXn7KRnISNdIZKyciEA2vQ29uybYyDJY1YyY9Tix8sbmh8AE4uoCfdTQY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKBsLLY-7IAcgE8Zn7UAnX5-ov8imdKwFcqjQEXn7KRnISNdIZKyciEA2vQ29uybYyDJY1YyY9Tix8sbmh8AE4uoCfdTQY
Request Chain 305
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPcqFzbIsqjqx_SCP2sizE8&google_cver=1&google_push=Aer7DvKVGRZ_wz7j5aJCyQUwXm6p6xF-AGH43fGzbIyejm1A9XF1shxvJXP9Fju3XZGqYZlpyBPDK6ORMPFbPRZ9t3Ka_CtNyyU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvKVGRZ_wz7j5aJCyQUwXm6p6xF-AGH43fGzbIyejm1A9XF1shxvJXP9Fju3XZGqYZlpyBPDK6ORMPFbPRZ9t3Ka_CtNyyU
Request Chain 306
  • https://match.360yield.com/match/ebda?google_gid=CAESEJ66ZBvgSwprD_Q2qhHYrVI&google_cver=1&google_push=Aer7DvJLZuz_jRzFCUx0uATYcTGtvmlQo6RudN_6hMiBy69vIBq1KCGRNuOJ4YUQMXKJtMLQZTANajWtPKRiIsmkCSqHYg035E8 HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJ66ZBvgSwprD_Q2qhHYrVI&google_cver=1&google_push=Aer7DvJLZuz_jRzFCUx0uATYcTGtvmlQo6RudN_6hMiBy69vIBq1KCGRNuOJ4YUQMXKJtMLQZTANajWtPKRiIsmkCSqHYg035E8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yzCd_-N-QDWwMuQf0iGn3g&google_push=Aer7DvJLZuz_jRzFCUx0uATYcTGtvmlQo6RudN_6hMiBy69vIBq1KCGRNuOJ4YUQMXKJtMLQZTANajWtPKRiIsmkCSqHYg035E8
Request Chain 307
  • https://cs.media.net/cksync?type=g&google_gid=CAESECu6TjoNX8uWTGwUAxi8Z1Q&google_cver=1&google_push=Aer7DvLFgtcUO4qGuVKtRoNsS1qVtZNx1OBauzxFLXPmyeS6fEtTIWba3nRkSm7jtMe4LbqOuypPH_Ulm1lSl1_N4vQfIrLwy-Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIzMjkyNzM1MDczMzI2MTAwMFYxMA%3d%3d&mn_hm=MzIzMjkyNzM1MDczMzI2MTAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvLFgtcUO4qGuVKtRoNsS1qVtZNx1OBauzxFLXPmyeS6fEtTIWba3nRkSm7jtMe4LbqOuypPH_Ulm1lSl1_N4vQfIrLwy-Q&gdpr=&gdpr_consent=
Request Chain 308
  • https://sync.inmobi.com/gob?google_gid=CAESELCKbS7Eb2K_1ah5LE-yyKw&google_cver=1&google_push=Aer7DvL0JOoyrvn2Cp0MhItIOVcs5nVvFfnfx_ebHqZF1ipBoLLwmEURaoHPxuprED1G8sfh-I7orAL_LJOnZJu-ZOoRftf8TjhS HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAer7DvL0JOoyrvn2Cp0MhItIOVcs5nVvFfnfx_ebHqZF1ipBoLLwmEURaoHPxuprED1G8sfh-I7orAL_LJOnZJu-ZOoRftf8TjhS
Request Chain 309
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJnJKh2NnQSjOLNUvv1NfWc&google_cver=1&google_push=Aer7DvKZWfJyMC0qCu5oOG3abgp98JrvbndfBVZx-cZLYH0qHYhTfEGG5Fp1jxUkXCgkjsJk9Zjk0DO5P_3Cn3rLaLwaIu0whXJ5 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJnJKh2NnQSjOLNUvv1NfWc&google_cver=1&google_push=Aer7DvKZWfJyMC0qCu5oOG3abgp98JrvbndfBVZx-cZLYH0qHYhTfEGG5Fp1jxUkXCgkjsJk9Zjk0DO5P_3Cn3rLaLwaIu0whXJ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c9a50498-e218-42d3-b571-71fad94e6181&%%GOOGLE_PUSH_PAIR%%
Request Chain 311
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAEjsdgEJsXApRtq3Mo9hho&google_cver=1&google_push=Aer7DvJGIaJghXroY8jJ62yPqeSoH5QtczTFlAsGOVLsoGTfKeiisJeJ9M7Zt7GOYw5AUq72vlSYQSUoHnklMXLuyGA_jHAJvDs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJGIaJghXroY8jJ62yPqeSoH5QtczTFlAsGOVLsoGTfKeiisJeJ9M7Zt7GOYw5AUq72vlSYQSUoHnklMXLuyGA_jHAJvDs
Request Chain 312
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOLdbVMisyMQVZrcCb2jJe0&google_cver=1&google_push=Aer7DvKfszyCNgTUVe_nplBf-4cIsQ4y4kdxpI9K7ij94VEIH0OfzFQZ1Qqu8Hsn2sm2_HBVhCyZ_CWG1j83psuuBxVSAgp39OzU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOLdbVMisyMQVZrcCb2jJe0&google_push=Aer7DvKfszyCNgTUVe_nplBf-4cIsQ4y4kdxpI9K7ij94VEIH0OfzFQZ1Qqu8Hsn2sm2_HBVhCyZ_CWG1j83psuuBxVSAgp39OzU
Request Chain 313
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEF28ZJhuCOUAPJYYE-7F7QM&google_cver=1&google_push=Aer7DvKIMbVUSZF7RlrqRT1mq6qOJawYmD78M9Qyv4_j679u7dNTfMmZCK-vX975RGT2iG3BunAMw8RORMvPYAjVxkN2HKM9MiM HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ybipIPh1Rm-JBD56Ja3ZmA2&google_push=Aer7DvKIMbVUSZF7RlrqRT1mq6qOJawYmD78M9Qyv4_j679u7dNTfMmZCK-vX975RGT2iG3BunAMw8RORMvPYAjVxkN2HKM9MiM
Request Chain 314
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE-Y2rArYriEzmzvb9Tj74Y&google_cver=1&google_push=Aer7DvJSXeh1V9lcLr3h35tWFQaPC6rxWTUt4c-J1U3L1BYW9KeidWDJygrteWxcXyHeyDkYrYfkp-x39K7dfPSikwZYKAuKlRY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE-Y2rArYriEzmzvb9Tj74Y&google_hm=ZCc1P6clTk8FAfVMrMP3WQAAFBAAAAIB&google_nid=index&google_push=Aer7DvJSXeh1V9lcLr3h35tWFQaPC6rxWTUt4c-J1U3L1BYW9KeidWDJygrteWxcXyHeyDkYrYfkp-x39K7dfPSikwZYKAuKlRY
Request Chain 315
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELZDpqXFQuslo3zbJKFT9iE&google_cver=1&google_push=Aer7DvKXynR2CEQT1CyfMLKyYRWZsYxokctot26KTUXliUJkVIMEkOHNTYbUKLybg3QG2THvUXGOpoLOpFnP3zWZglEqXuUBy04u HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELZDpqXFQuslo3zbJKFT9iE&google_cver=1&google_push=Aer7DvKXynR2CEQT1CyfMLKyYRWZsYxokctot26KTUXliUJkVIMEkOHNTYbUKLybg3QG2THvUXGOpoLOpFnP3zWZglEqXuUBy04u&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aer7DvKXynR2CEQT1CyfMLKyYRWZsYxokctot26KTUXliUJkVIMEkOHNTYbUKLybg3QG2THvUXGOpoLOpFnP3zWZglEqXuUBy04u&google_hm=GZ20pGZHIgQSOMOVThiBFM9W
Request Chain 316
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAAotsl8ZhhNGUEZGE9IkqI&google_cver=1&google_push=Aer7DvLz2-NeoPpSPWnt7lG7pOnkRNnR3BD57m_JC3vursWE5E_QjoP4QOr9WxPVJx21Vz2DovoEg4X_4kadkRdCuQPunEt6gzQY HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aer7DvLz2-NeoPpSPWnt7lG7pOnkRNnR3BD57m_JC3vursWE5E_QjoP4QOr9WxPVJx21Vz2DovoEg4X_4kadkRdCuQPunEt6gzQY&google_gid=CAESEAAotsl8ZhhNGUEZGE9IkqI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODYxNzU2NzY0ODY1OTE0ODU1ODY2&google_push=Aer7DvLz2-NeoPpSPWnt7lG7pOnkRNnR3BD57m_JC3vursWE5E_QjoP4QOr9WxPVJx21Vz2DovoEg4X_4kadkRdCuQPunEt6gzQY
Request Chain 317
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJnJKh2NnQSjOLNUvv1NfWc&google_cver=1&google_push=Aer7DvLRVEL5rZ_ctpE8V3SBKieG8-AvZ29Lxg6ohjuhU60J8G8COrw94y4GWG3BBiChVm_iYP0sAIlKNUwWPYkZ0XQAkfJ-YSCq_g HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJnJKh2NnQSjOLNUvv1NfWc&google_cver=1&google_push=Aer7DvLRVEL5rZ_ctpE8V3SBKieG8-AvZ29Lxg6ohjuhU60J8G8COrw94y4GWG3BBiChVm_iYP0sAIlKNUwWPYkZ0XQAkfJ-YSCq_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c9a50498-e218-42d3-b571-71fad94e6181&%%GOOGLE_PUSH_PAIR%%
Request Chain 354
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZCc1P6clTk8FAfVMrMP3WQAAFBAAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZCc1P6clTk8FAfVMrMP3WQAAFBAAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZCc1P6clTk8FAfVMrMP3WQAAFBAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE-Y2rArYriEzmzvb9Tj74Y&google_cver=1
Request Chain 359
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=8872da70-8dae-4c43-83c5-f288d7b50a5d-64273543-5858&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D8872da70-8dae-4c43-83c5-f288d7b50a5d-64273543-5858%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D8872da70-8dae-4c43-83c5-f288d7b50a5d-64273543-5858%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=8872da70-8dae-4c43-83c5-f288d7b50a5d-64273543-5858&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D8872da70-8dae-4c43-83c5-f288d7b50a5d-64273543-5858%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=8872da70-8dae-4c43-83c5-f288d7b50a5d-64273543-5858&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D8872da70-8dae-4c43-83c5-f288d7b50a5d-64273543-5858%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8872da70-8dae-4c43-83c5-f288d7b50a5d-64273543-5858&gdpr=0&gdpr_consent=
Request Chain 360
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 362
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8425551230365208022
Request Chain 363
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:72ec6427-3540-4b00-b665-9a3e9ed4e84a&gdpr=0&gdpr_consent=
Request Chain 364
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 365
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=QCg0aUUpMm1bKz5pQnkrPRV9NWpbfzdmFXpYcvyE
Request Chain 366
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FEEAC148-E995-4A2A-BB9D-0D81B404E658&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FEEAC148-E995-4A2A-BB9D-0D81B404E658&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 367
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_urBSOmVSiq7nQ2BtATmWA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 369
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=509713529 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=FEEAC148-E995-4A2A-BB9D-0D81B404E658
Request Chain 370
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=FEEAC148-E995-4A2A-BB9D-0D81B404E658 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZmxsTi1QZkJPZ2hSQWkzOEtsRXdlTThXUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4814412896771865485&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 371
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkVFQUMxNDgtRTk5NS00QTJBLUJCOUQtMEQ4MUI0MDRFNjU4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 372
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM3uKYxCWfH8ld5p2sO3-uY&google_cver=1
Request Chain 374
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4814412896771865485
Request Chain 377
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8rpeE59ESLalW0TAL-szMQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8rpeE59ESLalW0TAL-szMQ
Request Chain 378
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFWXYGSQ-1F-SID&us_privacy=1---
Request Chain 379
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEZXWFlHU1EtMUYtU0lE&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBjRgfM-OSEa7CwHE4n8hlM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZXWFlHU1EtMUYtU0lE&google_push=
Request Chain 380
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/1CX-901n997Tak3NWi14ng?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JCtPOFZE2oLlswAKZ_muJUPD.VQBbV8EELJuLQ--~A
Request Chain 381
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjVhYzc4MzYxNmFiZDJhOGE2NzFmMjZhNDJiODAwMTA4Y2JiNTdkZA&us_privacy=1---
Request Chain 383
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MqZ5PE9xTBO-0CbgwHSaTQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MqZ5PE9xTBO-0CbgwHSaTQ
Request Chain 384
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECA6iIFbdDpTu-BoVMsJQmw&google_cver=1

385 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mlive.com/ 		412 KB
76 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
8628168d7c14074668d1f720badee2ed75cbe595e812cc0a93b7eea6cc970f0b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-true-ttl
130
cache-control
private, max-age=60
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Fri, 31 Mar 2023 19:32:12 GMT
etag
W/"65d35-bkDuFLZzSZ/H3nFDB2Eval0N8II"
expires
Fri, 31 Mar 2023 19:33:12 GMT
last-modified
Fri, 31 Mar 2023 19:30:11 GMT
referrer-policy
no-referrer-when-downgrade
server
openresty
server-timing
cdn-cache; desc=HIT edge; dur=63 ak_p; desc="466747_34831749_33559077_6254_7153_6_0";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-arc-pb-request-id
13fc8dfc-ac82-4fe6-b998-26f6a1528300
x-arc-request-id
0.857d1302.1680291131.2001225
default.css
www.mlive.com/pf/dist/components/output-types/ 		45 B
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/output-types/default.css?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Y0003PV8F2F5AH3Z
x-amz-server-side-encryption
AES256
x-arc-request-id
0.857d1302.1680291132.2001852
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33560658_49_6326_6_0";dur=1
content-length
57
x-amz-id-2
3SMipOU9rz5DfxfqGba9UVyKhjffSmw8B7od220sYLBM+NkDiJ4W2vSAlVHzVyp3oXL7rZ2q7qc=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:01:25 GMT
server
openresty
etag
"534bb0614e61e484cae7d5dc8ecc424c"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Mar 2024 19:32:12 GMT
default.css
www.mlive.com/pf/dist/components/combinations/ 		395 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f3ac7a6c82549c7d71d3913ca8b269204425f68593f3bae31b9a8bfa61035e5e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Y00BPCTGXQAAPYWN
x-amz-server-side-encryption
AES256
x-arc-request-id
0.857d1302.1680291132.200187d
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33560701_831_6545_6_0";dur=1
content-length
61912
x-amz-id-2
iLdffzL7U6Erx2dE//YBhDPekQp1CRBXhK+EGf630pRoljnlr7+ES5zU3yeoIQl7NeTv4JuPqB8=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:01:25 GMT
server
openresty
etag
W/"c33cb1188d5aedb2d38df2f0d3c77a5b"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
expires
Sat, 30 Mar 2024 19:32:12 GMT
style.css
www.mlive.com/pf/resources/dist/mlive/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
290f8ee2503cc1257f4c0bbba15e593a6cb1f7a874e52bba7e2884c25963c34f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Y0098MXTNXDFHBFF
x-amz-server-side-encryption
AES256
x-arc-request-id
0.857d1302.1680291132.200187f
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33560703_851_6946_6_0";dur=1
content-length
493
x-amz-id-2
wwPTOesmYykgCZGuCSu+mGZ5QJ2kcsrnwCfpsGr+bok4zqvB9+VmYdCWD4XGCwZH1Wvu18BdN8k=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:01:24 GMT
server
openresty
etag
W/"aa3448fde579e65b83689f5e6decee54"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Sat, 30 Mar 2024 19:32:12 GMT
react.js
www.mlive.com/pf/dist/engine/ 		343 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/engine/react.js?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
845bdf2070db9693215291b7c8a9e9e4c4e4a6888378c0e5511dd72b0b0ffc31
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Y00EQ3WR1S8DK4B9
x-amz-server-side-encryption
AES256
x-arc-request-id
0.857d1302.1680291132.2001a3c
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33561148_2000_6317_6_0";dur=1
content-length
103478
x-amz-id-2
r9ZT9R2vAKFkcAW2a3ALAwQp5rSRsk3Bp6dMgI7u6udYI3RA6B7ldh5qqkv5a4E/fNdRpwtRTbo=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:01:26 GMT
server
openresty
etag
W/"2268e93e43041fc1e0df97ffe2db76bb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Sat, 30 Mar 2024 19:32:12 GMT
default.js
www.mlive.com/pf/dist/components/combinations/ 		2 MB
456 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/combinations/default.js?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a0189efeb7f7a6caea394960d4b0a9b30d777b9c685a61b84b6f48e16eb9b244
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Y004V5XEVAXPHXFK
x-amz-server-side-encryption
AES256
x-arc-request-id
0.857d1302.1680291132.2001a3e
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33561150_1984_6440_6_0";dur=1
content-length
465370
x-amz-id-2
GwO7hc7GGHbuhvP23HuMEwY6EbRZYCCtOUk9PRx84ttCMk22kpAxkJYIwt9ctA4V+3ndjIJ66Ug=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:01:26 GMT
server
openresty
etag
W/"c56f5faf83660e6d3c8a14d31f2a9312"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Sat, 30 Mar 2024 19:32:12 GMT
166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
www.mlive.com/pf/resources/fonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Y003KFET8HQ3Z993
x-amz-server-side-encryption
AES256
x-arc-request-id
0.857d1302.1680291132.2001880
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33560704_716_5924_6_0";dur=1
content-length
54391
x-amz-id-2
YTlrZMPURUMmm/MUJW/WFmZO/5mmL1lr2oBnkrWgVgLVOXP1LIPtE1dAw+dHsq98xrqc8aAbpWY=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:01:25 GMT
server
openresty
etag
W/"63c3700153fd19bac6ac63c816251c03"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Sat, 30 Mar 2024 19:32:12 GMT
448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
www.mlive.com/pf/resources/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Y000Q808Z7HNP2NN
x-amz-server-side-encryption
AES256
x-arc-request-id
0.857d1302.1680291132.2001881
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33560705_726_5720_6_0";dur=1
content-length
53376
x-amz-id-2
EbwOwM4tlAcG6CqD/RAt49GDmm/pPqS/f5O1Ue70zTNCYvHF5xBFwPg5142oqR891cyhiurnrWs=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:01:25 GMT
server
openresty
etag
W/"00b8650c0e6992c5c9ced8f621e43ffd"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Sat, 30 Mar 2024 19:32:12 GMT
a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff
www.mlive.com/pf/resources/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Y00DYP806R4Q9GJM
x-amz-server-side-encryption
AES256
x-arc-request-id
0.857d1302.1680291132.2001882
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33560706_1029_4837_6_0";dur=1
content-length
53862
x-amz-id-2
MC1Sm8lx5aSd/oERHECshwl1ALhpZEzRNgNdMRIZsi3hOpxaIOszaB9PeiirNBb3NGhTUU4AqF8=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:01:25 GMT
server
openresty
etag
W/"527a99c70868c89d6be3cc11a8feb999"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Sat, 30 Mar 2024 19:32:12 GMT
farnhamheadline-medium.woff
www.mlive.com/pf/resources/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/farnhamheadline-medium.woff?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Y00EQSWSSFTC6BWK
x-amz-server-side-encryption
AES256
x-arc-request-id
0.857d1302.1680291132.2001883
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33560707_834_7929_6_0";dur=1
content-length
36831
x-amz-id-2
x9S+Uhad4S0gx0sazrOckdkabcjng1QLwLbDoe2lwHkrwGCjq44Kh8EUEdz/4BnwAwsPva2aWDE=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:01:25 GMT
server
openresty
etag
W/"05b85684cbf3bc11490297c50cfd67c3"
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Sat, 30 Mar 2024 19:32:12 GMT
farnhamheadline-semi-bold.woff
www.mlive.com/pf/resources/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/farnhamheadline-semi-bold.woff?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Y00CKEV1HKTTR7FR
x-amz-server-side-encryption
AES256
x-arc-request-id
0.857d1302.1680291132.2001884
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33560708_728_6046_6_0";dur=1
content-length
37066
x-amz-id-2
oSH+NQBkrp6MNCRS9sBO7WsOhlEv/BPuE1JIu8HulYQrMfLLPJ5Zdo+70zriXUdrvfcKxZ7dtL8=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:01:25 GMT
server
openresty
etag
W/"c9a8222fbabe6b700baacd21dd7a1f61"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Sat, 30 Mar 2024 19:32:12 GMT
V6SY3UK5XBFXJIHVJUXEIRSRPQ.JPG
www.mlive.com/resizer/Kn2Yx10a_WFtxijA2G0dSkm3-lA=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/Kn2Yx10a_WFtxijA2G0dSkm3-lA=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/V6SY3UK5XBFXJIHVJUXEIRSRPQ.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4a70e73ff477b6435f86d229070a7808d8047950859b36a5f34212488cdfc838
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 31 Mar 2023 19:32:13 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 27 Mar 2023 20:01:51 GMT
server
Akamai Image Manager
etag
"8ce9be6f802dd2e1968bfa70f272a7615a50c87b"
x-arc-request-id
0.857d1302.1680291132.2001a3f
content-type
image/avif
cache-control
private, no-transform, max-age=31192185
server-timing
cdn-cache; desc=HIT, edge; dur=712, ak_p; desc="466747_34831749_33561151_73378_7693_6_0";dur=1
content-length
14848
expires
Tue, 26 Mar 2024 20:01:58 GMT
iabCcpaIntegrationScript-noGAM.js
cdn.cookielaw.org/opt-out/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 31 Mar 2023 19:32:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ZkLmnzyu8aoAQNwZHm6Yqw==
age
55223
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
92965cfc-901e-0118-2ce1-5ab326000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7b0b0459ae2f9229-FRA
logo_main.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_main.svg?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Y00306D5ZHCS5R06
x-amz-server-side-encryption
AES256
x-arc-request-id
0.857d1302.1680291132.2001a40
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33561152_2261_7026_6_0";dur=1
content-length
660
x-amz-id-2
zMTP8B5gejBRVe7LjedWqys8kVDatL9j/mZMFCjlhs/yULracV4kbePV86pHzNeOGhV4kP+cOYE=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:01:25 GMT
server
openresty
etag
W/"351c57e1a77c618772f5966a7f2094ee"
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Sat, 30 Mar 2024 19:32:12 GMT
logo_main_sm.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_main_sm.svg?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Y005AYMSW8W4D22Z
x-amz-server-side-encryption
AES256
x-arc-request-id
0.857d1302.1680291132.2001a41
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33561153_2191_5139_6_0";dur=1
content-length
902
x-amz-id-2
RtiBXKNqwcGAWdpYofftbPM3jKRChI80JEQiYhrOohHMHE7FYdU1m3VjLJzBxEYbhRd1P88iVy0=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:01:25 GMT
server
openresty
etag
W/"cb98cda61d359616349bbc2a92540ddb"
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Sat, 30 Mar 2024 19:32:12 GMT
social-monochrome.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/social-monochrome.svg?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
0NAG9HRA3J9PQVFC
x-amz-server-side-encryption
AES256
x-arc-request-id
0.857d1302.1680291132.2001a42
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33561154_2120_6079_6_0";dur=1
content-length
603
x-amz-id-2
i1KTQZ+bybBI/p38bWawRD2BxEvulc+Rb7XhbHYoR+PDAgdfEuk/GqlPm0RYosME3CRzxEuTQx0=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:01:25 GMT
server
openresty
etag
W/"7819fa78e2e7770bb40587187d83cb87"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Sat, 30 Mar 2024 19:32:12 GMT
logo_footer.png
www.mlive.com/pf/resources/images/mlive/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_footer.png?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5fe498f984078cc4039385dc4a4befa8cbd53ae03eb24187cac828668ca60415
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 31 Mar 2023 19:32:12 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:55:25 GMT
server
Akamai Image Manager
etag
W/"be8042e858f0c6b5cd87834c8aafe76d"
x-arc-request-id
0.857d1302.1680291132.2001a43
content-type
image/avif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31523002
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33561155_2217_7701_6_0";dur=1
content-length
1579
expires
Sat, 30 Mar 2024 15:55:34 GMT
AdvanceLocal_horizontal.svg
www.mlive.com/pf/resources/images/common/logos/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/logos/AdvanceLocal_horizontal.svg?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
702c805fec65a8cc8c6c40aed34123b021e5ed6107cc6dfdebc4b0fc2e229887
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Y003DXQM3F40JET0
x-amz-server-side-encryption
AES256
x-arc-request-id
0.857d1302.1680291132.2001a44
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33561156_4842_5978_9_0";dur=1
content-length
3554
x-amz-id-2
2DICMqHCcG/4cNy9E21YwohcQ9SNAgb/p11icAt0RKRd0KZjRtql18j6W1F7vQzAxxK93quEz6E=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:01:25 GMT
server
openresty
etag
W/"3770993da506fb6d4bbccfcdcc3a4800"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Sat, 30 Mar 2024 19:32:12 GMT
ad-choices-arrow.png
www.mlive.com/pf/resources/images/common/logos/ 		190 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/logos/ad-choices-arrow.png?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 31 Mar 2023 19:32:12 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:55:57 GMT
server
Akamai Image Manager
etag
W/"c6e75cc6be8dcb2f2d1ab36209f3c3b7"
x-arc-request-id
0.857d1302.1680291132.2001a45
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31522993
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33561157_2136_10371_6_0";dur=1
content-length
190
expires
Sat, 30 Mar 2024 15:55:25 GMT
v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
satisfycork.com/ 		60 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
070beff2068ac6fc781a5e42c9390e9079e7b0003fc4c166d2672365d3e47cf5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Fri, 31 Mar 2023 19:32:12 GMT
x-datacenter
gce-europe-west1
etag
"bb0f93eae33153f99d2bb97a1648989c7ddf9cbbc606ff5b8f8c9db6e8f13943"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-96h0
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
814291840
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sophi.min.js
cdn.sophi.io/advancelocal/ 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sophi.io/advancelocal/sophi.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-87.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b9afeb90db17ffa772a8bbc38f8ae37524ac4c0660dfc228f528cfe36a38d53d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 01:54:03 GMT
x-amz-version-id
.qZXsiAWjTa0yWFLcXE5U.grm2eEgIL7
content-encoding
br
last-modified
Mon, 27 Feb 2023 17:38:35 GMT
server
AmazonS3
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
etag
W/"0915af152c652f927c398faa26e9904b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
63490
x-amz-cf-id
CZw97IHHM8HrbpRhhAjZQfTyX4Atj0PDd3JvaeM1XAzxRsd1c6i2qw==
al-mlive.segments.min.js
apps.sophi.io/latest/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.sophi.io/latest/al-mlive.segments.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-27.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0709e11f34bb1e47193a170bc8baf94732a32a867443b29be840c550cc03981d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
5x.gfjtiZoE7IFt5eELjKuStLmrI5ZXL
content-encoding
gzip
via
1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
date
Fri, 31 Mar 2023 19:31:54 GMT
last-modified
Thu, 09 Feb 2023 19:54:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
19
x-amz-server-side-encryption
AES256
etag
W/"25a09f4745cf7bc62917c4a8bea2a575"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=0
x-amz-cf-id
Pq0pmgxgDNOJ5bmtfQakDerRm8zsYrUj8z9XZyTRSqHu6zntwmLW6w==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e85a649094d881201f7a886c94cd19e72196c761da5017c9269b03b35ca9c5c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
XP5ufGIMVAznk1F+pqtwzg==
age
55408
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
8618
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 06:31:51 GMT
server
cloudflare
etag
0x8DB301F482ACD4D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
cd84d4f9-a01e-0176-4c84-621a0f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b0b0459ae319229-FRA
SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:592::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
br
last-modified
Mon, 27 Mar 2023 07:41:31 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
gtm.js
www.googletagmanager.com/ 		441 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
18c66bf4d7bcf9bbbd0724675f5997149c93f1719dc1c4f8491a7ce5dcc0fb91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125747
x-xss-protection
0
last-modified
Fri, 31 Mar 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 31 Mar 2023 19:32:12 GMT
chevron-white.svg
www.mlive.com/pf/resources/images/common/arrows/ 		864 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/arrows/chevron-white.svg?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1025
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1025
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Y006H1KP1VHGXGD6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.857d1302.1680291132.2001a46
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33561158_1981_7190_6_0";dur=1
content-length
486
x-amz-id-2
qKoB6grfmDrSvq8rLIY7oCybyUPNSKjqhND60CLvBIBX6/ITzkYNIqr7JmACEq9g0YPbbB+5r+RkrmPq5b6ZFg==
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:01:25 GMT
server
openresty
etag
W/"691552a6377a1dfc9eeae87d6aeb8931"
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Sat, 30 Mar 2024 19:32:12 GMT
newsletter.svg
www.mlive.com/pf/resources/images/mlive/promo/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/promo/newsletter.svg?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1025
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a7e702f15b65f58d32945e27b8416dac2811afad1a828a9a617d5c0c1cc85b21
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1025
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
HB94QDZ2C21D2S40
x-amz-server-side-encryption
AES256
x-arc-request-id
0.857d1302.1680291132.2001b0a
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33561354_1751_9760_9_0";dur=1
content-length
1059
x-amz-id-2
iY15Lg1FK6Q+5LSq/moaQUdeFQG5ikqcvaMTm+U7U9oJQ8RSnencWxZwbIORMUW9B57vAhLa8Bc=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:01:25 GMT
server
openresty
etag
W/"22c89d844df3fcb416b9291f7e668863"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Sat, 30 Mar 2024 19:32:12 GMT
chevron-black-right.svg
www.mlive.com/pf/resources/images/common/arrows/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/arrows/chevron-black-right.svg?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1025
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1025
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
HB96RQFRR2HFJK3W
x-amz-server-side-encryption
AES256
x-arc-request-id
0.857d1302.1680291132.2001b0c
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33561356_1652_7796_9_0";dur=1
content-length
746
x-amz-id-2
+rSGNV54LyD7x8t37tPki6yA2tcIYZgGJYXD/NZ7QNovsgVx/v1SyWTzdrRP5KKwTGAI5usrkrM=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:01:25 GMT
server
openresty
etag
W/"4347be806f2c6a630a5407afb75ab920"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Sat, 30 Mar 2024 19:32:12 GMT
DGRPLZICWVH2JLUKHLRUCC2SQI.JPG
www.mlive.com/resizer/wFQgqTNlSz7Mh7LfVNq9bdJMVvI=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/wFQgqTNlSz7Mh7LfVNq9bdJMVvI=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/DGRPLZICWVH2JLUKHLRUCC2SQI.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
252b0b7a09efec3223025316b7234b3acce54f16264df1eeaea572e4f9aa2083
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 31 Mar 2023 19:32:12 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 16:17:41 GMT
server
Akamai Image Manager
x-serial
1874
x-check-cacheable
YES
etag
"bb517f5c0c12509824689444faaaffb3be639ac5"
x-arc-request-id
0.857d1302.1680291132.2001b0d
content-type
image/avif
cache-control
private, no-transform, max-age=31524312
server-timing
cdn-cache; desc=HIT, edge; dur=110, ak_p; desc="466747_34831749_33561357_12707_7341_6_0";dur=1
content-length
13918
expires
Sat, 30 Mar 2024 16:17:24 GMT
6QMY6VEIJVFO5GREQEUAATTKV4.jpg
www.mlive.com/resizer/Fdim9welI21HP3CMYcldQpCZX9Q=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/Fdim9welI21HP3CMYcldQpCZX9Q=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/6QMY6VEIJVFO5GREQEUAATTKV4.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
0a181ff81823df14d9036ff30f6bd99f7bc36339ee5061e0716b1d492c2d5c7f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 31 Mar 2023 19:32:12 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 10:12:30 GMT
server
Akamai Image Manager
etag
"124ec7b844fb5200b1ce8fdf42aaf0a81bd7ae48"
x-arc-request-id
0.857d1302.1680291132.2001b0e
content-type
image/avif
cache-control
private, no-transform, max-age=31502597
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33561358_1719_7798_9_0";dur=1
content-length
62337
expires
Sat, 30 Mar 2024 10:15:29 GMT
ATLHEDN6WVARZN3TJ3BNW74HS4.JPG
www.mlive.com/resizer/crS6Da70B6pfrbkKmodZ0bIt_KU=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/crS6Da70B6pfrbkKmodZ0bIt_KU=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ATLHEDN6WVARZN3TJ3BNW74HS4.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5f92a30ed4a65add83b320dddd5bd3ada2d44b826521434135a2bb68badd69ae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 31 Mar 2023 19:32:12 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Mar 2023 21:14:13 GMT
server
Akamai Image Manager
x-serial
1927
x-check-cacheable
YES
etag
"6b12aeaea7bdf6f70bf4beb9f6eab0bb9d5e2dd9"
x-arc-request-id
0.857d1302.1680291132.2001b0f
content-type
image/avif
cache-control
private, no-transform, max-age=30937348
server-timing
cdn-cache; desc=HIT, edge; dur=168, ak_p; desc="466747_34831749_33561359_18626_5641_6_0";dur=1
content-length
21824
expires
Sat, 23 Mar 2024 21:14:40 GMT
IKOXRMNU5JHDBFETTCXTLEHEPA.jpg
www.mlive.com/resizer/ucGfMRNcXJzBfdT4I2au8H9VbJs=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/ucGfMRNcXJzBfdT4I2au8H9VbJs=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/IKOXRMNU5JHDBFETTCXTLEHEPA.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
88c533b6bafc94b1f13e2ddc2737539b401e56b6aa72244e184e4d698ef6c8b9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 31 Mar 2023 19:32:13 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 16:51:22 GMT
server
Akamai Image Manager
x-serial
1739
x-check-cacheable
YES
etag
"d8948eebba1b8ef1e5673e90ddbb0318d3af9a8d"
x-arc-request-id
0.857d1302.1680291132.2001b10
content-type
image/avif
cache-control
private, no-transform, max-age=31526405
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=1191, ak_p; desc="466747_34831749_33561360_74148_11055_6_0";dur=1
content-length
32574
expires
Sat, 30 Mar 2024 16:52:18 GMT
J7PLHUUTOFFRPLDL6P66SJSS5I.png
www.mlive.com/resizer/DZn6mQYVy3gPZUz0OgNJ2uO3xi0=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/DZn6mQYVy3gPZUz0OgNJ2uO3xi0=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/J7PLHUUTOFFRPLDL6P66SJSS5I.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
edb73f19e3ebb198891d0c5fb25c38c302b7161114a2ad8b6736e19fae0ff698
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 31 Mar 2023 19:32:12 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 17:20:43 GMT
server
Akamai Image Manager
etag
"0be624e7aef6f2c31e96ca63d65fd877098a1c50"
x-arc-request-id
0.857d1302.1680291132.2001b11
content-type
image/avif
cache-control
private, no-transform, max-age=31528031
server-timing
cdn-cache; desc=HIT, edge; dur=168, ak_p; desc="466747_34831749_33561361_18715_10856_6_0";dur=1
content-length
25484
expires
Sat, 30 Mar 2024 17:19:23 GMT
YLQRWQTL3NF5BLKRZJBDCUIV7Q.jpg
www.mlive.com/resizer/Bg4Z0UKGGnkUw4mqCze9Ac__UNA=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/Bg4Z0UKGGnkUw4mqCze9Ac__UNA=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/YLQRWQTL3NF5BLKRZJBDCUIV7Q.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
fe0a84efb7bb5e3e1271101d9351c05dd643e5649ab691acf50dcdcb3f965cb5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 31 Mar 2023 19:32:12 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 17:22:38 GMT
server
Akamai Image Manager
x-serial
1221
x-check-cacheable
YES
etag
"0ca48c869e2f1a1aac3cc3e31f0e588529c7fdec"
x-arc-request-id
0.857d1302.1680291132.2001b12
content-type
image/avif
cache-control
private, no-transform, max-age=31528179
server-timing
cdn-cache; desc=HIT, edge; dur=107, ak_p; desc="466747_34831749_33561362_12431_7418_6_0";dur=1
content-length
26058
expires
Sat, 30 Mar 2024 17:21:51 GMT
7ZHAT5KP55CUTIHPEKHB7YJ72I.jpg
www.mlive.com/resizer/atDLOpBjvLkdC3r-aZFHa4WXIds=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/atDLOpBjvLkdC3r-aZFHa4WXIds=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/7ZHAT5KP55CUTIHPEKHB7YJ72I.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
29d8295a9c28bbcd4814372662877f3c31a595f6dca0bb3f17f2e9b5267d8ad1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 31 Mar 2023 19:32:12 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Mar 2023 13:29:42 GMT
server
Akamai Image Manager
x-serial
1821
x-check-cacheable
YES
etag
"67df1b0bbe45b307ba9c4abac7977167844ec790"
x-arc-request-id
0.857d1302.1680291132.2001b13
content-type
image/avif
cache-control
private, no-transform, max-age=30909431
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33561363_1792_8508_9_0";dur=1
content-length
20146
expires
Sat, 23 Mar 2024 13:29:23 GMT
SR2FPQ63YJAGHDLMV5JJ5Y4D7M.JPG
www.mlive.com/resizer/MTzrwylmM60QiRbtJlAO7CSGJ-w=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/MTzrwylmM60QiRbtJlAO7CSGJ-w=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/SR2FPQ63YJAGHDLMV5JJ5Y4D7M.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
17e2c4d6ea2bda1c706fddd8b1a3d81d8d5cbce58a3ca0f1a6b84221f5e5c115
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 31 Mar 2023 19:32:12 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Mar 2023 20:04:03 GMT
server
Akamai Image Manager
etag
"7a148c678403541822efa6b72533f9d08bdc660f"
x-arc-request-id
0.857d1302.1680291132.2001b14
content-type
image/avif
cache-control
private, no-transform, max-age=30155387
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33561364_2374_11718_10_0";dur=1
content-length
60677
expires
Thu, 14 Mar 2024 20:01:59 GMT
AIAAYLLPWFCCLHIK3T3MELEQLM.jpg
www.mlive.com/resizer/YMp9oV9ogcRAzInkvKcY-wnOjLQ=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/YMp9oV9ogcRAzInkvKcY-wnOjLQ=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/AIAAYLLPWFCCLHIK3T3MELEQLM.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
35222ba6e7fe53029a076a6b736cbee2ee79f657dadd60200e0251c2388ac0ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 31 Mar 2023 19:32:12 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 17:13:20 GMT
server
Akamai Image Manager
x-serial
1702
x-check-cacheable
YES
etag
"e016a08768c2ca9d8d00e2ca8e70b41f8e2b7110"
x-arc-request-id
0.857d1302.1680291132.2001b16
content-type
image/avif
cache-control
private, no-transform, max-age=31527728
server-timing
cdn-cache; desc=HIT, edge; dur=93, ak_p; desc="466747_34831749_33561366_10964_8145_7_0";dur=1
content-length
29863
expires
Sat, 30 Mar 2024 17:14:20 GMT
FCILOEMHYREVDA6WI3JVSY47S4.PNG
www.mlive.com/resizer/VeGC8l08WVSK-T-Wm53Atc-Ti6c=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/VeGC8l08WVSK-T-Wm53Atc-Ti6c=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/FCILOEMHYREVDA6WI3JVSY47S4.PNG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
15aad624dc0254a0793192fdce44efc01b4a26052f59232879e83d840328d920
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 31 Mar 2023 19:32:12 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 13:43:02 GMT
server
Akamai Image Manager
etag
"c476a1900c98d8cf120b6c704c3a517082ed3317"
x-arc-request-id
0.857d1302.1680291132.2001b17
content-type
image/avif
cache-control
private, no-transform, max-age=31515131
server-timing
cdn-cache; desc=HIT, edge; dur=399, ak_p; desc="466747_34831749_33561367_41505_10883_6_0";dur=1
content-length
11276
expires
Sat, 30 Mar 2024 13:44:23 GMT
92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
115821cf1798bdfd189a89b3d6e7b6758170b76b513dc491af97fee3bada6f2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
iO0YdKATiZu4DaV6ode9MQ==
age
49863
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1553
x-ms-lease-status
unlocked
last-modified
Tue, 07 Mar 2023 14:41:12 GMT
server
cloudflare
etag
0x8DB1F19FFC465F1
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8c0e5bd5-b01e-0029-57e1-5aaea4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b0b045a2ce130f0-FRA
expires
Sat, 01 Apr 2023 19:32:12 GMT
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
600
content-length
0
date
Fri, 31 Mar 2023 19:32:12 GMT
server
nginx
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/advancelocal/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 31 Mar 2023 19:32:13 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?bannnerid=264515_advertisement_
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a1:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 02:16:03 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 1eb11dcf6c648736647275119cabde48.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC51-C1
age
6542170
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
RMqc3k6GlNMxF4mmJNXQ6_n0AmOKPIyu7tDirAzRTfDodFr0ZZzepA==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		66 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7b0b045a9ef09b9a-FRA
access-control-allow-headers
Content-Type
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id
6PX7G9BXZ1EJ8Q4H
etag
"6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3391
x-amz-id-2
mn+sdmW1kRLqXoGcKjiUOnURKtt8S7jop2YTJNIsjYf9vysp6bNqxt2aL5b1GjUmGsC39PaWn24=
script.js
h312.mlive.com/ 		148 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/script.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-124.fra56.r.cloudfront.net
Software
- /
Resource Hash
4f588e766e32d6bc7a1ddc91e00a9a56cf8e4d48b0902fbbcf733c9b507ebc41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:26:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
age
323
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
45995
x-xss-protection
1; mode=block
last-modified
Fri, 31 Mar 2023 19:26:19 GMT
server
-
etag
2e3186b89d4f9bcb8de80d6aa3d030f3
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
81VL554dFIAiGoSGprrZ4jGn2huzZFzEG77Ba1KxRaIva8vOkhRlvA==
expires
Fri, 31 Mar 2023 19:36:49 GMT
moatheader.js
z.moatads.com/advanceddigitalheader640552616592/ 		240 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
962808d38f02dc6af6a7a9646f3cb038656e582ff6d21e71973a00672debc3a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
last-modified
Wed, 15 Mar 2023 16:00:25 GMT
server
AmazonS3
x-amz-request-id
YX6EMBG4N4MFKY9T
etag
"3d671f66bdd0fb6828d33c219fde91ca"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=37670
accept-ranges
bytes
content-length
85323
x-amz-id-2
J/RRa2Lr/BjQ7xfmaW/DVxSt99D/vZph/4VBHbvki7y1SdXoJKdFpHLtkGiVbIU+Y+BuP+vWRbM=
load
experience.tinypass.com/xbuilder/experience/ 		338 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
date
Fri, 31 Mar 2023 19:32:12 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 31 Mar 2023 18:42:34 GMT
server
cloudflare
age
2978
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
7b0b045b0a739b82-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
2qe65d2cyj
expires
Fri, 31 Mar 2023 20:02:12 GMT
ats.js
ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ 		152 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
34a32bf98cda9575960beffa915faf1817a7382af4ee0eee0db11eb848e85dc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
37jRS7E.io0c8Np6Zmuf_qKj_83X_kzI
content-encoding
gzip
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
date
Fri, 31 Mar 2023 19:12:25 GMT
last-modified
Mon, 27 Mar 2023 19:05:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
1188
x-amz-server-side-encryption
AES256
etag
W/"c94b27a9705d14a95002dfb0f7ce3b2c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
ZtvusLh0IYDu2lh0I-3AXktn-DSee_qq3iizKabAS9Do6jhRLcja8A==
swg.js
news.google.com/swg/js/v1/ 		199 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e080e504f58f105af7861e295cc78fbf9420f0c8f62a74baf3085d00981cf1d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59096
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 20:22:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 31 Mar 2023 20:09:51 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 31 Mar 2023 18:05:12 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5220
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 31 Mar 2023 20:05:12 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-70.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Thu, 30 Mar 2023 19:35:25 GMT
Via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P3
Age
86207
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
g2mNZJCQ3Oj8ZXo8nbAj9OyQ5LZ-0oQAZImFw_YHElNPpi8i4twL4g==
Expires
Fri, 31 Mar 2023 19:35:25 GMT
load.js
s.ntv.io/serve/ 		545 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
551b59c1d6b77f6a3557ffd18e6a3ae079cb21d21edcae2e4114044557cef638

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 19:32:12 GMT
Content-Encoding
gzip
x-amz-request-id
G204YWM7AZJQC7GZ
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
+76HCy3Sxo/uWvcVlvZftP/SP4QfwUNWgf4Mthh6FbXNZFZ4hVlZaJmIai2xbmBhBkcCJsUH43E=
Last-Modified
Mon, 13 Mar 2023 17:57:34 GMT
Server
AmazonS3
ETag
"797313c591ade1f6921de63f010ac6a0"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 05:34:47 GMT
content-encoding
gzip
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
50246
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
FEMlA1OghKuK5ea9RQyW_ttsm7_L6zV9megJm4zek5EPm7_TrYP13w==
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 31 Mar 2023 19:32:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27909
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
1HeeErc5d+BHaUt5WAOu/qlQRkzZ86QwZAi424nTETCKL1xRLvqWkoxJcGZJmVWNsPFsGy3T741n4ebhDDE0Aw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=71311
accept-ranges
bytes
content-length
4777
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230099-FRA
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 02:11:41 GMT
Content-Encoding
gzip
Via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
62432
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
H7qD3oD2TyfiCRpBMZ5t5X9B5Ssq5t1Db3Cz35ZqBazlTbAPGR45JQ==
ml.br.js
js.matheranalytics.com/static/ltm/ma63527/all/15/
Redirect Chain
  • https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1621
  • https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
142 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
68b5df8a16ee7bbfd4789f8533b7f9882f9095625a8be1f56e352bc10710484d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 16:52:23 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 07 Apr 2021 17:41:03 GMT
server
nginx
age
9589
etag
"8be38a11960c372ea9c4119961294047"
vary
Accept-Encoding
x-cache
HIT Sun, 18 Dec 2022 07:06:40 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42243

Redirect headers

date
Fri, 31 Mar 2023 19:32:12 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
4-gc-europe-west6-8j340999
js
www.googletagmanager.com/gtag/ 		222 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0d1ca2f626526de6cac25842f9d6f9435caf682105d5eadf4a6df9ff01dd1f80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79311
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 31 Mar 2023 19:32:12 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202302.1.0/ 		405 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e70be2849f7e7f7f27dc4eb168538ef25474e4799e1a4a4d9aee01f57f4c5a3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
+3NcDg7IRUqn5oCiPaN6Hg==
age
55406
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
99858
x-ms-lease-status
unlocked
last-modified
Fri, 10 Mar 2023 03:55:12 GMT
server
cloudflare
etag
0x8DB211B3FF3862E
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c029008f-f01e-012a-64e1-5aebf6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b0b045b2f6b9229-FRA
fpc
at.teads.tv/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_11014&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:12 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.mlive.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Fri, 31 Mar 2023 19:32:12 GMT
tinypass.min.js
cdn.tinypass.com/api/ 		366 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a8f7705a217f4c115d87b22b8155e8bfcfcc7a573cd3b47972f2b9909534578
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:12 GMT
x-amz-version-id
zM4ZQy9xC..6rr3ePCJ0gJBn4WP2uWRm
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
9HTT1KDMM1MVSGTE
age
9023
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
FTFAeJPFl9lSOaZyxOm4eSX+tm7nT7RqlXdnvLYJ3bcmGE6Hx/cNJiknvt5//BaNxRB9uC0aouY=
last-modified
Fri, 31 Mar 2023 09:58:53 GMT
server
cloudflare
etag
W/"7b8c22e510d6dfd4ceb65309e747deeb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7b0b045b6af89b82-FRA
expires
Fri, 31 Mar 2023 23:32:12 GMT
p.js
cdn.parsely.com/keys/mlive.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/mlive.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
public
date
Thu, 30 Mar 2023 21:04:23 GMT
content-encoding
gzip
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
last-modified
Wed, 29 Jun 2022 14:34:05 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
81035
etag
W/"62bc62dd-df3e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
NdVv8lfz1wJM02f-nYn138ng85LWWO3VsZ805OTm2NurA7YgAgMf9Q==
expires
Fri, 31 Mar 2023 21:01:37 GMT
/
geo.privacymanager.io/ 		30 B
610 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-35.fra60.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 01:08:31 GMT
via
1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront), 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
66221
x-amzn-requestid
9f6bc71b-f47c-44e5-9827-c9f88c0ad3e1
x-amzn-trace-id
Root=1-6426328f-530f86b46f9727453f8adf57;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
CnzWeHVGDoEFg-w=
content-length
30
x-amz-cf-id
EhIG4qXMWQAKoBBHZemQR2zqevrAVrf-n-FFkRyGYh59c7ncvkTE1Q==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ 		30 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-35.fra60.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 01:08:31 GMT
via
1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront), 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
66221
x-amzn-requestid
9f6bc71b-f47c-44e5-9827-c9f88c0ad3e1
x-amzn-trace-id
Root=1-6426328f-530f86b46f9727453f8adf57;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
CnzWeHVGDoEFg-w=
content-length
30
x-amz-cf-id
5XS8yqff93elzyrQcSgPMl_Z-UvGF7ywM2kJTWqTd6f2c1Ym8s-iWg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		17 B
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?&callback=bc_json1031
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.113.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-113-20.compute-1.amazonaws.com
Software
- /
Resource Hash
68174c53b2733e48901d9b5e9c9f2067f870119e6e2b546a4362bda419fad475
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
37
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6034988&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1680291132722&ns_c=UTF-8&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&c7=https%3A%2F%2Fwww.mlive.com%2F&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&c9=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:12 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
-nxF2t3B1s9As5iwWRAOHsHKoZprZan2hucL0y4W_IWpvIgsPij_Fw==
x-cache
Miss from cloudfront
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 18:55:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2220
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6458
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 19:15:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 31 Mar 2023 19:45:12 GMT
120978121945017
connect.facebook.net/signals/config/ 		378 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/120978121945017?v=2.9.100&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
446028abfb101cb4495d1330285608754ee8dcdc5a798832da48d2f3b2d5812b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 31 Mar 2023 19:32:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110429
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
o1jX5jW1IhmnLCXebXv9oSfZShUq0fIaVEw9JZ1jWWbRvm93bav2Ftkj19fwl8FZ+0VFpkZwsK0490HLsF1qlQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=45je33t0&_p=516466839&cid=1631561048.1680291133&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1680291132&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&en=page_view&_fv=1&_nsi=1&_ss=1&ep.headline=undefined&ep.author=undefined&ep.entry_id=undefined&ep.page_type=homepage&ep.product=homepage-beta&ep.platform=desktop&ep.user_subscription_status=undefined&ep.ab_test_group_user=undefined&ep.search_term=undefined&ep.targeting_codes=undefined&ep.targeting_codes2=undefined&ep.targeting_codes3=undefined&ep.targeting_codes4=undefined&ep.targeting_codes5=undefined&ep.targeting_codes6=undefined&ep.entry_tags=undefined&ep.referring_subdomain=undefined&ep.browser_cookie_region=undefined&epn.monthly_visit_number=1&ep.content_region=undefined&ep.content_topics=undefined&ep.blog_category=undefined&ep.section=Home%20Page&ep.article_date_original=undefined&ep.article_date_updated=undefined&ep.entity_type=undefined&ep.entity_value=undefined&ep.auxiliaries=undefined&ep.gigya_user_id=undefined&ep.usprivacy_cookie=undefined&ep.userid_flag=false
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.json
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ff2abdb3-041c-409c-8bea-2a017f6e523b/ 		83 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ff2abdb3-041c-409c-8bea-2a017f6e523b/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45e9d0c522efc100da6a426d97fabf39aa2f26a465ffb71252ce85ebdfdb575b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
oATHMyw3YSTGD1+wDmjpqg==
age
53040
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
17929
x-ms-lease-status
unlocked
last-modified
Tue, 07 Mar 2023 14:41:18 GMT
server
cloudflare
etag
0x8DB1F1A02E6B8A9
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5dba3193-a01e-0132-2ce1-5ac663000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b0b045c0fe930f0-FRA
expires
Sat, 01 Apr 2023 19:32:12 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Mar 2023 19:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
token
cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/ 		36 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:3400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:09:16 GMT
content-encoding
gzip
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
1376
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
Nrpe9-hO4WEB2alOkVAlxx0vLmsbWlZ5xt3EYfAwWuEqPXtBL88r0A==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1680291132895&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1680291132895%26url%3Dhttps%253A%252F%252Fwww.mlive.com%252F%26t...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1680291132895&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1680291132895&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQKBE5GYwUSDdgAAAYc5J_fGIsugVbewNspcTW17nz5qrywKQTpth1u...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1680291132895&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQKBE5GYwUSDdgAAAYc5J_fGIsugVbewNspcTW17nz5qrywKQTpth1uRd5uLs-WH0Qquv5jz2FkSGarnfuSrXuU4NOLg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:13 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 0DBDDA58F6BD4C37A9F30AEDF9DA7231 Ref B: FRAEDGE1209 Ref C: 2023-03-31T19:32:13Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX4N0QnPLm46sBX7pBWTQ==

Redirect headers

date
Fri, 31 Mar 2023 19:32:13 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 77F545D4E1CD48B88765551F566E68A3 Ref B: FRAEDGE1215 Ref C: 2023-03-31T19:32:13Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1680291132895&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQKBE5GYwUSDdgAAAYc5J_fGIsugVbewNspcTW17nz5qrywKQTpth1uRd5uLs-WH0Qquv5jz2FkSGarnfuSrXuU4NOLg
x-li-proto
http/2
content-length
0
x-li-uuid
AAX4N0QfxfQZyFV8KFzvDw==
adsct
t.co/1/i/ 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=2027a885-525c-4f26-9c2e-e9fdd2ce313e&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=09464739-9769-4078-9b5f-4ac3c003540a&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.29
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time
105
date
Fri, 31 Mar 2023 19:32:12 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
6e22e8f8e5702b45
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
7d4f3f1d3bb9632240b39e6d6dcfe89f58a201a0c1853912de215da5f4332ba9
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=2027a885-525c-4f26-9c2e-e9fdd2ce313e&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=09464739-9769-4078-9b5f-4ac3c003540a&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.29
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time
106
date
Fri, 31 Mar 2023 19:32:12 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
0caa5b53c6fd4e49
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
1fd8da40f8712d97c2e285fc2f5fd0d889aa0b23f95e78083eb492f286ac2e9e
content-length
43
t
jadserve.postrelease.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.mlive.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.205.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-205-156.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
4c6185a860fc926dd414de09b47571511db27dc1876489a2fc6a1bb7d96e947c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:13 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
1433
expires
Mon, 1 Jan 1990 12:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sec=Home%20Page&prem=0&ptype=homepage&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=0d897922-f5b4-4b58-b0ba-7a4bec5c6801&pid=c42cdc74-46c6-4611-b998-0ba192360199&dtm=1680291132970&qnm=_matherq&visible=1&tabid=be215bde-2ee6-4ef2-8831-3f8b134c4738&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x12784&tofa=1680291133&vid=1&lvidt=1680291133&duid=9ee8b86c10495836&fp=4001717511&cid=ma63527&mrk=484602605&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY4MDI5MTEzMTcwNSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMG1iIiwiZnN0UGFpbnQiOiI3NDgiLCJmZXRjaFMiOiIwIiwiZG9tYWluUyI6IjIiLCJkb21haW5FIjoiNjciLCJjb25uUyI6IjY3IiwiY29ubkUiOiI5OSIsInNzbFMiOiI3NCIsInJlcXVTIjoiOTkiLCJyZXNwUyI6IjQ1NSIsInJlc3BFIjoiNjU3IiwiZG9tTG9hZCI6IjUwOSIsImRvbUludGVyIjoiNzU5In0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTYzMTU2MTA0OCIsInJlZlRpbWUiOiIxNjgwMjkxMTMyOTY5In1dLCJ1c2VyRGF0YSI6eyJpc0xvY2FsIjoiMCJ9fQ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-79.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 31 Mar 2023 19:32:13 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1680291132982&plid=97205453&idsite=mlive.com&url=https%3A%2F%2Fwww.mlive.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.mlive.com%2F&sref=&sts=1680291132979&slts=0&title=Michigan+Local+News%2C+Breaking+News%2C+Sports+%26amp%3B+Weather&date=Fri+Mar+31+2023+19%3A32%3A12+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=43212373&u=pid%3D2249b4baaebf1d3aa7e34694d788b565
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 19:32:13 GMT
Cache-Control
no-cache
Last-Modified
Friday, 31-Mar-2023 19:32:13 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
230823541501762
connect.facebook.net/signals/config/ 		378 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/230823541501762?v=2.9.100&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fdf95627c0ed19d0d47d3c57e441ffb87831c7f471abce0a255d53e721fc5532
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 31 Mar 2023 19:32:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110329
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
pYIYDHYAABqSI5a6WZ089EnVN7nZrU+LFjDihcC23AWfnqmJGiTGDZenYyOAG+BVPmEr54ugMzUeaOEyFowbvg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=516466839&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAQCACgFK~&jid=502262414&gjid=1900549649&cid=1631561048.1680291133&tid=UA-16643585-16&_gid=1801030995.1680291133&_r=1&_slc=1&gtm=45He33t0n81TLXFLCR&cd1=undefined&cd2=undefined&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=GA%20pageview%20-%20template%20-%20All%20Pages&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=undefined&cd61=1631561048.1680291133&z=2073980921
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202302.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202302.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 31 Mar 2023 19:32:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
JiPvkoWr8q46ry2my9HtEQ==
age
47985
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3020
x-ms-lease-status
unlocked
last-modified
Fri, 10 Mar 2023 03:55:05 GMT
server
cloudflare
etag
0x8DB211B3B953477
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b9711e16-901e-009f-2be1-5aa05c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b0b045d69b830f0-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202302.1.0/assets/ 		62 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202302.1.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 31 Mar 2023 19:32:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
V5/ea3CdVX7pMOqnWq49VA==
age
49861
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14749
x-ms-lease-status
unlocked
last-modified
Fri, 10 Mar 2023 03:55:05 GMT
server
cloudflare
etag
0x8DB211B3BF12A5F
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
eea27a51-f01e-0165-71e1-5a2fee000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b0b045d69bb30f0-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202302.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202302.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202302.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 31 Mar 2023 19:32:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
XcxlleAcPGO2n5kTZrHH2Q==
age
49861
x-ms-lease-status
unlocked
last-modified
Fri, 10 Mar 2023 03:55:17 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
d1a63104-101e-008e-0ce1-5a9747000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7b0b045d69bd30f0-FRA
iframe.html
z.moatads.com/hd09824092/ Frame 6BFD 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=358
content-length
1374
content-type
text/html
date
Fri, 31 Mar 2023 19:32:13 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
x-amz-id-2
bLl72GtpcxM8rSKIodQlKgK0BRPdEbxIV8PPGYh9PcLqpR363i0Z1TjhY7+mRyWYYTxnhPRiG5Y=
x-amz-request-id
A3423FE5772816F0
v2jvhDN8v7wHJxonqW9kQmxRB7AaAOTGa0MHkoS4SOuy6DwjEtrQA3CVe7X_bp0DBZ676U3Vy
satisfycork.com/ 		206 B
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/v2jvhDN8v7wHJxonqW9kQmxRB7AaAOTGa0MHkoS4SOuy6DwjEtrQA3CVe7X_bp0DBZ676U3Vy
Requested by
Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
9ebc9e605e0d8b811e7ba3068d71f1f4db1b45e36e80ae76720b87014d48c369
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 31 Mar 2023 19:32:13 GMT
via
1.1 google
x-buildnumber
814291840
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
x-hostname
fen-hoothoot-europe-west1-spot-96h0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 31 Mar 2023 19:32:12 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-16643585-16&cid=1631561048.1680291133&jid=502262414&gjid=1900549649&_gid=1801030995.1680291133&_u=YADAAEAAAAQCACgFK~&z=520839911
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 31 Mar 2023 19:32:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
1030
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		171 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1030?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-03-31T19%3A32%3A13%2B00%3A00&ts=1680291133096
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-124.fra56.r.cloudfront.net
Software
- /
Resource Hash
d48627601ba47cd8763402c7240ab4be417bbc9015dfaf689ca017a6da70bb2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Mar 2023 19:32:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
31346
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
bwR5v66Fj9V27xnM-quowD8hUgYEpsNEbQW_1nVE4ZZW5ib9NAru-A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1680291133101&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680291133100.1626513466&it=1680291132735&coo=false&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 31 Mar 2023 19:32:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1680291133102&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680291133100.1626513466&it=1680291132735&coo=false&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 31 Mar 2023 19:32:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1680291133103&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&cd[content_name]=undefined&sw=1600&sh=1200&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680291133100.1626513466&it=1680291132735&coo=false&tm=1&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 31 Mar 2023 19:32:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1680291133104&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&cd[content_name]=undefined&sw=1600&sh=1200&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680291133100.1626513466&it=1680291132735&coo=false&tm=1&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 31 Mar 2023 19:32:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
FormLogo.jpg
cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/9db7a06a-4f0a-4b5b-8abb-9f3aac23afb7/f8bc963b-b2e8-45f7-80d3-988cede5f448/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/9db7a06a-4f0a-4b5b-8abb-9f3aac23afb7/f8bc963b-b2e8-45f7-80d3-988cede5f448/FormLogo.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 31 Mar 2023 19:32:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/VgjLzERih8MeSo4vme4Lw==
age
50619
content-length
90639
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Tue, 15 Dec 2020 19:27:11 GMT
server
cloudflare
etag
0x8D8A12F6B751639
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
841a5cd9-f01e-008f-45e1-5a96ba000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7b0b045e2a6e9229-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 31 Mar 2023 19:32:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
52900
x-ms-lease-status
unlocked
last-modified
Wed, 29 Mar 2023 06:32:00 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
3b7cb77f-201e-00a4-42bd-62e202000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7b0b045e2a6f9229-FRA
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=5329500&ntv_pl=773533
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.205.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-205-156.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:13 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=dddb80d8-1706-458e-9f09-6851559bddac&ntv_fl=MMTdWyeJBcdLcDTtFfyiRBPe8Vq-ba7jHN1vT59Rb8BW3DEcujvhtQb7oAp3nZidr6Uw8IpiNFCnQhUYAKu5vQra4OUVuv3OEWN3pa7IYIvCuQlDsLpOpV-W8p8TJXAT5R4o7h4MQMh1Q5AAlP3YvpGiv3HsVqtgAaWZ1i2-bNfPbEd-wbfGHxSfpPWkqglJ&ntv_ht=PTUnZAA&ntv_at=303,302&ntv_a=AAAAAAAAAAnc0LA&ord=1680291133141&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.205.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-205-156.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:13 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=3dbbd2c3-1388-4d62-91df-8a7bbab6c711&ntv_fl=wklKktgzCnjHRw7QsGHOxzNhXSYYdxQ6qfiLggX0SK7yzYR_alOE4aufqh75wcXmHLbrzIiBTBJGtNMW1vTIJ3ZHimAmeXpiGwWQzN8sYUl5ITWWMx6mQMFknOSoMOhlx94nEbFIPryx0Y49c3KeRNA1GiPmM8MTjPhn1DXUMZwmY3Ajqd7o8v1nun9mGMav&ntv_ht=PTUnZAA&ntv_at=303&ntv_a=AAAAAAAAAAUr0QA&ord=1680291133144&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.205.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-205-156.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:13 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=3966a05a-477e-4c90-8b44-9123139de4e8&ntv_fl=No53AUp_qTJmWJYNLYz3zDH7Dla8D2Bigrcdt2SscM17JO_NbJm5XKyzOGGHDRsUXVEvglYDW_1LCbWfmwu2mAqnTv0UAA3Iyq5PHQBaDMa3jx_zctzNPZsRTQ35y8HPf_dAPUigOd6qD_txhnub4mpa52QEUCH78UsxTwlipZKpd8V0HSFKyy5rb11AupRh&ntv_ht=PTUnZAA&ntv_at=303&ntv_a=AAAAAAAAAAU70QA&ord=1680291133144&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.205.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-205-156.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:13 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=62e4b00c-7a6a-4c0a-a720-cb5b316f8a4a&ntv_fl=miNEdYZhkQ016qn5OkGErteWbVfee99L6iQoR7ftguRfqstgjNXHosC6PCM7Vn9o-X7NTy4kvDpB4HD5eZjGnDxpWQj1MdbSeY1mINu3EOkBQYXBDwiri2fmhpMNsk_Feqv59T9HjeGYmONVDsxoab-Uig-R4EjRk5MH2ZtEK1iIluNQzwOhq2XxUv6Lk0i-&ntv_ht=PTUnZAA&ntv_at=303&ntv_a=AAAAAAAAAAVL0QA&ord=1680291133144&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.205.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-205-156.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:13 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1097042&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.205.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-205-156.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:13 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
config.json
c.go-mpulse.net/api/ 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ&d=www.mlive.com&t=5600970&v=1.720.0&sl=0&si=19976774-0088-429f-a54d-acf371d69170-rsegxo&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=468260
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:184::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
28445ab5a58bac3609ddba4d1200c1797a766b538fd6b0bdb0926fbe386f327c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 31 Mar 2023 19:32:13 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
600
content-length
0
date
Fri, 31 Mar 2023 19:32:13 GMT
server
nginx
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		75 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e949e0ba546cccd944b7fc64ebc3f97123638dd1b3af8eec5732cd599c2ed46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
7b0b0460a9c80482-FRA
vary
Accept-Encoding
content-type
text/javascript
navigation
www.mlive.com/pf/api/v3/content/fetch/ 		54 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/api/v3/content/fetch/navigation?query=%7B%22hierarchy%22%3A%22toprail%22%2C%22site%22%3A%22mlive%22%7D&d=1025&_website=mlive
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/engine/react.js?d=1025
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a46f1b447255d4cb87e390b09b540c216e7de87141a6d5f771295d0f91170fb8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
If-Modified-Since
1680290731493
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
202, 202
x-arc-pb-request-id
18a2235f-0816-4c45-94c2-f8f3a042b071
content-encoding
gzip
date
Fri, 31 Mar 2023 19:32:14 GMT
content-security-policy
upgrade-insecure-requests
x-arc-request-id
0.857d1302.1680291133.2002997
server-timing
cdn-cache; desc=MISS, edge; dur=927, origin; dur=28, ak_p; desc="466747_34831749_33565079_95575_13293_6_0";dur=1
content-length
8426
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 19:25:31 GMT
server
openresty
etag
W/"d65d-W/97ArCCglaFiNyJJPCrZwnyOKc"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=0
expires
Fri, 31 Mar 2023 19:32:14 GMT
navigation
www.mlive.com/pf/api/v3/content/fetch/ 		8 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/api/v3/content/fetch/navigation?query=%7B%22hierarchy%22%3A%22editions%22%2C%22site%22%3A%22mlive%22%7D&d=1025&_website=mlive
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/engine/react.js?d=1025
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
56c3bd8e16439dd0386e32f77e4e06097e73d3c7d41d381ec3b3d72ebbb7c35f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
If-Modified-Since
1680290732493
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
227
x-arc-pb-request-id
483907db-a96d-4f89-b555-5f9788559930
content-encoding
gzip
date
Fri, 31 Mar 2023 19:32:14 GMT
content-security-policy
upgrade-insecure-requests
x-arc-request-id
0.857d1302.1680291133.2002998
server-timing
cdn-cache; desc=HIT, edge; dur=649, ak_p; desc="466747_34831749_33565080_65704_11703_6_0";dur=1
content-length
918
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 19:25:32 GMT
server
openresty
etag
W/"1fc1-0YPFDL2CaJhneUggXVbQFCsbT6s"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=0
expires
Fri, 31 Mar 2023 19:32:14 GMT
pennant-api
www.mlive.com/pf/api/v3/content/fetch/ 		347 B
697 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/api/v3/content/fetch/pennant-api?query=undefined&d=1025&_website=mlive
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/engine/react.js?d=1025
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
94ceaecd271d90149cff5a9ea802ec5a44648312e42f9070c974ed01ca75b067
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
If-Modified-Since
1680290945057
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
120
x-arc-pb-request-id
46e7ef68-9d22-4139-907f-e00b2b69e5c5
content-encoding
gzip
date
Fri, 31 Mar 2023 19:32:14 GMT
content-security-policy
upgrade-insecure-requests
x-arc-request-id
0.857d1302.1680291133.2002999
server-timing
cdn-cache; desc=HIT, edge; dur=406, ak_p; desc="466747_34831749_33565081_40575_11851_6_0";dur=1
content-length
214
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 19:29:05 GMT
server
openresty
etag
W/"15b-cS8YIYNn0GriVTEXPFOIV/h3ZI4"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=17
expires
Fri, 31 Mar 2023 19:32:31 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1025
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43028dba729b98a17131ffa5004cc4553eecc9af046cdc24fa000bfaf5670ad9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25739
x-xss-protection
0
server
cafe
etag
136 / 19447 / 31073481 / config-hash: 4618862490447205413
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 19:32:13 GMT
10071.js
micro.rubiconproject.com/prebid/dynamic/ 		460 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/10071.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1025
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.70.117 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-70-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a253d93872743cba92c83449005c81b3cddfcd0d2707e443091fbcdfbc4dd4a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:13 GMT
content-encoding
gzip
last-modified
Fri, 31 Mar 2023 16:40:55 GMT
server
Apache
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-10071_MI_Desktop_Mobile.js
content-type
text/javascript
cache-control
public, must-revalidate, max-age=14400
content-length
133007
expires
Sat, 01 Apr 2023 16:55:20 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		224 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1025
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:20:57 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 19:29:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
677
x-amz-server-side-encryption
AES256
etag
W/"9bc5c23889e7664ec16504ac1d3adeb5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
eAf7KSwixkFsreSEWn319oe095dfQhqvrjZ9QxqIBysl8JLsyPgzGA==
lt.min.js
tags.crwdcntrl.net/lt/c/963/ 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1025
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-88.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5368918706a26d1fe5acb19bb4d139fd4dba0d5f330e16eb039d1986f3bf29a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 06:27:59 GMT
content-encoding
gzip
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 20:28:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
47055
x-amz-server-side-encryption
AES256
etag
W/"67c654dab9f54b593157047a3e33716d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
g2wEgVsmvCfsqDBcNDaXvsuHxuBf6S-IzD7BDnb_l_52y5Njs5GXTA==
navigation
www.mlive.com/pf/api/v3/content/fetch/ 		32 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/api/v3/content/fetch/navigation?query=%7B%22hierarchy%22%3A%22footer%22%2C%22site%22%3A%22mlive%22%7D&d=1025&_website=mlive
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/engine/react.js?d=1025
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
fd5fc803391179a38dcdd947ade7d023898c3f5d2a3ef5b1e9f50086f5275cea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
If-Modified-Since
1680290728252
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
222, 222
x-arc-pb-request-id
779d6fc3-c2dc-40b9-b24f-dbe63de1906d
content-encoding
gzip
date
Fri, 31 Mar 2023 19:32:13 GMT
content-security-policy
upgrade-insecure-requests
x-arc-request-id
0.857d1302.1680291133.2002ae7
server-timing
cdn-cache; desc=HIT, edge; dur=173, ak_p; desc="466747_34831749_33565415_18678_11817_6_0";dur=1
content-length
3376
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 19:25:28 GMT
server
openresty
etag
W/"7f23-qVHjXg1Mj1NjoyurqNaqi+Q5d64"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=0
expires
Fri, 31 Mar 2023 19:32:13 GMT
icon-menu-outline.svg
www.mlive.com/pf/resources/images/common/icons/ 		523 B
954 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/icon-menu-outline.svg?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1025
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
3f5684bf5aa4a6eb5c9015394c8739dff39377a73adf72c30ba511d0ab5b50f3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1025
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
date
Fri, 31 Mar 2023 19:32:13 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Y0076GF96DVZFFS9
x-amz-server-side-encryption
AES256
x-arc-request-id
0.857d1302.1680291133.2002ae8
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33565416_1568_10442_6_0";dur=1
content-length
278
x-amz-id-2
fNvm3sEtfL/jzKKYk9z+EKbKcOU6U6AEY3G4WQnq1qG1yUzLtqi71JKtgTenMF+n8tJCDMrZBMA=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:01:25 GMT
server
openresty
etag
W/"ef41b0e325b0902f9a8781e21cc20457"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
image/svg+xml
access-control-allow-origin
*, *
cache-control
public, max-age=31536000
expires
Sat, 30 Mar 2024 19:32:13 GMT
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/advancelocal/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 31 Mar 2023 19:32:13 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
client
accounts.google.com/gsi/ 		195 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1025
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
418625cbb8fa78d478dd872ec56402b37f0f19b3a8f4fca7400de039fe92d1d9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dOGIzFSm7JyU_eyW82NnBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:13 GMT
content-security-policy
script-src 'report-sample' 'nonce-dOGIzFSm7JyU_eyW82NnBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 31 Mar 2023 19:32:13 GMT
v2ega836j6q294nithPnMiBqw3t-Acuc9Sq1GYv3fNNX7AN5EmNCnLoVyQez7_2rnjiqVC9uP
satisfycork.com/ 		3 B
27 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/v2ega836j6q294nithPnMiBqw3t-Acuc9Sq1GYv3fNNX7AN5EmNCnLoVyQez7_2rnjiqVC9uP
Requested by
Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 31 Mar 2023 19:32:13 GMT
via
1.1 google
x-buildnumber
814291840
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
x-hostname
fen-hoothoot-europe-west1-spot-96h0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
user-white.svg
www.mlive.com/pf/resources/images/common/icons/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/user-white.svg?d=1025
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1025
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1025
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
date
Fri, 31 Mar 2023 19:32:13 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Y0069AJF0SNVB61R
x-amz-server-side-encryption
AES256
x-arc-request-id
0.857d1302.1680291133.2002ae9
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466747_34831749_33565417_1363_15218_6_0";dur=1
content-length
2508
x-amz-id-2
DTWDPRLjerASYLAE8+VzbbVMohTAXGxoKqaQNzkteMPdvumSen6jbf9DSR/X/1ciWDYxcfHFa6g=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 Mar 2023 15:01:25 GMT
server
openresty
etag
W/"fdc13d9553130cf8463df06e8ba5682d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Sat, 30 Mar 2024 19:32:13 GMT
c1c906d9163532a7136b6b5dfcd50b4c
h312.mlive.com/plugin/plugin/ 		137 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/plugin/plugin/c1c906d9163532a7136b6b5dfcd50b4c
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-124.fra56.r.cloudfront.net
Software
- /
Resource Hash
6ff75a6aff02372d9bb7b274357cd9786444781204d3c52a46a2049b6fb3957b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 08:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
age
818880
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
37302
x-xss-protection
1; mode=block
last-modified
Tue, 21 Mar 2023 08:04:13 GMT
server
-
etag
c1c906d9163532a7136b6b5dfcd50b4c
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
Q89DWPHJc8eisV6UcIOBrbIzVb8rnO-FHzYmVYX9IEerluNRGa1Q6A==
expires
Thu, 21 Mar 2024 08:04:13 GMT
LB-Zone-3
h312.mlive.com/DG/DEFAULT/rest/rpc/1030/ 		354 B
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1030/LB-Zone-3?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=da6cfc10-4967-4dfc-acaf-b840bee6f159&overruleReferrer=&time=2023-03-31T19%3A32%3A13%2B00%3A00&ts=1680291133759
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-124.fra56.r.cloudfront.net
Software
- /
Resource Hash
0018c97d3cf4a375fc6f1ab479f2cdee01102921e499239b72067c493485933e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Mar 2023 19:32:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
232
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
feeinNqHIIHPnRVFR_WKC47mf_YhoO50mqPcvRk0CFY1v0RRE7cQ2w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=Microdata&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1680291133768&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22og%3Adescription%22%3A%22Get%20the%20latest%20Michigan%20Local%20News%2C%20Sports%20News%20%26amp%3B%20US%20breaking%20News.%20View%20daily%20MI%20weather%20updates%2C%20watch%20videos%20and%20photos%2C%20join%20the%20discussion%20in%20forums.%20Find%20more%20news%20articles%20and%20stories%20online%20at%20MLive.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia.mlive.com%2Fstatic%2Fmlive%2Fstatic%2Fimg%2Flogos%2Flogo_fb.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22og%3Asite_name%22%3A%22mlive%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%22%7D%5D&sw=1600&sh=1200&v=2.9.100&r=stable&ec=2&o=30&fbp=fb.1.1680291133100.1626513466&it=1680291132735&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 31 Mar 2023 19:32:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=Microdata&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1680291133770&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22og%3Adescription%22%3A%22Get%20the%20latest%20Michigan%20Local%20News%2C%20Sports%20News%20%26amp%3B%20US%20breaking%20News.%20View%20daily%20MI%20weather%20updates%2C%20watch%20videos%20and%20photos%2C%20join%20the%20discussion%20in%20forums.%20Find%20more%20news%20articles%20and%20stories%20online%20at%20MLive.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia.mlive.com%2Fstatic%2Fmlive%2Fstatic%2Fimg%2Flogos%2Flogo_fb.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22og%3Asite_name%22%3A%22mlive%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%22%7D%5D&sw=1600&sh=1200&v=2.9.100&r=stable&ec=2&o=30&fbp=fb.1.1680291133100.1626513466&it=1680291132735&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 31 Mar 2023 19:32:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
4c00fcdcbc6c455ae00401b201cc63ff
h312.mlive.com/plugin/library/ 		323 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/plugin/library/4c00fcdcbc6c455ae00401b201cc63ff
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-124.fra56.r.cloudfront.net
Software
- /
Resource Hash
d0f885f308112744715869ebba25cbaef30b8196d652a761a3ca02862b7869da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 08:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
age
818880
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
102680
x-xss-protection
1; mode=block
last-modified
Tue, 21 Mar 2023 08:04:13 GMT
server
-
etag
4c00fcdcbc6c455ae00401b201cc63ff
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
xvmwjaaeH8aQ5NQtxaXPGvzTURvX-1snAVaFZ8N-xelzfV9WcujNlg==
expires
Thu, 21 Mar 2024 08:04:13 GMT
LB-Zone-3
h312.mlive.com/DG/DEFAULT/rest/rpc/1030/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1030/LB-Zone-3?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=da6cfc10-4967-4dfc-acaf-b840bee6f159&overruleReferrer=&time=2023-03-31T19%3A32%3A13%2B00%3A00&ts=1680291133789
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-124.fra56.r.cloudfront.net
Software
- /
Resource Hash
816f051e6504c024ff69505d7230c6fcf192ec9f9619154f6ccfec0bfef4062b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1312
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
bD9Uh2seQ7irypWI27QFubl38IyxFVCiDjQBY1AMzo9EWfAULUkFOg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/ 		399 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js?cb=31073481
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4271be75b6549727b2f6b020a48a3df7d47a7e97f70371379935d25d52dbdd2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 14:07:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
19459
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126961
x-xss-protection
0
server
cafe
etag
11043018428268230335
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 30 Mar 2024 14:07:54 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1 KB
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eaf72a16915b22085727866ce28a4b306711fd041a33ead2c759302c650ef9dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
394
x-xss-protection
0
expires
Fri, 31 Mar 2023 19:32:13 GMT
set
privacy.crwdcntrl.net/consent/ 		301 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy.crwdcntrl.net/consent/set?ct=skip&ca=1&ccd=1&cds=1&cta=1&c=963
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.100.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-100-85.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e3bfbff2600d61f009d961d999a8ab20450a8fd7a91d4a9080b7209b47482ee0

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:13 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.9.172
access-control-allow-credentials
true
content-length
301
expires
0
data
bcp.crwdcntrl.net/6/ 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.50.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-50-80.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
411d4f64006c2258badaf1ddbc14319ad3445977e6f2813e7e3521021093170c

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:13 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.16.50
access-control-allow-credentials
true
content-length
60
expires
0
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3178&u=https%3A%2F%2Fwww.mlive.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
cdc09616482b23651a59600f7be19ae57c62086f99faadb86e7da494a585c05a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 16:35:39 GMT
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
10593
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1675
x-amz-cf-id
rzHBC02n2bMHuNVmULlV8PgIAX862ZlzVdCsiKBFhtbabQfTqfn44w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
JWp1qp7MFzulJHtnMcdn8BBX506LKUt8
content-encoding
gzip
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
date
Fri, 31 Mar 2023 02:15:23 GMT
x-amz-cf-pop
FRA56-P6
age
62243
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 28 Mar 2023 02:10:35 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
v4s38vVwNpsAY4f-arH1nBhhsAWVKZ5qWpmSuiBLUp1AJbU18xdY4Q==
style
accounts.google.com/gsi/ 		533 B
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Cl4NXcz5f6QUPLlk0_3O2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:13 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Cl4NXcz5f6QUPLlk0_3O2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 31 Mar 2023 19:32:13 GMT
status
accounts.google.com/gsi/ 		40 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=339703812340-kido2ms26ssegr4jpn27vo7ro7hgkjme.apps.googleusercontent.com&as=8xTpdQ1s87yJc%2FRWO2ItPA
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c37eba8ad39d59aa4b235b5553dbe328ddd2ad1b564706eeb6f4310265cef90
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cEsjFpOT5o8NHR8kj0aiHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:13 GMT
content-security-policy
script-src 'report-sample' 'nonce-cEsjFpOT5o8NHR8kj0aiHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
10071-pbjs-floors.json
ads.rubiconproject.com/floors/ 		60 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/10071-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.70.117 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-70-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b4db4ba996641abb9b820c48703e36b8b9d04a7d7cdb1758b99e7b91fe9cff79

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Mar 2023 19:32:13 GMT
content-encoding
gzip
last-modified
Fri, 31 Mar 2023 18:40:55 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
6320
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1680291133854&se=e30&duid=94c49eadf2ac--01gwwjfycw0c5c0jernr7x4h8s&pu=https%3A%2F%2Fwww.mlive.com%2F&us_privacy=1---&wpn=prebid
  • https://rp4.liadm.com/j?dtstmp=1680291133854&se=e30&duid=94c49eadf2ac--01gwwjfycw0c5c0jernr7x4h8s&pu=https%3A%2F%2Fwww.mlive.com%2F&us_privacy=1---&wpn=prebid&i6=MmEwMjo2ZWEwOmM3MWI6MDoxMDExOjRlMzp...
42 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1680291133854&se=e30&duid=94c49eadf2ac--01gwwjfycw0c5c0jernr7x4h8s&pu=https%3A%2F%2Fwww.mlive.com%2F&us_privacy=1---&wpn=prebid&i6=MmEwMjo2ZWEwOmM3MWI6MDoxMDExOjRlMzpjNzdjOmVjOTI%3D&n3pc=true
Protocol
H2
Server
34.234.4.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-4-175.compute-1.amazonaws.com
Software
/
Resource Hash
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
x-pixel-event-id
734cd1c9-a078-42d3-a847-89594ba49407
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
99926b46f313b372
content-length
42
x-xss-protection
1; mode=block

Redirect headers

date
Fri, 31 Mar 2023 19:32:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1680291133854&se=e30&duid=94c49eadf2ac--01gwwjfycw0c5c0jernr7x4h8s&pu=https%3A%2F%2Fwww.mlive.com%2F&us_privacy=1---&wpn=prebid&i6=MmEwMjo2ZWEwOmM3MWI6MDoxMDExOjRlMzpjNzdjOmVjOTI%3D&n3pc=true
access-control-allow-origin
https://www.mlive.com
request-time
0
access-control-allow-credentials
true
trace-id
0121ff932ab2bba9
content-length
0
x-xss-protection
1; mode=block
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.32.87 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-32-87.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:13 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 31 Mar 2023 19:47:13 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-88.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26840d8e6a3847df23553537b405e9badca0dff237b0854f15d04656dd57e40e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 08:55:10 GMT
content-encoding
gzip
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 22:36:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
38224
x-amz-server-side-encryption
AES256
etag
W/"4c91450a102f312a8d75826eeee52ef9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
eyJA_YUO8YH6Nad7NBjUZCP1GxFnAvd_KR_ZUwrX77JRV0eo_7Lk4A==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e7427b8419cc7f191acc60e33a1afa153c59423f183182cb731f8a9f0c612d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:13 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 13:19:47 GMT
server
cloudflare
x-amz-request-id
2A1SSJG6H5AH0SQF
age
246
etag
W/"8aee2c14f819a80ea38a4ce5f70b364a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7b0b0462dbcc2ba4-FRA
x-amz-id-2
aglsuJPKr/OED1fsJCch/upoDZB3s39rZwLP+qPCeqHrkEwEqYYyaRIICdTKOIg+RrPWaa86uw8=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.189.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-189-46.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 31 Mar 2023 19:32:14 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.189.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-189-46.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 31 Mar 2023 19:32:14 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.mlive.com%2F&pid=lK7ArDg6zj1mV&cb=0&ws=1600x1200&v=23.320.1710&t=1500&slots=%5B%7B%22sd%22%3A%22ad-small-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%2C%7B%22sd%22%3A%22ad-small-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%2C%7B%22sd%22%3A%22ad-large-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
109VMJTPNJXR5DRD6SPQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
cv4gIOQE2bEcRVsvEeYjK9GSM2P_UVxWmXmmOPzGc8BqMK3JS3Ok-w==
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js?cb=31073481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js?cb=31073481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1641706683976984&correlator=2277198935009061&eid=31073481%2C31073353&output=ldjh&gdfp_req=1&vrg=202303270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x91%7C970x91&ifi=1&adks=2024654923&didk=597696865&sfv=1-0-40&fsbs=1&prev_scp=rg_adslot%3DInFeed_Center_Wide_Adhesion%26rg_atf%3Dtrue%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Center_Wide_Adhesion%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Center_Wide_Adhesion%26rg_a9%3DAdvance_MI_ATF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta&eri=1&cust_params=ccaud%3D%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop&sc=1&cookie_enabled=1&abxe=1&dt=1680291133952&lmt=1680291011&dlt=1680291132214&idt=1688&adxs=0&adys=12929&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&frm=20&vis=1&psz=728x4&msz=728x0&fws=4&ohw=728&ga_vid=1631561048.1680291133&ga_sid=1680291134&ga_hid=516466839&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJGQ5MDI5ZGI2LTgyNTItNDRjNi1iZTJlLWYzN2ZmY2U2NDUyMVgB
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js?cb=31073481
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c31e3b8eac2d0e1922381df6d7ebbc37a41c5f3d2dc0bfcd169a539f8221db3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
583
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7F85 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js?cb=31073481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 31 Mar 2023 19:32:14 GMT
expires
Sat, 30 Mar 2024 19:32:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
map
bcp.crwdcntrl.net/6/ 		60 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.50.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-50-80.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab84e01b3a53b9e8982d66bd68befb459045f9d4acf0be5cb5c9abf294d106bf

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:13 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.7.225
access-control-allow-credentials
true
content-length
60
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=488240
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7170e9b4cce2c0e66ff05e54669f61151f4e753f62bccdb02d4551b168c2cdd2

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pW9Ie5R2G1JpOgu8cV05my9mDeeNIIhYK71rTvgO9380pm7ghvhcCeovBE8DjhBInjVCI6%2B4vhP6E2mCcPnZoGvUVZM7ycpeGlXh0AZsiwH0cOHyV02Ku%2BO1RMD4jUymWVZgYz9i"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7b0b0463b917085b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		669 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311380&zone_id=1580874%3B1580870%3B1580874&size_id=15&us_privacy=1---&eid_pubcid.org=d9029db6-8252-44c6-be2e-f37ffce64521%5E1&rf=https%3A%2F%2Fwww.mlive.com%2F&tg_i.page=https%3A%2F%2Fwww.mlive.com%2F&tg_i.domain=mlive.com&tg_i.aupname=344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right%2Crg_platform%3Ddesktop%3B344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Left%2Crg_platform%3Ddesktop%3B344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right%2Crg_platform%3Ddesktop&tg_i.pbadslot=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-2%3B344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-1%3B344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-large-1&tk_flint=dmpbjs_v7.40.0&x_source.tid=3f33b388-9a33-4a0c-b87f-e0ab8e63bffb%3B17c7ff09-d805-46c0-8dac-3312bfc284e7%3B655bf74e-1a68-465a-bbd8-1e0bdb2e9dda&l_pb_bid_id=6370c675bef054%3B70bc35703fbdca%3B88476677172929&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.63%3B0.66%3B0.67&rp_maxbids=1&p_gpid=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-2%3B344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-1%3B344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-large-1&slots=3&rand=0.24275853366327316
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b60c57e3a82806f29e660fbaaa2a85677f17819aeccdebf669df9fea3eceda40

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:14 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.mlive.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		353 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3ef33c87826680fded7526c2f1846330143a4ac4f9b71376107ab82c8a99f3b4

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Fri, 31 Mar 2023 19:32:14 GMT
prebid
exchange.postrelease.com/ 		0
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?us_privacy=1---&ntv_ptd=1134022,1134019&ntv_pas=eyIxMTM0MDE5IjpbWzMwMCwyNTBdXSwiMTEzNDAyMiI6W1szMDAsMjUwXV0sImxlbmd0aCI6Mn0=&ntv_ppf=eyJhZC1zbWFsbC0yIjp7ImJhbm5lciI6eyIzMDB4MjUwIjowLjYzLCIqIjowLjYzfSwiKiI6eyIqIjowLjQ4LCIzMDB4MjUwIjowLjQ4fX0sImFkLXNtYWxsLTEiOnsiYmFubmVyIjp7IjMwMHgyNTAiOjAuNjYsIioiOjAuNjZ9LCIqIjp7IioiOjAuNDgsIjMwMHgyNTAiOjAuNDh9fSwiYWQtbGFyZ2UtMSI6eyJiYW5uZXIiOnsiMzAweDI1MCI6MC42NywiKiI6MC42N30sIioiOnsiKiI6MC40OCwiMzAweDI1MCI6MC40OH19fQ==&ntv_pb_rid=13ad9bfc0678f53&ntv_ppc=W3siYWRVbml0Q29kZSI6ImFkLXNtYWxsLTIiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX0seyJhZFVuaXRDb2RlIjoiYWQtc21hbGwtMSIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fSx7ImFkVW5pdENvZGUiOiJhZC1sYXJnZS0xIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19XQ==&ntv_dbr=eyJhZC1zbWFsbC0yIjowLCJhZC1zbWFsbC0xIjowLCJhZC1sYXJnZS0xIjowfQ==&ntv_url=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.161.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-161-80.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 31 Mar 2023 19:32:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
dc782f2805dc242386580c8cf0a31db71f658cb8b71d8e7a8734288bf7c15b07
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 31 Mar 2023 19:32:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		67 B
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?bcsessionid=da6cfc10-4967-4dfc-acaf-b840bee6f159&&callback=bc_json1032
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.113.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-113-20.compute-1.amazonaws.com
Software
- /
Resource Hash
ad414760b7daffef852b0ec1af8ca07aab5f50b59808d11141df8d8b52977f94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
87
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
392.json
id5-sync.com/g/v2/ 		216 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/392.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
6e14c7e102d332e2f502834594a48888d988c3f8a641a6b57a19b027007c54d7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 31 Mar 2023 19:32:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
1030
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1030?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=da6cfc10-4967-4dfc-acaf-b840bee6f159&bctempid=&overruleReferrer=&time=2023-03-31T19%3A32%3A14%2B00%3A00&ts=1680291134110
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-124.fra56.r.cloudfront.net
Software
- /
Resource Hash
85207c595a40b93dc8e07532c86aca11932925b7f1b733731f032a982fcd613a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
3111
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
yIJ_Hl4FsopWKdKl1P20QIZp73yFcsN4gFgSQUHZl37J10YtCTTXCg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
predict
h312.mlive.com/rest/custom/frontend/listener_realtime_model/ 		2 B
904 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/rest/custom/frontend/listener_realtime_model/predict?itemId=93193c90-1299-460a-add2-602384af02fc&profileId=da6cfc10-4967-4dfc-acaf-b840bee6f159
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/plugin/plugin/c1c906d9163532a7136b6b5dfcd50b4c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-124.fra56.r.cloudfront.net
Software
- /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
2
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, no-cache="Set-Cookie"
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
nmNPSOLFaNDr6upE_r69XxBhhDdftU_TN7wlS6A9M7kQXlVNXffvSw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1030
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		365 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1030?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=da6cfc10-4967-4dfc-acaf-b840bee6f159&bctempid=&overruleReferrer=&time=2023-03-31T19%3A32%3A14%2B00%3A00&ts=1680291134152
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-124.fra56.r.cloudfront.net
Software
- /
Resource Hash
a0046dd0685c0cde4adb1c4c377ff545dc30f85e69b0e9cdffcbb1698bbd0a49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
173
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
7ChK6t0NHSG3ETDqHgFbM8_4DDviooYG35uGt7FXxySRBZddyZKnXQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1030
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1030?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=da6cfc10-4967-4dfc-acaf-b840bee6f159&bctempid=&overruleReferrer=&time=2023-03-31T19%3A32%3A14%2B00%3A00&ts=1680291134154
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-124.fra56.r.cloudfront.net
Software
- /
Resource Hash
8189be012071c0b42e5c14cb02978cee34afefc34d8585ecdb54d4b3f0393a24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
163
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
54gLSZ_Gzh72VTZNHtYy9FgPg46v9eXVVMOIcpmwwh1fWEH0atP18g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=516466839&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blueconic&ea=segments&_u=aDDAAEABAAQCACgFK~&jid=&gjid=&cid=1631561048.1680291133&tid=UA-16643585-16&_gid=1801030995.1680291133&gtm=45He33t0n81TLXFLCR&cd1=undefined&cd2=1---&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=Blueconic%20-%20event%20call&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd64=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-b&cd61=1631561048.1680291133&cd76=a0002%2Ca0022&cd77=undefined&cd78=undefined&cd79=undefined&cd80=undefined&cd85=undefined&cd89=undefined&cd96=1&cm1=undefined&cm2=undefined&cm3=undefined&cm4=undefined&z=17195649
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5222
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1030
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1030?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=da6cfc10-4967-4dfc-acaf-b840bee6f159&bctempid=&overruleReferrer=&time=2023-03-31T19%3A32%3A14%2B00%3A00&ts=1680291134160
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-124.fra56.r.cloudfront.net
Software
- /
Resource Hash
406c09d0baf42527796e25e2238deeebe5a7c22fa60ca0c2fa0c7a747be07ea6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
164
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
dshLS4i2jmZZ4fEnuRb7-KU5ZpLMJSJLG2Jzk39IOmYEiRtQ7vwDhw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1030
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1030?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=da6cfc10-4967-4dfc-acaf-b840bee6f159&bctempid=&overruleReferrer=&time=2023-03-31T19%3A32%3A14%2B00%3A00&ts=1680291134165
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-124.fra56.r.cloudfront.net
Software
- /
Resource Hash
57bc7bab1e636bc97b40d59c22263cfcf6128e16f0226be3880eb503a26cefa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4095
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
6kjX1UDdC8JbyjMIBZpQdzZtKEgIg8Y2DqyjqiSYJG5V2Nrhmo_fKw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_HEADER1&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=4&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&t=1680291133030&de=106378168487&rx=680545404177&m=0&ar=03b6d3f0bdc-clean&iw=21030cf&q=1&cb=0&cu=1680291133030&ll=2&lm=0&ln=0&em=0&en=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=advanceddigitalheader640552616592&fd=1&it=500&ti=0&ih=2&pe=1%3A748%3A748%3A0%3A758&fs=202622&na=178012692&cs=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:14 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 31 Mar 2023 19:32:14 GMT
up
insight.adsrvr.org/track/ Frame CD79 		0
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=4pdxx2d&ref=https%3A%2F%2Fwww.mlive.com%2F&upid=p5qqvcp&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html
date
Fri, 31 Mar 2023 19:32:14 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202303270101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js?cb=31073481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
601b0120d0d3d77ac75eb46c71da8ea368db1da0b9553e7acbb896ee37fa3417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11200
x-xss-protection
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.mlive.com%2F-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk3MH%3Cy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-teFyB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-rRcdWwIJVy50og%3D%3D&sc=1&os=1-iA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=FBM%3DV%3Ch%3B7R&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1680291133030&de=106378168487&rx=680545404177&cu=1680291133030&m=1143&ar=03b6d3f0bdc-clean&iw=21030cf&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=12925&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A748%3A748%3A0%3A758&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=202622&na=888708071&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:14 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 31 Mar 2023 19:32:14 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js?cb=31073481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 31 Mar 2023 19:32:14 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js?cb=31073481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js?cb=31073481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		82 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1641706683976984&correlator=2277198935009061&eid=31073481%2C31073353&output=ldjh&gdfp_req=1&vrg=202303270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3&prev_iu_szs=300x250%2C300x250%2C300x250&ifi=2&adks=1117919376%2C1117919391%2C3501067380&didk=2832267644~2832267645~3933728591&sfv=1-0-40&fsbs=1%2C1%2C1&prev_scp=rg_adslot%3DInFeed_Right%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Right%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3DMI-desktop-InFeed_Right-2%7Crg_adslot%3DInFeed_Left%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Left%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Left%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Left%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3DMI-desktop-InFeed_Left-2%7Crg_adslot%3DInFeed_Right%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D2%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Right%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3DMI-desktop-InFeed_Right-2&eri=1&cust_params=ccaud%3D0%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26bc%3D0&sc=1&cookie=ID%3D067af2d1a28fb085-2240661e4cdc00e7%3AT%3D1680291133%3AS%3DALNI_MYG2DHbHHty_OmtNFkdQ9y3xe3yRw&gpic=UID%3D00000bf91bcd2fa4%3AT%3D1680291133%3ART%3D1680291133%3AS%3DALNI_MaCZAkLp11v8y1SkRD_uKC4cmY_Eg&abxe=1&dt=1680291134341&lmt=1680291011&dlt=1680291132214&idt=1688&adxs=1135%2C165%2C1135&adys=155%2C867%2C895&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&frm=20&vis=1&psz=300x24%7C300x274%7C300x24&msz=300x24%7C300x274%7C300x24&fws=0%2C512%2C512&ohw=0%2C0%2C0&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=1631561048.1680291133&ga_sid=1680291134&ga_hid=516466839&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJGQ5MDI5ZGI2LTgyNTItNDRjNi1iZTJlLWYzN2ZmY2U2NDUyMVgB
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js?cb=31073481
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
122aaa4e165e4145eea037982503fe0dd367536b68211a7206e80cc48e4a4c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22700
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E00C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6545
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 31 Mar 2023 17:43:09 GMT
expires
Sat, 30 Mar 2024 17:43:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CAFF 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e4bcd43730aec47f4914042f1c20d5f8cc9fda3f79de1081a1a1a59fd989799e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oVAsOLeUhNYcsoMsIBA2dQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-oVAsOLeUhNYcsoMsIBA2dQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 31 Mar 2023 19:32:14 GMT
expires
Fri, 31 Mar 2023 19:32:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
pagead2.googlesyndication.com/bg/ Frame E00C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 09:34:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
35838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14293
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 13:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Mar 2024 09:34:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CAFF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202303270101&jk=1641706683976984&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers
1030
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1030?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=da6cfc10-4967-4dfc-acaf-b840bee6f159&bctempid=&overruleReferrer=&time=2023-03-31T19%3A32%3A14%2B00%3A00&ts=1680291134444
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-124.fra56.r.cloudfront.net
Software
- /
Resource Hash
fadd74ac1cf4915d3c609388e46eda3e941d8e27b97641eaa979cc34d51fddd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4096
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
JWO-WyzyJDIWxxptL4ttl3bCkgfgAVqGMJ-RFZhs5o-2sH87ec18jw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame E00C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?78qHzQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
3723
idx.liadm.com/idex/prebid/ 		50 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/3723?duid=94c49eadf2ac--01gwwjfycw0c5c0jernr7x4h8s&us_privacy=1---&resolve=nonId
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.56.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-56-141.compute-1.amazonaws.com
Software
/
Resource Hash
1962878d21f1f7b8cd5ab5e124793b16b3398ad213dec9a04486bcb74edbad22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
2
content-type
application/json
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
trace-id
78dcaa260a2b616a
content-length
50
expires
Sat, 01 Apr 2023 19:32:14 GMT
getuserdbdata
app.matheranalytics.com/u/ 		54 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.matheranalytics.com/u/getuserdbdata
Requested by
Host: js.matheranalytics.com
URL: https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.255.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.255.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 31 Mar 2023 19:32:14 GMT
via
1.1 google
content-type
text/plain
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
0-gc-use1-hkjc0113
execute
c2.piano.io/xbuilder/experience/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
624a213ebd43a1962ca3f465a44b370be78a5b0fc60ce3638daa4e282a558d3f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
i8uptku3ww
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
7b0b04674fe12c76-FRA
baker
ead.mlive.com/ 		19 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ead.mlive.com/baker?dtstmp=1680291134602
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.106.221 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-106-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Expires
Fri, 31 Mar 2023 19:32:14 GMT
Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:14 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ud&error=uid%2Fmuid%2Fduid%20not%20found&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=496b184f-7c7c-4750-9e96-132fa14f143d&pid=c42cdc74-46c6-4611-b998-0ba192360199&dtm=1680291134782&qnm=_matherq&visible=1&tabid=be215bde-2ee6-4ef2-8831-3f8b134c4738&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x12925&tofa=1680291133&vid=1&lvidt=1680291133&duid=9ee8b86c10495836&fp=4001717511&cid=ma63527&mrk=484602605&cx=eyJ1c2VyREIiOnsic2VnbWVudHMiOltdLCJtZXRlckRhdGEiOnsibWV0ZXJUaHJlc2hvbGQiOiIwIiwicmVzZXRNZXRlciI6IjAifSwicGFnZVZpZXdzIjoiMiIsInVzZXJEQkZldGNoIjoiMSIsImVyciI6InVpZC9tdWlkL2R1aWQgbm90IGZvdW5kIiwibmV4dFVwZGF0ZSI6IjE4MDAwMDAiLCJuZXh0VXBkYXRlVFMiOiIxNjgwMjkyOTM0NTU0In19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-79.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 31 Mar 2023 19:32:14 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js?cb=31073481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-88.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 08:55:10 GMT
content-encoding
gzip
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 22:36:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
38225
x-amz-server-side-encryption
AES256
etag
W/"4fd6c99ca40fed5d11cbd9e1b76a92f1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
pSobWmLSbOjwr94W65V18YPvUGHBh8NFsvNr6RcJny8qQ72Xa9TDNw==
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js?cb=31073481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-9c21"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Apr 2023 19:32:15 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js?cb=31073481
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:d400:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 04:34:35 GMT
Via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 04:07:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
53860
x-amz-server-side-encryption
AES256
ETag
"aded621b17723f487b3c9d0e43cf2f94"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1859
X-Amz-Cf-Id
LygSyNvSFGDjKvRtiRxZKO53u169FCwNt9_lHO289-yCufZv7QGeIQ==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js?cb=31073481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 05:10:35 GMT
content-encoding
gzip
age
1347699
x-guploader-uploadid
ADPycdsRdNetRtDsJgQiW3jYUzNf--RNUpFn-nwKEqicmnAPK9Kxkrw33U8-Nf4bE3OVkYOkM3hRKPoN1ickSNTXQUfbEEpP_Dou
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 15 Mar 2024 05:10:35 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js?cb=31073481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
099c242b7f21357ba887e27ac080dd6799d369d07511e1a788c633f40a6790b0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 13:19:47 GMT
server
cloudflare
x-amz-request-id
KH5EKF6A9VRKWPP0
age
27
etag
W/"c248fe2e1769ec0b3fd66c9a48efe1d4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7b0b0468bd582ba4-FRA
x-amz-id-2
VVXsP6+6qeMWbMHwHXOtx9RQ+RaHOvtFiSB7w8ZvAUm/72ljoHUXn5s3Gmn6k+ofR3SahOWncEQmuFDK7p6NIw==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js?cb=31073481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
39443
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230037-FRA, cache-yyz4557-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BpZmDgAUpBC9D38iep1EnvwJm2yzEjCNJe4BDzuYWcY4710WBXzGGnUOJIMQ2FWZi79abzAQx9hLwmH6%2FT4ZAt2tNxjNUcm4QZLALA5yroEvLEpLw6bWcRL4l7UzBARj5gQMaaPoaqy2Alwsuk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7b0b0468d8279c0c-FRA
container.html
309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E727 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js?cb=31073481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 31 Mar 2023 19:32:14 GMT
expires
Sat, 30 Mar 2024 19:32:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CD8A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js?cb=31073481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 31 Mar 2023 19:32:14 GMT
expires
Sat, 30 Mar 2024 19:32:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E312 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js?cb=31073481
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 31 Mar 2023 19:32:14 GMT
expires
Sat, 30 Mar 2024 19:32:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6128 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGMCumuIBMAE&v=APEucNXz2Z_mJUJf3JvmTO8HYp02y0Yf5DBnF_jqhv2CIMxRwNjTVdPXCtlH_sY06krMRxZRFkDnFxLscsHGImHy82eWDEpODzKc27nxW4yjorXy1sKwWc7ec5N6u8PxZrDQRFGmaxLARxUgRYYpiKO3GyeG6YHWkYNMcvPJ5XIh_i8y1HqItVBsC_VTj7a8mE6qltAQlqX1
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 31 Mar 2023 19:32:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E727 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 19:32:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E727 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CuPGnWBI9bbcSd5dhol96qq4Ts6BH-YhRqZd1LnFnJXdpXVPKe-AaQeyKe85f_mppsuGg_vpOnqPaOqM0sh7jjvRF7TlRNq2K2enp1Lre6wxfFaRQ
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E727 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9663790554388610239&x=1&ct=77
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame E727 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=203336&plc=7224804&sid=18330&dvregion=0&unit=300x250
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 19:32:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 10:59:51 GMT
Server
Microsoft-IIS/10.0
ETag
"2d4a10aae224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame E727 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 17:42:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
6556
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Apr 2023 17:42:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame E727 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 22:31:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
75672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8268
x-xss-protection
0
server
cafe
etag
8048349561987089234
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Apr 2023 22:31:02 GMT
l
www.google.com/ads/measurement/ Frame E727 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRFtZEyGL6N0d_yTharNBwGKW-NXsb0VUeDKePxUNAXnAYdYCyNNx795aIs_cCHxOCG9e0su6uzIXX9TbJP1kqPGg3mVw
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E727 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49585
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1680090252828925"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Mar 2023 19:32:14 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7531 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGMCumuIBMAE&v=APEucNXJhEo3V6L_uxNIXx7N-iZj22K7almfg5F5TdZJdyQbb6yyZOZeXoGiL1fEJYyy3_yM01aMcCE213gzZrkh97gLzXI1Q3CdhVI6_qjYJFdizAT-FennXgAuHrW4sDaWoTdjujQu35QP5OevoSyl2UrpZgb8ckzcyep6KR0K3BgBn7v2RIIWauQiSZ6-ufMNOt85RklW
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 31 Mar 2023 19:32:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame CD8A 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 19:32:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CD8A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Duf4SPQvB8rkQeNarsfKZNjhtU3ClvocE6Ly_HrRwCqvyH8Zzcryjo8EFtUfdA0sehOAvFmGa0t-E8CZxVOVVGaRjwnIs7nzLInTL597qbJz5nd4Y
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CD8A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12602446092971919153&x=1&ct=77
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame CD8A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=203336&plc=7224804&sid=18330&dvregion=0&unit=300x250
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 19:32:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 10:59:51 GMT
Server
Microsoft-IIS/10.0
ETag
"2d4a10aae224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame CD8A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 17:42:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
6556
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Apr 2023 17:42:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame CD8A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 22:31:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
75672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8268
x-xss-protection
0
server
cafe
etag
8048349561987089234
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Apr 2023 22:31:02 GMT
l
www.google.com/ads/measurement/ Frame CD8A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSM08gT2iM8NAwky4iKbLoU8HsKnuN_xJOy5W2-gQ1hiJ_1i6I6U91Nfeh2KPnJvUMpU0VttMK0AGirqXs0TV6enWtN7Q
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CD8A 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49585
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1680090252828925"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Mar 2023 19:32:14 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.50.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-50-80.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e733ee35a667f46bbbd241b005c9c360552a2c687ade64d693e7eea5385ee5cf

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:14 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.20.162
access-control-allow-credentials
true
content-length
60
expires
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame F130 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGMCumuIBMAE&v=APEucNW3GMciysCL3uhEgixXdUT9e1Lm-uOs5PMFyHbsw6ux2gfVWh5vHeQgnFDR8u_WJZMoqDSgvHjA8sSh_YHYfBvnJm_s-WujYFTIsbURtVpnNcVYeywiuMOuiPAg-2G8EE4pWqfQiWzWyWfoxMY_JN31v0CvgaxtWWwHlVBimJTozjiFVW9hN52-ZgIQ5IaRn9LkI6Ko
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 31 Mar 2023 19:32:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E312 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 31 Mar 2023 19:32:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E312 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CYvgqOrttN5o7pBjJjkPHiKtqNsDnz2nYQ8zpjUr0bwCvfctnegPLo_txvmSPejzHrVJlZq5uwh6vA8XAPpPWIKNJvqexs4ZpsRn71OuokpMheVQw
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E312 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17768528975492364843&x=1&ct=77
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame E312 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=203336&plc=7224804&sid=18330&dvregion=0&unit=300x250
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 19:32:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 10:59:51 GMT
Server
Microsoft-IIS/10.0
ETag
"2d4a10aae224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame E312 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 17:42:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
6556
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Apr 2023 17:42:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame E312 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 22:31:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
75672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8268
x-xss-protection
0
server
cafe
etag
8048349561987089234
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Apr 2023 22:31:02 GMT
l
www.google.com/ads/measurement/ Frame E312 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxiJF-Q3w6KAaMhmz8B9Q4DUEVXbeq1o2WX2rn55-4K2knX7_NuZuBvGOsr7sXTd7-7y7PXIK4C_KcDzWktrsMydU-YA
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E312 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49585
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1680090252828925"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 Mar 2023 19:32:14 GMT
increment
id5-sync.com/api/esp/ 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 31 Mar 2023 19:32:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e51aa8cd13e23afed62d2b0c3ed5581d59b92f4f76415b50a63bfa7a32696fcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:15 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-kQETzU1FzHCKnLEWNqCSa5RAF1Y"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 31 Mar 2023 19:32:15 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.mlive.com
location
/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rum
dsum-sec.casalemedia.com/ Frame 6128
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGMCumuIBMAE&v=APEucNXz2Z_mJUJf3JvmTO8HYp02y0Yf5DBnF_jqhv2CIMxRwNjTVdPXCtlH_sY06krMRxZRFkDnFxLscsHGImHy82eWDEpODzKc27nxW4yjorXy1sKwWc7ec5N6u8PxZrDQRFGmaxLARxUgRYYpiKO3GyeG6YHWkYNMcvPJ5XIh_i8y1HqItVBsC_VTj7a8mE6qltAQlqX1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6128
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZCc1P6clTk8FAfVMrMP3WQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGMCumuIBMAE&v=APEucNXz2Z_mJUJf3JvmTO8HYp02y0Yf5DBnF_jqhv2CIMxRwNjTVdPXCtlH_sY06krMRxZRFkDnFxLscsHGImHy82eWDEpODzKc27nxW4yjorXy1sKwWc7ec5N6u8PxZrDQRFGmaxLARxUgRYYpiKO3GyeG6YHWkYNMcvPJ5XIh_i8y1HqItVBsC_VTj7a8mE6qltAQlqX1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 6128
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBF9uQcKV4CsrFgH18X-OMk&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBF9uQcKV4CsrFgH18X-OMk%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBF9uQcKV4CsrFgH18X-OMk%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGMCumuIBMAE&v=APEucNXz2Z_mJUJf3JvmTO8HYp02y0Yf5DBnF_jqhv2CIMxRwNjTVdPXCtlH_sY06krMRxZRFkDnFxLscsHGImHy82eWDEpODzKc27nxW4yjorXy1sKwWc7ec5N6u8PxZrDQRFGmaxLARxUgRYYpiKO3GyeG6YHWkYNMcvPJ5XIh_i8y1HqItVBsC_VTj7a8mE6qltAQlqX1
Protocol
HTTP/1.1
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
AN-X-Request-Uuid
625c525c-5d6b-4830-a388-8d29f6d57913
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
AN-X-Request-Uuid
aec78d4b-511c-4b7d-b854-417ef314af90
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBF9uQcKV4CsrFgH18X-OMk%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6128
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxNzYxMzI0OTMzMTYzMTU2NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxNzYxMzI0OTMzMTYzMTU2NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGMCumuIBMAE&v=APEucNXz2Z_mJUJf3JvmTO8HYp02y0Yf5DBnF_jqhv2CIMxRwNjTVdPXCtlH_sY06krMRxZRFkDnFxLscsHGImHy82eWDEpODzKc27nxW4yjorXy1sKwWc7ec5N6u8PxZrDQRFGmaxLARxUgRYYpiKO3GyeG6YHWkYNMcvPJ5XIh_i8y1HqItVBsC_VTj7a8mE6qltAQlqX1
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 31 Mar 2023 19:32:15 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e89903a1-395a-48e1-8dca-5389846e6d7f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQxNzYxMzI0OTMzMTYzMTU2NA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7531
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGMCumuIBMAE&v=APEucNXJhEo3V6L_uxNIXx7N-iZj22K7almfg5F5TdZJdyQbb6yyZOZeXoGiL1fEJYyy3_yM01aMcCE213gzZrkh97gLzXI1Q3CdhVI6_qjYJFdizAT-FennXgAuHrW4sDaWoTdjujQu35QP5OevoSyl2UrpZgb8ckzcyep6KR0K3BgBn7v2RIIWauQiSZ6-ufMNOt85RklW
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7531
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZCc1P6clTk8FAfVMrMP3WQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGMCumuIBMAE&v=APEucNXJhEo3V6L_uxNIXx7N-iZj22K7almfg5F5TdZJdyQbb6yyZOZeXoGiL1fEJYyy3_yM01aMcCE213gzZrkh97gLzXI1Q3CdhVI6_qjYJFdizAT-FennXgAuHrW4sDaWoTdjujQu35QP5OevoSyl2UrpZgb8ckzcyep6KR0K3BgBn7v2RIIWauQiSZ6-ufMNOt85RklW
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 7531
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBF9uQcKV4CsrFgH18X-OMk&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBF9uQcKV4CsrFgH18X-OMk%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBF9uQcKV4CsrFgH18X-OMk%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGMCumuIBMAE&v=APEucNXJhEo3V6L_uxNIXx7N-iZj22K7almfg5F5TdZJdyQbb6yyZOZeXoGiL1fEJYyy3_yM01aMcCE213gzZrkh97gLzXI1Q3CdhVI6_qjYJFdizAT-FennXgAuHrW4sDaWoTdjujQu35QP5OevoSyl2UrpZgb8ckzcyep6KR0K3BgBn7v2RIIWauQiSZ6-ufMNOt85RklW
Protocol
HTTP/1.1
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
AN-X-Request-Uuid
1c801e1c-12b6-4723-8d81-7eeb9b7eeaa3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
AN-X-Request-Uuid
2ff35cf8-dfa6-4e5f-b927-ed8fda147eca
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBF9uQcKV4CsrFgH18X-OMk%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7531
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQzMzI4NDk1NjY2MTE3ODg1NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQzMzI4NDk1NjY2MTE3ODg1NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGMCumuIBMAE&v=APEucNXJhEo3V6L_uxNIXx7N-iZj22K7almfg5F5TdZJdyQbb6yyZOZeXoGiL1fEJYyy3_yM01aMcCE213gzZrkh97gLzXI1Q3CdhVI6_qjYJFdizAT-FennXgAuHrW4sDaWoTdjujQu35QP5OevoSyl2UrpZgb8ckzcyep6KR0K3BgBn7v2RIIWauQiSZ6-ufMNOt85RklW
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 31 Mar 2023 19:32:15 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
87651ed5-e7ac-443f-ae00-03c01eea7089
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQzMzI4NDk1NjY2MTE3ODg1NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F130
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGMCumuIBMAE&v=APEucNW3GMciysCL3uhEgixXdUT9e1Lm-uOs5PMFyHbsw6ux2gfVWh5vHeQgnFDR8u_WJZMoqDSgvHjA8sSh_YHYfBvnJm_s-WujYFTIsbURtVpnNcVYeywiuMOuiPAg-2G8EE4pWqfQiWzWyWfoxMY_JN31v0CvgaxtWWwHlVBimJTozjiFVW9hN52-ZgIQ5IaRn9LkI6Ko
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F130
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZCc1P6clTk8FAfVMrMP3WQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGMCumuIBMAE&v=APEucNW3GMciysCL3uhEgixXdUT9e1Lm-uOs5PMFyHbsw6ux2gfVWh5vHeQgnFDR8u_WJZMoqDSgvHjA8sSh_YHYfBvnJm_s-WujYFTIsbURtVpnNcVYeywiuMOuiPAg-2G8EE4pWqfQiWzWyWfoxMY_JN31v0CvgaxtWWwHlVBimJTozjiFVW9hN52-ZgIQ5IaRn9LkI6Ko
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA8zfx5wIEoM4s38Dein8HA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame F130
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBF9uQcKV4CsrFgH18X-OMk&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBF9uQcKV4CsrFgH18X-OMk%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBF9uQcKV4CsrFgH18X-OMk%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGMCumuIBMAE&v=APEucNW3GMciysCL3uhEgixXdUT9e1Lm-uOs5PMFyHbsw6ux2gfVWh5vHeQgnFDR8u_WJZMoqDSgvHjA8sSh_YHYfBvnJm_s-WujYFTIsbURtVpnNcVYeywiuMOuiPAg-2G8EE4pWqfQiWzWyWfoxMY_JN31v0CvgaxtWWwHlVBimJTozjiFVW9hN52-ZgIQ5IaRn9LkI6Ko
Protocol
HTTP/1.1
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
AN-X-Request-Uuid
4a3c5308-93f3-4fe3-939e-06f1bc1c9792
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
AN-X-Request-Uuid
ba987765-a65d-49fe-801a-da227c407f79
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBF9uQcKV4CsrFgH18X-OMk%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F130
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxNDIxOTQ5MTQ2NzYzMDE5OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxNDIxOTQ5MTQ2NzYzMDE5OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGMCumuIBMAE&v=APEucNW3GMciysCL3uhEgixXdUT9e1Lm-uOs5PMFyHbsw6ux2gfVWh5vHeQgnFDR8u_WJZMoqDSgvHjA8sSh_YHYfBvnJm_s-WujYFTIsbURtVpnNcVYeywiuMOuiPAg-2G8EE4pWqfQiWzWyWfoxMY_JN31v0CvgaxtWWwHlVBimJTozjiFVW9hN52-ZgIQ5IaRn9LkI6Ko
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 31 Mar 2023 19:32:15 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0dd14041-7568-4a47-945c-27a0f2a1d7c9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcxNDIxOTQ5MTQ2NzYzMDE5OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E727 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9245718476231&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E727 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9245718476231&version=m202301230201&ct=77&x=1&cor=9663790554388611000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E727 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cd72LrksiHidN08qQdkuaq-roR68hADx6diH37bqlmyLe9URvEU7hGiCFxHPO_4yqdaHSJIpqO-_oM6YkUObKSjqIhzensJc4lpZ2j4k_vi3cUMsu6utQFea65W_laMJHHLXOiLyVHdPtRHYiKmcAEJDd2EaWK8cIMsbLWkYKt_JMrAbA&cry=1&dbm_d=AKAmf-AqgaYmcNNTT3J2ScG0Ufh2xqsx6rzUdeSl3fl6-YyO-R_omE-wpu_XgPLiYIVPxbvRZaaMFAEzBbSFZXg2L0ScJ0E8sbFyyRw4T3UzeZq9hG1oI49W_VepiZ1eEFpr3e6mlzpJtIFTNwuGI5FHSx55HNbVBY7VyIeHxfL26H8vH2ab1_aDrIaicmmzTQ6WZpB9nmNkS-17TsKyyw9wSyu5lXyDFlo0Z3ZYzrC0MCuR7wyEw-sqEb7CByeyCqbTpwdkAczV9ekNUy2ciQkZYWixGfWfwCw7l5tKA-RI-XeuPvz-8tG-UlRNL0R8P5SgAgLwkLRnA2d3S__MIUmj52PGXJ18llnEjBMLWcSEizWiYEpEFKGFUlbdTYJhzMULx6wBTb7Bm-x1qOw9GdtzoH9Oe0DXXaKbnWKPpxC71L2itjRQQiro6wf0nM2ehBwhDxSJDaPYP4a7ucqnO2XcfUpgjVG2YHxPzX4HyY2Ohqvz_rfeLECBkZOkYIRjIr-1JJHHCN-FnWcuLf4mkxg_BWbSvdFMuMPgvfFmGIufOGUu-QeaWQGwbU6S7fxvkxoYB7mtctulgbsMPmSjM2nx0J7zrnZyUmgorlZzJceWMF4pBX5AwLC6jCBCbLdmXbG81-OdDFEhig-l8p4XIR1czqggm3kVChKr2yRJLTQty1mfhw5PGeY_UvYOMapxHVMaibafpP3L3pxEQQKTotfKfZ601-ZjApvBx_YO4rGnd3g183WSuUD0lU6X1deP0O8O_Ps7MQj7-dOxH8jwRoSEtx5kfqwJEt1hXFJT6yGn67DYaKl9L2623C7A9LvEGB2m6XhuoPbMCP3y6daHb1AppDiz3GCrUAFMlR-WVsWTDoJNsFXP90YKoXvfXQHfx8q7tRXryGpxHQsost8kqiirw8_pVUzTDQed81y5YSitGh0X3hJhvggK0xMmkiN6ncR4eGyoArQNkq14izevF8_edztwwYBYhkUZLyKhOqDOUAPoHfdZlF8-SnBSXKiSnkje9wOI6OKJc1hLWbhIQ2wQIJ58LEdQlT9bPxwj9_XEM6UqekErHOR2c1H9fBDtf_-T1g0cYDHFqjUzU8KPbrUU673nE9VBLF1GogGdCDeCTmMPz14bb295GqGsqi2wyBcZ_JzWbhKaJVn3ts8CBo22NocNPYKaO8XLZM2CcwqMJ38Nl3rUCt4zdA5154TyW5iP9kdJo25m78JCjGwZWSz8dH8QxF-v-M2AF6DdfsvAbSm5hMy0WUzWOLa08GXZWrwsQmbOMlZ5bD6sm0NlJ_X0ERHrO6mE4dXRqVnIDigY4chkOU886AuV63e7zNL2sm9EzzqLejmjKMMqjl0PwmxmGjvbFfnCxvUrvnzD2NTc8uaSmul0gIdHazT_6T0SOpjPvuvvBg2fffwWZqq_37_yA0KKigpKX6PYF6lJdTH87Y9Z3p0OJth8-CrwiOfragLjEJmg4JgW5q4TRiNuXMtVR5ctkxVK-4HvYW3QNhsMML9fJbIJnoTLAKEeT2_s6wT56f4zIYG0du8xV3wcYw3EaVp3jA_DwGGPuRNG_KOulORrgUh5UGGLLGc56VZFeDwKqiziAQGrJ6pq8cG5KNxEzxvwjMT99aDE-1_KaqWzSz8OCmYWpzp9io7M1MYU2NrQxM5mKxdUbfaOtdx4oPJlbyvsOuCXeQ6bTTErSIhjkOnXxnpplwsgf7YBDZIQKyqfA86uex76dxAAMm6L9gjkEWhx91UpObZQANnFzN2H6pk1K4ojFNqOZty4N7iyou55G28PVXrPEzxuSuRIYdh8suj9Z9rgxwxu9aTh91cF3BC2Jfr8CKyPOag1LCXi0KS6pDKqOS1hw81Nox1lVVUSvycrfk0PoqAz2DijQbtPFBX9Rx18Rs67wjWryUg0EHgu3rh_IthK7iTSYD_6zGcqPZa2g7M6bBDFk76cOjbahLMvZhAMj8WaIKWFWcenB21rLvwVb8rpMYUBoC2nNmFX1KGInWe6zPIGT24EpHkn6hCmPxU-gFiGU3KHPuYkEfDNgX2oGoSFLN3sY89eEVtBfjKZ3RTmc8q-LdYonTg3f-XnV_Dsukm_4y4rqZEBUqm_y82MAR9l6MgX_eVYxDE4iOS13rUdEoIs80FY5pXsXcfuOr1jPTQzDpy16Jvawv_YKYsFdA31MgVtBHbPZwiX_Q8-1Eajy211l8lcCZxR3PBRLpleA8ItY9-mdCMmJHkZrqJQ_Lgb8XflHmlM9vDkjwS-G-F8VOHCjN86yeFLGO-pFYsNLMWcUDYxhCxZTTlCv79i1t23PPNVgysnAmS_HdEjIw18VA6BwvBJe0hOh_AOH3nMjgMlgxwdtmBJdYDM-IHY7WYNBT4hweisqh-AXpHArOeyyMBK8IRWinTd0X9T-wquIOsF4cA-S7qf3ccBBMmE3G65Wi_bFKvzh1kyLVBsivjfys0n6Iik4o9oyH8-q4jIp1PwSYFc2nFzALf9bK9olpve6Sim-faO4lriceuiJOqcj12t4c0yS5_d5IjGRfOIMN4Lsg_FJqRKmgwnij6m2dv4GjyQKJuFVxxw_rmFeM8Rfn5Si3HSGJ41U5BkRUbLMwUy5d4DkL3EUZUA0pWowXYyRyhEYn6UrpNcameZWsJ7PL1sv0g8d-aIODxnS86F8sUGtZJuDoFOzmFvTis477I8FHiXc9rkAouR2pY8yhbdoBYt-y1n6XbZU12hMRypAnZfWaM6EoLMDiX0xzixrYDrFyJtGQJ-a3Wr1U3T5rASIYonr_UDlZK4SppOYT2SPyM0ZNbkGsMhNK1WXkuGLw73DhmOOU-aXvEzmjI9NQ26Y_831ZJ9WxQY5LVPyXNV9yG9jslva7-IuONjIt_wS0HgEH2a7T3NmcFSh-H2n-IXoBPNuxrxoH0agpYiFnEQTA1NXwt0EQ9wM6914evyR5KiZN4isnQSmxGb8IYe2iIZU57soAV1FccR7xkEyjUeIwGZK4oNHnCNgnmyoxBQ_cYA74n0A0YL4wN3eAFyZFquygkuvOFJHFd-wGdJ45Pgz7En_m88hILaFlFpXP3sbIcFllRo4TbwLK_mFNS98z8wpJqilZ5tcpgx9hyRkr9Vge6FcpdSItgCaLgSDSMo8XhkCMWhSiTZVwHnw-kP6I50jBMd0veOlbj_s2QZMhoCt3phUvTuXDFzyu9fDSzV8EkMV7fqHSNeKcyoLDHxAj0jwY8gnxO2NP_NsdQJCOh4ql4YTK8ZoMLdZ0g2va9nvWj0_nglcyrKd9fBrvxeGm6_peG0XUX0f4RylTGtxENDo2v_dsLXycofkIxEOAjEshlYqO7jXjUZcOMTJU3tnK84bwJfd2Y_Qti3JPHgcSPs8O0GPIRgP_ADxuRZidLVE_-r&cid=CAQSOwDUE5ymiSHrEWHzpE-9nV5GdJsTM56f_aXk6hTp0Vg28QEEl_72My3j2glbYz1k6V5jNQ2W5OW-y86-GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=9663790554388611000&adk=2857193498&idt=82&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3664982f4d8ec6bd35f3206ecdc82148af7df2a06acde0526bbde92f10ab92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202303270101&jk=1641706683976984&bg=!NzSlNGDNAAbEgrg45II7ADkAdvg8WmDZ9PDfsBGrB0MOmbcizPaO3cPRTOqlm9aKi0QMzbV0uuz6hP7Aqa4Sh0bfFlg0hSDfBvQCAAAASVIAAAADaAEHCgBWB3JyxyqnbKItRjXHWRyAegMCs9HyONseiy8x3TZsnDjjxcRCV3Zl2tI97GiQR05gOiYXYY07CHd_yzAoGmz4wcACq1Z52sjXs2aUCsyfm7ZiXlxqjHeZAqilSXkEAjCM2TycWcV_Hj1MmAVB3gtgdBSplP0UPyJ5P57G8Hf7adpG2NlHptFWeew1KL4iNpmLJDYeMtmuD75KZc5eiABwjPKtaDX8hB33KcYC6uP1CerUUYomEqHeCgPvsCycOPe0GhYuvR6Eiv114b-oQIcy_4USae5yQXe0wRKQV0qL1Ql3pozqwHnMQc52iE0QJ0sCU-SexseNzUXCktoTfpGbcVMRFphAS2X662Z80vzru9p1TvFQq32lfIOuSPRUXEoP0_oYOcye4h7pyZYywTwUXGZzZbxFmHTY5HO6xI8b25FePpwt6jJAcQ4NNvqRRcqCl6PXuBBa5nzv8YfcVX_OY_oj1WubrNngApwJJ7kuN0zzxaiRpn2-m8nVCMcOFeEz_msZIWXD6Bfqo-kEOOH9KrgoXhNDJtdv7Fi9HwTPNZNNLEoQo91s80QKQG7BzPYvfVfCPXB9PAdOOcBoP3wg9BRan0CZtSw7ZJ-r9pcOdg9Z_O10O_29kvwYGNGRcvuiDdkMiygyPx7lmIYBUREq3yTsj6uh0kLpws7Ue0bmol-Jvlb8XBf9g7WMGFn89D72g_PZqd7EPxBc7pjo-CdR5on7AOO_1Fluk2sPmDhse3P5I48ABShH3Nt6cWyMEjTDmy9SiwqJ7GOGGS7qf4gq4ruuxaO5cAZDEbwu3j_BZw4O5p1IDS6I0sIFYhyE0HKJsUOSvobRrZvxrC7WZx10hqRVxwT-iL4SEEyki-uOg-yZIn6TqImC0Z_Qdo0clWjyGT1Zxo1OALmC_O5ui_OcT6bZZjW5Cceg4zQRcbGc-wnjp3dE9Zg0b8BIpTxzV4OycwKHfYJLgg7-HLsojvAv-4AsxTHuO7fPV76UECYpJkABfBv7Xbfd6GwEFEpNdgoClQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E727 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cd72LrksiHidN08qQdkuaq-roR68hADx6diH37bqlmyLe9URvEU7hGiCFxHPO_4yqdaHSJIpqO-_oM6YkUObKSjqIhzensJc4lpZ2j4k_vi3cUMsu6utQFea65W_laMJHHLXOiLyVHdPtRHYiKmcAEJDd2EaWK8cIMsbLWkYKt_JMrAbA&cry=1&dbm_d=AKAmf-AqgaYmcNNTT3J2ScG0Ufh2xqsx6rzUdeSl3fl6-YyO-R_omE-wpu_XgPLiYIVPxbvRZaaMFAEzBbSFZXg2L0ScJ0E8sbFyyRw4T3UzeZq9hG1oI49W_VepiZ1eEFpr3e6mlzpJtIFTNwuGI5FHSx55HNbVBY7VyIeHxfL26H8vH2ab1_aDrIaicmmzTQ6WZpB9nmNkS-17TsKyyw9wSyu5lXyDFlo0Z3ZYzrC0MCuR7wyEw-sqEb7CByeyCqbTpwdkAczV9ekNUy2ciQkZYWixGfWfwCw7l5tKA-RI-XeuPvz-8tG-UlRNL0R8P5SgAgLwkLRnA2d3S__MIUmj52PGXJ18llnEjBMLWcSEizWiYEpEFKGFUlbdTYJhzMULx6wBTb7Bm-x1qOw9GdtzoH9Oe0DXXaKbnWKPpxC71L2itjRQQiro6wf0nM2ehBwhDxSJDaPYP4a7ucqnO2XcfUpgjVG2YHxPzX4HyY2Ohqvz_rfeLECBkZOkYIRjIr-1JJHHCN-FnWcuLf4mkxg_BWbSvdFMuMPgvfFmGIufOGUu-QeaWQGwbU6S7fxvkxoYB7mtctulgbsMPmSjM2nx0J7zrnZyUmgorlZzJceWMF4pBX5AwLC6jCBCbLdmXbG81-OdDFEhig-l8p4XIR1czqggm3kVChKr2yRJLTQty1mfhw5PGeY_UvYOMapxHVMaibafpP3L3pxEQQKTotfKfZ601-ZjApvBx_YO4rGnd3g183WSuUD0lU6X1deP0O8O_Ps7MQj7-dOxH8jwRoSEtx5kfqwJEt1hXFJT6yGn67DYaKl9L2623C7A9LvEGB2m6XhuoPbMCP3y6daHb1AppDiz3GCrUAFMlR-WVsWTDoJNsFXP90YKoXvfXQHfx8q7tRXryGpxHQsost8kqiirw8_pVUzTDQed81y5YSitGh0X3hJhvggK0xMmkiN6ncR4eGyoArQNkq14izevF8_edztwwYBYhkUZLyKhOqDOUAPoHfdZlF8-SnBSXKiSnkje9wOI6OKJc1hLWbhIQ2wQIJ58LEdQlT9bPxwj9_XEM6UqekErHOR2c1H9fBDtf_-T1g0cYDHFqjUzU8KPbrUU673nE9VBLF1GogGdCDeCTmMPz14bb295GqGsqi2wyBcZ_JzWbhKaJVn3ts8CBo22NocNPYKaO8XLZM2CcwqMJ38Nl3rUCt4zdA5154TyW5iP9kdJo25m78JCjGwZWSz8dH8QxF-v-M2AF6DdfsvAbSm5hMy0WUzWOLa08GXZWrwsQmbOMlZ5bD6sm0NlJ_X0ERHrO6mE4dXRqVnIDigY4chkOU886AuV63e7zNL2sm9EzzqLejmjKMMqjl0PwmxmGjvbFfnCxvUrvnzD2NTc8uaSmul0gIdHazT_6T0SOpjPvuvvBg2fffwWZqq_37_yA0KKigpKX6PYF6lJdTH87Y9Z3p0OJth8-CrwiOfragLjEJmg4JgW5q4TRiNuXMtVR5ctkxVK-4HvYW3QNhsMML9fJbIJnoTLAKEeT2_s6wT56f4zIYG0du8xV3wcYw3EaVp3jA_DwGGPuRNG_KOulORrgUh5UGGLLGc56VZFeDwKqiziAQGrJ6pq8cG5KNxEzxvwjMT99aDE-1_KaqWzSz8OCmYWpzp9io7M1MYU2NrQxM5mKxdUbfaOtdx4oPJlbyvsOuCXeQ6bTTErSIhjkOnXxnpplwsgf7YBDZIQKyqfA86uex76dxAAMm6L9gjkEWhx91UpObZQANnFzN2H6pk1K4ojFNqOZty4N7iyou55G28PVXrPEzxuSuRIYdh8suj9Z9rgxwxu9aTh91cF3BC2Jfr8CKyPOag1LCXi0KS6pDKqOS1hw81Nox1lVVUSvycrfk0PoqAz2DijQbtPFBX9Rx18Rs67wjWryUg0EHgu3rh_IthK7iTSYD_6zGcqPZa2g7M6bBDFk76cOjbahLMvZhAMj8WaIKWFWcenB21rLvwVb8rpMYUBoC2nNmFX1KGInWe6zPIGT24EpHkn6hCmPxU-gFiGU3KHPuYkEfDNgX2oGoSFLN3sY89eEVtBfjKZ3RTmc8q-LdYonTg3f-XnV_Dsukm_4y4rqZEBUqm_y82MAR9l6MgX_eVYxDE4iOS13rUdEoIs80FY5pXsXcfuOr1jPTQzDpy16Jvawv_YKYsFdA31MgVtBHbPZwiX_Q8-1Eajy211l8lcCZxR3PBRLpleA8ItY9-mdCMmJHkZrqJQ_Lgb8XflHmlM9vDkjwS-G-F8VOHCjN86yeFLGO-pFYsNLMWcUDYxhCxZTTlCv79i1t23PPNVgysnAmS_HdEjIw18VA6BwvBJe0hOh_AOH3nMjgMlgxwdtmBJdYDM-IHY7WYNBT4hweisqh-AXpHArOeyyMBK8IRWinTd0X9T-wquIOsF4cA-S7qf3ccBBMmE3G65Wi_bFKvzh1kyLVBsivjfys0n6Iik4o9oyH8-q4jIp1PwSYFc2nFzALf9bK9olpve6Sim-faO4lriceuiJOqcj12t4c0yS5_d5IjGRfOIMN4Lsg_FJqRKmgwnij6m2dv4GjyQKJuFVxxw_rmFeM8Rfn5Si3HSGJ41U5BkRUbLMwUy5d4DkL3EUZUA0pWowXYyRyhEYn6UrpNcameZWsJ7PL1sv0g8d-aIODxnS86F8sUGtZJuDoFOzmFvTis477I8FHiXc9rkAouR2pY8yhbdoBYt-y1n6XbZU12hMRypAnZfWaM6EoLMDiX0xzixrYDrFyJtGQJ-a3Wr1U3T5rASIYonr_UDlZK4SppOYT2SPyM0ZNbkGsMhNK1WXkuGLw73DhmOOU-aXvEzmjI9NQ26Y_831ZJ9WxQY5LVPyXNV9yG9jslva7-IuONjIt_wS0HgEH2a7T3NmcFSh-H2n-IXoBPNuxrxoH0agpYiFnEQTA1NXwt0EQ9wM6914evyR5KiZN4isnQSmxGb8IYe2iIZU57soAV1FccR7xkEyjUeIwGZK4oNHnCNgnmyoxBQ_cYA74n0A0YL4wN3eAFyZFquygkuvOFJHFd-wGdJ45Pgz7En_m88hILaFlFpXP3sbIcFllRo4TbwLK_mFNS98z8wpJqilZ5tcpgx9hyRkr9Vge6FcpdSItgCaLgSDSMo8XhkCMWhSiTZVwHnw-kP6I50jBMd0veOlbj_s2QZMhoCt3phUvTuXDFzyu9fDSzV8EkMV7fqHSNeKcyoLDHxAj0jwY8gnxO2NP_NsdQJCOh4ql4YTK8ZoMLdZ0g2va9nvWj0_nglcyrKd9fBrvxeGm6_peG0XUX0f4RylTGtxENDo2v_dsLXycofkIxEOAjEshlYqO7jXjUZcOMTJU3tnK84bwJfd2Y_Qti3JPHgcSPs8O0GPIRgP_ADxuRZidLVE_-r&cid=CAQSOwDUE5ymiSHrEWHzpE-9nV5GdJsTM56f_aXk6hTp0Vg28QEEl_72My3j2glbYz1k6V5jNQ2W5OW-y86-GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=9663790554388611000&adk=2857193498&idt=82&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 09:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Mar 2024 09:36:46 GMT
dvbs_src_internal117.js
cdn.doubleverify.com/ Frame E727 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=203336&plc=7224804&sid=18330&dvregion=0&unit=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 19:32:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 11:00:18 GMT
Server
Microsoft-IIS/10.0
ETag
"0cda5b9e224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18840
gen_204
pagead2.googlesyndication.com/pagead/ Frame CD8A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2843318417040&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CD8A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2843318417040&version=m202301230201&ct=77&x=1&cor=12602446092971920000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame CD8A 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CiIbZ0KUErBJZ3KZLvg90r2QsJ8RoQZyaXOK41R3W2dkF5JoxwyB_0tKHYzjk81mP7WzmjcbDX7_QMIq_Cqh5Y11QMdW7kngpyArutVrUJD5i9u2h6J4cRvTgHwXS2T79gUQYOYUJF3lb_jd_rafooVY9n10_3_aBP5p-f14NvA4JdiPo&cry=1&dbm_d=AKAmf-A16x8GoSa1FF6dFXMXATXuXu04s5ESmQ-962U3Owb8hoETl_f5xMt8yRFs9lUL3Eq3pgQ6OKQ2lAcyVfYBJ1fYe-x6JKZoNGBPhDaLLYCh23pePIboi3t5OUScFXFHzx79o2wpowg8Fu6B7LowXhMmMmH4zuioXsJnTbvzk1XjazeYSskd4r3ZM3W1-ccX8_4QmCigCoZP8Xi3UswgMRma_yntMVnVuLL7N98mcVDEUPy_hFbTPmADNy6sklLYCIvK3_3OrAm8y4y9LEhoU-PCe58XkG8esjcOiuX73IXtZPSPipNMapRAvRh61IkCilwTkI5sY-mn7cnUgYsHWXlBQw-8cuNtOWuhY8FxxIey6GW-CNP9-UglBUGI1ZlOge48jBXQx-Rd08cgjIoPfs90gjo4OP8b9n751ujdYDRKez8LMK_SISBY_Vg2f2qCDIzJ7FiCVOhS44j2gkxqiowypInfHmiQfzbk-zylmojjUEAXas_Om1A4cRCKHuNBM5RclucDEcY59JHLubkcml0kiU9HF0CwOKd2Yo2c2cf3SMSITNnGt_DEAvvt_FKSHvrwgF-nyJph4J-ePx3r7fL8YSSoPUyT2sPUtETWVUyNN7mRxBQjgOdiD0CL79vJ58t6D9Y3WHcKlTZ52PmVdKG-D-dnmnYrw4gzUJSXUJRYglsJP6ZYQsPEKrFATtKDJdOCnmurTxH5bQ2kr1nIvqqv3e3R__GdjfcYhh7rCZisZtMYGyHf9EuxxTDe-UOYrdZKmM3_XPhgwrVrJwi0TaG2qCgvWJLt4lWYvabwmRfLLW798FYBO-vWuSOnSkW5796_QKIly4iUDFAkLKHLJ0n3OS5GT8ud0uQgN4xIm6MO5gpg58vph0KaJeUKnqfmr3fkkL9BXhaBodnzUqEqOIUnLtBuXAam4KKwueR9Wb-jthUL4WnYFd4kyykC7qA005VKUyO6sLZehHDnM7MJ3i2mVDlD6lAQflwG1XoTHsPThdJJVh_5CMvZbuq2y7nAPRA9vL78gXG0tp1rEGHM2PxOYc0UmEZyEZp5TkwlCrZxlKdyKgUmQ_vNymWl_KkaDRbiRZw4RWQpBIyCyrYlA13cyBZsATc-0dnHyKxIR3BdMpJRa_cVKvqHjR2BZFMx478iHNAONs28xb5pHoEVvBetGVBA-2XQupj3X_VM0SXH0XCAse0cKIMfo8xoPj0dnYbx01BPeX7Arxxy_yJz4HRDOplWxMMORqD6b09FFwjurJTLwebgRPkTt_4lsyl7KNuzBm2IjIKDwOhr5xOyVUKinywmVK1Wk2EXm5YRQcA3frz9WpdnbUmfkP9gCJwo9pHCdQKQN7M-4zL54LuwHbzTXOqQOucr2T85Lf1Qbuq-bHOBrZlx1ho_yMJnu_ERMrChdtmDG1hVzoQFCbGqPHpGofEf7mSvq3i0VPNXXzjQKhVggRyDy-us2z7ZOLbgVjmoFiY3s64sFXQ0mQ5hgU2GE6h0vBYhF3a4QorS3zecfAZmjDn7hNL-UL-GPYjarwXCFnSyJXpRColJIftJMYmmicrvCnz-RYoJjMimib_wZNPt04_uf56EN2Ttjn7dDsy3prPbJsX8lJKffjW8HcjGnNbHqVM57k8XZQ0CZIuH2kOcNQHHURyDO3MiIEkFpEyS207Ufrlv04M1Cupp8dMhr9tA34rL-F0wqrBnN2bt8MPeF1AwWPrheaKd2OVgy56wP8-mSxl-v309pa5N_J075Ux1bLCuOKDm_4TYf6pr-dSSKPtyaFzVftwQFqjdRp1wzXIApTnN_1phEIEIJW1ujvIE6o9zrfYMsh4_vcc8Ljq3j0oGCHRNDW8cD-oPoQ-st0bkC2lB74jID6l_9I4XtT2AV5mV5kz7OZDKuTiDTAObk6xwnHj1dNmquM6jCFY1i57OzqIWM9IauNfO6KS48WSvuRpEOgju2EeCNulOhjEv6FwWN-QL_tTMlF3Og64aN7mubrRwCfPFTMPcskZYp0fE4gWjhQVBuZxcVrkOiJ6yYi5lsqw_TLcJmmtdgl4058F5OkM-b-3EwvP5M2EVandDKcJylAc21OuhhL0M9dVYpamR726_mo8TNYPArMOd0gHSrtbczwyKTVk5MPii12RVJoGtsr_ix8nGKqjNkiZym02YLy-h5i7e54ZLQwls3Lxl3JL0-_zzWDmL40u_uZ7iI0N49ZjDofnFreqBkRROlVPgeNQpmf_TvtxSLe5xu1RWtMf9dDUx4DiTqaadldw_dniOW3IGP3dGCqpAVJcNdh4mWId3XXNwcLMtXsx-Evu7_DMA8pxETlMZyKew1o_I13foPWDEGX0LZzOD_edBNIHDpoS5nFDCMXSTQYWIwjHFdkn1LCv55AmXA4xIne1qtlStjzX28ooxVKVSopDkE3TgKVKSYZYi23Iuj6l1iwqHrO8Ie2mUv0myh-FfdSANtLTz8wcyszE8TmJkDJYwxemd8cPqqTNNQwgfYHW_4J0-VA8KuJQd0YiPzc267MEKTH0bylrQPkmBYj1OOZRyvw3cK8Qw6jLZVB4v9QrzfvzTCCqmUqhaLbEolYHmXg1daUM3VQCTS1jJuK4UtQ6rCTU1UG1o4ntVwI6Yk0R2hxn-uEKMdVuZ_M13JmyKRA9rRUQfSCRGjvoMomr0UJ2cb0fLDqv1fczHxQYrgttkIkbPOsk94JgLMgrvkEgLHUGYiazzKvI9aOvN8nvbzTjB2901VexuTECka58SGjzzghbuqBsW1-tt2uY3BkysO7aHbL8vnpJ4PIAmHUD7gTiCjpJa_IUkIMApuA-qS-SmefrVNKkoQqDW_b3REzV8rHwapQ0XpTY1rcQrRMPywUd67mkUe2W4nAOSwurKvqi1OzGSJCDVcjdYA_ukxnWBi9CptGFRErLIXOP2hIKsUgnsCNhH4QSrEhaYoI_OFuZz5I4_A8bNyYrb0uUtJsmN5q3xQ6tAo_qa63qS7_GCI8_AHCw2JDPKd50Sn-8v_04s_WBIGAKWv0sE_43Fr_ZnDXeapvKRcxZWrrQi831IyfCw1rBgzmX9lFmeYV39H9x5WTRxAqE9U5FaKuhQRQ7vJRN1EhpsJbWZfKLZzNV5igE9mhnmHhOjV1DYEXnCf9mLwhk4MoVAWGSqbJTOKwRKxF8z1tUv1QvOz8JaTy-NgMduJGUAnbazX1fRqEg6-eCu4n-DtbpBEibM4pXo5ChxJIIOaTtKSp78a_AamCdtCTqYkPzLGLJ0uNn5Uj_zS5bgmllinYITkI-dXMDNlqZRWWQfWmjrzG_pxCN45iKADeeXXosovcltpo-jlpe5km3CNItWZ_QYzxNvTtTDDeumGhRO0hMZBmF2-mDZqRri87_C23swowl8hwvWCmGA4yibAaKd90GWJ2CaFsBbtRgdLFbNhg&cid=CAQSOwDUE5ymiSHrEWHzpE-9nV5GdJsTM56f_aXk6hTp0Vg28QEEl_72My3j2glbYz1k6V5jNQ2W5OW-y86-GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=12602446092971920000&adk=2857193498&rc=1&idt=161&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee7c59250fde3aab29c47f247575770d651c134a90cddb7d02ed8488a9edc8ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11446
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E312 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7472878079705&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E312 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7472878079705&version=m202301230201&ct=77&x=1&cor=17768528975492364000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E312 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BNC5qHDPhG_tnz2bMoSICCYYmaHtQ5n70vpUyGTJ5dNUOy0h8Ay2B7KGwHqtKtxZfIaXRLJ8T4Q6Q5MSNil3aAjnQiy6Nzn6HYu1Gd0b6QWuoaZGcXfWty9IIemeao8vyW9dFZHPeVoxb0xVc6E3XhMwaI1wtxhe5HPNeMDTnEsnWZU2k&cry=1&dbm_d=AKAmf-BuL6tdRMQgtIhzWR9V_uoFsUjCzRbMYF3S6KwvwwPnIQs52r0gmjyWc0H2o7VJNiPZj72U0nXpofq_Rcm1zK9zPz7JwIItK3Enp4OKR2tXTySMgroXeknZF55Hc69PIWbSGBdxZT-aGoIyK9y5jSUdcDv0OPi1-0HfsxsOpo4VccOI4MSY9zHrhhy7BhnryS1hnTJPHndQQHEHhAbHuqeVLe-_XiZE9_YDk5CtHyOk64hPhWtrk98In17IEnJayP_sSEmcrR1BAvIWUX38a3KMiLNL1EXARYgjvm103sn7MqTYLSxKH1bSyGOzREcfUvRycpBOn8lsdvfZkydP7VbZ6Rx1HpCd7RZXMej-EoILTWCbj0OJdChahCtCNBC8mXyp00kFBeEl3Js53vXKuXCDSRRQIPRW6zipZC4OJi6T9E5JZ6OWue2sWDkStnqKL1XKMDivscQVgCWuccaBWkwo6h_-gxIGEyDREcG1ylsPxLXL4ync0ewJx3vWrqNrJTMQSPUHw8PTZDhksb7eCSnTOrPyo9Bto0Jw_aWUBxhsLWtf2f5detuzaFE74wnkETfQ8rSlO3Jq5SMxFYhX-cbjm26LDfDoYITFGuox15A9xTOMUlJnIF7cdmTjrmpZJH3nHuQl_CNHVcMF3uZZ5ilvORVtqu_vxcjrZlQtpzvwzNcCr97Y0slLZrPcFfFBRn8zzF316whJehm_6Waefx_v5wCUEOt9nBF_ti8nyw2MMAQj02MVEGCxLMd4IqehmtMbogkF8x6kDycq2_UXv5jhppKQ82yoc-QLyR4GCxEkBf4JFYdkmenfguiCsa-awP3Xa4otReUKUEHxROXDykBb-R_Lt2w4qf9mvqlLLXXCEo95ogA7FYO2gXcakyOefpbx237nCuqJr0Zp2HSIrHXAQAw5hkqcjusBJUfUOm8W1ypNIlga2RWC0_GAo1JOmEsfPzJB6DYNLNqIXPyj6SvpGs7spDCLRMCzM7NaW0O6IOSbPUYgvx41_ZZvwlJ5mEduM_aMaTueQ8lBRPBQu23FVOSYLzuDXfwfzvmoISAzYhW8I2qJK1Way3VAEETJNiOqbHgz1Lh_B-6stqwrhLEKRf5LtrueZx-r57NN5Z83uL3nORuNCPevTZ3TyTEEnyiFXBcUxZp7e29NJg0rs_jBXHYc4vjgvhY-L0AqXRqlJGZ_XSguUo5ucTX7CzABL1h5HgEfKiidjPKo8DcMlsEP9TgsR_w1qB2T3MKPIOcWQfQA1TpRlsox0vJibKrn65fa1RVOTpJvzKudQ_aqk9R0wjF2kArLlMBk2J8_c6upMOfW5ILNvtpfNo4LqXqiSy4YN1CnU1IUZygi0CptOfLF748xiUpkU8_OX4ozO1Fw87s_DmNbbDh2IQXDdicIo2XBl03yriyMarWfUH7dW2qsvw3y5Utm_DUaDjo8Z-NC9iHDVFdKYszKr5uVkCwWjlID6YMqiB4yxMrBlr-0NvzVyJ6kvW4pQ86Ffu1R74sjAWyFgjLDoTOKs4MuNEex6IwInyJyYy8AN5eVpPH-HdF2vjeyOHk_pNKxEA6ORu-PTEd_fShgHn-A016FwRJqzVWnXgqgH_xZam39i-CMg6B8rzb-gRRJyZTSVD_5ORMq-1Zhf4GedBSJQIUNVjpIO9_zccyfodFjsJg0tcvjQk5Lo6BU60AH_umtfkuFD28b5LAZ1bJmXFBpTr8CB1fGN9bcdzmvw05Ql68wy8eUzSXdrSAoiE6ut3lm_F06csOj1fW3RMyfxWwVu_QVrVhtk6gtvLulM-BoruSvO9IvMGj4mdfkHduf0xBgidJludpn4in6kiSfXxxXGk5uxEKjQebRCWKqrBhp4seQKIFSUNwX_WqMUSaAnE0ZEQA4tjDrPccs0U5s_J9VYSU8ZK81i-612UCmdRz2ZaSgE85MqYGC7VIePKR0CQsRtyLH7n0FwL1yd_Cb-tJ9zZhCJN1A70b4PMChQSMcZCLj0tEdDC-Y1LM4Bd12nQuSf68Y5LsH6DZcOTNOiS1s8hUCc5fbPOtKUgPU87nud_p_DI0j-lHj4uj9BGswhLtXZHhJNJJngdKgw2pDIOhlp2COzqqI5Ffaq9LkUqZ5JXoKnyS3rqFSC4rSUjnTw1CNzhxGkCJK5X5ElUKs-Tl-r6-okdNiBCpDpD_dpwOkhWaJrTPywheyW71YoH2STzG4L0tSdjex8hG3HgdzRbieOLZG_h1t3BL0eBtfVTh4AVI9wwLCo_NzlDboo3PgPEnklDKUbubFZBrvdvvd_M41wHxQmuc0QXVyHxD100ASSkkncmCvS3QuLE6fAQ-TPrMw_x7vpKdS7Tr6BXdrrHT38VTejv78g43aVnmxiK6WMpUog-pM6QKibQM_ZQFqRwkjrKye2kvDRxIsfBnjUtWDymHyrOjQwBtNAdePskMWQjvGNy_cbwfGru7907CXJf5R5AQULR8yPHp3_YGtFCH9WxvL-QYgF2GI85-Nh2cRxezB_RvFtVTHOp5IvUbrGmswLvMr5xVQoTejDQt-Fz0AXXSz11cpOH9xMZBBEWfDcr4HPnQcjDHDnv9E0rwZgIUbEmEPWbhDnJNoAdtlf-vGL7wMlG9i8ilX9eY-BUbD39svuotZt0kqUzABz6Zpfhk8p6VpiGOMS3Lz1SSbZFuFwD7pat1d_AzDP3lXl85wjShremLEeuJohkttJIkxHsd99QBQco4xR4tiOzdflZ5nDreCAkwHxYZWt2A0lxSPmNpF_Kx9_ThpKLmdtIL7Jtpvy0RuPEZ4cHqp8ZxCx5PGxHZmr6RygONiVgTPG1LUrexybhmVn2fDungDGNnrSEU0GJgJNuEp7LlG2yrvhd9DGaYpBTZeVYrBpJjiYqkf08_xXO9g5p5HiCVC_s47_WHLAkjwszjZvqYSA00XSx8zzW68sTE2Ug5XMdUVRLqyOE_ZwwCHdlHIn9ZwBrZEIL3sVI6cGm1PtqFtEnxZbPSVA9C9zNw6PZJY7AyFJdQds37eP8NFbJOL1TRSiCAn7OUp2Q_8BoFxegtu6szyx9pkJQu7-o0eXNWuHc9xzh1bOmvV8RLgYkc8Kt6h-l5PdhcTuHJBcXwvwd6mk9y3eTqq4J6pBbltT61GerNs2wgVLViVQNqGeOSMP0T2A5CtzYXnVgV-0HHezIRwphlcSW3CwRnaumzLnmp4yyDRl_wHIJo3FGJTpswxAnBo-669ZbwmwnmaS1OkiMs7JroMCA4Bgi5L3wbP3kQEI1ZZkCWRvPmNFkhJK6SlGUYzYe0hugSmWtqdlGEygLx3z-AY3bI_vJogaRp3v6bQiSm1TO1ihLEnda-9dxqBY1WUv9qpMc115M06lKg1ImVTFzwK1SN_ayLuyAmfmYrqTkTc6f5Jx1XjiVgvdgD2LhPzlQ&cid=CAQSOwDUE5ymiSHrEWHzpE-9nV5GdJsTM56f_aXk6hTp0Vg28QEEl_72My3j2glbYz1k6V5jNQ2W5OW-y86-GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=17768528975492364000&adk=2086295851&idt=154&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
709ec34a58a00a80c57b3ccdd57493aaa1ee1cc2a312a23d1ef36dab617ce5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11219
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
verify.js
rtb0.doubleverify.com/ Frame E727 		1 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_905388050917&jsTagObjCallback=__tagObject_callback_905388050917&num=6&ctx=15911784&cmp=203336&plc=7224804&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=905388050917&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=111&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=9&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3E%3D%3AG6%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3E%3D%3AG6%5D4%40%3ETar9EEADTbpTauTaub_hh_b64a%60f47de5gbfaf7efe33f_ef6%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=5.60&callbackName=__verify_callback_905388050917
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
0d97980370a4b4142f72c189489851ee966fe4c0556dbac44696be2ee944e551

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Expires
03/30/2023 19:32:15
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AA3C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122088
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Mar 2023 09:37:27 GMT
expires
Fri, 29 Mar 2024 09:37:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
pagead2.googlesyndication.com/bg/ Frame AA3C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 09:34:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
35839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14293
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 13:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Mar 2024 09:34:56 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CD8A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CiIbZ0KUErBJZ3KZLvg90r2QsJ8RoQZyaXOK41R3W2dkF5JoxwyB_0tKHYzjk81mP7WzmjcbDX7_QMIq_Cqh5Y11QMdW7kngpyArutVrUJD5i9u2h6J4cRvTgHwXS2T79gUQYOYUJF3lb_jd_rafooVY9n10_3_aBP5p-f14NvA4JdiPo&cry=1&dbm_d=AKAmf-A16x8GoSa1FF6dFXMXATXuXu04s5ESmQ-962U3Owb8hoETl_f5xMt8yRFs9lUL3Eq3pgQ6OKQ2lAcyVfYBJ1fYe-x6JKZoNGBPhDaLLYCh23pePIboi3t5OUScFXFHzx79o2wpowg8Fu6B7LowXhMmMmH4zuioXsJnTbvzk1XjazeYSskd4r3ZM3W1-ccX8_4QmCigCoZP8Xi3UswgMRma_yntMVnVuLL7N98mcVDEUPy_hFbTPmADNy6sklLYCIvK3_3OrAm8y4y9LEhoU-PCe58XkG8esjcOiuX73IXtZPSPipNMapRAvRh61IkCilwTkI5sY-mn7cnUgYsHWXlBQw-8cuNtOWuhY8FxxIey6GW-CNP9-UglBUGI1ZlOge48jBXQx-Rd08cgjIoPfs90gjo4OP8b9n751ujdYDRKez8LMK_SISBY_Vg2f2qCDIzJ7FiCVOhS44j2gkxqiowypInfHmiQfzbk-zylmojjUEAXas_Om1A4cRCKHuNBM5RclucDEcY59JHLubkcml0kiU9HF0CwOKd2Yo2c2cf3SMSITNnGt_DEAvvt_FKSHvrwgF-nyJph4J-ePx3r7fL8YSSoPUyT2sPUtETWVUyNN7mRxBQjgOdiD0CL79vJ58t6D9Y3WHcKlTZ52PmVdKG-D-dnmnYrw4gzUJSXUJRYglsJP6ZYQsPEKrFATtKDJdOCnmurTxH5bQ2kr1nIvqqv3e3R__GdjfcYhh7rCZisZtMYGyHf9EuxxTDe-UOYrdZKmM3_XPhgwrVrJwi0TaG2qCgvWJLt4lWYvabwmRfLLW798FYBO-vWuSOnSkW5796_QKIly4iUDFAkLKHLJ0n3OS5GT8ud0uQgN4xIm6MO5gpg58vph0KaJeUKnqfmr3fkkL9BXhaBodnzUqEqOIUnLtBuXAam4KKwueR9Wb-jthUL4WnYFd4kyykC7qA005VKUyO6sLZehHDnM7MJ3i2mVDlD6lAQflwG1XoTHsPThdJJVh_5CMvZbuq2y7nAPRA9vL78gXG0tp1rEGHM2PxOYc0UmEZyEZp5TkwlCrZxlKdyKgUmQ_vNymWl_KkaDRbiRZw4RWQpBIyCyrYlA13cyBZsATc-0dnHyKxIR3BdMpJRa_cVKvqHjR2BZFMx478iHNAONs28xb5pHoEVvBetGVBA-2XQupj3X_VM0SXH0XCAse0cKIMfo8xoPj0dnYbx01BPeX7Arxxy_yJz4HRDOplWxMMORqD6b09FFwjurJTLwebgRPkTt_4lsyl7KNuzBm2IjIKDwOhr5xOyVUKinywmVK1Wk2EXm5YRQcA3frz9WpdnbUmfkP9gCJwo9pHCdQKQN7M-4zL54LuwHbzTXOqQOucr2T85Lf1Qbuq-bHOBrZlx1ho_yMJnu_ERMrChdtmDG1hVzoQFCbGqPHpGofEf7mSvq3i0VPNXXzjQKhVggRyDy-us2z7ZOLbgVjmoFiY3s64sFXQ0mQ5hgU2GE6h0vBYhF3a4QorS3zecfAZmjDn7hNL-UL-GPYjarwXCFnSyJXpRColJIftJMYmmicrvCnz-RYoJjMimib_wZNPt04_uf56EN2Ttjn7dDsy3prPbJsX8lJKffjW8HcjGnNbHqVM57k8XZQ0CZIuH2kOcNQHHURyDO3MiIEkFpEyS207Ufrlv04M1Cupp8dMhr9tA34rL-F0wqrBnN2bt8MPeF1AwWPrheaKd2OVgy56wP8-mSxl-v309pa5N_J075Ux1bLCuOKDm_4TYf6pr-dSSKPtyaFzVftwQFqjdRp1wzXIApTnN_1phEIEIJW1ujvIE6o9zrfYMsh4_vcc8Ljq3j0oGCHRNDW8cD-oPoQ-st0bkC2lB74jID6l_9I4XtT2AV5mV5kz7OZDKuTiDTAObk6xwnHj1dNmquM6jCFY1i57OzqIWM9IauNfO6KS48WSvuRpEOgju2EeCNulOhjEv6FwWN-QL_tTMlF3Og64aN7mubrRwCfPFTMPcskZYp0fE4gWjhQVBuZxcVrkOiJ6yYi5lsqw_TLcJmmtdgl4058F5OkM-b-3EwvP5M2EVandDKcJylAc21OuhhL0M9dVYpamR726_mo8TNYPArMOd0gHSrtbczwyKTVk5MPii12RVJoGtsr_ix8nGKqjNkiZym02YLy-h5i7e54ZLQwls3Lxl3JL0-_zzWDmL40u_uZ7iI0N49ZjDofnFreqBkRROlVPgeNQpmf_TvtxSLe5xu1RWtMf9dDUx4DiTqaadldw_dniOW3IGP3dGCqpAVJcNdh4mWId3XXNwcLMtXsx-Evu7_DMA8pxETlMZyKew1o_I13foPWDEGX0LZzOD_edBNIHDpoS5nFDCMXSTQYWIwjHFdkn1LCv55AmXA4xIne1qtlStjzX28ooxVKVSopDkE3TgKVKSYZYi23Iuj6l1iwqHrO8Ie2mUv0myh-FfdSANtLTz8wcyszE8TmJkDJYwxemd8cPqqTNNQwgfYHW_4J0-VA8KuJQd0YiPzc267MEKTH0bylrQPkmBYj1OOZRyvw3cK8Qw6jLZVB4v9QrzfvzTCCqmUqhaLbEolYHmXg1daUM3VQCTS1jJuK4UtQ6rCTU1UG1o4ntVwI6Yk0R2hxn-uEKMdVuZ_M13JmyKRA9rRUQfSCRGjvoMomr0UJ2cb0fLDqv1fczHxQYrgttkIkbPOsk94JgLMgrvkEgLHUGYiazzKvI9aOvN8nvbzTjB2901VexuTECka58SGjzzghbuqBsW1-tt2uY3BkysO7aHbL8vnpJ4PIAmHUD7gTiCjpJa_IUkIMApuA-qS-SmefrVNKkoQqDW_b3REzV8rHwapQ0XpTY1rcQrRMPywUd67mkUe2W4nAOSwurKvqi1OzGSJCDVcjdYA_ukxnWBi9CptGFRErLIXOP2hIKsUgnsCNhH4QSrEhaYoI_OFuZz5I4_A8bNyYrb0uUtJsmN5q3xQ6tAo_qa63qS7_GCI8_AHCw2JDPKd50Sn-8v_04s_WBIGAKWv0sE_43Fr_ZnDXeapvKRcxZWrrQi831IyfCw1rBgzmX9lFmeYV39H9x5WTRxAqE9U5FaKuhQRQ7vJRN1EhpsJbWZfKLZzNV5igE9mhnmHhOjV1DYEXnCf9mLwhk4MoVAWGSqbJTOKwRKxF8z1tUv1QvOz8JaTy-NgMduJGUAnbazX1fRqEg6-eCu4n-DtbpBEibM4pXo5ChxJIIOaTtKSp78a_AamCdtCTqYkPzLGLJ0uNn5Uj_zS5bgmllinYITkI-dXMDNlqZRWWQfWmjrzG_pxCN45iKADeeXXosovcltpo-jlpe5km3CNItWZ_QYzxNvTtTDDeumGhRO0hMZBmF2-mDZqRri87_C23swowl8hwvWCmGA4yibAaKd90GWJ2CaFsBbtRgdLFbNhg&cid=CAQSOwDUE5ymiSHrEWHzpE-9nV5GdJsTM56f_aXk6hTp0Vg28QEEl_72My3j2glbYz1k6V5jNQ2W5OW-y86-GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=12602446092971920000&adk=2857193498&rc=1&idt=161&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 09:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Mar 2024 09:36:46 GMT
dvbs_src_internal117.js
cdn.doubleverify.com/ Frame CD8A 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=203336&plc=7224804&sid=18330&dvregion=0&unit=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 19:32:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 11:00:18 GMT
Server
Microsoft-IIS/10.0
ETag
"0cda5b9e224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18840
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E312 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BNC5qHDPhG_tnz2bMoSICCYYmaHtQ5n70vpUyGTJ5dNUOy0h8Ay2B7KGwHqtKtxZfIaXRLJ8T4Q6Q5MSNil3aAjnQiy6Nzn6HYu1Gd0b6QWuoaZGcXfWty9IIemeao8vyW9dFZHPeVoxb0xVc6E3XhMwaI1wtxhe5HPNeMDTnEsnWZU2k&cry=1&dbm_d=AKAmf-BuL6tdRMQgtIhzWR9V_uoFsUjCzRbMYF3S6KwvwwPnIQs52r0gmjyWc0H2o7VJNiPZj72U0nXpofq_Rcm1zK9zPz7JwIItK3Enp4OKR2tXTySMgroXeknZF55Hc69PIWbSGBdxZT-aGoIyK9y5jSUdcDv0OPi1-0HfsxsOpo4VccOI4MSY9zHrhhy7BhnryS1hnTJPHndQQHEHhAbHuqeVLe-_XiZE9_YDk5CtHyOk64hPhWtrk98In17IEnJayP_sSEmcrR1BAvIWUX38a3KMiLNL1EXARYgjvm103sn7MqTYLSxKH1bSyGOzREcfUvRycpBOn8lsdvfZkydP7VbZ6Rx1HpCd7RZXMej-EoILTWCbj0OJdChahCtCNBC8mXyp00kFBeEl3Js53vXKuXCDSRRQIPRW6zipZC4OJi6T9E5JZ6OWue2sWDkStnqKL1XKMDivscQVgCWuccaBWkwo6h_-gxIGEyDREcG1ylsPxLXL4ync0ewJx3vWrqNrJTMQSPUHw8PTZDhksb7eCSnTOrPyo9Bto0Jw_aWUBxhsLWtf2f5detuzaFE74wnkETfQ8rSlO3Jq5SMxFYhX-cbjm26LDfDoYITFGuox15A9xTOMUlJnIF7cdmTjrmpZJH3nHuQl_CNHVcMF3uZZ5ilvORVtqu_vxcjrZlQtpzvwzNcCr97Y0slLZrPcFfFBRn8zzF316whJehm_6Waefx_v5wCUEOt9nBF_ti8nyw2MMAQj02MVEGCxLMd4IqehmtMbogkF8x6kDycq2_UXv5jhppKQ82yoc-QLyR4GCxEkBf4JFYdkmenfguiCsa-awP3Xa4otReUKUEHxROXDykBb-R_Lt2w4qf9mvqlLLXXCEo95ogA7FYO2gXcakyOefpbx237nCuqJr0Zp2HSIrHXAQAw5hkqcjusBJUfUOm8W1ypNIlga2RWC0_GAo1JOmEsfPzJB6DYNLNqIXPyj6SvpGs7spDCLRMCzM7NaW0O6IOSbPUYgvx41_ZZvwlJ5mEduM_aMaTueQ8lBRPBQu23FVOSYLzuDXfwfzvmoISAzYhW8I2qJK1Way3VAEETJNiOqbHgz1Lh_B-6stqwrhLEKRf5LtrueZx-r57NN5Z83uL3nORuNCPevTZ3TyTEEnyiFXBcUxZp7e29NJg0rs_jBXHYc4vjgvhY-L0AqXRqlJGZ_XSguUo5ucTX7CzABL1h5HgEfKiidjPKo8DcMlsEP9TgsR_w1qB2T3MKPIOcWQfQA1TpRlsox0vJibKrn65fa1RVOTpJvzKudQ_aqk9R0wjF2kArLlMBk2J8_c6upMOfW5ILNvtpfNo4LqXqiSy4YN1CnU1IUZygi0CptOfLF748xiUpkU8_OX4ozO1Fw87s_DmNbbDh2IQXDdicIo2XBl03yriyMarWfUH7dW2qsvw3y5Utm_DUaDjo8Z-NC9iHDVFdKYszKr5uVkCwWjlID6YMqiB4yxMrBlr-0NvzVyJ6kvW4pQ86Ffu1R74sjAWyFgjLDoTOKs4MuNEex6IwInyJyYy8AN5eVpPH-HdF2vjeyOHk_pNKxEA6ORu-PTEd_fShgHn-A016FwRJqzVWnXgqgH_xZam39i-CMg6B8rzb-gRRJyZTSVD_5ORMq-1Zhf4GedBSJQIUNVjpIO9_zccyfodFjsJg0tcvjQk5Lo6BU60AH_umtfkuFD28b5LAZ1bJmXFBpTr8CB1fGN9bcdzmvw05Ql68wy8eUzSXdrSAoiE6ut3lm_F06csOj1fW3RMyfxWwVu_QVrVhtk6gtvLulM-BoruSvO9IvMGj4mdfkHduf0xBgidJludpn4in6kiSfXxxXGk5uxEKjQebRCWKqrBhp4seQKIFSUNwX_WqMUSaAnE0ZEQA4tjDrPccs0U5s_J9VYSU8ZK81i-612UCmdRz2ZaSgE85MqYGC7VIePKR0CQsRtyLH7n0FwL1yd_Cb-tJ9zZhCJN1A70b4PMChQSMcZCLj0tEdDC-Y1LM4Bd12nQuSf68Y5LsH6DZcOTNOiS1s8hUCc5fbPOtKUgPU87nud_p_DI0j-lHj4uj9BGswhLtXZHhJNJJngdKgw2pDIOhlp2COzqqI5Ffaq9LkUqZ5JXoKnyS3rqFSC4rSUjnTw1CNzhxGkCJK5X5ElUKs-Tl-r6-okdNiBCpDpD_dpwOkhWaJrTPywheyW71YoH2STzG4L0tSdjex8hG3HgdzRbieOLZG_h1t3BL0eBtfVTh4AVI9wwLCo_NzlDboo3PgPEnklDKUbubFZBrvdvvd_M41wHxQmuc0QXVyHxD100ASSkkncmCvS3QuLE6fAQ-TPrMw_x7vpKdS7Tr6BXdrrHT38VTejv78g43aVnmxiK6WMpUog-pM6QKibQM_ZQFqRwkjrKye2kvDRxIsfBnjUtWDymHyrOjQwBtNAdePskMWQjvGNy_cbwfGru7907CXJf5R5AQULR8yPHp3_YGtFCH9WxvL-QYgF2GI85-Nh2cRxezB_RvFtVTHOp5IvUbrGmswLvMr5xVQoTejDQt-Fz0AXXSz11cpOH9xMZBBEWfDcr4HPnQcjDHDnv9E0rwZgIUbEmEPWbhDnJNoAdtlf-vGL7wMlG9i8ilX9eY-BUbD39svuotZt0kqUzABz6Zpfhk8p6VpiGOMS3Lz1SSbZFuFwD7pat1d_AzDP3lXl85wjShremLEeuJohkttJIkxHsd99QBQco4xR4tiOzdflZ5nDreCAkwHxYZWt2A0lxSPmNpF_Kx9_ThpKLmdtIL7Jtpvy0RuPEZ4cHqp8ZxCx5PGxHZmr6RygONiVgTPG1LUrexybhmVn2fDungDGNnrSEU0GJgJNuEp7LlG2yrvhd9DGaYpBTZeVYrBpJjiYqkf08_xXO9g5p5HiCVC_s47_WHLAkjwszjZvqYSA00XSx8zzW68sTE2Ug5XMdUVRLqyOE_ZwwCHdlHIn9ZwBrZEIL3sVI6cGm1PtqFtEnxZbPSVA9C9zNw6PZJY7AyFJdQds37eP8NFbJOL1TRSiCAn7OUp2Q_8BoFxegtu6szyx9pkJQu7-o0eXNWuHc9xzh1bOmvV8RLgYkc8Kt6h-l5PdhcTuHJBcXwvwd6mk9y3eTqq4J6pBbltT61GerNs2wgVLViVQNqGeOSMP0T2A5CtzYXnVgV-0HHezIRwphlcSW3CwRnaumzLnmp4yyDRl_wHIJo3FGJTpswxAnBo-669ZbwmwnmaS1OkiMs7JroMCA4Bgi5L3wbP3kQEI1ZZkCWRvPmNFkhJK6SlGUYzYe0hugSmWtqdlGEygLx3z-AY3bI_vJogaRp3v6bQiSm1TO1ihLEnda-9dxqBY1WUv9qpMc115M06lKg1ImVTFzwK1SN_ayLuyAmfmYrqTkTc6f5Jx1XjiVgvdgD2LhPzlQ&cid=CAQSOwDUE5ymiSHrEWHzpE-9nV5GdJsTM56f_aXk6hTp0Vg28QEEl_72My3j2glbYz1k6V5jNQ2W5OW-y86-GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=17768528975492364000&adk=2086295851&idt=154&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 09:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Mar 2024 09:36:46 GMT
verify.js
rtb0.doubleverify.com/ Frame CD8A 		1 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_889732295750&jsTagObjCallback=__tagObject_callback_889732295750&num=6&ctx=15911784&cmp=203336&plc=7224804&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=889732295750&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=111&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=9&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3E%3D%3AG6%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3E%3D%3AG6%5D4%40%3ETar9EEADTbpTauTaub_hh_b64a%60f47de5gbfaf7efe33f_ef6%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=3.30&callbackName=__verify_callback_889732295750
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
24a856a6cbdd2c38b5c747673a24ae30f5a9d58736f680755ba0b747e2b76ae4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Expires
03/30/2023 19:32:15
dvbs_src_internal117.js
cdn.doubleverify.com/ Frame E312 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=203336&plc=7224804&sid=18330&dvregion=0&unit=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 19:32:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 11:00:18 GMT
Server
Microsoft-IIS/10.0
ETag
"0cda5b9e224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18840
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A63A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122088
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Mar 2023 09:37:27 GMT
expires
Fri, 29 Mar 2024 09:37:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 5196 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mlive.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
04971705dcd7ef441d0cdfed3de59b62af5c279b75c2b60d14116a1ccaf23acd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 31 Mar 2023 19:32:14 GMT
server
Kestrel
server-processing-duration-in-ticks
1039503
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
verify.js
rtb0.doubleverify.com/ Frame E312 		1 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_115964557057&jsTagObjCallback=__tagObject_callback_115964557057&num=6&ctx=15911784&cmp=203336&plc=7224804&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=115964557057&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.00&dvpx_strhd=0.00&brid=3&brver=111&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=10&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3E%3D%3AG6%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3E%3D%3AG6%5D4%40%3ETar9EEADTbpTauTaub_hh_b64a%60f47de5gbfaf7efe33f_ef6%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=1.30&callbackName=__verify_callback_115964557057
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
d0bc6ff44d64e2d4a0154608e7fd4cfe1ce1db00c8d8d9dfc62b43f031a79adf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Expires
03/30/2023 19:32:15
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 85C0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122088
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Mar 2023 09:37:27 GMT
expires
Fri, 29 Mar 2024 09:37:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
pagead2.googlesyndication.com/bg/ Frame A63A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 09:34:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
35839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14293
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 13:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Mar 2024 09:34:56 GMT
YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
pagead2.googlesyndication.com/bg/ Frame 85C0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 09:34:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
35839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14293
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 13:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Mar 2024 09:34:56 GMT
sid
mug.criteo.com/ Frame 5196
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=mlive.com&sn=ChromeSyncframe&so=0&topUrl=www.mlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=zqRCnHxzMG5UMFd0Rm1NK0tFU3JMSUY3T2RiODJIK2JBTE8rZjNqM2lCSFFLb20xM0FjK2J6MDV1M0RCUEhGNlB3TDgxRExJcnFycU9EVm03RG02eHEwNmtlTUZvem5rMkdKNHJPUDNhd1VObGVOTVZ5TFBqT0s5U3lQT1...
422 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=zqRCnHxzMG5UMFd0Rm1NK0tFU3JMSUY3T2RiODJIK2JBTE8rZjNqM2lCSFFLb20xM0FjK2J6MDV1M0RCUEhGNlB3TDgxRExJcnFycU9EVm03RG02eHEwNmtlTUZvem5rMkdKNHJPUDNhd1VObGVOTVZ5TFBqT0s5U3lQT1hwcXB3eUwybkZxS09hS1owSU9jUXVLT1hrVTFGbWQ2TGVXYnhXUWFVNGdMQUZaWXhBLzRNSFplcnRabDdMTjY1TDM4SzVtU0FIUERyVk1uTHV4ZmwxQ0E0NENmM0RkcUlkU1ZrVHdtL0dURDZ6RTlnZ1VKcEgyYlA2TDlISUNLVW9OT3NvbnZSNkpTamNaL25lenoyeWk0MHVnVjlPQT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
98ba338d6ebeeff877b52b0c56b2a7b904fb40bffeeae517e1c603418837edde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:14 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2196980
expires
0

Redirect headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:14 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=zqRCnHxzMG5UMFd0Rm1NK0tFU3JMSUY3T2RiODJIK2JBTE8rZjNqM2lCSFFLb20xM0FjK2J6MDV1M0RCUEhGNlB3TDgxRExJcnFycU9EVm03RG02eHEwNmtlTUZvem5rMkdKNHJPUDNhd1VObGVOTVZ5TFBqT0s5U3lQT1hwcXB3eUwybkZxS09hS1owSU9jUXVLT1hrVTFGbWQ2TGVXYnhXUWFVNGdMQUZaWXhBLzRNSFplcnRabDdMTjY1TDM4SzVtU0FIUERyVk1uTHV4ZmwxQ0E0NENmM0RkcUlkU1ZrVHdtL0dURDZ6RTlnZ1VKcEgyYlA2TDlISUNLVW9OT3NvbnZSNkpTamNaL25lenoyeWk0MHVnVjlPQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
379785
content-length
0
expires
0
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame E727 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=4686cb822a5040b8b9f601ccb1eb2ed2&vfdur=148&cbust=1680291135259844
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
03/30/2023 19:32:15
dcmads.js
www.googletagservices.com/dcm/ Frame E727 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6883
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 19:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 31 Mar 2023 20:25:47 GMT
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame CD8A 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=94dfd2bccfb14153b72e5cf95a26dcc4&vfdur=93&cbust=1680291135278245
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
03/30/2023 19:32:15
dcmads.js
www.googletagservices.com/dcm/ Frame CD8A 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6883
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 19:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 31 Mar 2023 20:25:47 GMT
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame E312 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=c95fec52301948089a9b5abda5e18271&vfdur=60&cbust=1680291135279842
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
03/30/2023 19:32:15
dcmads.js
www.googletagservices.com/dcm/ Frame E312 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6883
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 19:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 31 Mar 2023 20:25:47 GMT
impl_v95.js
www.googletagservices.com/dcm/ Frame E727 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v95.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 18:05:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 18:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Mar 2024 18:05:12 GMT
impl_v95.js
www.googletagservices.com/dcm/ Frame CD8A 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v95.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 18:05:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 18:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Mar 2024 18:05:12 GMT
impl_v95.js
www.googletagservices.com/dcm/ Frame E312 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v95.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 18:05:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 18:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Mar 2024 18:05:12 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 573A 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 31 Mar 2023 19:32:15 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
B9689862.280410797;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=394609735;ord=4vitds;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.mlive.com%2F$0;xdt=1;crlt=n(H...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame E727 		57 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=394609735;ord=4vitds;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.mlive.com%2F$0;xdt=1;crlt=n(HQR-yb1A;stc=1;chaa=1;sttr=32;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
30a2cc3f181704f885112a168d6edbe4cb7b43ad2c793df3eaba879fa3f617f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA3C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BN-EzPzUnZIRghs2BB63igqgKAAAAADgB4AQC&bg=!Tk2lTRnNAAbEgrg45II7ADkAdvg8WhrAN4_mSlEu80HkzCBQdEZJuM4D14Z1E3sdoPv_yUfLWPIZtj6Uhp2Uzu2HdJGN7V71I6MCAAAAwlIAAAACaAEHCgA6tw0nXV_BDP0hoCliecifxjyE90CHQZ5aoDFfMvVolXBOpvXLCpgnn80hejmzNiVg2kw1urSGQvXMGZkC54DSi37Rnv2Q1hT_AwF3ZA2mGJDhMLeOBf6QTbD67qGYJMqMbQ_GifurhSZCzcOaBAkaLOanejuzVD6vqetcdCbwMn-3fj4JZYJwSgn_zIk_Sqs8cqjhya94LJwyIPgYrMRbvsv5HzcipMfhJJb84gD0hnr_xeEjvoYy7M7vNz5DvUj45x23dpG1RCAGJZOjnyGoWys8KYH-GWkd2-daUX0Ah-_pz9p7zxt3VMGAsblkipOnnftuJF4erXA3ggYe5IO9RUx42pR4QjoYnaByS4ZtOySVtDj4U8vqwWQ2cCbkl1QQOeOKZxG3tIBNzgKpQKz9AJyEdzruiCEmSYy9e1CFw5muW4t3ZvHxvLzpdiKbuiozWV56TT0dqY8DI6RFUXPGm2wyMI734IUmzxbvsp69E9Q5XpVm2nM-34PHw_wUNgrWL5rQRSQ96euxl3Ya9RcBFp97wm38c6Czkex39MIuFkG2sm04hXCNb4YMsab9NW6cZOo434xG7ZU-itusCTC_KZ4kKzTCWvs_j9qm-iO7AIsVFnyrq_xVGE4SvJgBPBi0E5fkO0Ekwx8cM6L37-7kjiMZyhEeuA2oP25xL7E7NWN5kz05FiPVvwxf_Pp0OEraGwIcaUu3tOe5q88XU5MKF5RlB86Ia32ypMxouXzQe3Rh6aS-ogs6t1GiITcgu09JgYrvTsPS8Szc5REEqn7pXZdZ0lx__3rS0kBseCVzcp5FkEyMQ3BkSIFzIMZK7LixJAzrJpm9jrhdojkyx6Wuis3A1-oUgnX2YZw2ZAqgEdwwTSlCJrDRELsE7uWzupHQ428q07XhQK7SjFus9oj07Tc-9YQKz3XRShpg23ID1yYqad1virkeDSAK5o1BZd66TKfGHK4aNfJwcw5Cl8OfG2U2QKnqyEPBGTxFKb_amOAudhYhBoiSge11Z7PscoEJl-bUgifLoOE7ZUiF8-mxcmdqWiOuMX_3Bew-o5aAYyH9y_1D
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B9689862.280410797;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=2658142093;ord=f5hf1j;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.mlive.com%2F$0;xdt=1;crlt=n(...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame CD8A 		57 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=2658142093;ord=f5hf1j;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.mlive.com%2F$0;xdt=1;crlt=n(HQR-yb1A;stc=1;chaa=1;sttr=34;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
e6957bbe6022deddb04a6b9016e4cb39053badc4bf519bd2ceaad374d78c0645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B9689862.280410797;dc_ver=95.280;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3594248786;ord=t4wovu;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.mlive.com%2F...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame E312 		57 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3594248786;ord=t4wovu;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.mlive.com%2F$0;xdt=1;crlt=n(HQR-yb1A;stc=1;chaa=1;sttr=50;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
c958fef291d28ed268bd55bb053d352ab4a3c7c70a2f4dacdce4ddbb1117e079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27263
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
prebid-a.rubiconproject.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.240.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-240-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 31 Mar 2023 19:32:15 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.240.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-240-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 31 Mar 2023 19:32:15 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame A63A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BP7OtPzUnZKGABcKp3gOu3rBwAAAAADgB4AQC&bg=!tbaltuLNAAbEgrg45II7ADkAdvg8WlSTkeXHiHSgIfubj7cN1Gwz4g3eaz6Kl3Lh_9xFToV0v5FK8QDElwuRGOQ5W16xKN0-2SwCAAAAtlIAAAACaAEHCgAt39sTMku3tU3ba-SdshzRWYjk5492CjCwoj4Cf1oAcguON4Q5laxNLE_7dWv8mQL1V80XVUgp9Ayo8ZwmWsfD55Vi-dlqFWJsxzqKePIeJfFEAPMEwJAUdhtnpaemvkHSrtYYiJaMH-sC7s1umRAbiyCpgqKDwNRF0iaouFLp9WlUcNI4NdZBDYwjmSUIYYpsYzmaILGAEWx4LnesvP5TJ-Rc5ghQvCrNA9DDcxZGhDxiY2NqlgKP1lxx6LXHl506VxVSJuZl9x5n_D7h-e5_HzSEFRDt2D_GxUsfMwnld67Bj7E2ZluBCdGUID8H5Zni2ECsAPYvF69skJy7_w02HLdiLOV9X7yMfyyiNT3cfmcXGjJjgWUpv0HXXaP7DG69Xzvz7aoQ_qdOLQFuXzzyPwnMzyliIVi3DLDB8Hs5fOPX9zVTkFmH8FF5CAoCc7op-b-q3i3-88VKCX8h3HOUieyKxmfgtAOEGDe5QqLwhFkVdfWgN5_eAh8fkbiX3K2tM5koBnJEM4mO3X5v8ZwccyYVi5-Xc3ttpHujbZTc1216xFiMUo7dyA68hNeNyNreWBlhfoq_1timcowCLSnl_c8lBS3yTqR83jBoCuv-yOPmDx1FJYM4AQp7jqAipCztsVvMdKmfpmHpn_tFoOraMvLGQQDp0_lvRB4y5cj9SM_H3EQTGm_v_Uu6-EsG7qP-CjDhyvewP3jwZTP345FHB5KjvCnSaPCEq5lfVa6MrlzhuypE_xYsW3K2grIqXkwwhRdRjFbW5jC9SycJzVtzlmY2u2uJG5By4cuBD64KayFW9aNKJ_phByNMYhQ7HHlojaY74iP0BHoz9tRxancsMTV1Dk7vTvoPdn1vR7wK4QuD7p3SYZdY-mue_3WWIb0s2KJHSr6Ye4JSHzFLS8zTcKMBqZb90YiIny8JASQYwgtgWV5BP03gPqhY_QW37ZWHYZ6e9g390G69SU1vRIVoPjBnWRQDbOozwf__ip5ARui9OzeJOUB3j99fbtmrOq3jTqpLk7GUVQx_Jf_umFOoXj-aejAsORz4vk6dTrk0bicK44sIDg
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 85C0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeyjfPzUnZOnlBcTXgQf1vKL4CAAAAAA4AeAEAg&bg=!_f6l_qrNAAbEgrg45II7ADkAdvg8WpLJ1nWlAKNDCnvvq1LovYhCE5B6i6Atr8gCfzaINFfMAaXZSvfGYZYQPKV-djTebEEm834CAAAAlVIAAAACaAEHmQLoA9Sx7kXzt3pYJo9Uo9QVVeJ1pAVnohgRYVGFP-RRqSKUYQ1tR-bPqkmCKSN8fQzxTk2K_WADSiKm5wiJWepy6B2PKGHEZfk7On6PowGiM0WI91mRpMCod4ePkZHVz2ly3F4UhxM2kBjWF7tjl4bUNtS7PQcxVZG4XVUaSApBmzExBwNhH_S5bNl2ryHGUNz0BlrAybucQKca0TUSUSYrHtINR6DC9Mlob2T8VcrQyn8epOZ9U-T6NWM3_m_NbG0kuHNL8fX0_C0fPkJvqJmdVOt05XPoUaJ4reYl6WH0cbrsa_tJelHeHBeBXSPh3PAk6GZNLgnzWwVyImNIG1qaP-uTmX-JPboz3R_gyl95G8Tf70tpBWZ0ibDQ1yYUtzy9kkKs833-dgPnqOQdmGIE9PjfcHzU6mKIqDLoVEVESzrjHqkaHK8ruQzrxiyP7LSvedof2A5TPnvekQV0tpXNvXe7zMgqq-jbiz854zsns5OTJ6J921ZTG9B4BzgW1b-WJy6wNrdPcqCz_O29bDQZhLW32O-HN0TQKKmoMKmUaCF4ZlRdhPQOmmLxTfDowj6c1jrbb8LrpHripMD0QUJDHZ00U_BTtAxmyibgCSFfvtqsL5q4i4WetEfJagpbE6q5lpSvmt3i_oBZkYsPY16LPmBuWXRHcMk61eL1lErPhJBklHjj5LBH4jX62eB4NmbTBuB2IHKa1GGwmPwd3qvqNSvdBTeRYr6D9IdHevKg_XJz3wAt67fdZmJPsovBJRLAmbg6NzljyAzIYBNnAoQdKnev-Wm6c0ZShpsC3Tl8OIwQqdlEWj27zfzLrewQU8ZQZLeoJrKTP6gdzsssVFsN6nOiUR9l_NyTfdh25gJEdYE5FoQBRmuDIHjmSzIkhdg4FiT0ApJ8dH2VJQmwgY6bF3_SxdDW4xKqA2AfMPv_xqzGidQJ9vO0DGbqe4HMRPbfgO5CNqkvsfa8U4tqVTPm7IUMmKyDJtng
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230329/r20110914/elements/html/ Frame E312 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230329/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3594248786;ord=t4wovu;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.mlive.com%2F$0;xdt=1;crlt=n(HQR-yb1A;stc=1;chaa=1;sttr=50;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 22:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
75331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4123
x-xss-protection
0
server
cafe
etag
4541610132340792384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Apr 2023 22:36:44 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E312 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvWHA4rqCtfA5diiZXV-YDth9u19_t_1OU1EoKFW52lOJbEy5Fwd4vuP7AZVJjKksr0RQsBPEhfbX_iMTfUi-AFQ9k_knuAz09eyLoEOodgWPHHKvLnsUylu7aDGeIXy42_HVKzuVOPMsYfoDB_Xqwa1ruDfF9v&sai=AMfl-YTh-Cu1S7pJVDHshQSr-4V-AGtc-MXy3Ebv35g35iyePv-1fd5sQKVj-ilQqkqox39UCLI3_YD-bZVRMoAlcIIu1soQqsneosFxTA&sig=Cg0ArKJSzKvjxMLOMcoBEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230329.04482&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3594248786;ord=t4wovu;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.mlive.com%2F$0;xdt=1;crlt=n(HQR-yb1A;stc=1;chaa=1;sttr=50;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 31 Mar 2023 19:32:15 GMT
2418735279377567735
s0.2mdn.net/simgad/ Frame E312 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2418735279377567735
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d22ae6bbaa3c79a6d31667177a7bf1b209536858fe3caf1a95a21af65d76f15b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options
nosniff
age
5223
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48252
x-xss-protection
0
last-modified
Thu, 26 May 2022 20:28:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Mar 2024 18:05:12 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 91F9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122088
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Mar 2023 09:37:27 GMT
expires
Fri, 29 Mar 2024 09:37:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1990 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37432
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 31 Mar 2023 09:08:23 GMT
etag
48472445140208031
expires
Sat, 01 Apr 2023 09:08:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E312 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
85ec27783f26768888645aa3c06a52955c71dee2f2e957f1e5e95d306bc889de

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
2418735279377567735
s0.2mdn.net/simgad/ Frame CD8A 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2418735279377567735
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=2658142093;ord=f5hf1j;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.mlive.com%2F$0;xdt=1;crlt=n(HQR-yb1A;stc=1;chaa=1;sttr=34;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d22ae6bbaa3c79a6d31667177a7bf1b209536858fe3caf1a95a21af65d76f15b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options
nosniff
age
5223
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48252
x-xss-protection
0
last-modified
Thu, 26 May 2022 20:28:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Mar 2024 18:05:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230329/r20110914/elements/html/ Frame CD8A 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230329/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=2658142093;ord=f5hf1j;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.mlive.com%2F$0;xdt=1;crlt=n(HQR-yb1A;stc=1;chaa=1;sttr=34;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 22:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
75331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4123
x-xss-protection
0
server
cafe
etag
4541610132340792384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Apr 2023 22:36:44 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CD8A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvmVBNa7OIO1FiUlE6uqZ8wS3n-Vmw30pd8tv9MdlFhgtz9sXHMZmYqPUwxq1c_1u4qFrU5yZvirkItH3DvfOlKSJ2x1WM3zD5cGMCHMy3FwDPXojcpQvqUkK0RLSfNAWFbLJWu7ctXuvBscw8QdUkVxKyIXGrb&sai=AMfl-YQ94BljSk9qBMtV3j-JXb5kqYEUKnP52aZyA8eNEKAztlznCbiCWQNXjfQdK6b4HmQyyeIie4sTq4w9Fkye_BH-yawhx7QV1In6Ag&sig=Cg0ArKJSzCCEsDMSqelKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230329.11664&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=2658142093;ord=f5hf1j;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.mlive.com%2F$0;xdt=1;crlt=n(HQR-yb1A;stc=1;chaa=1;sttr=34;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 31 Mar 2023 19:32:15 GMT
2418735279377567735
s0.2mdn.net/simgad/ Frame E727 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2418735279377567735
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=394609735;ord=4vitds;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.mlive.com%2F$0;xdt=1;crlt=n(HQR-yb1A;stc=1;chaa=1;sttr=32;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d22ae6bbaa3c79a6d31667177a7bf1b209536858fe3caf1a95a21af65d76f15b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options
nosniff
age
5223
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48252
x-xss-protection
0
last-modified
Thu, 26 May 2022 20:28:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Mar 2024 18:05:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230329/r20110914/elements/html/ Frame E727 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230329/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=394609735;ord=4vitds;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.mlive.com%2F$0;xdt=1;crlt=n(HQR-yb1A;stc=1;chaa=1;sttr=32;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 22:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
75331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4123
x-xss-protection
0
server
cafe
etag
4541610132340792384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Apr 2023 22:36:44 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E727 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuISWMyvtR_X5X9KGMhqQRK4X7hZRQ_S6V0Uhmn6jY7d1oSujR8gjJ62EawZRuI8DZ-DkVUxwAXZE-aOXZpzkQFByJIgbR008ils_IjYybQIG38nIGGBtGXXzGH-3RtxqHiG9-AqZpg7A9p9w3O75-45aycSK1d&sai=AMfl-YS42kEVC5VSpQvo0DTT5H9oVxu8B4tywxluLE5wwZDF3bcyYGfm9_zuNT4ua8ph6_0ROJbqK8xKoCxVOBZNKxMMKTBJulpq203zQA&sig=Cg0ArKJSzMVvDh7OJxlrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230329.47921&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=394609735;ord=4vitds;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.mlive.com%2F$0;xdt=1;crlt=n(HQR-yb1A;stc=1;chaa=1;sttr=32;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 31 Mar 2023 19:32:15 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E312 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvWHA4rqCtfA5diiZXV-YDth9u19_t_1OU1EoKFW52lOJbEy5Fwd4vuP7AZVJjKksr0RQsBPEhfbX_iMTfUi-AFQ9k_knuAz09eyLoEOodgWPHHKvLnsUylu7aDGeIXy42_HVKzuVOPMsYfoDB_Xqwa1ruDfF9v&sai=AMfl-YTh-Cu1S7pJVDHshQSr-4V-AGtc-MXy3Ebv35g35iyePv-1fd5sQKVj-ilQqkqox39UCLI3_YD-bZVRMoAlcIIu1soQqsneosFxTA&sig=Cg0ArKJSzKvjxMLOMcoBEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=97&vt=11&dtpt=96&dett=2&cstd=0&cisv=r20230329.04482&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=3594248786;ord=t4wovu;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.mlive.com%2F$0;xdt=1;crlt=n(HQR-yb1A;stc=1;chaa=1;sttr=50;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 31 Mar 2023 19:32:15 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B0CD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122088
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Mar 2023 09:37:27 GMT
expires
Fri, 29 Mar 2024 09:37:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FCCD 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37432
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 31 Mar 2023 09:08:23 GMT
etag
48472445140208031
expires
Sat, 01 Apr 2023 09:08:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A432 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122088
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Mar 2023 09:37:27 GMT
expires
Fri, 29 Mar 2024 09:37:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1613 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37432
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 31 Mar 2023 09:08:23 GMT
etag
48472445140208031
expires
Sat, 01 Apr 2023 09:08:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E727 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a67580ad3ba7f13b3eb523dfc222482c2192428f31d9d26aa813c7cfbc67403

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame CD8A 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3637d23fa75d17625e7575318eb07a083e0933ec139b9ad0c280e56f38c7e9b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame CD8A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvmVBNa7OIO1FiUlE6uqZ8wS3n-Vmw30pd8tv9MdlFhgtz9sXHMZmYqPUwxq1c_1u4qFrU5yZvirkItH3DvfOlKSJ2x1WM3zD5cGMCHMy3FwDPXojcpQvqUkK0RLSfNAWFbLJWu7ctXuvBscw8QdUkVxKyIXGrb&sai=AMfl-YQ94BljSk9qBMtV3j-JXb5kqYEUKnP52aZyA8eNEKAztlznCbiCWQNXjfQdK6b4HmQyyeIie4sTq4w9Fkye_BH-yawhx7QV1In6Ag&sig=Cg0ArKJSzCCEsDMSqelKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=112&vt=11&dtpt=111&dett=2&cstd=0&cisv=r20230329.11664&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=2658142093;ord=f5hf1j;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.mlive.com%2F$0;xdt=1;crlt=n(HQR-yb1A;stc=1;chaa=1;sttr=34;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 31 Mar 2023 19:32:15 GMT
i.match
s.tribalfusion.com/z/ Frame 1990
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEEj4D2ZoDOPOI3KR0CQz4DE&google_cver=1&google_push=Aer7DvJrCChrEynLjj8QTvRkdyVUL_ft99hhF1BLSqVvIFEUsw7SeK0CMKJdR0AFIsAAl_oqtcMk5BNr2qMWgGO3Dk1L3FjqVgGz&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEj4D2ZoDOPOI3KR0CQz4DE&google_cver=1&google_push=Aer7DvJrCChrEynLjj8QTvRkdyVUL_ft99hhF1BLSqVvIFEUsw7SeK0CMKJdR0AFIsAAl_oqtcMk5BNr2qMWgGO3Dk1L3FjqVgG...
43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEj4D2ZoDOPOI3KR0CQz4DE&google_cver=1&google_push=Aer7DvJrCChrEynLjj8QTvRkdyVUL_ft99hhF1BLSqVvIFEUsw7SeK0CMKJdR0AFIsAAl_oqtcMk5BNr2qMWgGO3Dk1L3FjqVgGz&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJrCChrEynLjj8QTvRkdyVUL_ft99hhF1BLSqVvIFEUsw7SeK0CMKJdR0AFIsAAl_oqtcMk5BNr2qMWgGO3Dk1L3FjqVgGz%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:16 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7b0b046f3d9737f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
5
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEj4D2ZoDOPOI3KR0CQz4DE&google_cver=1&google_push=Aer7DvJrCChrEynLjj8QTvRkdyVUL_ft99hhF1BLSqVvIFEUsw7SeK0CMKJdR0AFIsAAl_oqtcMk5BNr2qMWgGO3Dk1L3FjqVgGz&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJrCChrEynLjj8QTvRkdyVUL_ft99hhF1BLSqVvIFEUsw7SeK0CMKJdR0AFIsAAl_oqtcMk5BNr2qMWgGO3Dk1L3FjqVgGz%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7b0b046deb9937f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 1990 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEK_RB-NTUFJt5JbRy8I5BuY&google_cver=1&google_push=Aer7DvLF1yvM2uHJTmVqY0mUuyYIbwZwmeA5IoqzWN-d_mtljbzQFPxZ2gzXhoLwxDw6Pn1t9SA4LNQbYiVSY20mmiikdu9QOoHNBA
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
rmr6flei9uraqig88480ihh74ltut394
pixel
cm.g.doubleclick.net/ Frame 1990
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBjRgfM-OSEa7CwHE4n8hlM&google_cver=1&google_push=Aer7DvKqeQyQuobXaD0qHB7X58hY0Mt0Pa1u80tVglUuGsswJdJafnCKCDn_ML58V5A0nDqmlYN...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZXWFlHU1EtMUYtU0lE&google_push=Aer7DvKqeQyQuobXaD0qHB7X58hY0Mt0Pa1u80tVglUuGsswJdJafnCKCDn_ML58V5A0nDqmlYN0VWoGaFIgLaJOrXOc5YrnZynH
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZXWFlHU1EtMUYtU0lE&google_push=Aer7DvKqeQyQuobXaD0qHB7X58hY0Mt0Pa1u80tVglUuGsswJdJafnCKCDn_ML58V5A0nDqmlYN0VWoGaFIgLaJOrXOc5YrnZynH
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZXWFlHU1EtMUYtU0lE&google_push=Aer7DvKqeQyQuobXaD0qHB7X58hY0Mt0Pa1u80tVglUuGsswJdJafnCKCDn_ML58V5A0nDqmlYN0VWoGaFIgLaJOrXOc5YrnZynH
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1990
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEG12K9F8UxXmiahHs-Z_Zuc&google_cver=1&google_push=Aer7DvLlOjPsjeYpk5iHTS1_XjPUaYw708Tp0B-cUtBEPnXReglCa0iBU3AKgAyCxNeeRcogHXOD6YQH_wKx...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLlOjPsjeYpk5iHTS1_XjPUaYw708Tp0B-cUtBEPnXReglCa0iBU3AKgAyCxNeeRcogHXOD6YQH_wKxxgsvTOzzAuwu5Cqm
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLlOjPsjeYpk5iHTS1_XjPUaYw708Tp0B-cUtBEPnXReglCa0iBU3AKgAyCxNeeRcogHXOD6YQH_wKxxgsvTOzzAuwu5Cqm
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLlOjPsjeYpk5iHTS1_XjPUaYw708Tp0B-cUtBEPnXReglCa0iBU3AKgAyCxNeeRcogHXOD6YQH_wKxxgsvTOzzAuwu5Cqm
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 1990
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEJ66ZBvgSwprD_Q2qhHYrVI&google_cver=1&google_push=Aer7DvIyguqpl-ErE3fjH2DePMlvsx1JpEB7L0RtMMlRBzuLgVaLcm2oD8DNN5Xg87uwCPgRNYdbiGPn_TTWKYczdujAv6...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJ66ZBvgSwprD_Q2qhHYrVI&google_cver=1&google_push=Aer7DvIyguqpl-ErE3fjH2DePMlvsx1JpEB7L0RtMMlRBzuLgVaLcm2oD8DNN5Xg87uwCPgRNYdbiGPn_TTWKYcz...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yzCd_-N-QDWwMuQf0iGn3g&google_push=Aer7DvIyguqpl-ErE3fjH2DePMlvsx1JpEB7L0RtMMlRBzuLgVaLcm2oD8DNN5Xg87uwCPgRNYdbiGPn_TTWKYc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yzCd_-N-QDWwMuQf0iGn3g&google_push=Aer7DvIyguqpl-ErE3fjH2DePMlvsx1JpEB7L0RtMMlRBzuLgVaLcm2oD8DNN5Xg87uwCPgRNYdbiGPn_TTWKYczdujAv6rmWO-XRw
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yzCd_-N-QDWwMuQf0iGn3g&google_push=Aer7DvIyguqpl-ErE3fjH2DePMlvsx1JpEB7L0RtMMlRBzuLgVaLcm2oD8DNN5Xg87uwCPgRNYdbiGPn_TTWKYczdujAv6rmWO-XRw
access-control-allow-origin
*
date
Fri, 31 Mar 2023 19:32:15 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
cc.adingo.jp/adx/push/ Frame 1990 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEAkTxjJ4Xo_WH9jgwjL9_vA&google_cver=1&google_push=Aer7DvL5cySmsLppS35XfqMPWAHo5ySXgSkQFVtRBkpNtS7Z9YK8pejONxIKoEoV4V45ukA6uiqUsIiJbtXsx24IC5FBDL8SpvuI8A
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.181.178.82 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-181-178-82.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:16 GMT
server
awselb/2.0
pixel
cm.g.doubleclick.net/ Frame 1990
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJnJKh2Nn...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJn...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c9a50498-e218-42d3-b571-71fad94e6181&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c9a50498-e218-42d3-b571-71fad94e6181&%%GOOGLE_PUSH_PAIR%%
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c9a50498-e218-42d3-b571-71fad94e6181&%%GOOGLE_PUSH_PAIR%%
date
Fri, 31 Mar 2023 19:32:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 1990 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IPkPux-6LqPGXtAL6OeslUvx3Jf8oTjErhsCNbjAhwchyrxye8Aju-Dh4_13gjSHws8KTFgQ
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame E727 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuISWMyvtR_X5X9KGMhqQRK4X7hZRQ_S6V0Uhmn6jY7d1oSujR8gjJ62EawZRuI8DZ-DkVUxwAXZE-aOXZpzkQFByJIgbR008ils_IjYybQIG38nIGGBtGXXzGH-3RtxqHiG9-AqZpg7A9p9w3O75-45aycSK1d&sai=AMfl-YS42kEVC5VSpQvo0DTT5H9oVxu8B4tywxluLE5wwZDF3bcyYGfm9_zuNT4ua8ph6_0ROJbqK8xKoCxVOBZNKxMMKTBJulpq203zQA&sig=Cg0ArKJSzMVvDh7OJxlrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=118&vt=11&dtpt=117&dett=2&cstd=0&cisv=r20230329.47921&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=394609735;ord=4vitds;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.mlive.com%2F$0;xdt=1;crlt=n(HQR-yb1A;stc=1;chaa=1;sttr=32;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 31 Mar 2023 19:32:15 GMT
YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
pagead2.googlesyndication.com/bg/ Frame 91F9 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 09:34:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
35839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14293
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 13:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Mar 2024 09:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame FCCD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOLdbVMisyMQVZrcCb2jJe0&google_push=Aer7DvKbjKxFNNdzg1cKloQLTrMTh7wIslmYd3aXCSugSS8a46-TCJsiK-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOLdbVMisyMQVZrcCb2jJe0&google_push=Aer7DvKbjKxFNNdzg1cKloQLTrMTh7wIslmYd3aXCSugSS8a46-TCJsiK-xcIzkCQ5WxRr9zEIW6G2Vg6tvGL6SYGoFtLvOdODI
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn-etou8220029-HHN
pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1680291136.756939,VS0,VE89
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOLdbVMisyMQVZrcCb2jJe0&google_push=Aer7DvKbjKxFNNdzg1cKloQLTrMTh7wIslmYd3aXCSugSS8a46-TCJsiK-xcIzkCQ5WxRr9zEIW6G2Vg6tvGL6SYGoFtLvOdODI
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame FCCD
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESED6ZWkrtyFT2u8Tg3Yh_hWY&google_cver=1&google_push=Aer7DvKBsLLY-7IAcgE8Zn7UAnX5-ov8imdKwFcqjQEXn7KRnISNdIZKyciEA2vQ29uybYyDJY1YyY9Tix8sbmh8AE4uoCf...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESED6ZWkrtyFT2u8Tg3Yh_hWY&google_cver=1&google_push=Aer7DvKBsLLY-7IAcgE8Zn7UAnX5-ov8imdKwFcqjQEXn7KRnISNdIZKyciEA2vQ29uybYyDJY1YyY9Tix8sbmh8AE4uo...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKBsLLY-7IAcgE8Zn7UAnX5-ov8imdKwFcqjQEXn7KRnISNdIZKyciEA2vQ29uybYyDJY1YyY9Tix8sbmh8AE4uoCfdTQY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKBsLLY-7IAcgE8Zn7UAnX5-ov8imdKwFcqjQEXn7KRnISNdIZKyciEA2vQ29uybYyDJY1YyY9Tix8sbmh8AE4uoCfdTQY
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKBsLLY-7IAcgE8Zn7UAnX5-ov8imdKwFcqjQEXn7KRnISNdIZKyciEA2vQ29uybYyDJY1YyY9Tix8sbmh8AE4uoCfdTQY
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame FCCD
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPcqFzbIsqjqx_SCP2sizE8&google_cver=1&google_push=Aer7DvKVGRZ_wz7j5aJCyQUwXm6p6xF-AGH43fGzbIyejm1A9XF1shxvJXP9Fju3XZGqYZlpyBPDK6ORMPFbPRZ9...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvKVGRZ_wz7j5aJCyQUwXm6p6xF-AGH43fGzbIyejm1A9XF1shxvJXP9Fju3XZGqYZlpyBPDK6ORMPFbPRZ9t3Ka_CtNyyU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvKVGRZ_wz7j5aJCyQUwXm6p6xF-AGH43fGzbIyejm1A9XF1shxvJXP9Fju3XZGqYZlpyBPDK6ORMPFbPRZ9t3Ka_CtNyyU
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 31 Mar 2023 19:32:15 GMT
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aer7DvKVGRZ_wz7j5aJCyQUwXm6p6xF-AGH43fGzbIyejm1A9XF1shxvJXP9Fju3XZGqYZlpyBPDK6ORMPFbPRZ9t3Ka_CtNyyU
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
B0WCB-BbqRI4JfXwDQdFjzDqs0yGYBp9m43J1Zj1bJD0V9vaq1zQIw==
pixel
cm.g.doubleclick.net/ Frame FCCD
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEJ66ZBvgSwprD_Q2qhHYrVI&google_cver=1&google_push=Aer7DvJLZuz_jRzFCUx0uATYcTGtvmlQo6RudN_6hMiBy69vIBq1KCGRNuOJ4YUQMXKJtMLQZTANajWtPKRiIsmkCSqHYg...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJ66ZBvgSwprD_Q2qhHYrVI&google_cver=1&google_push=Aer7DvJLZuz_jRzFCUx0uATYcTGtvmlQo6RudN_6hMiBy69vIBq1KCGRNuOJ4YUQMXKJtMLQZTANajWtPKRiIsmk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yzCd_-N-QDWwMuQf0iGn3g&google_push=Aer7DvJLZuz_jRzFCUx0uATYcTGtvmlQo6RudN_6hMiBy69vIBq1KCGRNuOJ4YUQMXKJtMLQZTANajWtPKRiIsm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yzCd_-N-QDWwMuQf0iGn3g&google_push=Aer7DvJLZuz_jRzFCUx0uATYcTGtvmlQo6RudN_6hMiBy69vIBq1KCGRNuOJ4YUQMXKJtMLQZTANajWtPKRiIsmkCSqHYg035E8
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=yzCd_-N-QDWwMuQf0iGn3g&google_push=Aer7DvJLZuz_jRzFCUx0uATYcTGtvmlQo6RudN_6hMiBy69vIBq1KCGRNuOJ4YUQMXKJtMLQZTANajWtPKRiIsmkCSqHYg035E8
access-control-allow-origin
*
date
Fri, 31 Mar 2023 19:32:15 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame FCCD
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESECu6TjoNX8uWTGwUAxi8Z1Q&google_cver=1&google_push=Aer7DvLFgtcUO4qGuVKtRoNsS1qVtZNx1OBauzxFLXPmyeS6fEtTIWba3nRkSm7jtMe4LbqOuypPH_Ulm1lSl1_N4vQfIrLwy-Q
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIzMjkyNzM1MDczMzI2MTAwMFYxMA%3d%3d&mn_hm=MzIzMjkyNzM1MDczMzI2MTAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvLFgtcUO4qGuVKtRoNsS1qVtZN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIzMjkyNzM1MDczMzI2MTAwMFYxMA%3d%3d&mn_hm=MzIzMjkyNzM1MDczMzI2MTAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvLFgtcUO4qGuVKtRoNsS1qVtZNx1OBauzxFLXPmyeS6fEtTIWba3nRkSm7jtMe4LbqOuypPH_Ulm1lSl1_N4vQfIrLwy-Q&gdpr=&gdpr_consent=
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIzMjkyNzM1MDczMzI2MTAwMFYxMA%3d%3d&mn_hm=MzIzMjkyNzM1MDczMzI2MTAwMFYxMA%3d%3d&google_sc=1&google_push=Aer7DvLFgtcUO4qGuVKtRoNsS1qVtZNx1OBauzxFLXPmyeS6fEtTIWba3nRkSm7jtMe4LbqOuypPH_Ulm1lSl1_N4vQfIrLwy-Q&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Fri, 31 Mar 2023 19:32:15 GMT
0.gif
id5-sync.com/i/495/ Frame FCCD
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESELCKbS7Eb2K_1ah5LE-yyKw&google_cver=1&google_push=Aer7DvL0JOoyrvn2Cp0MhItIOVcs5nVvFfnfx_ebHqZF1ipBoLLwmEURaoHPxuprED1G8sfh-I7orAL_LJOnZJu-ZOoRftf8TjhS
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAer7DvL0JOoyrvn2Cp0MhItIOVcs5nVvFfnfx_ebHqZF1ipB...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAer7DvL0JOoyrvn2Cp0MhItIOVcs5nVvFfnfx_ebHqZF1ipBoLLwmEURaoHPxuprED1G8sfh-I7orAL_LJOnZJu-ZOoRftf8TjhS
Protocol
HTTP/1.1
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 31 Mar 2023 19:32:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Fri, 31 Mar 2023 19:32:15 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAer7DvL0JOoyrvn2Cp0MhItIOVcs5nVvFfnfx_ebHqZF1ipBoLLwmEURaoHPxuprED1G8sfh-I7orAL_LJOnZJu-ZOoRftf8TjhS
x-download-options
noopen
vary
Accept
content-length
271
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame FCCD
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJnJKh2Nn...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJn...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c9a50498-e218-42d3-b571-71fad94e6181&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c9a50498-e218-42d3-b571-71fad94e6181&%%GOOGLE_PUSH_PAIR%%
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c9a50498-e218-42d3-b571-71fad94e6181&%%GOOGLE_PUSH_PAIR%%
date
Fri, 31 Mar 2023 19:32:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame FCCD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LRgTmjDlANOHUSn5gumA1BMKo0H3_xGc_vFny3x1T9tZXRNiTXv54iBvU_eNa1JyHsXEC6jw4
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 1613
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAEjsdgEJsXApRtq3Mo9hho&google_cver=1&google_push=Aer7DvJGIaJghXroY8jJ62yPqeSoH5QtczTFlAsGOVLsoGTfKeiisJeJ9M7Zt7GOYw5AUq72vlSYQSUoHnklMXLu...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJGIaJghXroY8jJ62yPqeSoH5QtczTFlAsGOVLsoGTfKeiisJeJ9M7Zt7GOYw5AUq72vlSYQSUoHnklMXLuyGA_jHAJvDs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJGIaJghXroY8jJ62yPqeSoH5QtczTFlAsGOVLsoGTfKeiisJeJ9M7Zt7GOYw5AUq72vlSYQSUoHnklMXLuyGA_jHAJvDs
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 31 Mar 2023 19:32:16 GMT
Server
MT3 711 dd187f8 master cdg-pixel-x13 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJGIaJghXroY8jJ62yPqeSoH5QtczTFlAsGOVLsoGTfKeiisJeJ9M7Zt7GOYw5AUq72vlSYQSUoHnklMXLuyGA_jHAJvDs
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 31 Mar 2023 19:32:15 GMT
pixel
cm.g.doubleclick.net/ Frame 1613
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOLdbVMisyMQVZrcCb2jJe0&google_push=Aer7DvKfszyCNgTUVe_nplBf-4cIsQ4y4kdxpI9K7ij94VEIH0OfzFQZ1Q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOLdbVMisyMQVZrcCb2jJe0&google_push=Aer7DvKfszyCNgTUVe_nplBf-4cIsQ4y4kdxpI9K7ij94VEIH0OfzFQZ1Qqu8Hsn2sm2_HBVhCyZ_CWG1j83psuuBxVSAgp39OzU
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn-etou8220029-HHN
pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1680291136.756934,VS0,VE93
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOLdbVMisyMQVZrcCb2jJe0&google_push=Aer7DvKfszyCNgTUVe_nplBf-4cIsQ4y4kdxpI9K7ij94VEIH0OfzFQZ1Qqu8Hsn2sm2_HBVhCyZ_CWG1j83psuuBxVSAgp39OzU
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 1613
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEF28ZJhuCOUAPJYYE-7F7QM&google_cver=1&google_push=Aer7DvKIMbVUSZF7RlrqRT1mq6qOJawYmD78M9Qyv4_j679u7dNTfMmZCK-vX975RGT2iG3BunAMw8RORMvPYAjV...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ybipIPh1Rm-JBD56Ja3ZmA2&google_push=Aer7DvKIMbVUSZF7RlrqRT1mq6qOJawYmD78M9Qyv4_j679u7dNTfMmZCK-vX975RGT2iG3BunAMw8RORMvPYAjVxkN2HKM9MiM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ybipIPh1Rm-JBD56Ja3ZmA2&google_push=Aer7DvKIMbVUSZF7RlrqRT1mq6qOJawYmD78M9Qyv4_j679u7dNTfMmZCK-vX975RGT2iG3BunAMw8RORMvPYAjVxkN2HKM9MiM
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 31 Mar 2023 19:32:15 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ybipIPh1Rm-JBD56Ja3ZmA2&google_push=Aer7DvKIMbVUSZF7RlrqRT1mq6qOJawYmD78M9Qyv4_j679u7dNTfMmZCK-vX975RGT2iG3BunAMw8RORMvPYAjVxkN2HKM9MiM
x-host
tde-deliveryengine-production-86c874c4d8-jcpw6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1613
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE-Y2rArYriEzmzvb9Tj74Y&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE-Y2rArYriEzmzvb9Tj74Y&google_hm=ZCc1P6clTk8FAfVMrMP3WQAAFBAAAAIB&google_nid=index&google_push=Aer7DvJSXeh1V9lcLr3h35tWFQaPC6rxWTUt4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE-Y2rArYriEzmzvb9Tj74Y&google_hm=ZCc1P6clTk8FAfVMrMP3WQAAFBAAAAIB&google_nid=index&google_push=Aer7DvJSXeh1V9lcLr3h35tWFQaPC6rxWTUt4c-J1U3L1BYW9KeidWDJygrteWxcXyHeyDkYrYfkp-x39K7dfPSikwZYKAuKlRY
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE-Y2rArYriEzmzvb9Tj74Y&google_hm=ZCc1P6clTk8FAfVMrMP3WQAAFBAAAAIB&google_nid=index&google_push=Aer7DvJSXeh1V9lcLr3h35tWFQaPC6rxWTUt4c-J1U3L1BYW9KeidWDJygrteWxcXyHeyDkYrYfkp-x39K7dfPSikwZYKAuKlRY
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1613
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELZDpqXFQuslo3zbJKFT9iE&google_cver=1&google_push=Aer7DvKXynR2CEQT1CyfMLKyYRWZsYxokctot26KTUXliUJkVIMEkOHNTYbUKLybg3QG2THvUXGOpoLOpFnP3zWZg...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELZDpqXFQuslo3zbJKFT9iE&google_cver=1&google_push=Aer7DvKXynR2CEQT1CyfMLKyYRWZsYxokctot26KTUXliUJkVIMEkOHNTYbUKLybg3QG2THvUXGOpoLOpFnP3zWZg...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aer7DvKXynR2CEQT1CyfMLKyYRWZsYxokctot26KTUXliUJkVIMEkOHNTYbUKLybg3QG2THvUXGOpoLOpFnP3zWZglEqXuUBy04u&google_hm=GZ20pGZHIgQSOMOVThiBFM9W
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aer7DvKXynR2CEQT1CyfMLKyYRWZsYxokctot26KTUXliUJkVIMEkOHNTYbUKLybg3QG2THvUXGOpoLOpFnP3zWZglEqXuUBy04u&google_hm=GZ20pGZHIgQSOMOVThiBFM9W
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 31 Mar 2023 19:32:15 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aer7DvKXynR2CEQT1CyfMLKyYRWZsYxokctot26KTUXliUJkVIMEkOHNTYbUKLybg3QG2THvUXGOpoLOpFnP3zWZglEqXuUBy04u&google_hm=GZ20pGZHIgQSOMOVThiBFM9W
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1613
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAAotsl8ZhhNGUEZGE9IkqI&google_cver=1&google_push=Aer7DvLz2-NeoPpSPWnt7lG7pOnkRNnR3BD57m_JC3vursWE5E_QjoP4QOr9WxPVJx21Vz2DovoEg4X_4kadkRdCuQPunEt6gzQY
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aer7DvLz2-NeoPpSPWnt7lG7pOnkRNnR3BD57m_JC3vursWE5E_QjoP4QOr9WxPVJx21Vz2DovoEg4X_4kadkRdCuQPunEt6gzQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODYxNzU2NzY0ODY1OTE0ODU1ODY2&google_push=Aer7DvLz2-NeoPpSPWnt7lG7pOnkRNnR3BD57m_JC3vursWE5E_QjoP4QOr9WxPV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODYxNzU2NzY0ODY1OTE0ODU1ODY2&google_push=Aer7DvLz2-NeoPpSPWnt7lG7pOnkRNnR3BD57m_JC3vursWE5E_QjoP4QOr9WxPVJx21Vz2DovoEg4X_4kadkRdCuQPunEt6gzQY
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODYxNzU2NzY0ODY1OTE0ODU1ODY2&google_push=Aer7DvLz2-NeoPpSPWnt7lG7pOnkRNnR3BD57m_JC3vursWE5E_QjoP4QOr9WxPVJx21Vz2DovoEg4X_4kadkRdCuQPunEt6gzQY
date
Fri, 31 Mar 2023 19:32:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 1613
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJnJKh2Nn...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJn...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c9a50498-e218-42d3-b571-71fad94e6181&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c9a50498-e218-42d3-b571-71fad94e6181&%%GOOGLE_PUSH_PAIR%%
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c9a50498-e218-42d3-b571-71fad94e6181&%%GOOGLE_PUSH_PAIR%%
date
Fri, 31 Mar 2023 19:32:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 1613 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kgs-y_0LZ9O15VG9qi7TarKpStD-bRyi9RTvwHSuZKfM7jcBZ0vAbnZTpxkO0AJ5_oGBj3ZA
Requested by
Host: 309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
URL: https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
pagead2.googlesyndication.com/bg/ Frame B0CD 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 09:34:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
35839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14293
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 13:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Mar 2024 09:34:56 GMT
YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
pagead2.googlesyndication.com/bg/ Frame A432 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 09:34:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
35839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14293
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 13:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Mar 2024 09:34:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 91F9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3n8IPzUnZJKBGa2l9u8PtNSD2AoAAAAAOAHgBAI&bg=!7u2l7bnNAAbEgrg45II7ADkAdvg8Wo-VJ7qstDVtOlWGqajCYO3TSW_Vjku5w1HEQQgr-zvMOLvoYObAUoc8IOddvElkmBBP204CAAAAe1IAAAACaAEHCgBuSHuWfrksxsNdU95Ydm3bOO4zB1Pog3mNQ1dKgLlcloYv-AiSfj_DD1iD9raGPM0-ZpdeTc-LG7LLwKyd_dj7qNHnIxatQwg8mjd9wvXBQ3P8wgCF7e1o73YgQ0HQP4m6gE2WmeMywxiy0NNVCPCZAvTc307ukpq4_KuDT9vT6K6adFf8XuS1ajbNuOfaG9DGxyl1wmQtzpxe-7a4hpVpeACtP8ezNwSq3arZ0NYHUQB2ZN6LIFxyR0-ylrbn-K7ic75hesNVYWpi-GlvW7Vue01fzisXQbLKnR5eJzpCgABiLeudTms-jCAC93oUKQpqZfly2iVuTC6NWaV9A8B_L90So-mM470tsH4V5NKfR-ZC31yelIlsREEU7K0uzR20BCVVIHUAGRGdqWzFjY1RsxF78kWifMmxaOW5TeKXfKT0RsVk4XB_Gv7KNR991ZNV8qfai06qD5Hz2-Vh4ak6dMT_fPcDFcVN9fk8xshs7T1RycUok8RiIqqLRWxzi3UF58iC5FLR1-aa0GpfzBuL5I70iJulFq4wVju6TVon6VCUrSgwV7n_f1aUPzKu-Rugqj_trx_xCd7D8zjFZXihjJpj2nADTTWf6Lbn5xtqCz3hUrqtwSeo_arxpYb4bin0zSRI36VT2h2_vA_SCM5Cxm4r29MUqfhdApZl2hZI-3R3xygFQXXhP4ENBAwuqLhE1bSV7u6bCnI91eU3rl0bqWIs32fVlP5uu11HF3nQUDIfTJGFrnyVPFWEgGETp2aQFnWrC463QcmiHQo-6oS4aoTVa-6cyaLWj29PDYU2VN6ocpPI7MhYNRsWCgsQG8gzB0Di1iXL4FiRSBQKNHX7nVDpjZE7McYuWTsogfGETNS7DKLFbjhVKR2o1LfyOuVD7SngL8JwYn-pf5UGlFw4u_IbzfnfLTOecWAnEAh54r1iiGngQXv1wiSPbevn1aMChYeF9JCKkFm29Q3CXupxsNeigL_XN5ZvAVmTZDV9eadR9xCJ1-gpdlVX0ZNoz7hsnXYXa3GQjitGuw7ZFdtxDdq3nzpx3ztH22T6hiO0r4SigbBW1rTrD01HdSV-z1gMG0B0XIuB7RuHne48Ka08TDHk8iYQ2BdjRCMQaVBWM7y64eA83vaCHqHoygnkGNb0olXvH4g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A432 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNo5ZPzUnZJH5GLS59u8PtfqPkAUAAAAAOAHgBAI&bg=!FhWlFUHNAAbEgrg45II7ADkAdvg8WlKIo_n9jagYZ_qHOUOROChJ5RtAgG8wYQoiQGJhLiiZPmgNZtaXLJANqKpR5d0mFC44E4YCAAAAe1IAAAACaAEHmQL4-cDocm0HUtmv0LMmlk3-99pWlSdzM98kcqt1sjAbqMOpRoW32UOP0YZv_ZbwkT9pkZ42ByuuYWsRpVRAz2TrOrw6EsSEZHgqfR_C58Oh_d6B98ujp16mzvhG69MVBEYUjrGeJQoSCnSZXK9B518UYJG9-9D-nHYkIuz38D-QPxsZBkjczU3LWmnssSyDfDpV486AjL4p7LR8Xk6pzWVl6i5Al77YIryIg3ypqpX372NZnD3ESuCv9sfuqFq-SaSgMV2xTiKvlfA3j2854B7K1WBP1iLgIguRad1TWHZf2gd9DX6xPXEN-sq_MUPVXvsrEo9KrLkdREZuhnhotsr-_zCJc2X3QUbyp4pXVNpnl61s-XKp-40PpLSUSqSMs8buyZnLKMpH7dZZ0RJ0BawSidEB8golYrfRazDi43rXfnAS664Q_rFLZ4ei-cfwGDlieXyhbypqDiV-Qtae47g2Xp8EnacXtHjppgAV7qgEXN8SVnJqbdwXkUmRM6OPAl57kpSGsbEZ79RzxKDpu7vmbKGeCld179AH68yru2tfFErElWflaiFgSKTW8zi_Z5yztSV03aL-ZQqNtclRk962Cl_oznzFii8n1dX8Ujhf0I1B_-JRI0R8Dpc_XbHSUUfVR4afDfn-VmxBtLSLBc567c5hbE_RBVsbTuBbhiLy-E_hoxIJqRzRg0sCiJumURN9bp6T7C_qYwKg3JJdJvw46_uhonMFo-nCzxeY05XKWt-zrnzrcSZSXCaFbG5zF32TwvUb9itOjMGnIoLvjTzefzn9ZjBDc0vP4fURiM1q6-lJC-kVReT106nGqFw8TtUdfJo-4h7gQWMNOmhdSez-VXu8W-jLIBSsJ4Zoh6yVr7dauPE7zjinjohJy8DsdfQRF6rOPAMnEWnuj5rurdh8bmU0waDnm_YkRXGvGEYkyABhjbUUIAXOKbv80vEKESVOrVY8HoQuvdO6tqvyRAT87egEijTMB2LcLR6C2dFj2L41N6e9GWydMg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B0CD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bz7WAPzUnZKb-GJmV9u8Pr9GR8AQAAAAAOAHgBAI&bg=!l5SllMDNAAbEgrg45II7ADkAdvg8WrmnmjpBtm8Dwk7NvkynSPkkHRXodYQp_Rw-TIpO0NYwNFWQ6bo5gqJnKaI5_W5MOooApbACAAAAklIAAAACaAEHmQLsTZqEBkmp2V4IfBM9YyYok4a8XYKTIjyRebPlvYImCqcKq6L1-xcpdQ-by8WGKLU3vaB-xfnGWlzhB2srKWrR8Lig8J0ULKgRQAJvB72-w0E9fwt4mbhhlJTskc7BlbpSNpcKkw9WpsvvV1Y7S8mc4cmSgxlLZxfKoDfQB6fKgZqG9agE6WpnASyRSxLF8VWGSzrL5xzpH9F6kANPlcOsStqQDSJGVayq3ODpAuJbG2BSyDwpODhVHCUukT7z2L86oCtj-d_zfgpo2Jra2qGpv9lvkE_LlzTNeilESmm1pGaxYOVsTH1nXGhDF-B1GihM9zBLhNkqKx6CylNpOnvBBWosPw50lrxDZCoHHyZmAZ5eAU6zPvIWnp4KvutZPXDlgPqf0ywqQnmGgoO_Sk_yUsS4k8kK65-_uxmDf8yTujIJTtqnYLfhoYV736FGp5EWsHab8pTrKNgwY0rJmIRsmPQENs45W-pI88LrADbJ0vv2I7b12cRsmgMbP1OW9o4vyObemA5IZAU2EZn9XHsjS62Z1GZYz5PD65nIk-OlAutPGvTAJEb07NGxyqmyCebwSflhywBrlH2iPzhLaADfdKa0tR_NyHRc6AAW49x_38bdFyUIQYJLnYhiFIfN523nWeyM_KwDmPsbedKbZUrZswCOs-keXBtnBpAM2l3wwiixzCpOE5rXh40Yy76rgZgN4TxwKSb7Wg58xqNjZg9fEaZNsSIkEhptlY3lmyjDw3VZ2gm4qSTRL0j49GyDpQf1pDoePmPUD7uevTWXJF8xBZxkUvlPz1ZuSKXz_jFa1Wc1oIKE-1j1T4QJ6GdEYyJX5kUN-SGhid_ey_NXxML1xlrt12y3MAd-LRkTr13ot_YVP2267s-D_lJQ_dNLRt5w2Fxy5RFZayPPonawlkOu36lYFnhA7n46s7jsBwpzKu9Buq4dq5agdkl52mZ51welhDtK5_7ib8FXuPE3MuaJ7Nw-n9mqp0aseaw6vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
115
check.analytics.rlcdn.com/check/ 		25 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-56.fra50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Mar 2023 19:32:16 GMT
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amzn-trace-id
Root=1-64273540-77d1395c214ec071527995aa
x-amzn-requestid
bf6f7549-88d9-4caf-b3cf-567115c71e90
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
CqVCIEEmDoEF1-A=
content-length
25
x-amz-cf-id
FaVzE-A2rnTdOoq0gGMPpMLo_LuXJj4NL5A5-sE-kHF7SasOW6T4dQ==
activeview
pagead2.googlesyndication.com/pcs/ Frame E312 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSBln3sdHYumDTJ82tWAjlrEsK_plKFH1PUQL3DKlKkNesQoEndkJ6OWb_Flho5_r4BD_HkrCc6qs_hQEGVAsB4ZUrYFoDrdrdtkBYao3-sqGn9PCmlyG3MxCy&sai=AMfl-YRMQ49Iuu4heUzGjcqVSu-CMflRBusUj7wxuVxbD-Lch2kiWWgcuNuftsO9rWmBjDO-b3KUYu7GQIub-K-KFWe5o4SJGQqLawGL6pHT4ecpPQh7eGXZa3-EPtU&sig=Cg0ArKJSzAYUChjOLDfQEAE&cid=CAQSOwDUE5ymiSHrEWHzpE-9nV5GdJsTM56f_aXk6hTp0Vg28QEEl_72My3j2glbYz1k6V5jNQ2W5OW-y86-GAE&id=lidar2&mcvt=1000&p=895,1135,1149,1435&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=3501067380&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680291134854&rpt=686&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E312 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstn9pcAiJ0iPUbenC5TbdppQLDHy5X2t1LVQmPAxFm4wI-3nzx03-tb14PFhfgEJZTsm5lVc4k2Bl5fc9RV-J78nGOSDOqz&sig=Cg0ArKJSzFXvst-VVPMTEAE&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=3594248786&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680291134854&rpt=690&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E312 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7472878079705&version=m202301230201&ct=77&x=1&cor=17768528975492364000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CD8A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKHhqQO-QlWY0I_WR5ulX8up97g70UnLT3p9qwn6FIxRYQPP_WNc8_VcfWMRBCwM0DTu5KU-HpScglSovZqVCs7SYH65cO&sig=Cg0ArKJSzINPm7zu54PVEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=2658142093&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680291134849&rpt=784&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E727 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFt6Er9vZZ31g6TtmwVUxFEdQn_eRZbEDewKdqXIe1gj1BS2k0MSNYFqnofx5FItpgQijDebkZ5JYjmOoEFg-0z5l4p0xzQAs0WPqAajkBVo8dY-xcajJDOqC-&sai=AMfl-YSXSk3F6vfO19aTclAlZgljXpX5GV1-E9XeBmRO5osdK1pLrfC5vK1gtJIEntvAKdIWa5V6R9T_ERjMSByp7umoEwSm1NKholEKiYEwEco-LTFEKwB99WYw4X4&sig=Cg0ArKJSzAAuRjNDy-A4EAE&cid=CAQSOwDUE5ymiSHrEWHzpE-9nV5GdJsTM56f_aXk6hTp0Vg28QEEl_72My3j2glbYz1k6V5jNQ2W5OW-y86-GAE&id=lidar2&mcvt=1002&p=155,1135,409,1435&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=1117919376&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680291134837&rpt=817&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CD8A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuuExRDejs4wrVpS_C9hEAxq_Wdn7-LvnRpzBOwwg3gyF3RF3uDKT8JVRHomMgRhtO-QXTkBG94Uh2iQbJHC_C2c2Ha_qxFiTMyie4KOq3EIveXEL2TlG43hs_2&sai=AMfl-YThfTNGUfP9G0sf-QEE1P-lfmQGy1gihSFjmOyOmI5U9oLfTsEmfEIDplObk-Ce_8vocm3guWSmQfwCbIVhl1LeV1yNtw2LJbGKIiJws025t7JD6sirkUcOOaA&sig=Cg0ArKJSzNm7JyGRfyG1EAE&cid=CAQSOwDUE5ymiSHrEWHzpE-9nV5GdJsTM56f_aXk6hTp0Vg28QEEl_72My3j2glbYz1k6V5jNQ2W5OW-y86-GAE&id=lidar2&mcvt=1005&p=867,165,1121,465&mtos=0,1005,1005,1005,1005&tos=0,1005,0,0,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=1117919391&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680291134849&rpt=782&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E727 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbRktQtaWeTQ4IoO0IFPqyVh4EVC9rqguzVp90pSUhzsTv2dhmtRI8Bxy2qWWac-duuoBQYGmTK_WgsK5kMMgN6wLCnx5p&sig=Cg0ArKJSzKJmCA_zn2ZzEAE&id=lidar2&mcvt=1006&p=0,0,250,300&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=394609735&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680291134837&rpt=819&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CD8A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2843318417040&version=m202301230201&ct=77&x=1&cor=12602446092971920000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E727 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9245718476231&version=m202301230201&ct=77&x=1&cor=9663790554388611000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		78 B
281 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=8Gu2Z8RCvZ&tbc=%7Bkpex%7D5YYWiFllrVL0pB-t_7NTEE_qV7nHXMt6AcUnkTbFIUKeHqX2PJilglda91ubTy3t&user_provider=piano_id_lite&user_token=&callApiJsonp=true&callback=jsonp1403
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e38deddf8e0fa59cd081c8cc397ac99faf5435a4ab3442b4dd789a6ce0ec726
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:17 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-dash-10-0-92-28
server
cloudflare
content-type
application/javascript
server-time
0.011
p3p
CP="NON DSP COR OUR IND"
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
cf-ray
7b0b047b28589b82-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
MtxgesrOgYg
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 31 Mar 2023 18:05:12 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5225
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 31 Mar 2023 20:05:12 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=516466839&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=experienceExecute&el=Experience%20execute&_u=6DDAAEABAAQCACgFK~&jid=2008366656&gjid=1120450040&cid=1631561048.1680291133&tid=UA-16643585-16&_gid=1801030995.1680291133&_r=1&z=706743860
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-16643585-16&cid=1631561048.1680291133&jid=2008366656&gjid=1120450040&_gid=1801030995.1680291133&_u=6DDAAEABAAQCACgFK~&z=833711369
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 31 Mar 2023 19:32:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=45je33t0&_p=516466839&cid=1631561048.1680291133&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dp=%2F&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1680291132&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&en=blueconic&ep.headline=undefined&ep.author=undefined&ep.entry_id=undefined&ep.page_type=homepage&ep.product=homepage-beta&ep.platform=desktop&ep.user_subscription_status=undefined&ep.ab_test_group_user=undefined&ep.search_term=undefined&ep.targeting_codes=undefined&ep.targeting_codes2=undefined&ep.targeting_codes3=undefined&ep.targeting_codes4=undefined&ep.targeting_codes5=undefined&ep.targeting_codes6=undefined&ep.entry_tags=undefined&ep.referring_subdomain=undefined&ep.browser_cookie_region=undefined&epn.monthly_visit_number=1&ep.content_region=undefined&ep.content_topics=undefined&ep.blog_category=undefined&ep.section=Home%20Page&ep.article_date_original=undefined&ep.article_date_updated=undefined&ep.entity_type=undefined&ep.entity_value=undefined&ep.auxiliaries=undefined&ep.gigya_user_id=undefined&ep.usprivacy_cookie=undefined&ep.userid_flag=false&ep.ga_bc_1=a0002%2Ca0022&ep.ga_bc_2=undefined&ep.ga_bc_3=undefined&ep.ga_bc_4=undefined&ep.ga_bc_5=undefined&ep.clavis_interest_topics=undefined&ep.site_cdp_segments=undefined&ep.bc_visit_number=1&ep.behavioral_momentum=undefined&ep.frequency=undefined&ep.recency=undefined&ep.intensity=undefined&_et=1346
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk3MH%3Cy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-teFyB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-rRcdWwIJVy50og%3D%3D&sc=1&os=1-iA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=FBM%3DV%3Ch%3B7R&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=12925&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=12925&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1680291133030&de=106378168487&rx=680545404177&cu=1680291133030&m=6239&ar=03b6d3f0bdc-clean&iw=21030cf&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A748%3A748%3A2474%3A758&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5077&cd=0&ah=5077&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=202622&na=1217201323&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:19 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 31 Mar 2023 19:32:19 GMT
envelope
lexicon.33across.com/v1/ 		49 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000001PAW0LAAX&gdpr=0&src=pbjs&ver=7.40.0&us_privacy=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Mar 2023 19:32:19 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
prebid
id5-sync.com/api/config/ 		135 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 31 Mar 2023 19:32:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		43 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?us_privacy=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.146.140 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:19 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.20.162
access-control-allow-credentials
true
content-length
43
expires
0
envelope
api.rlcdn.com/api/identity/ 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 31 Mar 2023 19:32:19 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1922 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=68751
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 31 Mar 2023 19:32:19 GMT
expires
Sat, 01 Apr 2023 14:38:10 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 0E3C 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3c36b4b61d183714e07576c90d2cbcedc56bc8892ec2c31a80a2f3d5660abc0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7832
content-type
text/html; charset=UTF-8
date
Fri, 31 Mar 2023 19:32:19 GMT
expires
Sun, 02 Apr 2023 19:32:19 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 2385 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.125.209 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 31 Mar 2023 19:32:19 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame D62E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
572
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7b0b048508ef9106-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 31 Mar 2023 19:32:19 GMT
expires
Fri, 31 Mar 2023 23:32:19 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
01388e8464664825eb834a4e61389e9e7b3b78849dceb63b3086b0c2c7cbbc4b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 31 Mar 2023 19:32:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
392.json
id5-sync.com/g/v2/ 		216 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/392.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
bf9ff90c49df61054f632b51e1a6f37cedef3638a48ffd1075d96cef3c207a2a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 31 Mar 2023 19:32:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 1922 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62632912&p=159879&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
78021fdec6eef8c4919af5c20a4e88a8d618b8dfeb4fc8e44348d05e14aa9658

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 31 Mar 2023 19:32:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame 117C 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
4f5b3a745dca93df7e2554aa02c1ff6f118ccfd42d4ba941c9f0ae7af8e59284

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1740
Content-Type
text/html
Date
Fri, 31 Mar 2023 19:32:19 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
log
c21lg-d.media.net/ Frame 0E3C 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3232927350733261000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:19 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 31 Mar 2023 19:32:19 GMT
casale
match.adsrvr.org/track/cmf/ Frame 117C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 31 Mar 2023 19:32:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 117C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZCc1P6clTk8FAfVMrMP3WQAAFBAAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZCc1P6clTk8FAfVMrMP3WQAAFBAAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZCc1P6clTk8FAfVMrMP3WQAAFBAAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.143.56 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
54Q1GN1P0HMY7ZWQF5TT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JRNWXPE97QDDY9GKWYFN
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZCc1P6clTk8FAfVMrMP3WQAAFBAAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 117C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZCc1P6clTk8FAfVMrMP3WQAAFBAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE-Y2rArYriEzmzvb9Tj74Y&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE-Y2rArYriEzmzvb9Tj74Y&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE-Y2rArYriEzmzvb9Tj74Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZCc1P6clTk8FAfVMrMP3WQAAFBAAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 117C 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZCc1P6clTk8FAfVMrMP3WQAAFBAAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:229b:4d01:195a:9865 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
bridge
cm.adgrx.com/ Frame 117C 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:19 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
tp_out
d.adroll.com/cm/index/ Frame 117C 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:6a35:1367:c4a4:921c -, , ASN (),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:19 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
rum
r.casalemedia.com/ Frame 117C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=8872da70-8dae-4c43-83c5-f288d7b50a5d-64273543-5858&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=8872da70-8dae-4c43-83c5-f288d7b50a5d-64273543-5858&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=8872da70-8dae-4c43-83c5-f288d7b50a5d-64273543-5858&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8872da70-8dae-4c43-83c5-f288d7b50a5d-64273543-5858&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8872da70-8dae-4c43-83c5-f288d7b50a5d-64273543-5858&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Fri, 31 Mar 2023 19:32:19 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8872da70-8dae-4c43-83c5-f288d7b50a5d-64273543-5858&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 117C
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Fri, 31 Mar 2023 19:32:19 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 117C 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZCc1P6clTk8FAfVMrMP3WQAA%265136
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:19 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
9817
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7b0b0485cfb63644-FRA
content-length
43
expires
Sat, 01 Apr 2023 19:32:19 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 6AC9
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8425551230365208022
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8425551230365208022
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 31 Mar 2023 19:32:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8425551230365208022
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame E5BC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:72ec6427-3540-4b00-b665-9a3e9ed4e84a&gdpr=0&gdpr_consent=
42 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:72ec6427-3540-4b00-b665-9a3e9ed4e84a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 31 Mar 2023 19:32:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 31 Mar 2023 19:32:19 GMT
Expires
Fri, 31 Mar 2023 19:32:18 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 711 dd187f8 master cdg-pixel-x29 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:72ec6427-3540-4b00-b665-9a3e9ed4e84a&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 752F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 31 Mar 2023 19:32:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 31 Mar 2023 19:32:18 GMT
expires
Fri, 31 Mar 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1018716
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 12F2
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=QCg0aUUpMm1bKz5pQnkrPRV9NWpbfzdmFXpYcvyE
42 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=QCg0aUUpMm1bKz5pQnkrPRV9NWpbfzdmFXpYcvyE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 31 Mar 2023 19:32:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 31 Mar 2023 19:32:19 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=QCg0aUUpMm1bKz5pQnkrPRV9NWpbfzdmFXpYcvyE
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8329
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FEEAC148-E995-4A2A-BB9D-0D81B404E658&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FEEAC148-E995-4A2A-BB9D-0D81B404E658&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FEEAC148-E995-4A2A-BB9D-0D81B404E658&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 31 Mar 2023 19:32:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
CHG9R38BNZ3QYJ9G43EM

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 31 Mar 2023 19:32:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=FEEAC148-E995-4A2A-BB9D-0D81B404E658&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Y2MDQKZ7E9V4PG517A3S
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1922
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_urBSOmVSiq7nQ2BtATmWA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:19 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=68751
accept-ranges
bytes
content-length
5554
expires
Sat, 01 Apr 2023 14:38:10 GMT

Redirect headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 1922 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FEEAC148-E995-4A2A-BB9D-0D81B404E658&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.146.140 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:19 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.5.133
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 1922
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=509713529
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=FEEAC148-E995-4A2A-BB9D-0D81B404E658
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=FEEAC148-E995-4A2A-BB9D-0D81B404E658
Protocol
H2
Server
34.111.131.239 -, , ASN (),
Reverse DNS
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:19 GMT
via
1.1 google
last-modified
Fri, 31 Mar 2023 19:32:19 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=FEEAC148-E995-4A2A-BB9D-0D81B404E658
date
Fri, 31 Mar 2023 19:32:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 1922
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=FEEAC148-E995-4A2A-BB9D-0D81B404E658
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZmxsTi1QZkJPZ2hSQWkzOEtsRXdlTThXUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=4814412896771865485&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
34.204.165.144 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 19:32:20 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 31 Mar 2023 19:32:20 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 1922
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkVFQUMxNDgtRTk5NS00QTJBLUJCOUQtMEQ4MUI0MDRFNjU4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 31 Mar 2023 19:32:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1922
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM3uKYxCWfH8ld5p2sO3-uY&google_cver=1
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM3uKYxCWfH8ld5p2sO3-uY&google_cver=1
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 31 Mar 2023 19:32:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM3uKYxCWfH8ld5p2sO3-uY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 1922 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:19 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 30 Mar 2023 19:32:19 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1922
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4814412896771865485
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4814412896771865485
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 31 Mar 2023 19:32:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4814412896771865485
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 1922 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 31 Mar 2023 19:32:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.js
eus.rubiconproject.com/ Frame 2385 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.126.125.209 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6c40037c574da60e05d7d7a83254118530693111566e04f6db7dbaade431b871

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 31 Mar 2023 19:32:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Mar 2023 10:06:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52328
Connection
keep-alive
Content-Length
10015
Expires
Sat, 01 Apr 2023 10:04:27 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2385
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8rpeE59ESLalW0TAL-szMQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8rpeE59ESLalW0TAL-szMQ
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8rpeE59ESLalW0TAL-szMQ
Protocol
HTTP/1.1
Server
52.95.122.74 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CMPPF2Q7E6M9WG9X6JCB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8rpeE59ESLalW0TAL-szMQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 2385
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFWXYGSQ-1F-SID&us_privacy=1---
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFWXYGSQ-1F-SID&us_privacy=1---
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:19 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: B3848A147C0C4C559DB6EA64BE635EB8 Ref B: FRAEDGE1215 Ref C: 2023-03-31T19:32:19Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX4N0SBgCOduO6JIWiGRQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFWXYGSQ-1F-SID&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 2385
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEZXWFlHU1EtMUYtU0lE&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBjRgfM-OSEa7CwHE4n8hlM&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZXWFlHU1EtMUYtU0lE&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZXWFlHU1EtMUYtU0lE&google_push=
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZXWFlHU1EtMUYtU0lE&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 2385
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/1CX-901n997Tak3NWi14ng?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JCtPOFZE2oLlswAKZ_muJUPD.VQBbV8EELJuLQ--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JCtPOFZE2oLlswAKZ_muJUPD.VQBbV8EELJuLQ--~A
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 31 Mar 2023 19:32:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JCtPOFZE2oLlswAKZ_muJUPD.VQBbV8EELJuLQ--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2385
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjVhYzc4MzYxNmFiZDJhOGE2NzFmMjZhNDJiODAwMTA4Y2JiNTdkZA&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjVhYzc4MzYxNmFiZDJhOGE2NzFmMjZhNDJiODAwMTA4Y2JiNTdkZA&us_privacy=1---
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjVhYzc4MzYxNmFiZDJhOGE2NzFmMjZhNDJiODAwMTA4Y2JiNTdkZA&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 2385 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 31 Mar 2023 19:32:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame 2385
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MqZ5PE9xTBO-0CbgwHSaTQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MqZ5PE9xTBO-0CbgwHSaTQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MqZ5PE9xTBO-0CbgwHSaTQ
Protocol
HTTP/1.1
Server
52.46.143.56 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Mar 2023 19:32:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MFSZ80DB8C5W1KFZCYFA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MqZ5PE9xTBO-0CbgwHSaTQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2385
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECA6iIFbdDpTu-BoVMsJQmw&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECA6iIFbdDpTu-BoVMsJQmw&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 31 Mar 2023 19:32:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECA6iIFbdDpTu-BoVMsJQmw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 1922 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159879&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:32:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&f_privb=0&tid=4f7025c7-bdf6-4ca0-b256-ec5fc9ad5c96&pid=c42cdc74-46c6-4611-b998-0ba192360199&dtm=1680291142969&qnm=_matherq&visible=1&tabid=be215bde-2ee6-4ef2-8831-3f8b134c4738&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x12925&tofa=1680291133&vid=1&lvidt=1680291133&duid=9ee8b86c10495836&fp=4001717511&cid=ma63527&mrk=484602605&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY4MDI5MTEzMTcwNSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMG1iIiwiZnN0UGFpbnQiOiI3NDgiLCJmZXRjaFMiOiIwIiwiZG9tYWluUyI6IjIiLCJkb21haW5FIjoiNjciLCJjb25uUyI6IjY3IiwiY29ubkUiOiI5OSIsInNzbFMiOiI3NCIsInJlcXVTIjoiOTkiLCJyZXNwUyI6IjQ1NSIsInJlc3BFIjoiNjU3IiwiZG9tTG9hZCI6IjUwOSIsImRvbUludGVyIjoiNzU5IiwiZG9tTG9hZFMiOiIxODIxIiwiZG9tTG9hZEUiOiIxOTg3IiwiZG9tQ21wbHQiOiIyNDYyIiwibG9hZFMiOiIyNDcwIiwibG9hZEUiOiIyNDc0In19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-79.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 31 Mar 2023 19:32:23 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

655 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 boolean| credentialless function| admiral object| googletag object| sophi number| a object| sophiSegments object| BOOMR_mq string| BOOMR_API_key object| BOOMR string| environment object| adiData object| dataLayer object| Fusion object| OneTrustStub object| $OPHI_GN function| sophiTag object| Snowplow function| 4dm1r11545242527 function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| react object| React object| ReactDOM object| PropTypes object| StyledComponents object| regeneratorRuntime object| idl object| teads_analytics string| bcHostname object| pArray function| adiGetLotameValue object| lotameSegments object| pianoScript boolean| isOriginalIDL undefined| revgenDebug string| bcAffiliateProp string| logStyle function| handleProfileProperties function| debouncedHandleProfileProperties function| loadValuesFromBlueConic function| debounce function| storeIDLInfo function| setOriginalIDL function| retry function| retryGetProfileProps function| emitIDLInfo function| retryEmitIDLInfo function| setLiveRampsIDL function| waitForBcPageView function| waitForATS function| waitForAuth0 function| waitForWall function| waitForBC function| pathValue object| IDLExists object| isIDLReportingPending object| isProfileUpdatePending object| atsPromise object| profilePromise object| loginAuth0Promise object| emailWallPromise object| atsScript string| GoogleAnalyticsObject function| ga object| PARSELY object| _comscore function| fbq function| _fbq string| meterContentType object| _linkedin_data_partner_ids boolean| _already_called_lintrk function| twq string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData function| clearImmediate function| setImmediate object| atsenvelopemodule object| fbcapimodule object| ats object| blueConicPreListeners function| BCClass object| blueConicClient object| gaplugins object| COMSCORE object| ns_p function| __defProp function| __defNormalProp function| __publicField object| SUBSCRIPTIONS object| SWG function| onYouTubeIframeAPIReady object| gaGlobal function| lintrk function| ttd_dom_ready function| TTDUniversalPixelApi object| twttr undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| tp object| _mather number| _zid object| _matherq object| tid string| url string| ptitle object| gaData object| Optanon object| OneTrust undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadedadvanceddigitalheader640552616592 object| bc_json1031 number| BOOMR_configt object| adiTrackPromise object| adiTrack function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| otCcpaOptOut function| dnsfeed object| CDP object| apstag object| pbjs boolean| bcDFPCallbackCalled function| bcDFPCallback object| lotame_963 object| burtApi object| AdManager function| adhesionInit object| Advance function| ___tp object| __otccpaooLocation object| ggeac object| google_js_reporting_queue function| lotameIsCompatible function| lt963_ba function| lt963_b undefined| lt963_c undefined| lt963_ca undefined| lt963_da function| lt963_ea object| lt963_e function| lt963_fa function| lt963_g function| lt963_ha object| lt963_ object| lt963_na object| lt963_oa object| lt963_Na object| lt963_Xa object| lt963_Ya object| lt963_7 function| lt963_aa function| lt963_a function| lt963_d function| lt963_f function| lt963_h function| lt963_ga function| lt963_ia function| lt963_i function| lt963_ja function| lt963_j function| lt963_k function| lt963_l function| lt963_m function| lt963_n function| lt963_la function| lt963_ka function| lt963_o function| lt963_p function| lt963_ma function| lt963_q function| lt963_r function| lt963_s function| lt963_t function| lt963_u function| lt963_sa function| lt963_pa function| lt963_qa function| lt963_w function| lt963_ra function| lt963_x function| lt963_y function| lt963_z function| lt963_A function| lt963_v function| lt963_B function| lt963_C function| lt963_ta function| lt963_D function| lt963_E function| lt963_ua function| lt963_F function| lt963_G function| lt963_va function| lt963_H function| lt963_I function| lt963_J function| lt963_L function| lt963_M function| lt963_N function| lt963_K function| lt963_wa function| lt963_xa function| lt963_O function| lt963_ya function| lt963_za function| lt963_Aa function| lt963_Ba function| lt963_Ca function| lt963_Da function| lt963_Ea function| lt963_Ia function| lt963_Fa function| lt963_Ga function| lt963_Ha function| lt963_Ja function| lt963_La function| lt963_Ka function| lt963_Ma function| lt963_P function| lt963_Oa function| lt963_Pa function| lt963_Qa function| lt963_Ra function| lt963_Sa function| lt963_Ta function| lt963_Ua function| lt963_Va function| lt963_Wa function| lt963_Q function| lt963_Za function| lt963__a function| lt963_0a function| lt963_R function| lt963_S function| lt963_1a function| lt963_T function| lt963_U function| lt963_2a function| lt963_3a function| lt963_V function| lt963_W function| lt963_X function| lt963_Y function| lt963_4a function| lt963_6a function| lt963_5a function| lt963_Z function| lt963__ function| lt963_0 function| lt963_1 function| lt963_4 function| lt963_8a function| lt963_$a function| lt963_9a function| lt963_bb function| lt963_ab function| lt963_2 function| lt963_cb function| lt963_db function| lt963_3 function| lt963_7a function| lt963_eb function| lt963_fb function| lt963_gb function| lt963_hb function| lt963_5 function| lt963_6 function| lt963_ib function| lt963_jb function| lt963_kb function| lt963_lb function| lt963_mb function| lt963_nb function| lt963_ob function| lt963_pb function| lt963_qb function| lt963_rb function| lt963_8 function| lt963_ub function| lt963_vb function| lt963_tb function| lt963_sb function| lt963_xb function| lt963_wb function| lt963_zb function| lt963_yb function| lt963_Ab function| lt963_Bb function| lt963_Cb function| lt963_Db function| lt963_Eb function| lt963_Fb function| lt963_Hb function| lt963_Kb function| lt963_Jb function| lt963_Gb function| lt963_Nb function| lt963_Ib function| lt963_Lb function| lt963_Pb function| lt963_Ob function| lt963_Qb function| lt963_Mb function| lt963_Rb function| lt963_Sb function| lt963_Tb function| lt963_9 function| lt963_Ub function| lt963_Vb function| lt963_Wb function| lt963_Xb function| lt963_Yb function| lt963_$ function| lt963_Zb function| lt963__b function| lt963_0b function| lt963_1b function| lt963_2b function| lt963_3b function| lt963_4b function| lt963_5b function| lt963_7b function| lt963_8b function| lt963_9b function| lt963_6b boolean| apstagLOADED object| apscustom object| _aps object| default_gsi object| google object| closure_lm_320097 object| __G_ID_CLIENT__ object| pbjsChunk object| _pbjsGlobals object| mnet object| __li__evt_bus object| liQ object| liQ_instances object| lotame_sync_16576 undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_Q object| sync16576_ua object| sync16576_va function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_L function| sync16576_M function| sync16576_J function| sync16576_la function| sync16576_N function| sync16576_O function| sync16576_P function| sync16576_ma function| sync16576_R function| sync16576_na function| sync16576_oa function| sync16576_pa function| sync16576_S function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_T function| sync16576_U function| sync16576_wa function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_xa function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_Aa function| sync16576_ya function| sync16576_2 function| sync16576_za function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_6 function| sync16576_Ca function| sync16576_Da function| sync16576_Ba function| sync16576_8 function| sync16576_Fa function| sync16576_Ga function| sync16576_Ea function| sync16576_9 function| sync16576_7 function| sync16576_Ha function| sync16576_Ia function| sync16576_Ja function| sync16576_Ka function| sync16576_$ function| sync16576_La function| sync16576_Ma function| sync16576_Na function| sync16576_Oa object| ID5 object| PublisherCommonId function| $ object| _bcp function| BlueConicEngagement function| RuleService object| justDetectAdblock object| bcConnectionUtil function| BlueConicDataLayerUtil object| JSONPath function| md5 string| _contentURL string| _title object| bcSegmentsArray number| bcchunkSize number| num string| chunkString object| bcGASegment string| bcGASegmentName undefined| dcrSegmentsMI object| bc_json1032 number| BOOMR_onload object| GoogleGcLKhOms object| PianoESPConfig object| filteredSegments object| filteredAudGov object| filteredAudIndividual object| filteredAudVoter object| filteredAudMidterm2022 function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_Q object| sync16589_ua object| sync16589_va function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_ma function| sync16589_R function| sync16589_na function| sync16589_oa function| sync16589_pa function| sync16589_S function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_ta function| sync16589_T function| sync16589_U function| sync16589_wa function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_xa function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_Aa function| sync16589_ya function| sync16589_2 function| sync16589_za function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_6 function| sync16589_Ca function| sync16589_Da function| sync16589_Ba function| sync16589_8 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ea function| sync16589_9 function| sync16589_7 function| sync16589_Ha function| sync16589_Ia function| sync16589_Ja function| sync16589_Ka function| sync16589_$ function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa object| lotame_sync_16589 object| __uid2SecureSignalProvider object| __uid2 object| ox_esp object| google_image_requests object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_135 object| Criteo object| Criteo_identitytag_135

108 Cookies

Domain/Path Name / Value
h312.mlive.com/DG/DEFAULT Name: BCSessionID
Value: da6cfc10-4967-4dfc-acaf-b840bee6f159
advancelocal.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: da6cfc10-4967-4dfc-acaf-b840bee6f159
.mlive.com/ Name: sophiTagses.073a
Value: *
.mlive.com/ Name: _sp_duid
Value: 59ff4ed3-d9a3-40ca-a0b6-39e5d18c44ec
.mlive.com/ Name: _gcl_au
Value: 1.1.1300384502.1680291133
.mlive.com/ Name: utag_vnum
Value: 1682883132625&vn=1
.mlive.com/ Name: utag_invisit
Value: true
.mlive.com/ Name: utag_dslv_s
Value: Less than 1 day
www.mlive.com/ Name: last_visit_bc
Value: 1680291132711
www.mlive.com/ Name: _lr_geo_location_state
Value: HE
www.mlive.com/ Name: _lr_geo_location
Value: DE
.mlive.com/ Name: _ml_ses
Value: *
.mlive.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.mlive.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1680291132979%2C%22slts%22:0}
.mlive.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=2249b4baaebf1d3aa7e34694d788b565%22%2C%22session_count%22:1%2C%22last_session_ts%22:1680291132979}
.mlive.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.mlive.com/ Name: _ga
Value: GA1.2.1631561048.1680291133
.mlive.com/ Name: _gid
Value: GA1.2.1801030995.1680291133
.mlive.com/ Name: _gat_UA-16643585-16
Value: 1
www.mlive.com/ Name: ln_or
Value: eyIzMjUyMzc4IjoiZCJ9
.t.co/ Name: muc_ads
Value: 4ba9b38b-7949-4452-8b57-065252136dc3
.twitter.com/ Name: guest_id_marketing
Value: v1%3A168029113299622274
.twitter.com/ Name: guest_id_ads
Value: v1%3A168029113299622274
.twitter.com/ Name: personalization_id
Value: "v1_mQZOFmpl9NEl1+3y/ZMhfA=="
.twitter.com/ Name: guest_id
Value: v1%3A168029113299622274
.postrelease.com/ Name: opt_out
Value: 1
.linkedin.com/ Name: UserMatchHistory
Value: AQKdsOq2Bc8L4gAAAYc5J_ZP1WeDjEShtiXk3Cm8jgq7aOOVFC2KIkj844Wd3rv55wr1PrkrOTpOFA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKSgbHiK6jqhgAAAYc5J_ZPxL0Z9LfQ14NLHG2LBYMxbOKmBo_QFJYkIbART2bzvp_wx0OiLUNol-XKE_UX-Q
.linkedin.com/ Name: bcookie
Value: "v=2&6a9ae85a-eaed-4c1c-8fb1-84e4b91617aa"
.linkedin.com/ Name: lidc
Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2888:u=1:x=1:i=1680291133:t=1680377533:v=2:sig=AQHjfaukYuBUKRuh8aMGR0tzNnHce-1W"
.mlive.com/ Name: _fbp
Value: fb.1.1680291133100.1626513466
.mlive.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Fri+Mar+31+2023+19%3A32%3A13+GMT%2B0000+(GMT)&version=202302.1.0&isIABGlobal=false&hosts=&consentId=b6b7fc50-03a0-4d69-a73f-dd3308b6b9e9&interactionCount=0&landingPath=https%3A%2F%2Fwww.mlive.com%2F&groups=1912%3A1%2CC0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
www.mlive.com/ Name: ntvSession
Value: {"id":5329500,"placementID":773533,"lastInteraction":1680291133140,"sessionStart":1680291133140,"sessionEndDate":1680307200000,"experiment":""}
.mlive.com/ Name: _awl
Value: 2.1680291133.5-0a6407705b8f1cc928d254bac2aed078-6763652d6575726f70652d7765737431-0
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230331193213a755064b-c880-4abc-830f-7be186b98dd9AQFqM2-KeMszBxtCUE9lBRw58u18XZsQ"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODAyOTExMzM7MjswMjHpsimLGIkz8SxM9btVHBC5Inx4Cghmph3rvDKYHRaf/Q==
.mlive.com/ Name: sophiTagid.073a
Value: 59ff4ed3-d9a3-40ca-a0b6-39e5d18c44ec.1680291133.1.1680291134.1680291133.25a5c074-f1fa-4cc4-9d2e-020291389df2
www.mlive.com/ Name: usprivacy
Value: 1---
.mlive.com/ Name: lotame_domain_check
Value: mlive.com
www.mlive.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.mlive.com/ Name: _li_dcdm_c
Value: .mlive.com
.mlive.com/ Name: _lc2_fpi
Value: 94c49eadf2ac--01gwwjfycw0c5c0jernr7x4h8s
.mlive.com/ Name: pbjs_pubcommonID
Value: d9029db6-8252-44c6-be2e-f37ffce64521
www.mlive.com/ Name: authsource_origin
Value: false
.mlive.com/ Name: _cc_id
Value: 7d8882bb4aaf86bd8ce01ba53cb527d6
.mlive.com/ Name: __gads
Value: ID=067af2d1a28fb085-2240661e4cdc00e7:T=1680291133:S=ALNI_MYG2DHbHHty_OmtNFkdQ9y3xe3yRw
.mlive.com/ Name: __gpi
Value: UID=00000bf91bcd2fa4:T=1680291133:RT=1680291133:S=ALNI_MaCZAkLp11v8y1SkRD_uKC4cmY_Eg
www.mlive.com/ Name: BCSessionID
Value: da6cfc10-4967-4dfc-acaf-b840bee6f159
.mlive.com/ Name: utag_vs
Value: 3
.mlive.com/ Name: utag_dslv
Value: 1680291134134
advancelocal.blueconic.net/ Name: AWSALBCORS
Value: K6Z/gRATLdGubKkLEny7cB0DLIGUdyi00RwxJOl96FsIW8DiKOolwwj8IZSreOzLFmMH0RE2I8DVc3bTDjUprpYzGoGxGpK4UI2eE0oYDtxC3v8mbeTzIc9Vxams
.mlive.com/ Name: _ga_GG8B674XK4
Value: GS1.1.1680291132.1.0.1680291134.0.0.0
.liadm.com/ Name: lidid
Value: bf8b0a68-848a-4c63-9eb9-43852ba10512
.www.mlive.com/ Name: RT
Value: "z=1&dm=www.mlive.com&si=19976774-0088-429f-a54d-acf371d69170&ss=lfwxyeyh&sl=1&tt=1wq&rl=1&ld=1wr"
.postrelease.com/ Name: visitor
Value: ""
.postrelease.com/ Name: status
Value: 0
.postrelease.com/ Name: ver
Value: 1
.rubiconproject.com/ Name: khaos
Value: LFWXYGSQ-1F-SID
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrBF0VDKUsJOnjc0/aJelRdbjRFtGIHH0vKbl8R6A+bg4cjFjVgtcxI9TNBETKI889ymPvo8pleP2I8HLg48+aBlR/vOG5O9jg=
.mlive.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lfwxyggeyi7z3ude%22%7D
.piano.io/ Name: __cf_bm
Value: OpOl4Je7IVdOXeYEF6qWnw.0vQ88CWapnmmhgOV6wv4-1680291134-0-AbC4Ito4QLd/d+sEfAK4fbeuNuovf8x3EE3EcaRed2NhWWyNcMii5LW1NkTkbhJMwpTmwc+h03ZUqWlk6bo6wJ4=
.mlive.com/ Name: __tbc
Value: %7Bkpex%7D5YYWiFllrVL0pB-t_7NTEE_qV7nHXMt6AcUnkTbFIUKeHqX2PJilglda91ubTy3t
.mlive.com/ Name: __pat
Value: -14400000
.mlive.com/ Name: __pvi
Value: eyJpZCI6InYtMjAyMy0wMy0zMS0xOS0zMi0xMy02NTYtWFJiYlYwYko3NW9vTzVxQS1mYWI5NWRkZTljOGEwOTkxZGQ5NjU2NzQ1NDViNGY5NyIsImRvbWFpbiI6Ii5tbGl2ZS5jb20iLCJ0aW1lIjoxNjgwMjkxMTM0NzY2fQ%3D%3D
.mlive.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXQF8g
.mlive.com/ Name: xbc
Value: %7Bkpex%7DFEAXMxCAfZ79sSv06ndsD-QKQad9e15TjvrBTpedyhjrEhtAUFXG29MAxQ3quLXCKuWMcLaSJbFyepjL-Az_3mPEpOdy2OotnLh4VUkSENpzwnwtttXqQCvAbbZAJg2YsdxeANrEHlsBxHTiu9pMQjCwNdTINxY-dTWMLDf_F0tagytjwuq8MunZx-VCw64jtiV9nydhf8-C8OvsiZImHeYgHgF-w0uSq3iE1hpYt3NYvszZ0Ax84kUEfuh1diT_DQGnwqhFANV6JYQ-yqdG6bnK_FcDzTWSGAg8ehNXxDCucLIIjMjbxXUB6RFqmpN5XK370r39Po3YLiy0yGQdN9qgEyfatmF_frH8yyxesHCuMrA_LfPMczfULUpSKZ8KFCiZmJYvhgAJu6e_ZE7EcG1r38HfCHRLf83NO5jp1XP615t-JsGbzpsjjVN7kXlQGmal1i5EN7US8YJF88yb6d7tcu7Z0GIokB5MMrHVuu1AZEg7_7CcfqXhQ698CJ-0_syuwgpN-0ANymeAo7pLZZHBfCeB4u5YHV8aH9_vHHC6sNv2akfdTKzH2LkPm-5VYF5tX0a6Uo4_PK9soqZ6DTzE-5rbuRYqdjtnC_oMWMVBniXr0QoDUB0NcyxBvqAr3kVNZOi_zuIMfL_dk1YDyYPlY8sZaulA_5bxHGOCejwngYy3nT8sXWNZajuAymrkpOxCMq0MYu0Rwm8J3vjTX1NzdZ_OtuDRl0vUf1Qa_nZtEGQFr3Rb0d8pAbih1-f7dqsvZb0cNZ8zhIgDPpcWl3im2FH8S2W2x824Eb_Q4nNj1ruxKYdxi4UudiHaZnFK3W-CU1VLH2poC2C4UTeQanP9RDX0JFeOGXrjYJq7ykySsIu6RiUNiKI07RrpSnFUgQXGbEKqp6OS2CdU8xEF-oXFobYQaa04Yj_7ZrrlHRjgNg9jClnFfNFJpxicJX-dvu1C-U9e-tQ1Px97n9G6YghOELgA9featUBDAN6g-Qk
.mlive.com/ Name: _ml_id
Value: 9ee8b86c10495836.1680291133.1.1680291135.1680291133
.mlive.com/ Name: __li_idex_cache_e30
Value: %7B%22nonId%22%3A%22UC8-0UIPCLIHlyMGpWzLQxKu1amGeXLXDXfJ4g%22%7D
.doubleclick.net/ Name: IDE
Value: AHWqTUlTbSbYC9JGm3fWC2wdk5fj2yqjb6eTT3iWpAjz-JEAIwBpq8erYYKjGmhLKEs
h312.mlive.com/ Name: AWSALB
Value: AKQFCbPFtONt55j7XT0tR60SNjrOZLST39pYe5FHMlOjZB4vVrcDkLJKm1rQZhPNG2JlqrWCeGPSb05ZVbNnnL/Sm2g2RnVXh3dPeVfCdp4kzdvX4uToF9kh7hvE
h312.mlive.com/ Name: AWSALBCORS
Value: AKQFCbPFtONt55j7XT0tR60SNjrOZLST39pYe5FHMlOjZB4vVrcDkLJKm1rQZhPNG2JlqrWCeGPSb05ZVbNnnL/Sm2g2RnVXh3dPeVfCdp4kzdvX4uToF9kh7hvE
.casalemedia.com/ Name: CMID
Value: ZCc1P6clTk8FAfVMrMP3WQAA
.casalemedia.com/ Name: CMPS
Value: 5136
.casalemedia.com/ Name: CMPRO
Value: 5136
.adnxs.com/ Name: uuid2
Value: 1417613249331631564
.openx.net/ Name: i
Value: a8731260-8ff1-4cec-bb34-53ddc9a66fe7|1680291135
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2InAg3ID>!]tbPl1M>e)ZlrFUfJ+tGXxp)Vv9?E_CQ`rJ+iALavhyNO[e*1`dZqHIz+(U3If)y3KL9D3I?+]bg^Qi
.criteo.com/ Name: uid
Value: a28c8925-9bcf-4f2c-aec2-f0d35eb296e1
.mlive.com/ Name: cto_bundle
Value: 0DB1GV9PZ0F5RFpGb0JmREdOWFB2dE1zeHhhQjEzTyUyRk8lMkJQUEhDOHg2Z0tvTGlOMHJvQXBiVnR1bm04ZVpJaVRwYXY0dEhWcm9rVGwyaFZVcWhUeUdLbTRlc3V0amZCQUh3UkNMazhselpjOXVXSWJNUkZUVjR4ZHNSa1dHdVhzSWMzQkpEQkdyN1lBRHhTUmlZWHBlUXRwTFBRJTNEJTNE
.3lift.com/ Name: tluid
Value: 861756764865914855866
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22C9B8A920-F875-466F-8904-3E7A25ADD998%22%7D
.de17a.com/ Name: guid
Value: 1.8425551230365208022
.360yield.com/ Name: tuuid_lu
Value: 1680291135
.360yield.com/ Name: tuuid
Value: cb309dff-e37e-4035-b032-e41fd221a7de
.lijit.com/ Name: ljt_reader
Value: GZ20pGZHIgQSOMOVThiBFM9W
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZCc1PwAAyJr6hgBB
.bidswitch.net/ Name: c
Value: 1680291136
.bidswitch.net/ Name: tuuid_lu
Value: 1680291136
.bidswitch.net/ Name: tuuid
Value: c9a50498-e218-42d3-b571-71fad94e6181
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.tribalfusion.com/ Name: ANON_ID
Value: aqnseFmMZaE8DXqwmyCTDrdfcTZcY3u3roWlBSQ5oTZds5SvVUtbNqkZcAbwALluvya5qMCkBhyZd9i4BJFbGu0oI
.mathtag.com/ Name: uuid
Value: 72ec6427-3540-4b00-b665-9a3e9ed4e84a
.mathtag.com/ Name: mt_mop
Value: 4:1680291136
www.mlive.com/ Name: _lr_sampling_rate
Value: 100
.mlive.com/ Name: _gat_pianoTracker
Value: 1
www.mlive.com/ Name: pbjs_li_nonid
Value: %7B%22nonId%22%3A%22UC8-0UIPCLIHlyMGpWzLQxKu1amGeXLXDXfJ4g%22%7D
www.mlive.com/ Name: _lr_retry_request
Value: true
www.mlive.com/ Name: _lr_env_src_ats
Value: false
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: FEEAC148-E995-4A2A-BB9D-0D81B404E658
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 159879:2
.pubmatic.com/ Name: DPSync3
Value: 1681430400%3A235_201_245_241
.pubmatic.com/ Name: SyncRTB3
Value: 1681516800%3A35%7C1681430400%3A251_220_13_7_54_8_21_161_56

5 Console Messages

Source Level URL
Text
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=115
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FEEAC148-E995-4A2A-BB9D-0D81B404E658&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

309903ec217cf56d83727f676bb7067e.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.google.com
ad.doubleclick.net
ads.pubmatic.com
ads.rubiconproject.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
advancelocal.blueconic.net
ampcid.google.com
ampcid.google.de
analytics.twitter.com
ap.lijit.com
api.rlcdn.com
app.matheranalytics.com
apps.sophi.io
at.teads.tv
ats-wrapper.privacymanager.io
bcp.crwdcntrl.net
buy.tinypass.com
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
c2.piano.io
c21lg-d.media.net
cc.adingo.jp
cdn.cookielaw.org
cdn.doubleverify.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.parsely.com
cdn.prod.uidapi.com
cdn.sophi.io
cdn.tinypass.com
check.analytics.rlcdn.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
cr.frontend.weborama.fr
cs.media.net
d.adroll.com
d1z2jf7jlzjs58.cloudfront.net
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dsum-sec.casalemedia.com
ead.mlive.com
eb2.3lift.com
ecollector-us-east.sophi.io
eus.rubiconproject.com
exchange.postrelease.com
experience.tinypass.com
fastlane.rubiconproject.com
geo.privacymanager.io
geolocation.onetrust.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
h312.mlive.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
idx.liadm.com
image2.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
jadserve.postrelease.com
js-sec.indexww.com
js.adsrvr.org
js.matheranalytics.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.360yield.com
match.adsrvr.org
micro.rubiconproject.com
mug.criteo.com
news.google.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p1.parsely.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.media.net
privacy.crwdcntrl.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
r.casalemedia.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s.ad.smaato.net
s.amazon-adsystem.com
s.go-mpulse.net
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
satisfycork.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adotmob.com
sync.crwdcntrl.net
sync.inmobi.com
sync.mathtag.com
t.co
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.linkedin.com
www.mlive.com
x.bidswitch.net
z.moatads.com
104.111.217.42
104.126.125.209
104.18.11.47
104.18.25.185
104.244.42.133
104.244.42.67
104.77.32.87
107.178.250.234
108.138.1.25
108.138.15.119
108.138.4.150
13.107.42.14
13.248.245.213
13.32.121.87
13.32.99.23
13.32.99.35
13.32.99.57
142.250.184.226
142.250.186.70
142.250.74.194
143.204.89.56
146.75.116.157
151.101.194.49
162.19.138.118
162.19.138.82
178.250.0.157
178.250.1.9
18.181.178.82
18.203.205.156
18.66.100.58
18.66.122.27
18.66.97.88
185.183.112.148
185.29.134.248
185.64.189.110
185.64.189.112
185.64.189.115
185.64.190.80
185.64.190.81
185.80.39.216
185.89.210.153
2.18.232.7
2.19.70.117
20.127.253.7
2001:4860:4802:34::36
213.155.156.184
216.52.2.91
23.35.228.23
23.35.237.64
23.50.106.221
2600:1901:0:328a::1
2600:1901:0:8344::
2600:1f18:730:b140:318:4480:a19a:ad9
2600:9000:20eb:3400:2:53b2:240:93a1
2600:9000:211e:b000:1b:5138:8a40:93a1
2600:9000:21a1:7200:8:48e:53c0:93a1
2600:9000:2250:d400:a:e047:752:b361
2602:803:c003:200::21
2606:4700:10::ac43:266a
2606:4700:4400::ac40:9062
2606:4700::6810:2a41
2606:4700::6810:5714
2606:4700::6811:b9b1
2606:4700::6812:19ad
2606:4700::6813:bc61
2620:100:a001::4
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:806::200d
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::2006
2a00:1450:4001:827::200e
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200e
2a00:1450:400c:c00::9c
2a02:2638::1c
2a02:26f0:3500:16::215:149b
2a02:26f0:3500:592::11a6
2a02:26f0:3500:d::1732:83d6
2a02:26f0:480:184::11a6
2a02:26f0:480:f::213:7ec5
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:cc3:fe05:6a35:1367:c4a4:921c
2a05:d018:d29:3605:229b:4d01:195a:9865
3.64.167.250
34.102.146.192
34.107.148.139
34.111.113.62
34.111.129.221
34.111.131.239
34.120.107.143
34.120.133.55
34.149.12.213
34.204.165.144
34.205.216.79
34.234.4.175
34.248.100.85
34.91.62.186
34.98.64.218
35.186.253.211
35.186.255.72
35.190.0.66
35.71.130.31
35.71.131.137
37.157.3.20
50.16.113.20
51.89.9.253
52.17.99.225
52.19.161.80
52.20.189.46
52.208.99.252
52.210.50.80
52.222.236.124
52.222.250.70
52.28.240.14
52.46.143.56
52.95.122.74
54.154.146.140
54.159.56.141
63.251.232.165
69.173.144.138
69.173.144.165
88.221.168.201
88.221.168.23
88.221.169.143
98.98.134.241
0018c97d3cf4a375fc6f1ab479f2cdee01102921e499239b72067c493485933e
01388e8464664825eb834a4e61389e9e7b3b78849dceb63b3086b0c2c7cbbc4b
04971705dcd7ef441d0cdfed3de59b62af5c279b75c2b60d14116a1ccaf23acd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0709e11f34bb1e47193a170bc8baf94732a32a867443b29be840c550cc03981d
070beff2068ac6fc781a5e42c9390e9079e7b0003fc4c166d2672365d3e47cf5
099c242b7f21357ba887e27ac080dd6799d369d07511e1a788c633f40a6790b0
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0a181ff81823df14d9036ff30f6bd99f7bc36339ee5061e0716b1d492c2d5c7f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d1ca2f626526de6cac25842f9d6f9435caf682105d5eadf4a6df9ff01dd1f80
0d97980370a4b4142f72c189489851ee966fe4c0556dbac44696be2ee944e551
0e38deddf8e0fa59cd081c8cc397ac99faf5435a4ab3442b4dd789a6ce0ec726
115821cf1798bdfd189a89b3d6e7b6758170b76b513dc491af97fee3bada6f2f
122aaa4e165e4145eea037982503fe0dd367536b68211a7206e80cc48e4a4c45
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15aad624dc0254a0793192fdce44efc01b4a26052f59232879e83d840328d920
17e2c4d6ea2bda1c706fddd8b1a3d81d8d5cbce58a3ca0f1a6b84221f5e5c115
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c66bf4d7bcf9bbbd0724675f5997149c93f1719dc1c4f8491a7ce5dcc0fb91
1962878d21f1f7b8cd5ab5e124793b16b3398ad213dec9a04486bcb74edbad22
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c37eba8ad39d59aa4b235b5553dbe328ddd2ad1b564706eeb6f4310265cef90
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a
24a856a6cbdd2c38b5c747673a24ae30f5a9d58736f680755ba0b747e2b76ae4
252b0b7a09efec3223025316b7234b3acce54f16264df1eeaea572e4f9aa2083
26840d8e6a3847df23553537b405e9badca0dff237b0854f15d04656dd57e40e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
28445ab5a58bac3609ddba4d1200c1797a766b538fd6b0bdb0926fbe386f327c
290f8ee2503cc1257f4c0bbba15e593a6cb1f7a874e52bba7e2884c25963c34f
29d8295a9c28bbcd4814372662877f3c31a595f6dca0bb3f17f2e9b5267d8ad1
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30a2cc3f181704f885112a168d6edbe4cb7b43ad2c793df3eaba879fa3f617f8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34a32bf98cda9575960beffa915faf1817a7382af4ee0eee0db11eb848e85dc8
35222ba6e7fe53029a076a6b736cbee2ee79f657dadd60200e0251c2388ac0ff
3637d23fa75d17625e7575318eb07a083e0933ec139b9ad0c280e56f38c7e9b7
36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90
3c36b4b61d183714e07576c90d2cbcedc56bc8892ec2c31a80a2f3d5660abc0c
3ef33c87826680fded7526c2f1846330143a4ac4f9b71376107ab82c8a99f3b4
3f5684bf5aa4a6eb5c9015394c8739dff39377a73adf72c30ba511d0ab5b50f3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
406c09d0baf42527796e25e2238deeebe5a7c22fa60ca0c2fa0c7a747be07ea6
411d4f64006c2258badaf1ddbc14319ad3445977e6f2813e7e3521021093170c
418625cbb8fa78d478dd872ec56402b37f0f19b3a8f4fca7400de039fe92d1d9
4271be75b6549727b2f6b020a48a3df7d47a7e97f70371379935d25d52dbdd2a
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43028dba729b98a17131ffa5004cc4553eecc9af046cdc24fa000bfaf5670ad9
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
446028abfb101cb4495d1330285608754ee8dcdc5a798832da48d2f3b2d5812b
45e9d0c522efc100da6a426d97fabf39aa2f26a465ffb71252ce85ebdfdb575b
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a70e73ff477b6435f86d229070a7808d8047950859b36a5f34212488cdfc838
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6185a860fc926dd414de09b47571511db27dc1876489a2fc6a1bb7d96e947c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
4f588e766e32d6bc7a1ddc91e00a9a56cf8e4d48b0902fbbcf733c9b507ebc41
4f5b3a745dca93df7e2554aa02c1ff6f118ccfd42d4ba941c9f0ae7af8e59284
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
551b59c1d6b77f6a3557ffd18e6a3ae079cb21d21edcae2e4114044557cef638
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c3bd8e16439dd0386e32f77e4e06097e73d3c7d41d381ec3b3d72ebbb7c35f
57bc7bab1e636bc97b40d59c22263cfcf6128e16f0226be3880eb503a26cefa1
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628
5e949e0ba546cccd944b7fc64ebc3f97123638dd1b3af8eec5732cd599c2ed46
5f92a30ed4a65add83b320dddd5bd3ada2d44b826521434135a2bb68badd69ae
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fe498f984078cc4039385dc4a4befa8cbd53ae03eb24187cac828668ca60415
601b0120d0d3d77ac75eb46c71da8ea368db1da0b9553e7acbb896ee37fa3417
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624a213ebd43a1962ca3f465a44b370be78a5b0fc60ce3638daa4e282a558d3f
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4
68174c53b2733e48901d9b5e9c9f2067f870119e6e2b546a4362bda419fad475
68b5df8a16ee7bbfd4789f8533b7f9882f9095625a8be1f56e352bc10710484d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c40037c574da60e05d7d7a83254118530693111566e04f6db7dbaade431b871
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
6e14c7e102d332e2f502834594a48888d988c3f8a641a6b57a19b027007c54d7
6e7427b8419cc7f191acc60e33a1afa153c59423f183182cb731f8a9f0c612d4
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21
6ff75a6aff02372d9bb7b274357cd9786444781204d3c52a46a2049b6fb3957b
702c805fec65a8cc8c6c40aed34123b021e5ed6107cc6dfdebc4b0fc2e229887
709ec34a58a00a80c57b3ccdd57493aaa1ee1cc2a312a23d1ef36dab617ce5c7
7170e9b4cce2c0e66ff05e54669f61151f4e753f62bccdb02d4551b168c2cdd2
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e
78021fdec6eef8c4919af5c20a4e88a8d618b8dfeb4fc8e44348d05e14aa9658
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a67580ad3ba7f13b3eb523dfc222482c2192428f31d9d26aa813c7cfbc67403
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
816f051e6504c024ff69505d7230c6fcf192ec9f9619154f6ccfec0bfef4062b
8189be012071c0b42e5c14cb02978cee34afefc34d8585ecdb54d4b3f0393a24
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
845bdf2070db9693215291b7c8a9e9e4c4e4a6888378c0e5511dd72b0b0ffc31
85207c595a40b93dc8e07532c86aca11932925b7f1b733731f032a982fcd613a
85ec27783f26768888645aa3c06a52955c71dee2f2e957f1e5e95d306bc889de
8628168d7c14074668d1f720badee2ed75cbe595e812cc0a93b7eea6cc970f0b
88c533b6bafc94b1f13e2ddc2737539b401e56b6aa72244e184e4d698ef6c8b9
8a8f7705a217f4c115d87b22b8155e8bfcfcc7a573cd3b47972f2b9909534578
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
94ceaecd271d90149cff5a9ea802ec5a44648312e42f9070c974ed01ca75b067
962808d38f02dc6af6a7a9646f3cb038656e582ff6d21e71973a00672debc3a8
989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b
98ba338d6ebeeff877b52b0c56b2a7b904fb40bffeeae517e1c603418837edde
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303
9ebc9e605e0d8b811e7ba3068d71f1f4db1b45e36e80ae76720b87014d48c369
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0046dd0685c0cde4adb1c4c377ff545dc30f85e69b0e9cdffcbb1698bbd0a49
a0189efeb7f7a6caea394960d4b0a9b30d777b9c685a61b84b6f48e16eb9b244
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a253d93872743cba92c83449005c81b3cddfcd0d2707e443091fbcdfbc4dd4a4
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
a46f1b447255d4cb87e390b09b540c216e7de87141a6d5f771295d0f91170fb8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a7e702f15b65f58d32945e27b8416dac2811afad1a828a9a617d5c0c1cc85b21
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ab84e01b3a53b9e8982d66bd68befb459045f9d4acf0be5cb5c9abf294d106bf
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad414760b7daffef852b0ec1af8ca07aab5f50b59808d11141df8d8b52977f94
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4db4ba996641abb9b820c48703e36b8b9d04a7d7cdb1758b99e7b91fe9cff79
b5368918706a26d1fe5acb19bb4d139fd4dba0d5f330e16eb039d1986f3bf29a
b60c57e3a82806f29e660fbaaa2a85677f17819aeccdebf669df9fea3eceda40
b9afeb90db17ffa772a8bbc38f8ae37524ac4c0660dfc228f528cfe36a38d53d
bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc
bf9ff90c49df61054f632b51e1a6f37cedef3638a48ffd1075d96cef3c207a2a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8
c31e3b8eac2d0e1922381df6d7ebbc37a41c5f3d2dc0bfcd169a539f8221db3b
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f
c958fef291d28ed268bd55bb053d352ab4a3c7c70a2f4dacdce4ddbb1117e079
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdc09616482b23651a59600f7be19ae57c62086f99faadb86e7da494a585c05a
cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0bc6ff44d64e2d4a0154608e7fd4cfe1ce1db00c8d8d9dfc62b43f031a79adf
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0f885f308112744715869ebba25cbaef30b8196d652a761a3ca02862b7869da
d22ae6bbaa3c79a6d31667177a7bf1b209536858fe3caf1a95a21af65d76f15b
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d48627601ba47cd8763402c7240ab4be417bbc9015dfaf689ca017a6da70bb2e
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
dc782f2805dc242386580c8cf0a31db71f658cb8b71d8e7a8734288bf7c15b07
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
e080e504f58f105af7861e295cc78fbf9420f0c8f62a74baf3085d00981cf1d7
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bfbff2600d61f009d961d999a8ab20450a8fd7a91d4a9080b7209b47482ee0
e4bcd43730aec47f4914042f1c20d5f8cc9fda3f79de1081a1a1a59fd989799e
e51aa8cd13e23afed62d2b0c3ed5581d59b92f4f76415b50a63bfa7a32696fcd
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6957bbe6022deddb04a6b9016e4cb39053badc4bf519bd2ceaad374d78c0645
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
e70be2849f7e7f7f27dc4eb168538ef25474e4799e1a4a4d9aee01f57f4c5a3f
e733ee35a667f46bbbd241b005c9c360552a2c687ade64d693e7eea5385ee5cf
e85a649094d881201f7a886c94cd19e72196c761da5017c9269b03b35ca9c5c4
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1
eaf72a16915b22085727866ce28a4b306711fd041a33ead2c759302c650ef9dc
edb73f19e3ebb198891d0c5fb25c38c302b7161114a2ad8b6736e19fae0ff698
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee7c59250fde3aab29c47f247575770d651c134a90cddb7d02ed8488a9edc8ca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3664982f4d8ec6bd35f3206ecdc82148af7df2a06acde0526bbde92f10ab92b
f3ac7a6c82549c7d71d3913ca8b269204425f68593f3bae31b9a8bfa61035e5e
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fadd74ac1cf4915d3c609388e46eda3e941d8e27b97641eaa979cc34d51fddd1
fd5fc803391179a38dcdd947ade7d023898c3f5d2a3ef5b1e9f50086f5275cea
fdf95627c0ed19d0d47d3c57e441ffb87831c7f471abce0a255d53e721fc5532
fe0a84efb7bb5e3e1271101d9351c05dd643e5649ab691acf50dcdcb3f965cb5