urlscan.io logo urlscan.io
SecurityTrails logo

www.mlive.com Open in urlscan Pro
2a02:26f0:3500:12::1730:17b4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.sign-verifymailaccountxsa.duckdns.org/
Effective URL: https://www.mlive.com/
Submission: On October 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 121 IPs in 10 countries across 82 domains to perform 417 HTTP transactions. The main IP is 2a02:26f0:3500:12::1730:17b4, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.mlive.com. The Cisco Umbrella rank of the primary domain is 61450.
TLS certificate: Issued by R3 on September 28th 2023. Valid for: 3 months.
This is the only time www.mlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.240.229.36 46606 (UNIFIEDLA...)
1 1 99.83.138.34 16509 (AMAZON-02)
35 2a02:26f0:350... 20940 (AKAMAI-ASN1)
11 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:1901:0:3... 15169 (GOOGLE)
1 108.156.2.94 16509 (AMAZON-02)
1 18.66.122.48 16509 (AMAZON-02)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
16 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
4 52.223.1.76 16509 (AMAZON-02)
1 104.79.89.16 16625 (AKAMAI-AS)
15 52.222.236.26 16509 (AMAZON-02)
5 184.30.17.133 16625 (AKAMAI-AS)
1 143.204.98.69 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 52.222.250.115 16509 (AMAZON-02)
1 23.56.203.202 16625 (AKAMAI-AS)
2 108.139.243.57 16509 (AMAZON-02)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 146.75.120.157 54113 (FASTLY)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2 107.178.250.234 396982 (GOOGLE-CL...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
2 23.56.202.187 16625 (AKAMAI-AS)
3 108.138.1.25 16509 (AMAZON-02)
3 65.9.66.104 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 18.244.179.43 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 18.66.100.58 16509 (AMAZON-02)
3 104.102.35.84 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.133 13414 (TWITTER)
1 104.244.42.195 13414 (TWITTER)
8 52.19.1.158 16509 (AMAZON-02)
2 52.20.110.47 14618 (AMAZON-AES)
6 52.7.177.4 14618 (AMAZON-AES)
6 52.208.65.49 16509 (AMAZON-02)
1 99.86.4.71 16509 (AMAZON-02)
1 52.17.99.225 16509 (AMAZON-02)
6 2600:9000:220... 16509 (AMAZON-02)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 23.215.22.18 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 108.138.9.235 16509 (AMAZON-02)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f17... 32934 (FACEBOOK)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 52.17.236.99 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 52.223.6.21 16509 (AMAZON-02)
1 151.101.65.44 54113 (FASTLY)
3 4 104.18.27.193 13335 (CLOUDFLAR...)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 2 2a02:2638:d::d 44788 (ASN-CRITE...)
2 2600:1901:0:8... 15169 (GOOGLE)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 34.234.124.95 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
1 178.250.7.13 44788 (ASN-CRITE...)
1 5 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 35.244.159.8 15169 (GOOGLE)
40 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 104.102.56.239 16625 (AKAMAI-AS)
12 25 142.250.186.34 15169 (GOOGLE)
7 104.18.26.193 13335 (CLOUDFLAR...)
3 4 37.252.171.149 29990 (ASN-APPNEX)
2 3.75.62.37 16509 (AMAZON-02)
2 162.19.138.83 16276 (OVH)
9 2a00:1450:400... 15169 (GOOGLE)
3 141.95.33.111 16276 (OVH)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
3 3.71.227.249 16509 (AMAZON-02)
1 35.227.252.103 15169 (GOOGLE)
2 2 216.52.2.86 30282 (AS-INAPCD...)
4 5 51.89.9.254 16276 (OVH)
6 172.217.23.98 15169 (GOOGLE)
3 6 34.255.92.83 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2 35.204.158.49 396982 (GOOGLE-CL...)
4 15.197.193.217 16509 (AMAZON-02)
2 34.96.105.8 396982 (GOOGLE-CL...)
2 52.58.182.115 16509 (AMAZON-02)
2 2 151.101.2.49 54113 (FASTLY)
1 2 69.173.144.165 26667 (RUBICONPR...)
1 2600:9000:211... 16509 (AMAZON-02)
1 34.243.192.150 16509 (AMAZON-02)
1 35.186.255.72 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2606:4700::68... 13335 (CLOUDFLAR...)
14 151.101.194.133 54113 (FASTLY)
10 2606:4700::68... 13335 (CLOUDFLAR...)
3 151.101.130.133 54113 (FASTLY)
1 108.139.243.61 16509 (AMAZON-02)
1 44.198.246.137 14618 (AMAZON-AES)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 184.30.20.22 16625 (AKAMAI-AS)
2 104.18.24.18 13335 (CLOUDFLAR...)
2 95.101.149.233 16625 (AKAMAI-AS)
2 23.32.184.192 16625 (AKAMAI-AS)
1 2a04:4e42:600... 54113 (FASTLY)
1 2 185.64.190.78 62713 (AS-PUBMATIC)
1 2 52.46.130.91 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 35.214.208.147 15169 (GOOGLE)
1 1 193.0.160.130 54312 (ROCKETFUEL)
1 185.86.139.104 201081 (SMARTADSE...)
1 1 178.250.1.9 44788 (ASN-CRITE...)
3 185.64.191.210 62713 (AS-PUBMATIC)
1 2 67.220.224.150 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
3 198.47.127.205 3257 (GTT-BACKB...)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 54.144.174.219 14618 (AMAZON-AES)
3 3 37.157.6.233 198622 (ADFORM)
417 121
1    162.240.229.36 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: vps-10157822.maradonaarg.com
www.sign-verifymailaccountxsa.duckdns.org
1    99.83.138.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: a135022da78f12244.awsglobalaccelerator.com
mlive.com
35    2a02:26f0:3500:12::1730:17b4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.mlive.com
11    2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    2600:1901:0:328a::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
satisfycork.com
1    108.156.2.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-2-94.mxp63.r.cloudfront.net
cdn.sophi.io
1    18.66.122.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-48.fra60.r.cloudfront.net
apps.sophi.io
1    2a02:26f0:1700:38a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
16    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:21f3:7c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    52.223.1.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8fd921d2017b5f79.awsglobalaccelerator.com
ecollector-us-east.sophi.io
1    104.79.89.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-16.deploy.static.akamaitechnologies.com
a.teads.tv
15    52.222.236.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-26.fra56.r.cloudfront.net
h312.mlive.com
5    184.30.17.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-133.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    143.204.98.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-69.fra50.r.cloudfront.net
ats-wrapper.privacymanager.io
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
news.google.com
8    2606:4700::6812:a07e (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
api-v3.tinypass.com
4    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.222.250.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-115.fra60.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1    23.56.203.202 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-203-202.deploy.static.akamaitechnologies.com
s.ntv.io
2    108.139.243.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-57.mxp63.r.cloudfront.net
sb.scorecardresearch.com
3    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    107.178.250.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
2    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
6    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
3    65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net
tags.crwdcntrl.net
3    2a00:1450:4001:830::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    18.244.179.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-179-43.lhr61.r.cloudfront.net
geo.privacymanager.io
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net
cdn.parsely.com
3    104.102.35.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com
at.teads.tv
sync.teads.tv
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
ampcid.google.de
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
8    52.19.1.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-1-158.eu-west-1.compute.amazonaws.com
jadserve.postrelease.com
2    52.20.110.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-110-47.compute-1.amazonaws.com
advancelocal.blueconic.net
6    52.7.177.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-177-4.compute-1.amazonaws.com
www.i.matheranalytics.com
6    52.208.65.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-65-49.eu-west-1.compute.amazonaws.com
privacy.crwdcntrl.net
bcp.crwdcntrl.net
id.crwdcntrl.net
sync.crwdcntrl.net
1    99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
p1.parsely.com
6    2600:9000:2204:da00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    23.215.22.18 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-18.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net
aax.amazon-adsystem.com
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2600:9000:2250:f400:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
4    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
4    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    2602:803:c003:200::44 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    52.17.236.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-236-99.eu-west-1.compute.amazonaws.com
exchange.postrelease.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    52.223.6.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8c33d2b6751b365d.awsglobalaccelerator.com
direct.adsrvr.org
1    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
display.bidder.taboola.com
4    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    2a02:26f0:7100:59a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
2    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
1    2600:1f18:730:b120:ec5e:651e:a0cc:77a3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    34.234.124.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-124-95.compute-1.amazonaws.com
rp4.liadm.com
5    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
18    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
5    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
7    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
40    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    104.102.56.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-56-239.deploy.static.akamaitechnologies.com
ead.mlive.com
25    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
7    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
4    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
9    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    85.114.159.118 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    3.71.227.249 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-227-249.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    216.52.2.86 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
5    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
6    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
googleads4.g.doubleclick.net
6    34.255.92.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-92-83.eu-west-1.compute.amazonaws.com
ihg.demdex.net
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
4    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    52.58.182.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-182-115.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    2600:9000:211e:de00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    34.243.192.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-192-150.eu-west-1.compute.amazonaws.com
match.360yield.com
1    35.186.255.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.255.186.35.bc.googleusercontent.com
app.matheranalytics.com
1    2606:4700::6811:c276 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
3    2a02:26f0:480:f::213:7edc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
2    2606:4700::6812:eff8 (United States)

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
14    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
static.advance.net
10    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
fonts.advance.net
1    108.139.243.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-61.mxp63.r.cloudfront.net
check.analytics.rlcdn.com
1    44.198.246.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-246-137.compute-1.amazonaws.com
idx.liadm.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
2    104.18.24.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2a05:d018:d29:3602:5aec:1139:b771:4a28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    35.214.208.147 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 147.208.214.35.bc.googleusercontent.com
csync.loopme.me
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    67.220.224.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    54.144.174.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-174-219.compute-1.amazonaws.com
a.audrte.com
3    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
Apex Domain
Subdomains		 Transfer
62 googlesyndication.com
48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
457 KB
52 mlive.com
mlive.com — Cisco Umbrella Rank: 56143
www.mlive.com — Cisco Umbrella Rank: 61450
h312.mlive.com — Cisco Umbrella Rank: 96503
ead.mlive.com — Cisco Umbrella Rank: 114950
2 MB
45 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
314 KB
17 advance.net
static.advance.net — Cisco Umbrella Rank: 41673
fonts.advance.net — Cisco Umbrella Rank: 73485
378 KB
16 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
221 KB
11 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
7 KB
11 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581
ads.pubmatic.com — Cisco Umbrella Rank: 588
image6.pubmatic.com — Cisco Umbrella Rank: 967
simage2.pubmatic.com — Cisco Umbrella Rank: 959
image2.pubmatic.com — Cisco Umbrella Rank: 1116
26 KB
11 google.com
news.google.com — Cisco Umbrella Rank: 6566
accounts.google.com — Cisco Umbrella Rank: 32
ampcid.google.com — Cisco Umbrella Rank: 2926
www.google.com — Cisco Umbrella Rank: 2
146 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 385
256 KB
10 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
94 KB
10 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 8991
cdn.tinypass.com — Cisco Umbrella Rank: 6818
buy.tinypass.com — Cisco Umbrella Rank: 7378
api-v3.tinypass.com — Cisco Umbrella Rank: 20852
178 KB
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
150 KB
9 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1252
exchange.postrelease.com — Cisco Umbrella Rank: 5503
5 KB
9 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1164
privacy.crwdcntrl.net — Cisco Umbrella Rank: 20254
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073
id.crwdcntrl.net — Cisco Umbrella Rank: 2704
sync.crwdcntrl.net — Cisco Umbrella Rank: 1011
44 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 334
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657
aax.amazon-adsystem.com — Cisco Umbrella Rank: 426
s.amazon-adsystem.com — Cisco Umbrella Rank: 328
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086
72 KB
9 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3504
ads.rubiconproject.com — Cisco Umbrella Rank: 2373
fastlane.rubiconproject.com — Cisco Umbrella Rank: 563
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3219
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
eus.rubiconproject.com — Cisco Umbrella Rank: 662
token.rubiconproject.com — Cisco Umbrella Rank: 504
165 KB
9 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 12318
www.i.matheranalytics.com — Cisco Umbrella Rank: 12078
app.matheranalytics.com — Cisco Umbrella Rank: 18546
43 KB
6 demdex.net
ihg.demdex.net — Cisco Umbrella Rank: 12158
5 KB
6 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1906
google-bidout-d.openx.net — Cisco Umbrella Rank: 1919
us-u.openx.net — Cisco Umbrella Rank: 547
rtb.openx.net — Cisco Umbrella Rank: 912
1 KB
6 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1230
2 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
21 KB
6 sophi.io
cdn.sophi.io — Cisco Umbrella Rank: 24285
apps.sophi.io — Cisco Umbrella Rank: 36009
ecollector-us-east.sophi.io — Cisco Umbrella Rank: 31549
38 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 913
1 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 379
110 KB
5 adsrvr.org
direct.adsrvr.org — Cisco Umbrella Rank: 3724
match.adsrvr.org — Cisco Umbrella Rank: 402
990 B
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 416
www.linkedin.com — Cisco Umbrella Rank: 708
px4.ads.linkedin.com — Cisco Umbrella Rank: 6066
5 KB
5 moatads.com
z.moatads.com — Cisco Umbrella Rank: 712
px.moatads.com — Cisco Umbrella Rank: 628
87 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2979
3 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
3 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
mug.criteo.com — Cisco Umbrella Rank: 2541
dis.criteo.com — Cisco Umbrella Rank: 648
8 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
278 B
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1156
id5-sync.com — Cisco Umbrella Rank: 470
31 KB
4 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1558
at.teads.tv — Cisco Umbrella Rank: 5088
sync.teads.tv — Cisco Umbrella Rank: 1584
4 KB
3 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3616
c1.adform.net — Cisco Umbrella Rank: 643
2 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22832
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27465
898 B
3 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1858
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
436 B
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
765 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
177 KB
3 liadm.com
rp.liadm.com — Cisco Umbrella Rank: 1727
rp4.liadm.com — Cisco Umbrella Rank: 6196
idx.liadm.com — Cisco Umbrella Rank: 2639
1 KB
3 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1319
lexicon.33across.com — Cisco Umbrella Rank: 1726
5 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
123 KB
3 satisfycork.com
satisfycork.com — Cisco Umbrella Rank: 32641
24 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 753
cdn.indexww.com — Cisco Umbrella Rank: 1795
2 KB
2 rlcdn.com
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4599
api.rlcdn.com — Cisco Umbrella Rank: 1168
637 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
700 B
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2268
292 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
1 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1024
r.turn.com — Cisco Umbrella Rank: 4738
869 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1145
545 B
2 taboola.com
display.bidder.taboola.com — Cisco Umbrella Rank: 10462
trc.taboola.com — Cisco Umbrella Rank: 680
624 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1420
contextual.media.net — Cisco Umbrella Rank: 780
9 KB
2 blueconic.net
advancelocal.blueconic.net — Cisco Umbrella Rank: 31083
2 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3328
p1.parsely.com — Cisco Umbrella Rank: 2550
21 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 655
564 B
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 981
9 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 179
3 KB
2 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 2886
geo.privacymanager.io — Cisco Umbrella Rank: 2195
51 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1562
c.go-mpulse.net — Cisco Umbrella Rank: 689
50 KB
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
588 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 951
45 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1000
759 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1165
289 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 5898
4 KB
1 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2517
199 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 893
238 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3431
104 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617
584 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2118
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2931
3 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
14 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1235
17 KB
1 google.de
ampcid.google.de — Cisco Umbrella Rank: 81257
94 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 869
724 B
1 t.co
t.co — Cisco Umbrella Rank: 614
376 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 792
15 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 4063
163 KB
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 720
482 B
1 duckdns.org
www.sign-verifymailaccountxsa.duckdns.org
491 B
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
417 82
Domain Requested by
40 pagead2.googlesyndication.com 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
35 www.mlive.com www.mlive.com
25 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
18 tpc.googlesyndication.com www.mlive.com
48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
16 www.googletagmanager.com www.mlive.com
www.googletagmanager.com
15 h312.mlive.com www.mlive.com
h312.mlive.com
14 static.advance.net buy.tinypass.com
www.mlive.com
11 cdn.cookielaw.org www.mlive.com
cdn.cookielaw.org
10 cdnjs.cloudflare.com buy.tinypass.com
9 s0.2mdn.net www.mlive.com
s0.2mdn.net
8 jadserve.postrelease.com s.ntv.io
www.mlive.com
7 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
7 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
7 googleads.g.doubleclick.net www.mlive.com
48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
pagead2.googlesyndication.com
6 ihg.demdex.net 3 redirects 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
6 googleads4.g.doubleclick.net www.mlive.com
6 cdn.linkedin.oribi.io snap.licdn.com
6 www.i.matheranalytics.com www.mlive.com
6 securepubads.g.doubleclick.net www.mlive.com
securepubads.g.doubleclick.net
5 onetag-sys.com 4 redirects 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
5 www.google.com 1 redirects 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 a.audrte.com 3 redirects
4 match.adsrvr.org 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 www.facebook.com www.mlive.com
4 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.mlive.com
4 ecollector-us-east.sophi.io cdn.sophi.io
3 image2.pubmatic.com ads.pubmatic.com
3 simage2.pubmatic.com ads.pubmatic.com
3 fonts.advance.net static.advance.net
3 px.moatads.com www.mlive.com
3 code.createjs.com s0.2mdn.net
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 x.bidswitch.net 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
3 id5-sync.com cdn.id5-sync.com
micro.rubiconproject.com
3 www.googletagservices.com 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
3 px.ads.linkedin.com 3 redirects
3 bcp.crwdcntrl.net tags.crwdcntrl.net
3 accounts.google.com www.mlive.com
accounts.google.com
3 tags.crwdcntrl.net www.mlive.com
securepubads.g.doubleclick.net
3 c.amazon-adsystem.com www.mlive.com
c.amazon-adsystem.com
3 connect.facebook.net www.mlive.com
connect.facebook.net
3 satisfycork.com www.mlive.com
satisfycork.com
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 ads.pubmatic.com micro.rubiconproject.com
2 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
2 sync-tm.everesttech.net 2 redirects
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 tr.blismedia.com 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
2 um.simpli.fi 1 redirects
2 ap.lijit.com 2 redirects
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
micro.rubiconproject.com
2 ups.analytics.yahoo.com googleads.g.doubleclick.net
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 lexicon.33across.com cdn-ima.33across.com
micro.rubiconproject.com
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects www.mlive.com
2 advancelocal.blueconic.net h312.mlive.com
2 region1.google-analytics.com www.googletagmanager.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 js.matheranalytics.com 1 redirects www.mlive.com
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 sb.scorecardresearch.com www.mlive.com
2 news.google.com www.googletagmanager.com
news.google.com
2 z.moatads.com www.mlive.com
z.moatads.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr
1 sync.crwdcntrl.net
1 cms.quantserve.com 1 redirects
1 dis.criteo.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ssbsync.smartadserver.com ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 csync.loopme.me 1 redirects
1 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
1 token.rubiconproject.com eus.rubiconproject.com
1 trc.taboola.com
1 js-sec.indexww.com micro.rubiconproject.com
1 contextual.media.net micro.rubiconproject.com
1 api.rlcdn.com micro.rubiconproject.com
1 id.crwdcntrl.net micro.rubiconproject.com
1 idx.liadm.com micro.rubiconproject.com
1 check.analytics.rlcdn.com micro.rubiconproject.com
1 api-v3.tinypass.com cdn.tinypass.com
1 c2.piano.io cdn.tinypass.com
1 app.matheranalytics.com js.matheranalytics.com
1 match.360yield.com 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
1 s.ad.smaato.net 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 dclk-match.dotomi.com 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
1 rtb.openx.net 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
1 dsp.adfarm1.adition.com 1 redirects
1 r.turn.com 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 ead.mlive.com www.mlive.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com www.mlive.com
1 rp4.liadm.com www.mlive.com
1 rp.liadm.com 1 redirects
1 c.go-mpulse.net s.go-mpulse.net
1 htlb.casalemedia.com micro.rubiconproject.com
1 display.bidder.taboola.com micro.rubiconproject.com
1 direct.adsrvr.org micro.rubiconproject.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 exchange.postrelease.com micro.rubiconproject.com
1 fastlane.rubiconproject.com micro.rubiconproject.com
1 prebid.media.net micro.rubiconproject.com
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.id5-sync.com www.mlive.com
1 secure.cdn.fastclick.net www.mlive.com
1 px4.ads.linkedin.com www.mlive.com
1 www.linkedin.com 1 redirects
1 p1.parsely.com www.mlive.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 privacy.crwdcntrl.net tags.crwdcntrl.net
1 ampcid.google.de www.google-analytics.com
1 analytics.twitter.com www.mlive.com
1 t.co www.mlive.com
1 ampcid.google.com www.google-analytics.com
1 at.teads.tv a.teads.tv
1 cdn.tinypass.com experience.tinypass.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 geo.privacymanager.io ats-wrapper.privacymanager.io
1 micro.rubiconproject.com www.mlive.com
1 static.ads-twitter.com www.googletagmanager.com
1 s.ntv.io www.mlive.com
1 d1z2jf7jlzjs58.cloudfront.net www.mlive.com
1 experience.tinypass.com www.mlive.com
1 ats-wrapper.privacymanager.io www.mlive.com
1 a.teads.tv www.googletagmanager.com
1 static.adsafeprotected.com www.mlive.com
1 s.go-mpulse.net www.mlive.com
1 apps.sophi.io www.mlive.com
1 cdn.sophi.io www.mlive.com
1 mlive.com 1 redirects
1 www.sign-verifymailaccountxsa.duckdns.org 1 redirects
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
417 150
Subject Issuer Validity Valid
advancelocal.web.arc-cdn.net
R3		 2023-09-28 -
2023-12-27		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
satisfycork.com
R3		 2023-09-08 -
2023-12-07		 3 months crt.sh
cdn.sophi.io
Amazon RSA 2048 M01		 2023-09-17 -
2024-10-15		 a year crt.sh
apps.sophi.io
Amazon RSA 2048 M01		 2023-03-18 -
2024-04-15		 a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.sophi.io
Amazon RSA 2048 M01		 2023-04-11 -
2024-05-10		 a year crt.sh
teads.tv
R3		 2023-10-04 -
2024-01-02		 3 months crt.sh
w723.lonestarlive.com
Amazon RSA 2048 M01		 2023-07-07 -
2024-08-04		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-13 -
2024-08-12		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-28 -
2024-08-28		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-15 -
2023-10-13		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-02-16		 a year crt.sh
*.blueconic.net
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-06		 a year crt.sh
www.i.matheranalytics.com
Amazon RSA 2048 M01		 2023-03-02 -
2024-01-13		 10 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-07		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.bidder.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-10-01 -
2023-12-30		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
li.lisecurelink.com
R3		 2023-09-05 -
2023-12-04		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
app.matheranalytics.com
GTS CA 1D4		 2023-08-10 -
2023-11-08		 3 months crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
tls.adobe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-08 -
2024-03-10		 a year crt.sh
advancelocal.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-10 -
2024-09-10		 a year crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2023-06-27 -
2024-07-24		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh

This page contains 33 frames:

Primary Page: https://www.mlive.com/
Frame ID: 0FE490FF43523C57B9FA8C37201DE535
Requests: 212 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: E17E8EACD62F7802A995278A018B6F9F
Requests: 1 HTTP requests in this frame

Frame: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3F3FD4007E889029009CE2037CA2B278
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mlive.com&us_privacy=1---
Frame ID: 5A4FCAEE0C51724797D918A8FBE5A570
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs
Frame ID: F854918EFD4F991F17176F9DB70AA83E
Requests: 11 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 11ADC3E24EB00A2029BD89822E9B3EEF
Requests: 1 HTTP requests in this frame

Frame: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 55C1E90E2D21825AE17E478FFE8DC0BB
Requests: 21 HTTP requests in this frame

Frame: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 01CB480F2E3BBE590AA417452BA4AA2C
Requests: 21 HTTP requests in this frame

Frame: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B224FEDCEC6E7027D8787CED56357DC6
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNXH-me-i0i_nTyfjgujEl6RP--kd7D_Y316_BBEEYjwkf65IyDFAjXMbgiHY8J_gUn6M79vX5WWLIpgaHtdM48f5xUVwo1DubyoBjb0RhAjtNNEXGWrFt_O1aaz-m16Oo7AsOJlOdxd3nb-l9qann4QDtXwqcheIJseYVE0XuLXypsS3fo
Frame ID: 5FF78F26665377E561E2CD6021078155
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNVBRziZ7-zz7bzyJ77VWEMhVSiPqx3Mpkvar265shG6gXGs-XJCgoA7hEyu9WKdX76ohOIgFktD7gggogo5OteebIDQal8pU6CQtonXobXbguX3Ir16KvlDSS7Z4RtiSHpaE8mDSYoORGkBYfEgHF55_Ct5JQ3zKOn3Efq5JkTlvGQdemU
Frame ID: A68FC92B0F083E8221C3B680E92179E5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNU4x7Kfo5LlrR0EhVRFG1WWZHzS4IyZB0lLkFgkC7ZxyadXXJl1mr2qGd4R6JZ9JdRcLTJK0gAu910yG3vTdYQ46w1OrRlHhVfj-i_sfFz-WYVdKrhNeAAQOzzOqDFmxdI0JW7404nvBdBrtZ2zC2aHouEYX9UxM8Pg-gaqyYGDM8OGnpA
Frame ID: 07BDF3BE440198E73C9E90CCCE7C70C7
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1B1ED569A332B6DD81C94EDF26E72FB5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 21D07F0FB4CF87A31546ABFE2A2F90A8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2374F7717154D671AEB5EB4467F35F85
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 095C89703587EA5F86704F0C637140D8
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/300x250-IHG-EN.html?ev=01_250
Frame ID: A5078AC39672BC4C947250B86C7FEF83
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/300x250-IHG-EN.html?ev=01_250
Frame ID: 9DBC023D988C08A3786EF752D66221C3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/300x250-IHG-EN.html?ev=01_250
Frame ID: A01A4162C3B45B9AE8A24586E4FC3FB6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 02B5B68FFEDD47F598F01A8A3150EF63
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 28313903EF12BECE1C26FB97F538F97A
Requests: 3 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Frame ID: 40E07BADCEBC301D71EBC0F214A472A1
Requests: 32 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A16124949F3E476F960DD298EE7A0C15
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8593520A07173A3FFA447BEDEF3CD503
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 7330BAB91D0C2E3D976C4B1B75BF1BE9
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7641DC9A9DB215FCCFE14547406DEAEC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 634787E1A62A83F0F362589936B4732C
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Frame ID: C83EFD9AD02B9E4AAA13EBF07FA3E863
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1D203417571A35ADC587D00C88FA6353
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 5184C75C5BA392979FCAD0577F69BC49
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=290FDCC0-79CE-4D73-920B-72E06B032633&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: F06438B70AEB7C5401C27FB6CF6D62FB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3816782713399180414&gdpr=0&gdpr_consent=
Frame ID: 06F72FA56B05537B3A98F89BB4B0F8DB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JMmjSirKoUM_mKMfdpm8GSGep0M_yqFDIsgWai_w
Frame ID: 81CCC93FB18919CBF9EF8D6B8997757A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Michigan Local News, Breaking News, Sports & WeatherLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://www.sign-verifymailaccountxsa.duckdns.org/ HTTP 307
    https://mlive.com/ HTTP 301
    https://www.mlive.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

417
Requests

91 %
HTTPS

35 %
IPv6

82
Domains

150
Subdomains

121
IPs

10
Countries

5194 kB
Transfer

14822 kB
Size

124
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.sign-verifymailaccountxsa.duckdns.org/ HTTP 307
    https://mlive.com/ HTTP 301
    https://www.mlive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1636 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
Request Chain 107
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1696630276161&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1696630276161&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1696630276161%26url%3Dhttps%253A%252F%252Fwww.mlive.com%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1696630276161&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1696630276161&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKKglwTwfoA1wAAAYsHC4M6mF6qJA96E2dQWZ1Og6I5BzbAhX_U-JA_ojTCMyN3AlDiF1OTk143
Request Chain 155
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
Request Chain 158
  • https://rp.liadm.com/j?dtstmp=1696630276563&se=e30&duid=94c49eadf2ac--01hc3gpzy90m3zhvqm9dt8fedm&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1696630276563&se=e30&duid=94c49eadf2ac--01hc3gpzy90m3zhvqm9dt8fedm&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6OjM%3D&n3pc=true
Request Chain 168
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=mlive.com&sn=ChromeSyncframe&so=0&topUrl=www.mlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=YULO4XxuMDlqU1g0UE1mdkJiMCtjODcyU0hKUnNOdXlCUU1nenBlNE5KcjZDc2ZHcDNLdzh3MTVrT3JwbUpkZjVac3FIemIyYlpQVlNSM3JST2RyMGxhR1JibWVZd2ZRUkZZMWQ1NU9hTmZRYytGWCtndE05QnkvbWdUV1pWamVUNTNnZ2hMb1oyZkVINVZ0SEo5MGRxNDVYSE8xa29pc0JFSjkyTEtpK0pjMFVMQjFIZ2xoeDlUNGt2T0pEblp1aTFCdU9mM1ArTVVxNCtJZnNEQ1lDZWtYemt2bm9VQ1puQ0lsUUlPcytOaWpkUnp4VkZvOTFWTXEvYlZmc3FGSmNSQ1RQMVZYU3QxOWc5MkEyU2NCSGN0dStIUT09fA&cppv=2
Request Chain 171
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBvBdixaOlRmZh0M0m6-7dk&google_cver=1
Request Chain 219
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSCGBUp514elSDxBXhFiZAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBvBdixaOlRmZh0M0m6-7dk&google_cver=1
Request Chain 220
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJJwTZfwna2JlMVC_l2PnZY&google_cver=1
Request Chain 221
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgxNjc4MjcxMzM5OTE4MDQxNA%3D%3D
Request Chain 222
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA_tE4iuMQX7idkBBSnSx3E&google_cver=1
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEFY0iPbX1hVDGQGN7lymc1E&google_cver=1
Request Chain 226
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEN-ndNn_OSbIuQLm7WIJPD0&google_cver=1
Request Chain 260
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC63FizG3lhYMag2IEpRxaI&google_cver=1&google_push=AXcoOmS5jMouWEpLhyZbGZnBORNun9xIrNk3VAyCeyi1MGBq5sqPX8lR-oVBuETVZCTI1MXrPwSz4yhDHzKlBnVSYp4Sf2Iz7PP3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQyNTY4MTY0ODc1NzUwNjk4NA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC63FizG3lhYMag2IEpRxaI&google_cver=1
Request Chain 261
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHujYF8bLAavx7YR_umcgwc&google_cver=1&google_push=AXcoOmSxq1mAhAZ2Wxvd6ZCotRiCSFXZn8kWXVocY0PbScJTnLe7GxgiuuOuG3f_ey_ICDNFItkIoIBGAdNi6n3pZ7W8WIS2zReI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4Njk3MTU1MzEzMDA4NDUwOA%3D%3D&google_push=AXcoOmSxq1mAhAZ2Wxvd6ZCotRiCSFXZn8kWXVocY0PbScJTnLe7GxgiuuOuG3f_ey_ICDNFItkIoIBGAdNi6n3pZ7W8WIS2zReI
Request Chain 264
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHTlytaJpTnntfnqdhCRdVg&google_cver=1&google_push=AXcoOmQVA6jywHEIYXU-4ec8uT4SmhnbL9LvDMz0UQvv3fbhUKqRZLm7VUQqCuHh0df5iamxWltdx4YReFxW1jzc9OMknjkFdQI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHTlytaJpTnntfnqdhCRdVg&google_hm=ZSCGBUp514elSDxBXhFiZAAACJQAAAAB&google_nid=index&google_push=AXcoOmQVA6jywHEIYXU-4ec8uT4SmhnbL9LvDMz0UQvv3fbhUKqRZLm7VUQqCuHh0df5iamxWltdx4YReFxW1jzc9OMknjkFdQI
Request Chain 265
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPYmjjl1OXC15w-wXVsIrnY&google_cver=1&google_push=AXcoOmSMTOgrSkPXpTv-umCxmG-GbnFLaiknoPOr7WYsRrZom9-kuFeqoeoWVYMGledf4Kh3szBGX7WfHP6AQN3OurCk9w6GsmQ HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPYmjjl1OXC15w-wXVsIrnY&google_cver=1&google_push=AXcoOmSMTOgrSkPXpTv-umCxmG-GbnFLaiknoPOr7WYsRrZom9-kuFeqoeoWVYMGledf4Kh3szBGX7WfHP6AQN3OurCk9w6GsmQ&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSMTOgrSkPXpTv-umCxmG-GbnFLaiknoPOr7WYsRrZom9-kuFeqoeoWVYMGledf4Kh3szBGX7WfHP6AQN3OurCk9w6GsmQ&google_hm=HcVzsGZHm0I66I6aS7G1i_gI
Request Chain 266
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEI00hkIgG3mcyzplASvlcuk&google_cver=1&google_push=AXcoOmSZZCnpz-Ba0EIGqMs8oxPEeF1GboxsdFgrlhjCB1UcsJOFGnYZX9wiBSp_Z-9RBBMhza9uxmQ7Vm79chKzOR2VrZlVe79T HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSZZCnpz-Ba0EIGqMs8oxPEeF1GboxsdFgrlhjCB1UcsJOFGnYZX9wiBSp_Z-9RBBMhza9uxmQ7Vm79chKzOR2VrZlVe79T
Request Chain 270
  • https://ihg.demdex.net/event?d_event=imp&d_src=17025&d_creative=199413901&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=1176382447 HTTP 302
  • https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199413901&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=1176382447
Request Chain 273
  • https://ihg.demdex.net/event?d_event=imp&d_src=17025&d_creative=199413901&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=4166958040 HTTP 302
  • https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199413901&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=4166958040
Request Chain 276
  • https://ihg.demdex.net/event?d_event=imp&d_src=17025&d_creative=199413901&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=3173044097 HTTP 302
  • https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199413901&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=3173044097
Request Chain 278
  • https://um.simpli.fi/gp_match?google_gid=CAESEGGTgRCu_RiMTj7nLkrhud4&google_cver=1&google_push=AXcoOmRUtFYcWejR99PmRcKLPv6oxoys13fqRjua3XdN4KGLMG3-3rm0LmQyO4kThkKrSvQdo3GZKbcYyS6ks-30KByf04VpZRFF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5460645101BF4468A7969F24CCE7C9D2&google_push=AXcoOmRUtFYcWejR99PmRcKLPv6oxoys13fqRjua3XdN4KGLMG3-3rm0LmQyO4kThkKrSvQdo3GZKbcYyS6ks-30KByf04VpZRFF
Request Chain 281
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEI00hkIgG3mcyzplASvlcuk&google_cver=1&google_push=AXcoOmQEtx0MFZiwhhIGk0v7iAPa5G1K105Q5Sfp2UUBuOXPxxkEqEUcKWNO4uIJYkmlPmHfvFhLIGNA7i1WXpDCqiWwDqeOHnH6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQEtx0MFZiwhhIGk0v7iAPa5G1K105Q5Sfp2UUBuOXPxxkEqEUcKWNO4uIJYkmlPmHfvFhLIGNA7i1WXpDCqiWwDqeOHnH6
Request Chain 282
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEI00hkIgG3mcyzplASvlcuk&google_cver=1&google_push=AXcoOmQl_DgVdIHZbc4aZq4hRQPM8DItF5pfzoFcsOLqob0N3JsaXHfLjAQe8stSypeZI-Kq4Dtpw474D80dBjhD-qnyVTnzLcS8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQl_DgVdIHZbc4aZq4hRQPM8DItF5pfzoFcsOLqob0N3JsaXHfLjAQe8stSypeZI-Kq4Dtpw474D80dBjhD-qnyVTnzLcS8 HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 287
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOXN7wfJBmfvCMCX4hdE3j4&google_cver=1&google_push=AXcoOmSCl1_kDjm4UGYl0P3NsIFjYjUdtu3ZV0IaZ3PEogHy2Cus2rWsPVnQzWhtpeEPRP95dhUUrWPcGYgEZWtdLSxmYLa1HzCs_Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOXN7wfJBmfvCMCX4hdE3j4&google_push=AXcoOmSCl1_kDjm4UGYl0P3NsIFjYjUdtu3ZV0IaZ3PEogHy2Cus2rWsPVnQzWhtpeEPRP95dhUUrWPcGYgEZWtdLSxmYLa1HzCs_Q
Request Chain 290
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAxaBBJzn-CbXA3Msw3ODG0&google_cver=1&google_push=AXcoOmT-92IV1AMnFlxkE-QtJMPJ4aje7P9KLiVLqr3yEPArmSqU2pURrbp7BpCk22YcqO2FWnhAzJIZ01OrP0gm69TaR2HR3HVK9g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5GNVVaUjctQy02Q1E5&google_push=AXcoOmT-92IV1AMnFlxkE-QtJMPJ4aje7P9KLiVLqr3yEPArmSqU2pURrbp7BpCk22YcqO2FWnhAzJIZ01OrP0gm69TaR2HR3HVK9g
Request Chain 292
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEI00hkIgG3mcyzplASvlcuk&google_cver=1&google_push=AXcoOmQqb2s798yc5dytzpQnpok4ZlkAPCL65OD49-ribb8TKfD7M4wOYuwgfgkH2WpCfcpUyFb-U4uSUF8Slo6hXtErQaoqkdLUJA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQqb2s798yc5dytzpQnpok4ZlkAPCL65OD49-ribb8TKfD7M4wOYuwgfgkH2WpCfcpUyFb-U4uSUF8Slo6hXtErQaoqkdLUJA
Request Chain 395
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSCGBUp514elSDxBXhFiZAAACJQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHTlytaJpTnntfnqdhCRdVg&google_cver=1
Request Chain 397
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSCGBUp514elSDxBXhFiZAAACJQAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSCGBUp514elSDxBXhFiZAAACJQAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 399
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=0348644b-f21a-4e01-b71f-3bac2f59f32c&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 400
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455421488293363
Request Chain 401
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZSCGBQAVzsZ5FgA_
Request Chain 404
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 405
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=290FDCC0-79CE-4D73-920B-72E06B032633&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=290FDCC0-79CE-4D73-920B-72E06B032633&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 406
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3816782713399180414&gdpr=0&gdpr_consent=
Request Chain 407
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JMmjSirKoUM_mKMfdpm8GSGep0M_yqFDIsgWai_w
Request Chain 408
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KQ_cwHnOTXOSC3LgawMmMw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 410
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=942093340 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=290FDCC0-79CE-4D73-920B-72E06B032633
Request Chain 411
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=290FDCC0-79CE-4D73-920B-72E06B032633 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aTI4RVdESU1mdzNSLTJlbm9odFMtS1J4UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8785908147014257948&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 412
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjkwRkRDQzAtNzlDRS00RDczLTkyMEItNzJFMDZCMDMyNjMz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 413
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPtIY53Of7HwwyAgDsdpz_Y&google_cver=1
Request Chain 415
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8785908147014257948

417 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mlive.com/
Redirect Chain
  • http://www.sign-verifymailaccountxsa.duckdns.org/
  • https://mlive.com/
  • https://www.mlive.com/
453 KB
84 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f9bfdd3a464a0d30774672616e5b5a692359b0e78863abbb5dbf7f905d2428db
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-true-ttl
-1
cache-control
private, max-age=60
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Fri, 06 Oct 2023 22:11:14 GMT
etag
W/"702e5-5kRIaFQPvbSdHcK8/HNO6dNerGs"
expires
Fri, 06 Oct 2023 22:12:14 GMT
last-modified
Fri, 06 Oct 2023 22:10:20 GMT
prerender-cache-tag
prerender-advancelocal-mlive-prod-b308edcd
referrer-policy
no-referrer-when-downgrade
server
openresty
server-timing
cdn-cache; desc=HIT edge; dur=45 origin; dur=0 ak_p; desc="1696630274781_389027508_445720890_4540_10018_5_69_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 83535 0 pmb=mRUM,2
x-amz-cf-id
RBcvYRvORVQx-zZV7bJM-GQgBU56BYL52qiD-O4D4cGalD7_a3Lpkw==
x-amz-cf-pop
FRA56-P7
x-arc-pb-request-id
ab64b5b8-f2da-41ea-bf39-38e911c62df0 a18f86c4-706f-4112-bddc-52896b70835b
x-arc-request-id
0.b4163017.1696630274.1a91293a

Redirect headers

content-length
134
content-type
text/html
date
Fri, 06 Oct 2023 22:11:14 GMT
location
https://www.mlive.com:443/
server
awselb/2.0
default.css
www.mlive.com/pf/dist/components/output-types/ 		45 B
611 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/output-types/default.css?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1696630275.1a912b47
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1696630275038_389027508_445721415_838_11079_6_0_255";dur=1
content-length
57
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:02:06 GMT
server
openresty
etag
"534bb0614e61e484cae7d5dc8ecc424c"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
gLDQZETj1XGTu2y4GGxKUrCXbZRj7dTF2qg4nxcIzyKvpJHtsPimTg==
expires
Sat, 05 Oct 2024 22:11:15 GMT
default.css
www.mlive.com/pf/dist/components/combinations/ 		421 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
556445e2f9066b537a1f6fd90cf07c0371f48b125f7ceee0208502626aa76f0b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL58-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1696630275.1a912b48
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1696630275030_389027508_445721416_160_8004_6_0_255";dur=1
content-length
64882
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:02:06 GMT
server
openresty
etag
W/"cba5afa6ff813c885b9921a62e8361d4"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
dLQFFtC6N9uyIuWxa7VSmiXabS6Ql7_hwLISheVLhPSdDtUC_3sMNg==
expires
Sat, 05 Oct 2024 22:11:15 GMT
style.css
www.mlive.com/pf/resources/dist/mlive/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
fbae957908d4237a9b3454d8c3efc563d6311c556888e9e3234088696330e69f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL58-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1696630275.1a912b49
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1696630275031_389027508_445721417_220_7310_6_0_255";dur=1
content-length
510
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:02:05 GMT
server
openresty
etag
W/"8155dde32e7f8a450b43387a34e0a93b"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
wSrFO_pB5FB8Qz-FCaQ_sqUIQPATlclFkQ8NOkdhaRMl0zcIv_v47g==
expires
Sat, 05 Oct 2024 22:11:15 GMT
react.js
www.mlive.com/pf/dist/engine/ 		339 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/engine/react.js?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
49266b870070451555426f23686d7c2839e9e7ff91cfa5fe10b05de32ed9efa9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1696630275.1a912c13
server-timing
cdn-cache; desc=HIT, edge; dur=28, ak_p; desc="1696630275096_389027508_445721619_3130_10985_6_0_146";dur=1
content-length
105635
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:02:07 GMT
server
openresty
etag
W/"051cfb00adecde376524d069022bab75"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
ZSwAKqDsVuTfpH9sjYh9T8FIDCWTTHLuea1XM6nvdm05AI68HCs0Zg==
expires
Sat, 05 Oct 2024 22:11:15 GMT
default.js
www.mlive.com/pf/dist/components/combinations/ 		2 MB
467 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/combinations/default.js?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
812b959d6d83258a5af91753b1fbe5a8c966f49785b688e8b8d3ffd076a6f452
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL58-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1696630275.1a912c6b
server-timing
cdn-cache; desc=HIT, edge; dur=37, ak_p; desc="1696630275121_389027508_445721707_3858_10594_9_0_146";dur=1
content-length
477708
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:02:07 GMT
server
openresty
etag
W/"e2092932f77711affd389d20dc08e42f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
-pRVs0QXByWFySrjI8p0SO6fPOh3FHRzk3lWJvTLkBxBu3_mJ4Pefg==
expires
Sat, 05 Oct 2024 22:11:15 GMT
166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
www.mlive.com/pf/resources/fonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1696630275.1a912b4a
server-timing
cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1696630275030_389027508_445721418_703_8059_6_0_219";dur=1
content-length
54391
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:02:05 GMT
server
openresty
etag
W/"63c3700153fd19bac6ac63c816251c03"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
xDLrfhBaVdVPuVhLBR1lJpYQObNBnrD7rzTostoRFYMzSaspqwMojg==
expires
Sat, 05 Oct 2024 22:11:15 GMT
448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
www.mlive.com/pf/resources/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1696630275.1a912b4b
server-timing
cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1696630275030_389027508_445721419_687_8022_6_0_219";dur=1
content-length
53376
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:02:05 GMT
server
openresty
etag
W/"00b8650c0e6992c5c9ced8f621e43ffd"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
hUGasCYUFi6_lcL5RgGv2VgawX7d9mNSIePLO1s34jm1YHRkWU1CSg==
expires
Sat, 05 Oct 2024 22:11:15 GMT
a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff
www.mlive.com/pf/resources/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1696630275.1a912b4c
server-timing
cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1696630275030_389027508_445721420_795_7600_6_0_219";dur=1
content-length
53862
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:02:05 GMT
server
openresty
etag
W/"527a99c70868c89d6be3cc11a8feb999"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
sK92ceJJItTMmBpCtZBxojuFZZWpKTe_sfHjKobupWSQmWAxwdv7JA==
expires
Sat, 05 Oct 2024 22:11:15 GMT
farnhamheadline-medium.woff
www.mlive.com/pf/resources/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/farnhamheadline-medium.woff?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1696630275.1a912b4d
server-timing
cdn-cache; desc=HIT, edge; dur=18, ak_p; desc="1696630275032_389027508_445721421_1990_6593_6_0_219";dur=1
content-length
36831
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:02:06 GMT
server
openresty
etag
W/"05b85684cbf3bc11490297c50cfd67c3"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
jmNqwqZRDcZhZlR2xDfW82s5vhkPIsvnzGMM5nLJZ7ygVIRaBYjxxQ==
expires
Sat, 05 Oct 2024 22:11:15 GMT
farnhamheadline-semi-bold.woff
www.mlive.com/pf/resources/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/farnhamheadline-semi-bold.woff?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD56-P6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1696630275.1a912b4e
server-timing
cdn-cache; desc=HIT, edge; dur=42, ak_p; desc="1696630275030_389027508_445721422_4299_7917_11_0_219";dur=1
content-length
37066
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:02:06 GMT
server
openresty
etag
W/"c9a8222fbabe6b700baacd21dd7a1f61"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
KfZrLy5LVeD66aAh3x9TMrx5aeAfiS7U8Ba0ME-a_YdPCBpJNSdMkg==
expires
Sat, 05 Oct 2024 22:11:15 GMT
O2HMJSUWMRAI7LLFP4LXMOSURA.jpg
www.mlive.com/resizer/Cu8IhbghNeUfnhoBEGadTw3BN04=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/Cu8IhbghNeUfnhoBEGadTw3BN04=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/O2HMJSUWMRAI7LLFP4LXMOSURA.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
94f1d3480679dc97247747bc153e1736946823bcdc976f494fe930572cc91608
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 06 Oct 2023 22:11:15 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 17:38:26 GMT
server
Akamai Image Manager
x-serial
553
x-check-cacheable
YES
etag
"cfd11e3a8e94709833d4886de637b12cd9a2276e"
x-arc-request-id
0.b4163017.1696630275.1a912cae
content-type
image/avif
cache-control
private, no-transform, max-age=31519590
server-timing
cdn-cache; desc=HIT, edge; dur=28, ak_p; desc="1696630275150_389027508_445721774_3631_13789_9_0_219";dur=1
content-length
41279
expires
Sat, 05 Oct 2024 17:37:45 GMT
iabCcpaIntegrationScript-noGAM.js
cdn.cookielaw.org/opt-out/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Oct 2023 22:11:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ZkLmnzyu8aoAQNwZHm6Yqw==
age
24828
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fa68c390-601e-0029-357c-eb07f7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
81213d33aa674d2b-FRA
logo_main.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_main.svg?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
MIA3-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1696630275.1a912caf
server-timing
cdn-cache; desc=HIT, edge; dur=18, ak_p; desc="1696630275144_389027508_445721775_2115_7913_9_0_146";dur=1
content-length
660
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:02:06 GMT
server
openresty
etag
W/"351c57e1a77c618772f5966a7f2094ee"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
iqt0tqa5QI6nuz6I-VzFv7wRGDZE2M6ss9cBu2-xTZnqnhu1f19PHg==
expires
Sat, 05 Oct 2024 22:11:15 GMT
logo_main_sm.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_main_sm.svg?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1696630275.1a912cb0
server-timing
cdn-cache; desc=HIT, edge; dur=20, ak_p; desc="1696630275144_389027508_445721776_2368_8323_9_0_146";dur=1
content-length
902
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:02:06 GMT
server
openresty
etag
W/"cb98cda61d359616349bbc2a92540ddb"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
Xi9r3XMe2UaR9JKkeVp4a77oMBLaWqI_-P0T15YgYP6RMdXLFdsiYw==
expires
Sat, 05 Oct 2024 22:11:15 GMT
social-monochrome.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/social-monochrome.svg?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1696630275.1a912cb1
server-timing
cdn-cache; desc=HIT, edge; dur=12, ak_p; desc="1696630275144_389027508_445721777_1518_8127_9_0_146";dur=1
content-length
603
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:02:06 GMT
server
openresty
etag
W/"7819fa78e2e7770bb40587187d83cb87"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
pPTChozXDFtUXtUH-gDMplV12Gv7UdQPwWb_OlejxHHZVKOneMSU3w==
expires
Sat, 05 Oct 2024 22:11:15 GMT
logo_footer.png
www.mlive.com/pf/resources/images/mlive/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_footer.png?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5fe498f984078cc4039385dc4a4befa8cbd53ae03eb24187cac828668ca60415
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 06 Oct 2023 22:11:15 GMT
x-check-cacheable
YES
x-arc-request-id
0.b4163017.1696630275.1a912cb2
server-timing
cdn-cache; desc=HIT, edge; dur=39, ak_p; desc="1696630275145_389027508_445721778_4376_11670_9_0_146";dur=1
content-length
1579
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:03:36 GMT
server
Akamai Image Manager
x-serial
1340
etag
W/"be8042e858f0c6b5cd87834c8aafe76d"
content-type
image/avif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31506684
expires
Sat, 05 Oct 2024 14:02:39 GMT
AdvanceLocal_horizontal.svg
www.mlive.com/pf/resources/images/common/logos/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/logos/AdvanceLocal_horizontal.svg?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
702c805fec65a8cc8c6c40aed34123b021e5ed6107cc6dfdebc4b0fc2e229887
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
MIA3-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1696630275.1a912cb3
server-timing
cdn-cache; desc=HIT, edge; dur=13, ak_p; desc="1696630275144_389027508_445721779_1663_8048_9_0_146";dur=1
content-length
3554
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:02:06 GMT
server
openresty
etag
W/"3770993da506fb6d4bbccfcdcc3a4800"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
v3Nnr5POs0OXvxB1RdagrtZF3diJRaeC049Xjhj2UnAsyT4LMbOBOQ==
expires
Sat, 05 Oct 2024 22:11:15 GMT
privacyoptions29x14.png
www.mlive.com/pf/resources/images/common/icons/ 		626 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/privacyoptions29x14.png?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
81d96c2c7c2e932a708503820d985a2cec124fb641787b758321ffae78359ce8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 06 Oct 2023 22:11:15 GMT
x-check-cacheable
YES
x-arc-request-id
0.b4163017.1696630275.1a912cb4
server-timing
cdn-cache; desc=HIT, edge; dur=44, ak_p; desc="1696630275146_389027508_445721780_4915_10861_7_0_146";dur=1
content-length
626
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:04:45 GMT
server
Akamai Image Manager
x-serial
1032
etag
W/"3becc0b0069622544a1ffb2da90eebe3"
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31506790
expires
Sat, 05 Oct 2024 14:04:25 GMT
ad-choices-arrow.png
www.mlive.com/pf/resources/images/common/logos/ 		190 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/logos/ad-choices-arrow.png?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 06 Oct 2023 22:11:15 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:03:50 GMT
server
Akamai Image Manager
etag
W/"c6e75cc6be8dcb2f2d1ab36209f3c3b7"
x-arc-request-id
0.b4163017.1696630275.1a912cb5
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31506685
server-timing
cdn-cache; desc=HIT, edge; dur=54, ak_p; desc="1696630275153_389027508_445721781_6495_13941_6_0_146";dur=1
content-length
190
expires
Sat, 05 Oct 2024 14:02:40 GMT
v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
satisfycork.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e028d0f111689896548323fb7598db807d18599fc28521d5ed5f74668710e6d3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Fri, 06 Oct 2023 22:11:15 GMT
x-datacenter
gce-europe-west1
etag
"c6087e1cec1223ec9dd0e859bc9f86e0e122f55a1075f12ae8837b114a506cd1"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-44s9
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
998028631
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sophi.min.js
cdn.sophi.io/advancelocal/ 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sophi.io/advancelocal/sophi.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.2.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-2-94.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b9afeb90db17ffa772a8bbc38f8ae37524ac4c0660dfc228f528cfe36a38d53d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 02:49:43 GMT
x-amz-version-id
.qZXsiAWjTa0yWFLcXE5U.grm2eEgIL7
content-encoding
br
last-modified
Mon, 27 Feb 2023 17:38:35 GMT
server
AmazonS3
via
1.1 cb7980ab2017aee51ecce59a2678b358.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P4
x-amz-server-side-encryption
AES256
etag
W/"0915af152c652f927c398faa26e9904b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
69693
x-amz-cf-id
kNO6Er3UfSaRCGOJ_WQIb5FpeTKB-FD8gOW2RZPQE2e1MTzrLhaWWw==
al-mlive.segments.min.js
apps.sophi.io/latest/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.sophi.io/latest/al-mlive.segments.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-48.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0709e11f34bb1e47193a170bc8baf94732a32a867443b29be840c550cc03981d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
5x.gfjtiZoE7IFt5eELjKuStLmrI5ZXL
content-encoding
gzip
via
1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
date
Fri, 06 Oct 2023 22:11:15 GMT
last-modified
Thu, 09 Feb 2023 19:54:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
101
x-amz-server-side-encryption
AES256
etag
W/"25a09f4745cf7bc62917c4a8bea2a575"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=0
x-amz-cf-id
gPr2BOeCVCNJKZyJ4DSqj5RYokH9xHuod54KU5s0zK0DmfVW4CNBpQ==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
h6ThlO7ea17v6JNPXbI1zQ==
age
48057
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6822
x-ms-lease-status
unlocked
last-modified
Thu, 05 Oct 2023 06:23:34 GMT
server
cloudflare
etag
0x8DBC56B9A6B87F1
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
97221694-301e-000b-33c5-f7c2e8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81213d33aa684d2b-FRA
SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:38a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Sun, 24 Sep 2023 15:58:37 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
gtm.js
www.googletagmanager.com/ 		481 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e8ff96f34e3df3fd72dae99e3f3d83ec463c7c0cc4098abac65591a4dcef0a62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
135928
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Oct 2023 22:11:15 GMT
chevron-white.svg
www.mlive.com/pf/resources/images/common/arrows/ 		864 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/arrows/chevron-white.svg?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1145
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1145
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1696630275.1a912cb6
server-timing
cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1696630275144_389027508_445721782_725_7990_9_0_146";dur=1
content-length
486
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:02:06 GMT
server
openresty
etag
W/"691552a6377a1dfc9eeae87d6aeb8931"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
5__XZyfWsKP5qGL3HuY-rT8KN0Ga_0JSbbH9HUZjbuhPRNEjEQJu5A==
expires
Sat, 05 Oct 2024 22:11:15 GMT
newsletter.svg
www.mlive.com/pf/resources/images/mlive/promo/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/promo/newsletter.svg?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1145
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a7e702f15b65f58d32945e27b8416dac2811afad1a828a9a617d5c0c1cc85b21
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1145
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD56-P6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1696630275.1a912cb7
server-timing
cdn-cache; desc=HIT, edge; dur=9, ak_p; desc="1696630275146_389027508_445721783_1450_9125_9_0_146";dur=1
content-length
1059
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:02:06 GMT
server
openresty
etag
W/"22c89d844df3fcb416b9291f7e668863"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
QAbyQFgU0d5MZknB-unzxHUf8y4i84mbf5L47nZGkysHu7Et_IC_VA==
expires
Sat, 05 Oct 2024 22:11:15 GMT
chevron-black-right.svg
www.mlive.com/pf/resources/images/common/arrows/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/arrows/chevron-black-right.svg?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1145
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1145
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1696630275.1a912cb8
server-timing
cdn-cache; desc=HIT, edge; dur=65, ak_p; desc="1696630275144_389027508_445721784_6834_8292_6_0_219";dur=1
content-length
746
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:02:06 GMT
server
openresty
etag
W/"4347be806f2c6a630a5407afb75ab920"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
rg2l3O2UORGsD3i3UY0CZUd1iwCSHqU2iOhCvg7o5g8_tY7C26f63g==
expires
Sat, 05 Oct 2024 22:11:15 GMT
CJAMOGB5FJATHDCN6PBJVNTVDQ.jpg
www.mlive.com/resizer/OKVerU0hAgcBjq7n5Sevy2ZxCDE=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/OKVerU0hAgcBjq7n5Sevy2ZxCDE=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/CJAMOGB5FJATHDCN6PBJVNTVDQ.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1a469ff79765d6cac20235109f11f0a2da02e4fa2fa374b831680c77489e88ce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 06 Oct 2023 22:11:15 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 18:38:40 GMT
server
Akamai Image Manager
etag
"c8d66f023db56053d61226fe1ec4b1aaadfc022d"
x-arc-request-id
0.b4163017.1696630275.1a912d43
content-type
image/avif
cache-control
private, no-transform, max-age=31523168
server-timing
cdn-cache; desc=HIT, edge; dur=97, origin; dur=0, ak_p; desc="1696630275193_389027508_445721923_10704_10717_8_0_219";dur=1
content-length
77695
expires
Sat, 05 Oct 2024 18:37:23 GMT
PANTC2BGFJAEJKBO3ZOLZRUTNU.jpg
www.mlive.com/resizer/BBjHH47qRs8MA7fDT8szy4L26S4=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/BBjHH47qRs8MA7fDT8szy4L26S4=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/PANTC2BGFJAEJKBO3ZOLZRUTNU.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9d62d9aea2bff2d1ac55b1ba27810da80cb67f89a5d4395167cc610f62baba12
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 06 Oct 2023 22:11:15 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 19:54:53 GMT
server
Akamai Image Manager
etag
"dc962c0804480c57babd55eda162bc4507a54953"
x-arc-request-id
0.b4163017.1696630275.1a912d44
content-type
image/avif
cache-control
private, no-transform, max-age=31527760
server-timing
cdn-cache; desc=HIT, edge; dur=384, origin; dur=0, ak_p; desc="1696630275193_389027508_445721924_39332_10014_12_0_146";dur=1
content-length
30307
expires
Sat, 05 Oct 2024 19:53:55 GMT
CXMVPSNFQ5EI5EHVULE3INUTAU.JPG
www.mlive.com/resizer/TzOC3ffVarCYYZx1A5Ulk9Mt47M=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/TzOC3ffVarCYYZx1A5Ulk9Mt47M=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/CXMVPSNFQ5EI5EHVULE3INUTAU.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e1d772e2bc257233f5107749498de4cfd3402a6e768e079e1a78fee56c0d9468
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 06 Oct 2023 22:11:15 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 19:24:09 GMT
server
Akamai Image Manager
x-serial
1813
x-check-cacheable
YES
etag
"4d1029fae23bc98244f6ef3a953a1a006adb12b4"
x-arc-request-id
0.b4163017.1696630275.1a912d45
content-type
image/avif
cache-control
private, no-transform, max-age=31525943
server-timing
cdn-cache; desc=HIT, edge; dur=83, origin; dur=0, ak_p; desc="1696630275193_389027508_445721925_9304_10792_8_0_146";dur=1
content-length
38106
expires
Sat, 05 Oct 2024 19:23:38 GMT
2D375QTOWVGVVAM5TDBBPQYZEM.jpg
www.mlive.com/resizer/qxbhb5yH2Gis49OzcwuLrSwHQXA=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/qxbhb5yH2Gis49OzcwuLrSwHQXA=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/2D375QTOWVGVVAM5TDBBPQYZEM.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
78e87484dde71edfb64644cd383b0a084f9790391d4878d653ccd46c7adcfb70
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 06 Oct 2023 22:11:15 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 19:33:13 GMT
server
Akamai Image Manager
x-serial
356
x-check-cacheable
YES
etag
"e42bf7cfa5daa1190094380cddd731c7b94ea8fb"
x-arc-request-id
0.b4163017.1696630275.1a912d46
content-type
image/avif
cache-control
private, no-transform, max-age=31526660
server-timing
cdn-cache; desc=HIT, edge; dur=129, origin; dur=0, ak_p; desc="1696630275194_389027508_445721926_13832_9646_8_0_146";dur=1
content-length
61655
expires
Sat, 05 Oct 2024 19:35:35 GMT
QIU3S2B27ZBMDPQHB7M4PGA2AY.jpg
www.mlive.com/resizer/uQKVLswMnFVXboo_1_xGXo16g2g=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/uQKVLswMnFVXboo_1_xGXo16g2g=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/QIU3S2B27ZBMDPQHB7M4PGA2AY.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
01bdef6899556557278bc7b2625c85ac6db906abf6a1f90ea1c785bd779e905b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 06 Oct 2023 22:11:15 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 21:06:56 GMT
server
Akamai Image Manager
etag
"289abc67ebca7d6cdf519945d3c69c34fd9283a7"
x-arc-request-id
0.b4163017.1696630275.1a912d47
content-type
image/avif
cache-control
private, no-transform, max-age=31532141
server-timing
cdn-cache; desc=HIT, edge; dur=414, origin; dur=0, ak_p; desc="1696630275194_389027508_445721927_42347_9666_7_0_146";dur=1
content-length
13111
expires
Sat, 05 Oct 2024 21:06:56 GMT
ZQ6AKHU3FNA6DPWU6REY3KIO3Q.jpg
www.mlive.com/resizer/wo_rkXU0841Fis1pqnDXaTgXNkQ=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/wo_rkXU0841Fis1pqnDXaTgXNkQ=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ZQ6AKHU3FNA6DPWU6REY3KIO3Q.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
57f3eaf90d3458244d6123682e014e563e5973d634ee0e96860920cf6876f1d6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 06 Oct 2023 22:11:15 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 19:20:30 GMT
server
Akamai Image Manager
x-serial
748
x-check-cacheable
YES
etag
"5bf50da8a393541db3ddb1a7cd6d399c5f19fae8"
x-arc-request-id
0.b4163017.1696630275.1a912d48
content-type
image/avif
cache-control
private, no-transform, max-age=31525768
server-timing
cdn-cache; desc=HIT, edge; dur=146, origin; dur=0, ak_p; desc="1696630275193_389027508_445721928_15440_10611_13_0_146";dur=1
content-length
31781
expires
Sat, 05 Oct 2024 19:20:43 GMT
QCDSS54SCNEUNK6SBBX6UBLJGA.jpg
www.mlive.com/resizer/sGLmluS8p3S4yxNV0UDpTKuvM_g=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/sGLmluS8p3S4yxNV0UDpTKuvM_g=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/QCDSS54SCNEUNK6SBBX6UBLJGA.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
af94fc09d431a736245c0e59d0c2efb0a04ae78499cd702bf23fe33490eb0777
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 06 Oct 2023 22:11:15 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Sep 2023 17:07:34 GMT
server
Akamai Image Manager
etag
"7689fe7fdfe4e8426bbe7b638d1076ac72d60969"
x-arc-request-id
0.b4163017.1696630275.1a912d49
content-type
image/avif
cache-control
private, no-transform, max-age=30653905
server-timing
cdn-cache; desc=HIT, edge; dur=12, ak_p; desc="1696630275193_389027508_445721929_2122_10381_6_0_146";dur=1
content-length
30240
expires
Wed, 25 Sep 2024 17:09:40 GMT
ADIMPINPDFDU5K7JCWPMM2XTRM.JPG
www.mlive.com/resizer/gaVFAWLPdbtE8EqrxirUsBu1W-U=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/gaVFAWLPdbtE8EqrxirUsBu1W-U=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ADIMPINPDFDU5K7JCWPMM2XTRM.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7e46eaf30b9ae0e2b5adcfee2b6df2e9721bc9b9a353fc80c67bc4960bd3157c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 06 Oct 2023 22:11:15 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 20:15:03 GMT
server
Akamai Image Manager
etag
"20bbf99991da8cd74619dda0e4157cc85442c8cf"
x-arc-request-id
0.b4163017.1696630275.1a912d4a
content-type
image/avif
cache-control
private, no-transform, max-age=31529121
server-timing
cdn-cache; desc=HIT, edge; dur=504, origin; dur=0, ak_p; desc="1696630275193_389027508_445721930_51362_10117_11_0_146";dur=1
content-length
39487
expires
Sat, 05 Oct 2024 20:16:36 GMT
TP7WIZ6PC5HQLBTPBLASRDJH5E.JPG
www.mlive.com/resizer/oKivw71EnvDzJb4SJGc3ujwPvFc=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/oKivw71EnvDzJb4SJGc3ujwPvFc=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/TP7WIZ6PC5HQLBTPBLASRDJH5E.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4920b4a1784410c00403badedf0b60055ba282d694d54a826920915f65dc130c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 06 Oct 2023 22:11:15 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 24 Sep 2023 18:28:31 GMT
server
Akamai Image Manager
x-serial
1005
x-check-cacheable
YES
etag
"2d07740873cb36461c798b5906c122bc5dbca5a6"
x-arc-request-id
0.b4163017.1696630275.1a912d4b
content-type
image/avif
cache-control
private, no-transform, max-age=30485899
server-timing
cdn-cache; desc=HIT, edge; dur=168, origin; dur=0, ak_p; desc="1696630275193_389027508_445721931_17752_10699_15_0_146";dur=1
content-length
37715
expires
Mon, 23 Sep 2024 18:29:34 GMT
92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28a669c7ee4519c5c60a775a5c32da42e3288e5277ed89318e5f1658b97aefbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
28983
content-md5
xyYCAi3W1qEGA7WYnxS3KQ==
content-length
1791
x-ms-lease-status
unlocked
last-modified
Tue, 03 Oct 2023 14:03:42 GMT
server
cloudflare
etag
0x8DBC4198CE8BF88
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9bf019ea-601e-004b-5b02-f6c5d0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81213d3418753a5a-FRA
expires
Sat, 07 Oct 2023 22:11:15 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adunitid=mjoqz&adnum=177735
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 02:16:03 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
22881313
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
dFLj73zVKfhyVj5gRpO6dGTo9miP73qaD9prZVO3B_WI6aoA1OwY7w==
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
600
content-length
0
date
Fri, 06 Oct 2023 22:11:15 GMT
server
nginx
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/advancelocal/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 06 Oct 2023 22:11:15 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
q9b9clsZLLfdBtwdmheOfdbmJj61AqqK
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
br
last-modified
Wed, 16 Aug 2023 09:22:55 GMT
x-amz-request-id
VAV0CSCY9Q57MG1W
etag
"ee3af1e29ac1607ef3d41c515d1e05ad"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3418
x-amz-id-2
cPLXOZ6L+iEYmfx3GteX84SDKFgFy2jW1mYBv+PrrEQ7WbkP6ayrYDP4RTkijM74SIevbeZWGtNQgP70TTKcNQ==
script.js
h312.mlive.com/ 		139 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/script.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
11f08bc0ed24c4b85ca08b55c13b3b3aa2ca53f67c6fd98041f05246380c0779
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:03:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
age
489
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
42758
x-xss-protection
1; mode=block
last-modified
Fri, 06 Oct 2023 22:03:06 GMT
server
-
etag
1e264e6d7f1c776a3daac76f6642e454
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
SfZBY1gibkjvhpe3P0FTnBhPY6ctukgdPaJncaOQco0oidtoWGv55g==
expires
Fri, 06 Oct 2023 22:13:06 GMT
moatheader.js
z.moatads.com/advanceddigitalheader640552616592/ 		242 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-133.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
17c3dab99f83d00fa510dcb7428bc4f045768515e29d825ca53dbb678dbdb05b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 09:39:58 GMT
server
AmazonS3
x-amz-request-id
BXRMRAF8MXQXTC8Y
etag
"47dd75b69c34845d5885471bccb21f88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=18228
accept-ranges
bytes
content-length
86457
x-amz-id-2
Geq9HS/byl5R7LtGEcm7EEH/qiEkyQdVuq4RvSLVirYikhqCIBTAhG+rqXQ3kv80J6ORJ5qiS3k=
ats.js
ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ 		156 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-69.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb5e59be9d91ab09c743760da7054e15b0651ff22256c268c6b715a2d5f3ccf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
vARkeOieo2JNVDzbKxyldiy10m_tXtgu
content-encoding
gzip
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
date
Fri, 06 Oct 2023 21:42:01 GMT
last-modified
Wed, 04 Oct 2023 09:51:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
1755
x-amz-server-side-encryption
AES256
etag
W/"8396faf5122b62492a4e34f0e9dfe637"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
ed-jqVKRnLrZrNTJjhkjmhRG5URNxqXHlYeAFYElsMgEowbxItfF6Q==
swg.js
news.google.com/swg/js/v1/ 		204 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60723d88508a1cfecf512adfaef5b4575c905e76d2e06f313768adbe010686d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 21:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60248
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 18:48:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Oct 2023 22:15:09 GMT
load
experience.tinypass.com/xbuilder/experience/ 		338 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
date
Fri, 06 Oct 2023 22:11:15 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Oct 2023 21:50:03 GMT
server
cloudflare
age
1272
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
81213d351ad6368c-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
13gx31cd4p
expires
Fri, 06 Oct 2023 22:41:15 GMT
a
www.googletagmanager.com/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-TLXFLCR&v=3&t=t&pid=1036974437&cv=416&rv=3a40&tc=93&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&dl=www.mlive.com%2F&tdp=GTM-TLXFLCR;8133989;0;0;0&z=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=GTM-TLXFLCR&v=3&t=t&pid=1036974437&cv=416&rv=3a40&tc=93&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&dl=www.mlive.com%2F&tdp=GTM-TLXFLCR;8133989;0;0;0&z=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:15 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-TLXFLCR&v=3&t=t&pid=1036974437&cv=416&rv=3a40&tc=93&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAACA&h=Ag&z=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 06 Oct 2023 21:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1293
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 06 Oct 2023 23:49:42 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-115.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 03:29:58 GMT
Via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P3
Age
67277
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
tvIXr7xC4bfFuiAH_ZLN_Pr9t4nH_0q3w8j3ee6timBzSA6iUhFrwA==
Expires
Sat, 07 Oct 2023 03:29:58 GMT
load.js
s.ntv.io/serve/ 		613 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.203.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-203-202.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
608f9c14d8d47f4ab81d25ebab7fe78612e2732910991563683fa6856cc23d40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 22:11:15 GMT
Content-Encoding
gzip
x-amz-request-id
GZXE3329666RM661
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
OeTABL7ch6EgSmZXfOhA453S35yX+wvqQ9efd06EKODWorGy4CzmMF6llPBRVqLGjWR6aYzQrYU=
Last-Modified
Tue, 26 Sep 2023 20:33:18 GMT
Server
AmazonS3
ETag
"3497f3ecb1db86e8ca85a1428f0e92fa"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-57.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 05:05:24 GMT
content-encoding
gzip
via
1.1 61beea9b7a54f47fca4ae4dea3f52fa2.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
MXP63-P3
age
61552
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
TQa9uXFHsgn0qMSdsbyvnAjaSqaDDu4HC1qGNa_EopY9FHKGNOw8HA==
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 06 Oct 2023 22:11:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53356
x-xss-protection
0
pragma
public
x-fb-debug
CyXmg0Uf7797tfSv2YBhoFgDFUQMZQHErkZXZaMo9HIVaxolHx9Q/GSwpUOs2XrJY5uyGwbg/7CwawSIafjLdQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-etou8220045-FRA
insight.min.js
snap.licdn.com/li.lms-analytics/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 13:41:52 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=29781
accept-ranges
bytes
content-length
3822
ml.br.js
js.matheranalytics.com/static/ltm/ma63527/all/15/
Redirect Chain
  • https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1636
  • https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
142 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
68b5df8a16ee7bbfd4789f8533b7f9882f9095625a8be1f56e352bc10710484d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 08:12:48 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 07 Apr 2021 17:41:03 GMT
server
nginx
age
50307
etag
"8be38a11960c372ea9c4119961294047"
vary
Accept-Encoding
x-cache
HIT Sun, 18 Dec 2022 07:45:34 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42243

Redirect headers

date
Fri, 06 Oct 2023 22:11:15 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-served-by
2-gc-euwest1-xgfw1021
js
www.googletagmanager.com/gtag/ 		256 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d0341356cfb4d58cbb1232584946600669c49371e5d1a4db23819aa35b2cba2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89237
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Oct 2023 22:11:15 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-TLXFLCR&v=3&t=t&pid=1036974437&cv=416&rv=3a40&tc=93&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAAACA&h=Ag&tr=1gclidw.1html.1html.5html.1html.5html.1html.5html.1html.5html.1html.5html.1lcl.1lcl.1lcl.1cl.1html.5html.1html.5html.1html.5html.1html.1html.5html&ti=1gclidw.1html.1html.1html.1html.1html.1html.1html.1html.1html.1html.1html.1lcl.1lcl.1lcl.1cl.1html.1html.1html.1html.1html.1html.1html.1html.1html&z=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		66 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
81213d3539c21915-FRA
access-control-allow-headers
Content-Type
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-TLXFLCR&v=3&t=t&pid=1036974437&cv=416&rv=3a40&tc=93&es=1&e=gtag.config&eid=241&u=AAAAAAAAAAAAAACA&h=Ag&tr=1googtag.1ua.1html.5html.1html.5html.1html.5html.1html.5html.1html.5html.1paused.1cvt.1cvt.1sdl.1html.5html.1html.5html&ti=2googtag.1ua.1html.1html.1html.1html.1html.1html.1html.1html.1html.1html.2paused.2cvt.2cvt.1sdl.1html.1html.1html.1html&z=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		75 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e949e0ba546cccd944b7fc64ebc3f97123638dd1b3af8eec5732cd599c2ed46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
81213d35cac31963-FRA
vary
Accept-Encoding
content-type
text/javascript
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-TLXFLCR&v=3&t=t&pid=1036974437&cv=416&rv=3a40&tc=93&e=gtm.js&eid=1&u=AAAAAAAAAAAAAACA&h=Ag&tr=5gclidw.5lcl.5lcl.5lcl.5cl&ti=1gclidw.1lcl.1lcl.1lcl.1cl&z=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202309.1.0/ 		424 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wp4bduWb8cLN8oREjFODhQ==
age
24027
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
104423
x-ms-lease-status
unlocked
last-modified
Thu, 05 Oct 2023 06:23:30 GMT
server
cloudflare
etag
0x8DBC56B97E255E8
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c0eeac9e-501e-000d-2a95-f7f157000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81213d35ebed4d2b-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e72270f73bf7bc9102618270928acf80f21a972a149a4f912f26eb8801e7a47d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29786
x-xss-protection
0
server
cafe
etag
979 / 19636 / m202310030101 / config-hash: 4974023841911941900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 22:11:15 GMT
10071.js
micro.rubiconproject.com/prebid/dynamic/ 		511 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/10071.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1145
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
574328a322b7f4618099d133a0d1e3b04bc86078dd412bf9ee1aab597f73cb35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-10071_MI_Desktop_Mobile.js
content-type
text/javascript;charset=UTF-8
cache-control
public, must-revalidate, max-age=14400
content-length
148333
expires
Sat, 07 Oct 2023 14:59:55 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		255 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 21:52:04 GMT
content-encoding
gzip
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 19:43:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
1152
etag
W/"e1caada96468a3b669d0d0cc6ec9a23c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
q4gRRYokxxDrdW9p0tVghQH1J4yUYEI5vjkqYcgdPywzmi5O74B5_g==
lt.min.js
tags.crwdcntrl.net/lt/c/963/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fb1d13154b4b396d3ce77eb8294a859bef473d7d991624d266b0247c419a9ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 19:12:22 GMT
content-encoding
gzip
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 14:13:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
10823
x-amz-server-side-encryption
AES256
etag
W/"acf40b9beb60ff814c409d1a2b654497"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
e7kbwWYGbTUjgEJsuwgvFBTBMOSTs77imo8sLmbAhC6bRonzdF1l2A==
icon-menu-outline.svg
www.mlive.com/pf/resources/images/common/icons/ 		523 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/icon-menu-outline.svg?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1145
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
3f5684bf5aa4a6eb5c9015394c8739dff39377a73adf72c30ba511d0ab5b50f3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1145
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD56-P6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1696630275.1a91330a
server-timing
cdn-cache; desc=HIT, edge; dur=9, ak_p; desc="1696630275662_389027508_445723402_869_12999_11_0_219";dur=1
content-length
278
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:02:06 GMT
server
openresty
etag
W/"ef41b0e325b0902f9a8781e21cc20457"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
image/svg+xml
access-control-allow-origin
*, *
cache-control
public, max-age=31536000
x-amz-cf-id
6AZWBAVYNIC8lNijLRS0PPv1RdesaKb2zzPgDThA5HbBY6mExDND5w==
expires
Sat, 05 Oct 2024 22:11:15 GMT
client
accounts.google.com/gsi/ 		198 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
59a137b893436c8961cf69adc6df4108a7e9b34c849257cbee6246d6d8c5b089
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-E2EiBFMd8HwJaza8MD2zNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-E2EiBFMd8HwJaza8MD2zNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 06 Oct 2023 22:11:15 GMT
user-white.svg
www.mlive.com/pf/resources/images/common/icons/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/user-white.svg?d=1145
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1145
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1145
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1696630275.1a9133cb
server-timing
cdn-cache; desc=HIT, edge; dur=33, ak_p; desc="1696630275728_389027508_445723595_3524_12446_10_0_146";dur=1
content-length
2508
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 14:02:06 GMT
server
openresty
etag
W/"fdc13d9553130cf8463df06e8ba5682d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
ic8P1_Qeh0J2AtZrHvirvRTMr_ccNJn8S5W8JqeSI5UFnYVrBBfmhQ==
expires
Sat, 05 Oct 2024 22:11:15 GMT
/
geo.privacymanager.io/ 		30 B
610 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.179.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-179-43.lhr61.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 05:45:31 GMT
via
1.1 839063342624c89d4f9d50b54d1d62dc.cloudfront.net (CloudFront), 1.1 a05c188e51bae9a78597941cbf106e52.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3, LHR61-P7
age
59144
x-amzn-requestid
e7c46810-750b-468a-ba06-b679b4665928
x-amzn-trace-id
Root=1-651f9efb-24b654a205e81dc103168436;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
MXXHXEbxDoEELjg=
content-length
30
x-amz-cf-id
5IgZXINjJ3vPsraWAWoktsh73J4geYTmHi-o6JKOyafqFVwj79wG8g==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=45je3a40&_p=966697132&cid=362986384.1696630276&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1696630275&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&en=page_view&_fv=1&_nsi=1&_ss=1&ep.headline=undefined&ep.author=undefined&ep.entry_id=undefined&ep.page_type=homepage&ep.product=homepage-beta&ep.platform=desktop&ep.user_subscription_status=undefined&ep.ab_test_group_user=undefined&ep.search_term=undefined&ep.targeting_codes=undefined&ep.targeting_codes2=undefined&ep.targeting_codes3=undefined&ep.targeting_codes4=undefined&ep.targeting_codes5=undefined&ep.targeting_codes6=undefined&ep.entry_tags=undefined&ep.referring_subdomain=undefined&ep.browser_cookie_region=undefined&epn.monthly_visit_number=1&ep.content_region=undefined&ep.content_topics=undefined&ep.blog_category=undefined&ep.section=Home%20Page&ep.article_date_original=undefined&ep.article_date_updated=undefined&ep.entity_type=undefined&ep.entity_value=undefined&ep.auxiliaries=undefined&ep.gigya_user_id=undefined&ep.usprivacy_cookie=undefined&ep.userid_flag=false&ep.targeting_codes7=undefined&ep.targeting_codes8=undefined&ep.targeting_codes9=undefined
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p.js
cdn.parsely.com/keys/mlive.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/mlive.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Oct 2023 05:39:36 GMT
content-encoding
gzip
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
last-modified
Wed, 29 Jun 2022 14:34:05 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
59501
etag
W/"62bc62dd-df3e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
KKV797IAxFxk6Bf9Hpk4av-_yePLVx3WpOHe4lhpzv5bETU4hA1KTg==
expires
Sat, 07 Oct 2023 05:39:34 GMT
tinypass.min.js
cdn.tinypass.com/api/ 		355 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9296b739cc8d76fae4e5896d3ed9c2a80077a5ca3b055438447b94bf13149b6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
x-amz-version-id
7bU8BXfo01iAae_u2RFu1wlOE2elmex9
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
D3589WY9PCJR03RK
age
11760
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
0UHNek4K+JUVJaT6CZvPyD+on5AMhABZOWJs5ArGzrbRvl0ljTzJWqQhbGI8WJg20NYwhy9VfO0=
last-modified
Mon, 02 Oct 2023 11:08:44 GMT
server
cloudflare
etag
W/"27a34c21c7b9e95e2b98b04a8f04f7bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
81213d37bd41368c-FRA
expires
Sat, 07 Oct 2023 02:11:15 GMT
fpc
at.teads.tv/ 		0
336 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_11014&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=471b531&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 22:11:15 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.mlive.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Fri, 06 Oct 2023 22:11:15 GMT
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 21:24:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6456
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 21:11:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Oct 2023 22:14:11 GMT
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6034988&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1696630275792&ns_c=UTF-8&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&c7=https%3A%2F%2Fwww.mlive.com%2F&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&c9=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-57.mxp63.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
via
1.1 61beea9b7a54f47fca4ae4dea3f52fa2.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
MXP63-P3
x-amz-cf-id
ZEMa4UY-PcFSX2ADBSr2PsR_feslHHwf1vb4xXv2erPqfl75PHNH-g==
x-cache
Miss from cloudfront
publisher:getClientId
ampcid.google.com/v1/ 		74 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
adsct
t.co/1/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=191a7b7f-7ab3-4747-aee3-5e9320f05d5a&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=b863c0b0-1af9-474b-abae-de8765fd6333&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.29
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time
111
date
Fri, 06 Oct 2023 22:11:15 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
a58aa1f1ce183d42
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
1e7f012eebd5122ae23ac9fa91ffcf16bfee084c509b8f499d1295387b373bdf
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=191a7b7f-7ab3-4747-aee3-5e9320f05d5a&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=b863c0b0-1af9-474b-abae-de8765fd6333&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.29
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time
111
date
Fri, 06 Oct 2023 22:11:15 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
c659b3ab5d306173
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
c5ba0c48a2af50577fe531238e6944e6ef2999733f9ff1cb282c838fe5e28283
content-length
43
120978121945017
connect.facebook.net/signals/config/ 		137 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/120978121945017?v=2.9.132&r=stable&domain=www.mlive.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8bf800ff39456132bb43924379faaae92451a6356a9ff195d48c13a4f727ff90
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 06 Oct 2023 22:11:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36426
x-xss-protection
0
pragma
public
x-fb-debug
45cZ5n1jZv4791NIlCvLd+A9t1g+AjQr2eQJmmzjDyRBCXvuoWefyebJcofw76eMe8ou89DkRqRP/Ow1StTNfg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Aug 2023 12:14:15 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=53634
accept-ranges
bytes
content-length
4862
t
jadserve.postrelease.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.mlive.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.1.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-1-158.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
05516cb7d5e1ee4b0e5b73d0053f311cf3f3770bcaa7da4cd6c2fd180269be84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
1516
expires
Mon, 1 Jan 1990 12:00:00 GMT
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		16 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?&callback=bc_json175
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.20.110.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-110-47.compute-1.amazonaws.com
Software
- /
Resource Hash
7fcb0b10f11c74eca3b3479a6bb45b4d5b76e34d74eefe8d484ac47aab248d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
iframe.html
z.moatads.com/hd09824092/ Frame E17E 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-133.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=441
content-length
1374
content-type
text/html
date
Fri, 06 Oct 2023 22:11:15 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
x-akamai-ew-subworker
8096267
x-amz-id-2
kMqKG6+qmzJu4FYdts3EyONJG4UGmTPYMNEykM1bgg4NpJWrHxutfxTWjpEMy8YEIgrvNY0LVUE=
x-amz-request-id
630D574C7C0AA750
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
600
content-length
0
date
Fri, 06 Oct 2023 22:11:15 GMT
server
nginx
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/advancelocal/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 06 Oct 2023 22:11:16 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
publisher:getClientId
ampcid.google.de/v1/ 		3 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sec=Home%20Page&prem=0&ptype=homepage&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=b33aad30-2c9f-414c-bd06-23f9bb348afe&pid=10589f26-0906-4562-a5a7-cde16a23e047&dtm=1696630275959&qnm=_matherq&visible=1&tabid=88430363-3579-48d7-bc3a-3ed09683f0e5&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x13397&tofa=1696630276&vid=1&lvidt=1696630276&duid=d427a3e61b38adcc&fp=3108112066&cid=ma63527&mrk=484602605&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY5NjYzMDI3MzczOSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMS45bWIiLCJmc3RQYWludCI6IjE0NjkiLCJmZXRjaFMiOiI5NjUiLCJkb21haW5TIjoiOTY2IiwiZG9tYWluRSI6IjEwMzUiLCJjb25uUyI6IjEwMzUiLCJjb25uRSI6IjExMTEiLCJzc2xTIjoiMTA0MiIsInJlcXVTIjoiMTExMSIsInJlc3BTIjoiMTE3NCIsInJlc3BFIjoiMTIzNiIsImRvbUxvYWQiOiIxMjc1IiwiZG9tSW50ZXIiOiIxNDQ3IiwiZG9tTG9hZFMiOiIxNzI1IiwiZG9tTG9hZEUiOiIxNzMzIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMzYyOTg2Mzg0IiwicmVmVGltZSI6IjE2OTY2MzAyNzU5NTgifV0sInVzZXJEYXRhIjp7ImlzTG9jYWwiOiIwIn19
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.177.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-177-4.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 06 Oct 2023 22:11:16 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
set
privacy.crwdcntrl.net/consent/ 		61 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy.crwdcntrl.net/consent/set?ct=skip&ca=1&ccd=1&cds=1&cta=1&c=963&src=LTJS
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.65.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-65-49.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
5f26dfc3f5d603822dd5eb17c772720fd8d984f3fa596f757973dabe24ebda6e

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:16 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.8.166
access-control-allow-credentials
true
content-length
61
expires
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/ 		419 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 10:53:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
40687
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134829
x-xss-protection
0
server
cafe
etag
3697166202567710199
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 05 Oct 2024 10:53:08 GMT
3178
config.aps.amazon-adsystem.com/configs/ 		505 B
772 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3178
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-71.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
c8164ab49ff3d32ffbe7e6ad17e8b16e8765b94ab42088494bfad6ce09be8893

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 21:44:34 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
1602
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
505
x-amz-cf-id
8MbegyOQDr1RD6ZQ5GHDAbmKtld0ZrwjPa3w8MOLJNoIuMTXzgQlcQ==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3178&u=https%3A%2F%2Fwww.mlive.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e5696a4c04cb9236e69390a6a84619091cfe6ce887e5747c74f3214a69419484

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 21:59:25 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
710
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1692
x-amz-cf-id
_1LmJlqkVuF16kN4GPfzB0QKtqR7bDqruSLAOHycgCsUlmGRt3c4bg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
date
Fri, 06 Oct 2023 03:04:06 GMT
x-amz-cf-pop
FRA56-P6
age
68843
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
_Ycm0hvcAIhoYrLJTTz8KTpo3IrW2qnReMUjk8uBI1ZBFnODs8mcaA==
en.json
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ea084acf-769b-4fd5-855a-0bd46d125eb1/ 		152 KB
28 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ea084acf-769b-4fd5-855a-0bd46d125eb1/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
198e362fd4a64c0f1397b4ef5b7559f3ca19ef05c521ee6afad62a208ceb9255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Oct 2023 22:11:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
28984
content-md5
J9cg0GLltJzWTPvBvKAWTg==
content-length
27960
x-ms-lease-status
unlocked
last-modified
Tue, 03 Oct 2023 14:03:49 GMT
server
cloudflare
etag
0x8DBC419913F8E0F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
38f690f5-901e-0002-5002-f6873b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81213d391cb03a5a-FRA
expires
Sat, 07 Oct 2023 22:11:16 GMT
10071-pbjs-floors.json
ads.rubiconproject.com/floors/ 		62 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/10071-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
a517853cd091f9f7a25f8a8807924c26d9da0c106f6afc25dceca2caa5d032a4

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 22:11:16 GMT
content-encoding
gzip
last-modified
Fri, 06 Oct 2023 21:40:39 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
6311
data
bcp.crwdcntrl.net/6/ 		60 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.65.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-65-49.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c5e8b15783b7006170ef8add156b242f8347681f5ea1d68b3511fed234eaa575

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:16 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.22.6
access-control-allow-credentials
true
content-length
60
expires
0
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=966697132&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAQCACgFK~&jid=1927287351&gjid=765556699&cid=362986384.1696630276&tid=UA-16643585-16&_gid=984519348.1696630276&_r=1&_slc=1&gtm=45He3a40n81TLXFLCR&cd1=undefined&cd2=undefined&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=GA%20pageview%20-%20template%20-%20All%20Pages&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd65=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=undefined&cd102=undefined&cd103=undefined&cd61=362986384.1696630276&z=50253143
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1696630276112&plid=61508104&idsite=mlive.com&url=https%3A%2F%2Fwww.mlive.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.mlive.com%2F&sref=&sts=1696630276109&slts=0&title=Michigan+Local+News%2C+Breaking+News%2C+Sports+%26amp%3B+Weather&date=Sat+Oct+07+2023+00%3A11%3A16+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&js=1&pvid=28776403&u=pid%3De0beda879c87a663ea2562ef4690d49b
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 22:11:16 GMT
Cache-Control
no-cache
Last-Modified
Friday, 06-Oct-2023 22:11:16 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
token
cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/ 		36 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:da00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 02:01:00 GMT
content-encoding
gzip
via
1.1 5345148f0ba8ae3c67b69d035acdbfc4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
418216
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
x-amz-cf-id
IXGXY9m57MXAdJ3ICbX-oAhoT7lmHsYCZ29w5iaFPcKFvElNBox8Bw==
token
cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/ 		36 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:da00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 02:01:00 GMT
content-encoding
gzip
via
1.1 5345148f0ba8ae3c67b69d035acdbfc4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
418216
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
x-amz-cf-id
Ny2fe9sCUTrRCWgvVrz5jdTeNzWI5bGftMmb6JPItlX-42c7AT62Gg==
token
cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/ 		36 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:da00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 02:01:00 GMT
content-encoding
gzip
via
1.1 5345148f0ba8ae3c67b69d035acdbfc4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
418216
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
x-amz-cf-id
xTz9Knad1qgrKrerM9bbsqTXo6h5H86TT4zWjOuwUSHre9dGIdLZSA==
token
cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/ 		36 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:da00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 02:01:00 GMT
content-encoding
gzip
via
1.1 5345148f0ba8ae3c67b69d035acdbfc4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
418216
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
x-amz-cf-id
g0IvNFs8DoH4hFfn4GIM6m6p20cLRtD-OsRNsM0oS8Gq_otYBW8ySQ==
230823541501762
connect.facebook.net/signals/config/ 		131 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/230823541501762?v=2.9.132&r=stable&domain=www.mlive.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
125803a501caaf185baf2bee91c8a5855ac00eb3db4d834e45c95b660d0f5808
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 06 Oct 2023 22:11:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
34900
x-xss-protection
0
pragma
public
x-fb-debug
nNawLet+ME5zPAGdiZm2j5r+UkI7luEHCKeA5j+A93MbRAz8ztRvTzjrJJG4CErrtkyglOKx3xvtq4AtWFIxgA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/ 		36 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:da00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 02:01:00 GMT
content-encoding
gzip
via
1.1 5345148f0ba8ae3c67b69d035acdbfc4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
418216
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
x-amz-cf-id
313nHLCQJDYwDQxXjMWHMKtwUBnvW0qckQ6sjTtSS8OS6Rq8eoKFHw==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1696630276161&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1696630276161&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1696630276161%26url%3Dhttps%253A%252F%252Fwww.mlive.com%252F%26t...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1696630276161&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1696630276161&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKKglwTwfoA1wAAAYsHC4M6mF6qJA96E2dQWZ...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1696630276161&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKKglwTwfoA1wAAAYsHC4M6mF6qJA96E2dQWZ1Og6I5BzbAhX_U-JA_ojTCMyN3AlDiF1OTk143
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:16 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: D9EA8C5B6A384C1AA215160526BD74C2 Ref B: FRAEDGE2018 Ref C: 2023-10-06T22:11:17Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYHE4T8XMa/ssLDlTXaKA==

Redirect headers

date
Fri, 06 Oct 2023 22:11:16 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: A20E7D9745FB49FEBD1FBA2AA03D87F0 Ref B: FRAEDGE1121 Ref C: 2023-10-06T22:11:16Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1696630276161&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKKglwTwfoA1wAAAYsHC4M6mF6qJA96E2dQWZ1Og6I5BzbAhX_U-JA_ojTCMyN3AlDiF1OTk143
x-li-proto
http/2
content-length
0
x-li-uuid
AAYHE4T4hZHcGWIpcOui0g==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:16 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 06 Oct 2023 22:26:16 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 19:10:10 GMT
content-encoding
gzip
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
75015
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
3ANtIIhdOXYByA7Rilm_7Xg5mU_YR-t2_Zbh4vRhW3cQmDiy-WBvfQ==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		136 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c96b67edd277b9d12add863bf157c68853eb1429929972195f629cddc8b6b48f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 10:57:30 GMT
server
cloudflare
x-amz-request-id
H0RYP3B69NWC36E1
age
1566
etag
W/"7810b7b6142b3bdb32696e7b2987bc71"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
81213d3a4e015ca4-FRA
x-amz-id-2
qZF4UkgM0cqTwKajH0KCPCkEY7/MrmF1es3KFTTk4uxnCRVtj4RVRaL/SOEpIMe+mYtbqeWwMLs=
trk.gif
jadserve.postrelease.com/ 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=6697587&ntv_pl=773533
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.1.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-1-158.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:16 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=fd168ac2-dd99-49b8-9468-17ef27949b9d&ntv_fl=MMTdWyeJBcdLcDTtFfyiRBPe8Vq-ba7jHN1vT59Rb8APU8edBAf0Jt_uH83CJ89iky7_J5OYYsruxkzR7TSAvY1zDmitib8N8CswD2XowUPzLFJlThTTGPxmWLlsb_Sl7yyfwB5LvkpwCAmAS9BRmDWC5qunuadHrUSJDoopF-2Ijsi39GsgmZ-ov0B72sI6&ntv_ht=A4YgZQA&ntv_at=303,302&ntv_a=AAAAAAAAAAnc0LA&ord=1696630276177&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.1.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-1-158.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:16 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=7d093a1c-b16b-4721-8b1e-20cb6b980ae4&ntv_fl=wklKktgzCnjHRw7QsGHOxzNhXSYYdxQ6qfiLggX0SK7yzYR_alOE4aufqh75wcXm2xzEfIapwJlqnmsm4crN8kO7T8xXKwgfAwTJGZZbqLHEXA1sYekhmxfFHlYvv6MTedOgNQeb5N768jACWmP2yyzetXK7o_-1rfSyJpQRESMwIshCZ1dkZ3kcsTznxbXm&ntv_ht=A4YgZQA&ntv_at=303&ntv_a=AAAAAAAAAAUr0QA&ord=1696630276178&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.1.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-1-158.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:16 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=7d093a1c-b16b-4721-8b1e-20cb6b980ae4&ntv_fl=wklKktgzCnjHRw7QsGHOxzNhXSYYdxQ6qfiLggX0SK7yzYR_alOE4aufqh75wcXm2xzEfIapwJlqnmsm4crN8kO7T8xXKwgfAwTJGZZbqLHEXA1sYekhmxfFHlYvv6MTedOgNQeb5N768jACWmP2yyzetXK7o_-1rfSyJpQRESMwIshCZ1dkZ3kcsTznxbXm&ntv_ht=A4YgZQA&ntv_at=323&ntv_a=AAAAAAAAAAUr0QA&ntv_jtr=3&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.1.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-1-158.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:16 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=a2fc7b2a-3333-4240-9713-bddb0e2fb015&ntv_fl=No53AUp_qTJmWJYNLYz3zDH7Dla8D2Bigrcdt2SscM17JO_NbJm5XKyzOGGHDRsUD7d6lHLzcMDu2zua4pnWpUXFoG7vDSQXkD6CrEUe9ivbq5CCI3CA07_eN-bvJlxeh5nFncnhkCjeciWmf1R0rCnFDSlXv0e5PgTIik9oby3lyCFHIURxLfkIt45ztyAd&ntv_ht=A4YgZQA&ntv_at=303&ntv_a=AAAAAAAAAAU70QA&ord=1696630276179&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.1.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-1-158.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:16 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=ceefb4f8-cc80-4de8-ba2f-5c05156f726c&ntv_fl=miNEdYZhkQ016qn5OkGErteWbVfee99L6iQoR7ftguRfqstgjNXHosC6PCM7Vn9okNG7p8VOt9Q4-fhseTyZeG8sN-fHu1ApnIaln2W9SctSXeWZgFFA2rMemtANsUwBNDkr3U6dAf4e7J5mtz_PCJAI6GI0SfKgGNlTaxa1ncLMThBWiIvvxj2KoKevBoDM&ntv_ht=A4YgZQA&ntv_at=303&ntv_a=AAAAAAAAAAVL0QA&ord=1696630276179&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.1.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-1-158.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:16 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
privacyConsent
jadserve.postrelease.com/ 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/privacyConsent?ntv_pl=1097042&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.1.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-1-158.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:16 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
style
accounts.google.com/gsi/ 		533 B
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vGIo6NrgJ1XAOAM9w43EZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-vGIo6NrgJ1XAOAM9w43EZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 06 Oct 2023 22:11:16 GMT
status
accounts.google.com/gsi/ 		40 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=339703812340-kido2ms26ssegr4jpn27vo7ro7hgkjme.apps.googleusercontent.com&as=xrAXcg12MB3ZgSFft9ULPg
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
559c079867566720da46826020ce8d11f509e819f6dd20a846d147293cd8fc90
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-L2Y9DQ3RZNMYS8-zh7RYoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:16 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-L2Y9DQ3RZNMYS8-zh7RYoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/ 		36 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:da00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 02:01:00 GMT
content-encoding
gzip
via
1.1 5345148f0ba8ae3c67b69d035acdbfc4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
418216
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
x-amz-cf-id
JXpuJ0WrLS8rE87qBuQyuIpTNbib_eL6g2v-A2ZldQ4dQiG_QxaIYw==
collect
stats.g.doubleclick.net/j/ 		1 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-16643585-16&cid=362986384.1696630276&jid=1927287351&gjid=765556699&_gid=984519348.1696630276&_u=YADAAEAAAAQCACgFK~&z=1968619603
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 06 Oct 2023 22:11:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Oct 2023 22:11:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ku3O1VFWoltPW4n5m1lGVQ==
age
28731
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Thu, 05 Oct 2023 06:23:21 GMT
server
cloudflare
etag
0x8DBC56B9276E242
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
2e14cad4-d01e-002c-1e94-f7d52c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81213d3a7ddc3a5a-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Oct 2023 22:11:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Xznrm5/jaKmHSjGeIIkHOA==
age
28746
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12708
x-ms-lease-status
unlocked
last-modified
Thu, 05 Oct 2023 06:23:23 GMT
server
cloudflare
etag
0x8DBC56B93D57BAC
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
03bd9eba-001e-0010-3594-f7fceb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81213d3a7dde3a5a-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Oct 2023 22:11:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
28731
x-ms-lease-status
unlocked
last-modified
Thu, 05 Oct 2023 06:23:39 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
32f23b35-001e-0000-5a94-f73983000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
81213d3a7ddf3a5a-FRA
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.mlive.com%2F&pid=1kz24fhSg3ZzN&cb=0&ws=1600x1200&v=23.919.1525&t=1500&slots=%5B%7B%22sd%22%3A%22ad-small-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22desktop-InFeed_Right%22%7D%2C%7B%22sd%22%3A%22ad-small-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22desktop-InFeed_Left%22%7D%2C%7B%22sd%22%3A%22ad-large-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22desktop-InFeed_Right%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:16 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
ENVS960HWBSGBY45XBP5
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
JMIZhXipUYlR_h4--f10g5Nop81YivAfwkbnmRiSEH01LwpRv8JZkQ==
ob.js
cdn-ima.33across.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 18 Sep 2023 17:20:48 GMT
server
cloudflare
age
360999
etag
W/"650886f0-39ac"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
81213d3b4b8035e0-FRA
expires
Mon, 09 Oct 2023 22:11:16 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 19:10:11 GMT
content-encoding
gzip
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
10866
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
fTT2zBsyCIKA--QmlcuLJnqQvycZ9y2Uo0pKOtAIZrE5eOHr4nEtOQ==
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-ab99"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 07 Oct 2023 22:11:16 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:f400:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date
Fri, 06 Oct 2023 05:16:05 GMT
Via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
60912
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Wed, 06 Sep 2023 03:40:59 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
nt5TLEpIhpVABaK2pu90mRmH7bAHHaxukgNcrprFUC82yl55ldfWmw==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 01:57:09 GMT
content-encoding
gzip
age
1023247
x-guploader-uploadid
ADPycdurxwpJycqLOART17u1JdU1ahkm3FMgMrrzTgq6mIPxJwBHg6irQfIyUQP6zJualLOToZjCAmTZWGMfEzt6fq5O2w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 24 Sep 2024 01:57:09 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		688 B
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1435955755824618&correlator=420250628459465&eid=44804940&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fifs&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x91%7C970x91&ifi=1&didk=597696865&sfv=1-0-40&fsbs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1696630276302&lmt=1696623020&adxs=0&adys=13401&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&vis=1&psz=728x4&msz=728x0&fws=4&ohw=728&ga_vid=362986384.1696630276&ga_sid=1696630276&ga_hid=966697132&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJDQ4NjFlYjU5LWQ0ZjUtNDNjYi1iMzc5LWU5ZDg3NDI5YjY0NFgBEhsKDDMzYWNyb3NzLmNvbRjAga64sDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjBga64sDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YwYGuuLAxSABSAghkEhkKCnVpZGFwaS5jb20YwYGuuLAxSABSAghkEhQKBW9wZW54GMGBrriwMUgAUgIIZA..&dlt=1696630275014&idt=1225&prev_scp=rg_adslot%3DInFeed_Center_Wide_Adhesion%26rg_atf%3Dtrue%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Center_Wide_Adhesion%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3Ddesktop-InFeed_Center_Wide_Adhesion%26rg_a9%3DAdvance_MI_ATF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta&cust_params=ccaud%3D%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop&adks=2024654923&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa4687e23a916498d06c165c9d1e0939782769f9f40d1d4a60282faa2abcdb83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3F3F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 22:11:16 GMT
expires
Sat, 05 Oct 2024 22:11:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1435955755824618&correlator=420250628459465&eid=44804940&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50&fluid=height&ifi=2&didk=2972002619&sfv=1-0-40&fsbs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1696630276341&lmt=1696623020&adxs=517&adys=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&vis=1&psz=566x24&msz=566x24&fws=0&ohw=0&ga_vid=362986384.1696630276&ga_sid=1696630276&ga_hid=966697132&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJDQ4NjFlYjU5LWQ0ZjUtNDNjYi1iMzc5LWU5ZDg3NDI5YjY0NFgBEhsKDDMzYWNyb3NzLmNvbRjAga64sDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjBga64sDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YwYGuuLAxSABSAghkEhkKCnVpZGFwaS5jb20YwYGuuLAxSABSAghkEhQKBW9wZW54GMGBrriwMUgAUgIIZA..&dlt=1696630275014&idt=1225&prev_scp=rg_adslot%3DInFeed_Native_C%26rg_atf%3Dfalse%26rg_iab%3Dfalse%26rg_grid%3D1%26rg_counter%3D1%26rg_gpid%3Ddesktop-InFeed_Native_C%26rg_pagetype%3Dhomepage%26rg_product%3Diabfalse&cust_params=ccaud%3D%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop&adks=767953642&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a651cd46addba7c5b294a885d6cf7ef283073dd4c6cb64d095106eb21991ec43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13435
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1696630276349&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696630276347.1811354104&cs_est=true&ler=empty&it=1696630275820&coo=false&exp=a0&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 06 Oct 2023 22:11:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1696630276350&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696630276347.1811354104&ler=empty&it=1696630275820&coo=false&exp=a0&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 06 Oct 2023 22:11:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1696630276354&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&cd[content_name]=undefined&sw=1600&sh=1200&v=2.9.132&r=stable&ec=1&o=30&fbp=fb.1.1696630276347.1811354104&ler=empty&it=1696630275820&coo=false&tm=1&exp=a0&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 06 Oct 2023 22:11:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1696630276363&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&cd[content_name]=undefined&sw=1600&sh=1200&v=2.9.132&r=stable&ec=1&o=30&fbp=fb.1.1696630276347.1811354104&ler=empty&it=1696630275820&coo=false&tm=1&exp=a0&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 06 Oct 2023 22:11:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
174
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		169 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/174?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-10-07T00%3A11%3A16%2B02%3A00&ts=1696630276366
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
655854f3ed230573c72563400e32d76772be3ab0009e2ade0833093d721f6821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 22:11:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
35520
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
gr3MuGPzp59Q8l_FfYt_MMjSlMl5JujLRh0tA6-uaqq-W_1DeuKucQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid
prebid.media.net/rtb/ 		338 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
33effbd2bd6c3622e7b8756704fd21312d2d989ecb5945f2f1b15f483eda647f

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:15 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Oct 2023 22:11:16 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		634 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311380&zone_id=1580874%3B1580870%3B1580874&size_id=15&eid_pubcid.org=4861eb59-d4f5-43cb-b379-e9d87429b644%5E1&rf=https%3A%2F%2Fwww.mlive.com%2F&tg_i.domain=mlive.com&tg_i.page=https%3A%2F%2Fwww.mlive.com%2F&tg_i.aupname=344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right%2Crg_platform%3Ddesktop%3B344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Left%2Crg_platform%3Ddesktop%3B344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right%2Crg_platform%3Ddesktop&tg_i.pbadslot=desktop-InFeed_Right%3Bdesktop-InFeed_Left%3Bdesktop-InFeed_Right&tk_flint=dmpbjs_v7.54.4&x_source.tid=78f4d058-5cc0-432f-aa90-ee8013d1fc41%3B1e0a9ee9-6327-4442-8700-515d8586bd1e%3B09b6ae91-a0ed-4759-9d0e-e9d6508bdd8f&l_pb_bid_id=6eddf8a963b2a9%3B775e4de2220fbe%3B8e3fa06f7823c8&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=78f4d058-5cc0-432f-aa90-ee8013d1fc41%3B1e0a9ee9-6327-4442-8700-515d8586bd1e%3B09b6ae91-a0ed-4759-9d0e-e9d6508bdd8f&rp_hard_floor=0.46%3B0.55%3B0.49&rp_maxbids=1&p_gpid=desktop-InFeed_Right%3Bdesktop-InFeed_Left%3Bdesktop-InFeed_Right&slots=3&rand=0.2811132153762359
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8ff7a39b857b8b187a4ae48759c8289cd7b76af4c4fd979c6602c229136cc6dc

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
exchange.postrelease.com/ 		0
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_eid=W3sic291cmNlIjoicHViY2lkLm9yZyIsInVpZHMiOlt7ImlkIjoiNDg2MWViNTktZDRmNS00M2NiLWIzNzktZTlkODc0MjliNjQ0IiwiYXR5cGUiOjF9XX1d&ntv_ptd=1134022,1134019&ntv_pas=eyIxMTM0MDE5IjpbWzMwMCwyNTBdXSwiMTEzNDAyMiI6W1szMDAsMjUwXV0sImxlbmd0aCI6Mn0=&ntv_ppf=eyJhZC1zbWFsbC0yIjp7ImJhbm5lciI6eyIzMDB4MjUwIjowLjQ2LCIqIjowLjQ2fSwiKiI6eyIqIjowLjUxLCIzMDB4MjUwIjowLjUxfX0sImFkLXNtYWxsLTEiOnsiYmFubmVyIjp7IjMwMHgyNTAiOjAuNTUsIioiOjAuNTV9LCIqIjp7IioiOjAuNTEsIjMwMHgyNTAiOjAuNTF9fSwiYWQtbGFyZ2UtMSI6eyJiYW5uZXIiOnsiMzAweDI1MCI6MC40OSwiKiI6MC40OX0sIioiOnsiKiI6MC41MSwiMzAweDI1MCI6MC41MX19fQ==&ntv_pbv=v7.54.4&ntv_pb_rid=9932e080a6137d&ntv_ppc=W3siYWRVbml0Q29kZSI6ImFkLXNtYWxsLTIiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX0seyJhZFVuaXRDb2RlIjoiYWQtc21hbGwtMSIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fSx7ImFkVW5pdENvZGUiOiJhZC1sYXJnZS0xIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19XQ==&ntv_dbr=eyJhZC1zbWFsbC0yIjowLCJhZC1zbWFsbC0xIjowLCJhZC1sYXJnZS0xIjowfQ==&ntv_url=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.236.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-236-99.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:16 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 06 Oct 2023 22:11:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
advancelocal
direct.adsrvr.org/bid/bidder/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/advancelocal
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.223.6.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8c33d2b6751b365d.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 22:11:15 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
1494809
display.bidder.taboola.com/OpenRTB/TaboolaHB/auction/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.bidder.taboola.com/OpenRTB/TaboolaHB/auction/1494809
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

x-served-by
cache-fra-eddf8230115-FRA
date
Fri, 06 Oct 2023 22:11:16 GMT
via
1.1 varnish
server
nginx
x-timer
S1696630276.435475,VS0,VE13
x-cache
MISS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mlive.com
x-envoy-upstream-service-time
4
accept-ranges
bytes
x-cache-hits
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=488240
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481428a037dc42e7879ab8d116337f23cc826024cb969e1816331d1a8f91ad51

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmpvjByxzEjErlOA%2BP8iB5RBXQ5pE3QqJBLnPr9wMAs0MdeP2k4EmojqW4nMq1bu4i1SqlU65JCa%2FnqXOT%2BA%2FlthIMF6CPrHoKDVEI46fq0QKZFRBeP%2FSMx1BTbrSFTRaolX5ARY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81213d3bbe485d76-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
YBL4ESX7QBBTTC5AXTKJQUEOBQ.JPG
www.mlive.com/resizer/PE88krebDQyhDiCKHZMdKGGgH7A=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/PE88krebDQyhDiCKHZMdKGGgH7A=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/YBL4ESX7QBBTTC5AXTKJQUEOBQ.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
8728f8dca179702ef29834344aa8ee847d86f32c1f8f77fc5b6d7f3cc3e8c589
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 06 Oct 2023 22:11:16 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Sep 2023 01:13:20 GMT
server
Akamai Image Manager
etag
"3486ac60be9f24bdb33c4b2c488ec4356e4cf677"
x-arc-request-id
0.b4163017.1696630276.1a913bd7
content-type
image/avif
cache-control
private, no-transform, max-age=29559741
server-timing
cdn-cache; desc=HIT, edge; dur=71, ak_p; desc="1696630276426_389027508_445725655_7768_25653_15_0_146";dur=1
content-length
8522
expires
Fri, 13 Sep 2024 01:13:37 GMT
HMN6HCFWFRF4NOU427DGXDABIM.JPG
www.mlive.com/resizer/W4VejOAxxvMtiiPRVY1xu2Mldmo=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/W4VejOAxxvMtiiPRVY1xu2Mldmo=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/HMN6HCFWFRF4NOU427DGXDABIM.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7c6022e340dda6659be9b9634f43591ebc0161c5930e8943cf37e364bcc52988
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 06 Oct 2023 22:11:17 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 06 Oct 2023 20:51:25 GMT
server
Akamai Image Manager
etag
"75614071c738d5056b177677ecd1b853e6030954"
x-arc-request-id
0.b4163017.1696630276.1a913bd9
content-type
image/avif
cache-control
private, no-transform, max-age=31531130
server-timing
cdn-cache; desc=HIT, edge; dur=591, origin; dur=0, ak_p; desc="1696630276426_389027508_445725657_59787_23472_10_0_146";dur=1
content-length
29044
expires
Sat, 05 Oct 2024 20:50:07 GMT
config.json
c.go-mpulse.net/api/ 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ&d=www.mlive.com&t=5655434&v=1.720.0&sl=0&si=1726544a-18cc-45d0-9780-0efab8cd9106-s24oaq&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=468260
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:59a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
28445ab5a58bac3609ddba4d1200c1797a766b538fd6b0bdb0926fbe386f327c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 06 Oct 2023 22:11:16 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
map
bcp.crwdcntrl.net/6/ 		60 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.65.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-65-49.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
698329dd1fc6b30372d071a74100ef560d3732eccdd96c3fd80270d7d1896ea7

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:16 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.23.65
access-control-allow-credentials
true
content-length
60
expires
0
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Oct 2023 22:11:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
58684
x-ms-lease-status
unlocked
last-modified
Thu, 05 Oct 2023 06:23:38 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
12e5527a-d01e-0013-2895-f71d8f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
81213d3c1f293a5a-FRA
FormLogo.jpg
cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/0820a53f-bf37-4e26-90be-016196d39852/63d4f326-4506-4914-9e18-8751853c7769/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/0820a53f-bf37-4e26-90be-016196d39852/63d4f326-4506-4914-9e18-8751853c7769/FormLogo.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Oct 2023 22:11:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/VgjLzERih8MeSo4vme4Lw==
age
78280
content-length
90639
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Mon, 15 May 2023 15:10:31 GMT
server
cloudflare
etag
0x8DB555686483EB7
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
8d410a7e-a01e-0139-4f40-87de17000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81213d3c39984d2b-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Oct 2023 22:11:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
24969
x-ms-lease-status
unlocked
last-modified
Thu, 05 Oct 2023 06:23:39 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
8dae64dd-f01e-0092-0ab6-f7bd55000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
81213d3c39994d2b-FRA
b201201c82fe2adf4ef12ba6d82802c1628ada3896aec705838c
satisfycork.com/create/ 		288 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/create/b201201c82fe2adf4ef12ba6d82802c1628ada3896aec705838c
Requested by
Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
85a7e0a669ecd904df3449d55575a02b54635faba73cf1dd1daffe4092cf3ce6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 06 Oct 2023 22:11:16 GMT
via
1.1 google
x-buildnumber
998028631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
x-hostname
fen-hoothoot-europe-west1-spot-44s9
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 06 Oct 2023 22:11:15 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.65.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-65-49.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a36980eca87dbd7579cda55d021225ad965021d649a3552e2bae1f68d69d95f6

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:16 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.15.41
access-control-allow-credentials
true
content-length
60
expires
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
85 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
5acf46ed5150382e62916ae61ab4b11940db927dd1edf9f0718543845d894f7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:16 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-jnOGGAn8jd41ytOL4s8XT8uOBiU"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 06 Oct 2023 22:11:16 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.mlive.com
location
/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
syncframe
gum.criteo.com/ Frame 5A4F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mlive.com&us_privacy=1---
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 22:11:16 GMT
server
Kestrel
server-processing-duration-in-ticks
247896
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ 		49 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000001PAW0LAAX&src=esp&ver=1.1.0&us_privacy=1---
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 06 Oct 2023 22:11:16 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1696630276563&se=e30&duid=94c49eadf2ac--01hc3gpzy90m3zhvqm9dt8fedm&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid
  • https://rp4.liadm.com/j?dtstmp=1696630276563&se=e30&duid=94c49eadf2ac--01hc3gpzy90m3zhvqm9dt8fedm&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6OjM%3D&n3pc=true
42 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1696630276563&se=e30&duid=94c49eadf2ac--01hc3gpzy90m3zhvqm9dt8fedm&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6OjM%3D&n3pc=true
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
34.234.124.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-124-95.compute-1.amazonaws.com
Software
/
Resource Hash
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
x-pixel-event-id
44584ddb-cebe-4135-aea1-c103796b082f
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
8c495e22ba61bba7
content-length
42
x-xss-protection
1; mode=block

Redirect headers

date
Fri, 06 Oct 2023 22:11:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1696630276563&se=e30&duid=94c49eadf2ac--01hc3gpzy90m3zhvqm9dt8fedm&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6OjM%3D&n3pc=true
access-control-allow-origin
https://www.mlive.com
request-time
0
access-control-allow-credentials
true
trace-id
65633867fc221bc5
content-length
0
x-xss-protection
1; mode=block
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012309181453000/ Frame F854 		223 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 03 Oct 2023 09:05:22 GMT
age
306354
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62203
x-xss-protection
0
server
sffe
etag
"59b685ca39a652ba"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 02 Oct 2024 09:05:22 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012309181453000/v0/ Frame F854 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309181453000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 05 Oct 2023 12:44:02 GMT
age
120434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5217
x-xss-protection
0
server
sffe
etag
"38a16d64b8e81628"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 04 Oct 2024 12:44:02 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012309181453000/v0/ Frame F854 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309181453000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 05 Oct 2023 10:07:53 GMT
age
129803
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29033
x-xss-protection
0
server
sffe
etag
"ac3d68f1a1bd2015"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 04 Oct 2024 10:07:53 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012309181453000/v0/ Frame F854 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309181453000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 05 Oct 2023 15:20:34 GMT
age
111042
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1919
x-xss-protection
0
server
sffe
etag
"93680ba5e670b6a8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 04 Oct 2024 15:20:34 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012309181453000/v0/ Frame F854 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309181453000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 05 Oct 2023 07:07:22 GMT
age
140634
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12946
x-xss-protection
0
server
sffe
etag
"6bacf375b2677883"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 04 Oct 2024 07:07:22 GMT
truncated
/ Frame F854 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ecefe5351fb12a0404abd074632306791e7b8a99ae93eff97facbf2670edb58b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
14763004658117789537
tpc.googlesyndication.com/simgad/10566459007588724470/ Frame F854 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10566459007588724470/14763004658117789537?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qmoAh8smFq50wfWGoESjFXogdheNQ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ae3010c1058d028d2e7154bdd314fb1b3aa2c7168d66b4907d77b8f4dd27fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 22:03:55 GMT
x-content-type-options
nosniff
age
86841
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129096
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 20:14:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Oct 2024 22:03:55 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F854 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 21:19:17 GMT
x-content-type-options
nosniff
server
cafe
age
3119
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sat, 07 Oct 2023 21:19:17 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F854 		295 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 21:19:17 GMT
x-content-type-options
nosniff
server
cafe
age
3119
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 07 Oct 2023 21:19:17 GMT
sid
mug.criteo.com/ Frame 5A4F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=mlive.com&sn=ChromeSyncframe&so=0&topUrl=www.mlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=YULO4XxuMDlqU1g0UE1mdkJiMCtjODcyU0hKUnNOdXlCUU1nenBlNE5KcjZDc2ZHcDNLdzh3MTVrT3JwbUpkZjVac3FIemIyYlpQVlNSM3JST2RyMGxhR1JibWVZd2ZRUkZZMWQ1NU9hTmZRYytGWCtndE05QnkvbWdUV1...
441 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=YULO4XxuMDlqU1g0UE1mdkJiMCtjODcyU0hKUnNOdXlCUU1nenBlNE5KcjZDc2ZHcDNLdzh3MTVrT3JwbUpkZjVac3FIemIyYlpQVlNSM3JST2RyMGxhR1JibWVZd2ZRUkZZMWQ1NU9hTmZRYytGWCtndE05QnkvbWdUV1pWamVUNTNnZ2hMb1oyZkVINVZ0SEo5MGRxNDVYSE8xa29pc0JFSjkyTEtpK0pjMFVMQjFIZ2xoeDlUNGt2T0pEblp1aTFCdU9mM1ArTVVxNCtJZnNEQ1lDZWtYemt2bm9VQ1puQ0lsUUlPcytOaWpkUnp4VkZvOTFWTXEvYlZmc3FGSmNSQ1RQMVZYU3QxOWc5MkEyU2NCSGN0dStIUT09fA&cppv=2
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9e0b144f5006b5e0dec0f3aba95f4ad25fbfdb9b1ba5d691f3a6a3d93bffbed4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1188813
expires
0

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=YULO4XxuMDlqU1g0UE1mdkJiMCtjODcyU0hKUnNOdXlCUU1nenBlNE5KcjZDc2ZHcDNLdzh3MTVrT3JwbUpkZjVac3FIemIyYlpQVlNSM3JST2RyMGxhR1JibWVZd2ZRUkZZMWQ1NU9hTmZRYytGWCtndE05QnkvbWdUV1pWamVUNTNnZ2hMb1oyZkVINVZ0SEo5MGRxNDVYSE8xa29pc0JFSjkyTEtpK0pjMFVMQjFIZ2xoeDlUNGt2T0pEblp1aTFCdU9mM1ArTVVxNCtJZnNEQ1lDZWtYemt2bm9VQ1puQ0lsUUlPcytOaWpkUnp4VkZvOTFWTXEvYlZmc3FGSmNSQ1RQMVZYU3QxOWc5MkEyU2NCSGN0dStIUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
246704
content-length
0
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		70 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1435955755824618&correlator=420250628459465&eid=44804940&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3&prev_iu_szs=300x250%2C300x250%2C300x250&ifi=3&didk=2832267644~2832267645~3933728591&sfv=1-0-40&fsbs=1%2C1%2C1&eri=1&sc=1&cookie=ID%3D6b93ae258e4eee56%3AT%3D1696630276%3ART%3D1696630276%3AS%3DALNI_Mbx5j0Yovw0A2YnAJb2LIiNeG82EQ&gpic=UID%3D00000c8fc08e492c%3AT%3D1696630276%3ART%3D1696630276%3AS%3DALNI_Man84L6zsBhxQ1dA7MozPb_n9g5iw&abxe=1&dt=1696630276640&lmt=1696623020&adxs=1135%2C165%2C1135&adys=165%2C857%2C869&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&vis=1&psz=300x24%7C300x274%7C300x24&msz=300x24%7C300x274%7C300x24&fws=0%2C512%2C512&ohw=0%2C0%2C0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=362986384.1696630276&ga_sid=1696630276&ga_hid=966697132&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJDQ4NjFlYjU5LWQ0ZjUtNDNjYi1iMzc5LWU5ZDg3NDI5YjY0NFgBEhsKDDMzYWNyb3NzLmNvbRjAga64sDFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjBga64sDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YwYGuuLAxSABSAghkEhkKCnVpZGFwaS5jb20YwYGuuLAxSABSAghkEhQKBW9wZW54GMGBrriwMUgAUgIIZA..&dlt=1696630275014&idt=1225&prev_scp=rg_adslot%3DInFeed_Right%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3Ddesktop-InFeed_Right%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3Ddesktop-InFeed_Right-2%7Crg_adslot%3DInFeed_Left%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Left%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3Ddesktop-InFeed_Left%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Left%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3Ddesktop-InFeed_Left-2%7Crg_adslot%3DInFeed_Right%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D2%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3Ddesktop-InFeed_Right%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3Ddesktop-InFeed_Right-2&cust_params=ccaud%3D%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop&adks=1117919376%2C1117919391%2C3501067380&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a513c4bdc410b1b170760ddfd2f2fd6fd0dbfb7b2a479af80e2586fec8a6dcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22006
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
5914699ae77cfc60d01d8b6850be1a28eb8aa6656a1
satisfycork.com/3be8d6d8a/ 		3 B
27 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/3be8d6d8a/5914699ae77cfc60d01d8b6850be1a28eb8aa6656a1
Requested by
Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 06 Oct 2023 22:11:16 GMT
via
1.1 google
x-buildnumber
998028631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
x-hostname
fen-hoothoot-europe-west1-spot-44s9
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
si
googleads.g.doubleclick.net/pagead/drt/ Frame F854
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Redirect headers

date
Fri, 06 Oct 2023 22:11:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-TLXFLCR&v=3&t=t&pid=1036974437&cv=416&rv=3a40&tc=93&es=1&e=*&eid=856&u=AgAAAAAIAAAAAACI&h=Ag&z=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:16 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
b33e8052a0f7e2edf75d57a3f12b9cb4
h312.mlive.com/plugin/plugin/ 		89 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/plugin/plugin/b33e8052a0f7e2edf75d57a3f12b9cb4
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
49b1485a151b82944796c5a354059e9678e19256d30d5ecea984550fc05a5845
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 07:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
age
227128
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
21620
x-xss-protection
1; mode=block
last-modified
Tue, 03 Oct 2023 07:05:48 GMT
server
-
etag
b33e8052a0f7e2edf75d57a3f12b9cb4
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
3y5983eD9KfsCtzuVM1PIBBARCzMJRMKuSi9fJ8Jr_NTXxs5ddQBJg==
expires
Thu, 03 Oct 2024 07:05:48 GMT
LB-Zone-2
h312.mlive.com/DG/DEFAULT/rest/rpc/174/ 		354 B
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/174/LB-Zone-2?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=656b9121-ab49-47b1-98f2-d203a2be7977&overruleReferrer=&time=2023-10-07T00%3A11%3A16%2B02%3A00&ts=1696630276809
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
21ee64f9aef61a94c2e9b819c82a6847c7207f342364bb49e70369403a27925e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
233
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
iqWI1ARDPTeDjdbSJU0rMwoohdVzqGUGWTI7ICqFvK0mJJr3aI3xuA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F854 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdHKRBIYgZbWJF4S6gAed0YKgAb2Ulq9zj4Lu3tMRl8-ivcABEAEgt8jTR2CVypmCrAegAZy92eopyAEGqQK0GP6R08OxPuACAKgDAcgDCqoEugJP0LEXruupUAWU67EAx0kzzQmzbo-XHp90KnWzGoQ5UUEyy_ykX_g18Lbhkct2VPX_xl3qEuTeZTIjKgLIs8sRsZEvCGoYgGIlN5oL1GqNQm7R72UCLVY-JGYaiNzyC3eTIYESIaeEdOsv8iYUrKaB9RBCiUw9UPQx5I2hHEy4xPtOXIFlU3L9-TkqxJDgpXRBrR8cty9h_wosN1aW1d6h0zdhD0oLtG59uAHoYqNuGKn-xqkoNO36WlfGQNS9bcY3jLD_Jh1HmU_WgKUZPV67e7GxxE1OULXwnRhlgTUXTTUz2plbAUK3MlgkRUWI7VNw3F3ukDoAIttup4-BaGfBembfgZFHuQAJVBE4BxlP2d_Vq3oG16iHMehrqa7KbHucu_VoxDCqvoZtB0KPtsfLyzAr3CgKVlfIf8AE3sOTmbwE4AQBiAW7_tyrTKAGN4AHnPWpygSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCBkRzSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mglraHR0cHM6Ly93d3cuc215dGhzdG95cy5jb20vZGUvZGUtZGUvc3BpZWx6ZXVnL3B1cHBlbi11bmQtenViZWhvZXIvYmFieS1ib3JuL2JhYnktYm9ybi1iYWVyL2MvYmFieS1ib3JuLWJhZXKACgPICwHiDRMI4J7Ap7jigQMVBB3gCh2dqAAU2BMDiBQJ0BUBmBYBgBcBshceChwIABIUcHViLTY0MjIyMzE2NTE0OTMyNzgY35Ef&sigh=R6VDdb57hrQ&uach_m=[]&ase=2&nis=5&cid=CAQSSwDICaaNIn0ce8gc4cs0dRenXsn2e4A-Owv5dC4PfVU4N2O8t1GbymcY6SaOmH86cnUVdF9ARaqV_543kgW_QhSX3BbnatuR4zSTbhgB&template_id=492&cbvp=2
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
024bb88ac1797b6a370684d716646680
h312.mlive.com/plugin/library/ 		296 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/plugin/library/024bb88ac1797b6a370684d716646680
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
bc2406b2176025b949ef983c74399c618b679f5f951a2c9083be7bc7c5244c04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 07:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
age
227127
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
95058
x-xss-protection
1; mode=block
last-modified
Tue, 03 Oct 2023 07:05:48 GMT
server
-
etag
024bb88ac1797b6a370684d716646680
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
QFcUIQnSIkBapRz58rwccllahDgfGH_dfHTUYsdlOvdRMnqRwUqfrA==
expires
Thu, 03 Oct 2024 07:05:48 GMT
LB-Zone-2
h312.mlive.com/DG/DEFAULT/rest/rpc/174/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/174/LB-Zone-2?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=656b9121-ab49-47b1-98f2-d203a2be7977&overruleReferrer=&time=2023-10-07T00%3A11%3A16%2B02%3A00&ts=1696630276873
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
8c5caf62a158905a8d830801064f4b05c9ff565b3fe66e1b7f10d187e37f7b48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1298
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
m974znxPj5BVCpWlz1EB3G6aquu4LJGNGX9-GeIYreyFVZ-6DLTc-g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 11AD 		0
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 06 Oct 2023 22:11:16 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		66 B
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?bcsessionid=656b9121-ab49-47b1-98f2-d203a2be7977&&callback=bc_json176
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.20.110.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-110-47.compute-1.amazonaws.com
Software
- /
Resource Hash
463f6c3193f3f6bc51396c167d3c422aff59f6db0cc687b3904eff923d59b375
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
container.html
48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 55C1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 22:11:16 GMT
expires
Sat, 05 Oct 2024 22:11:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 01CB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 22:11:16 GMT
expires
Sat, 05 Oct 2024 22:11:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B224 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 22:11:16 GMT
expires
Sat, 05 Oct 2024 22:11:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
174
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/174?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=656b9121-ab49-47b1-98f2-d203a2be7977&bctempid=&overruleReferrer=&time=2023-10-07T00%3A11%3A17%2B02%3A00&ts=1696630277225
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
6cf4c124192a41dd7b3a34164704815d80149e1b60d0c79ca41e4f8ae7446a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4368
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
NhGmELF-gK77a6ZJkwAd-TS7VkJO-vvjT0y4NDU8MHmTRbFlDEYvdQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
predict
h312.mlive.com/rest/v2/custom/frontend/listener_realtime_model/ 		2 B
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/rest/v2/custom/frontend/listener_realtime_model/predict?itemId=93193c90-1299-460a-add2-602384af02fc&profileId=656b9121-ab49-47b1-98f2-d203a2be7977
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/plugin/plugin/b33e8052a0f7e2edf75d57a3f12b9cb4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
22
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache="Set-Cookie"
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
F4VmvEP6UdueFCqjp8TEr3k2y58tKre1c8h_hdnyhsoyfdkQbdpbZw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
174
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		547 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/174?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=656b9121-ab49-47b1-98f2-d203a2be7977&bctempid=&overruleReferrer=&time=2023-10-07T00%3A11%3A17%2B02%3A00&ts=1696630277241
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
6043e3d6dd4163ac3956c05ffc12cb735e031faea6c313c40a3a494b26a97442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
177
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
btIA9enNZYitdq12FC7vJYgnZMtPNeiheUbmBKYJUenpYW_aGGpHww==
expires
Thu, 01 Jan 1970 00:00:00 GMT
174
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/174?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=656b9121-ab49-47b1-98f2-d203a2be7977&bctempid=&overruleReferrer=&time=2023-10-07T00%3A11%3A17%2B02%3A00&ts=1696630277242
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
5954325f6bd6f73e64dfda170956868a0012a2d2476b08c5c1d549255d818b18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
164
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
XGosDTE67iLmZYm0bdfQj6H7Mmgi7CGGt07YhT2Ue2N3GqKFVGhZkA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
174
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/174?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=656b9121-ab49-47b1-98f2-d203a2be7977&bctempid=&overruleReferrer=&time=2023-10-07T00%3A11%3A17%2B02%3A00&ts=1696630277266
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
ad2370973f65438cd0b6f09f9932e2fcdacfcff4f75c0e9a0f1100bad3d7a90d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
164
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
L035o639bphaAdkaGhxseazOfr6Co3lGNjPJVIsLIhDkouviMmzQ4A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
174
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/174?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=656b9121-ab49-47b1-98f2-d203a2be7977&bctempid=&overruleReferrer=&time=2023-10-07T00%3A11%3A17%2B02%3A00&ts=1696630277269
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
2f1d0d010b11b8db7686e58faa820b8cbc1b7dad3e1d3119371db0853ffdee53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
164
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
5LKuM9yYE-wPV_Vpn-erSH-DLQU6OIH5hdNdzmKX6cESSRbixxfEWg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-TLXFLCR&v=3&t=t&pid=1036974437&cv=416&rv=3a40&tc=93&es=1&e=*&eid=869&u=AgAAAAAIAAAAAACI&h=Ag&tr=1html.5html&ti=1html.1html&z=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=966697132&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blueconic&ea=segments&_u=aDDAAEABAAQCACgFKAC~&jid=&gjid=&cid=362986384.1696630276&tid=UA-16643585-16&_gid=984519348.1696630276&gtm=45He3a40n81TLXFLCR&cd1=undefined&cd2=1---&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=Blueconic%20-%20event%20call&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd64=undefined&cd65=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-b&cd99=undefined&cd102=undefined&cd103=undefined&cd61=362986384.1696630276&cd76=a0002%2Ca0022%2Ca0054%2Ca0107&cd77=undefined&cd78=undefined&cd79=undefined&cd80=undefined&cd85=undefined&cd89=undefined&cd96=1&cm1=undefined&cm2=undefined&cm3=undefined&cm4=undefined&z=733197782
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 15:45:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23130
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5FF7 		624 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNXH-me-i0i_nTyfjgujEl6RP--kd7D_Y316_BBEEYjwkf65IyDFAjXMbgiHY8J_gUn6M79vX5WWLIpgaHtdM48f5xUVwo1DubyoBjb0RhAjtNNEXGWrFt_O1aaz-m16Oo7AsOJlOdxd3nb-l9qann4QDtXwqcheIJseYVE0XuLXypsS3fo
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 22:11:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 55C1 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 22:11:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 55C1 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BOKqULQe_uivmWcNn21uGiuUuh5cbrjxaJqdGDmZtQVq3Lr71otG8jeYINeeBT32e-e0G0AzF2TCSSrUNPWZepZ9LBnh_-WoC73eq8jVRounrYYEM
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 55C1 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6547587251476680275&x=1&ct=76
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 55C1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:59:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
25903
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 14:59:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 55C1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
31057
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:33:40 GMT
l
www.google.com/ads/measurement/ Frame 55C1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJ4b7rZx-fisLfxzdxrMITyui3aqhu275LVcp9xmfKAsdKOfaFPI84I-whAktcCAQLgbiofxL7PGsjNQlGK-81HrwJkA
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 55C1 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Oct 2023 22:11:17 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A68F 		640 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNVBRziZ7-zz7bzyJ77VWEMhVSiPqx3Mpkvar265shG6gXGs-XJCgoA7hEyu9WKdX76ohOIgFktD7gggogo5OteebIDQal8pU6CQtonXobXbguX3Ir16KvlDSS7Z4RtiSHpaE8mDSYoORGkBYfEgHF55_Ct5JQ3zKOn3Efq5JkTlvGQdemU
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 22:11:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 01CB 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 22:11:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 01CB 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CXnGXcdlVvD0LMX-Z6-gUe0qi3vBssdzoiqfVJEDu-p_IJD5NnRcRL5RyO_VqQkLhlzgLBPfQKuLxPmNLnHRUfHIdAArUXzyGmDSJKuVcsi9tadsQ
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 01CB 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5182452158133475137&x=1&ct=76
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 01CB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:59:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
25903
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 14:59:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 01CB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
31057
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:33:40 GMT
l
www.google.com/ads/measurement/ Frame 01CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTStaOR2t2jLFLqTUSgMI3C_NHaTO5GH2d3E8FzJgYqltMIVxUyfHHMKtPH_XxkJKeuSbYd8N7MPHd8CWVhHAHDx1j36Q
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 01CB 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Oct 2023 22:11:17 GMT
174
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/174?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=656b9121-ab49-47b1-98f2-d203a2be7977&bctempid=&overruleReferrer=&time=2023-10-07T00%3A11%3A17%2B02%3A00&ts=1696630277292
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
9146309036ab19e7167d2fd34718c0b81a338e1689556ff30e5abad73804cf6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
164
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
WjpPw-UPYYCQ9l6IL5-lGqAwpR8IXZQ3Dj9mCh2wXJItIwpA_zeA8A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
baker
ead.mlive.com/ 		19 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ead.mlive.com/baker?dtstmp=1696630277294
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.56.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-56-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Expires
Fri, 06 Oct 2023 22:11:17 GMT
Pragma
no-cache
Date
Fri, 06 Oct 2023 22:11:17 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame 07BD 		466 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNU4x7Kfo5LlrR0EhVRFG1WWZHzS4IyZB0lLkFgkC7ZxyadXXJl1mr2qGd4R6JZ9JdRcLTJK0gAu910yG3vTdYQ46w1OrRlHhVfj-i_sfFz-WYVdKrhNeAAQOzzOqDFmxdI0JW7404nvBdBrtZ2zC2aHouEYX9UxM8Pg-gaqyYGDM8OGnpA
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 22:11:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B224 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 22:11:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B224 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DOcsVJ-USKB9KOS1m1RrnVMY-mSNr0SBfvmNEOvB9frPiqhGNLEID4QDXYlZGchnhxZ9TCdX7UvlYmtv6VCwEVWlpsRmSGLICLOfaKGy7shGC737U
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B224 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9376248408820097916&x=1&ct=76
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B224 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 14:59:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
25903
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 14:59:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B224 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
31057
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:33:40 GMT
l
www.google.com/ads/measurement/ Frame B224 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTe6Aa8Y7LkIeNw8lqx5sB9Y3vBG3bK7xOSdItAhp-y8IcOgdyRZPNb8c1cUJvYVaGS-7th0MAzUqYEJUk4ZnzLy-sN-w
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B224 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Oct 2023 22:11:17 GMT
174
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/174?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=656b9121-ab49-47b1-98f2-d203a2be7977&bctempid=&overruleReferrer=&time=2023-10-07T00%3A11%3A17%2B02%3A00&ts=1696630277307
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
0491ae138f72a82b01394694c6a524ab9d5f4430552567ffcb2f405a85eaca2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4764
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
qBIcLGAg2V3mY2NIxxn4Y1Bexa2XwX4XLCRDIR_LIizwYF_HRS5DCQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5FF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBvBdixaOlRmZh0M0m6-7dk&google_cver=1
43 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBvBdixaOlRmZh0M0m6-7dk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNXH-me-i0i_nTyfjgujEl6RP--kd7D_Y316_BBEEYjwkf65IyDFAjXMbgiHY8J_gUn6M79vX5WWLIpgaHtdM48f5xUVwo1DubyoBjb0RhAjtNNEXGWrFt_O1aaz-m16Oo7AsOJlOdxd3nb-l9qann4QDtXwqcheIJseYVE0XuLXypsS3fo
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zM658hDSQzUr%2B3OneSWC6srheLX%2BNzF6UIfd91mPjlkXCNfCACETql%2BT4Ly9Sne%2FxJiPsUsxvR129SXypiXLc%2Bf%2BISSZyv4VcgVx6KXpe5hKjr244ypOZR1g2DN6UUKrbOvuCge0JkDyoA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81213d41eb6303ec-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBvBdixaOlRmZh0M0m6-7dk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5FF7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSCGBUp514elSDxBXhFiZAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBvBdixaOlRmZh0M0m6-7dk&google_cver=1
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBvBdixaOlRmZh0M0m6-7dk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNXH-me-i0i_nTyfjgujEl6RP--kd7D_Y316_BBEEYjwkf65IyDFAjXMbgiHY8J_gUn6M79vX5WWLIpgaHtdM48f5xUVwo1DubyoBjb0RhAjtNNEXGWrFt_O1aaz-m16Oo7AsOJlOdxd3nb-l9qann4QDtXwqcheIJseYVE0XuLXypsS3fo
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDBXNWB42koQ9jljXwmdKQxemtqZwtH1FZ3Rl1TgZwY495sNTH7rn5pIaxU8OhbcAFSXQ98RS%2BElbSKbZGI14bbauXoEc4NJAIr1kz2lZ8ACDSKQZOF7tzcfq05%2BJHtcjei75Sxqsvj2ug%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81213d420b8603ec-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBvBdixaOlRmZh0M0m6-7dk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5FF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJJwTZfwna2JlMVC_l2PnZY&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJJwTZfwna2JlMVC_l2PnZY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNXH-me-i0i_nTyfjgujEl6RP--kd7D_Y316_BBEEYjwkf65IyDFAjXMbgiHY8J_gUn6M79vX5WWLIpgaHtdM48f5xUVwo1DubyoBjb0RhAjtNNEXGWrFt_O1aaz-m16Oo7AsOJlOdxd3nb-l9qann4QDtXwqcheIJseYVE0XuLXypsS3fo
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
an-x-request-uuid
76d77926-d704-48d6-9684-98c50140ae4c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.134; 178.162.209.134; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJJwTZfwna2JlMVC_l2PnZY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5FF7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgxNjc4MjcxMzM5OTE4MDQxNA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgxNjc4MjcxMzM5OTE4MDQxNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNXH-me-i0i_nTyfjgujEl6RP--kd7D_Y316_BBEEYjwkf65IyDFAjXMbgiHY8J_gUn6M79vX5WWLIpgaHtdM48f5xUVwo1DubyoBjb0RhAjtNNEXGWrFt_O1aaz-m16Oo7AsOJlOdxd3nb-l9qann4QDtXwqcheIJseYVE0XuLXypsS3fo
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
an-x-request-uuid
5b6b9caa-fea1-4008-a040-42e2c0ded9d5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgxNjc4MjcxMzM5OTE4MDQxNA%3D%3D
x-proxy-origin
178.162.209.134; 178.162.209.134; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A68F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA_tE4iuMQX7idkBBSnSx3E&google_cver=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA_tE4iuMQX7idkBBSnSx3E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNVBRziZ7-zz7bzyJ77VWEMhVSiPqx3Mpkvar265shG6gXGs-XJCgoA7hEyu9WKdX76ohOIgFktD7gggogo5OteebIDQal8pU6CQtonXobXbguX3Ir16KvlDSS7Z4RtiSHpaE8mDSYoORGkBYfEgHF55_Ct5JQ3zKOn3Efq5JkTlvGQdemU
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA_tE4iuMQX7idkBBSnSx3E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame A68F 		43 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNVBRziZ7-zz7bzyJ77VWEMhVSiPqx3Mpkvar265shG6gXGs-XJCgoA7hEyu9WKdX76ohOIgFktD7gggogo5OteebIDQal8pU6CQtonXobXbguX3Ir16KvlDSS7Z4RtiSHpaE8mDSYoORGkBYfEgHF55_Ct5JQ3zKOn3Efq5JkTlvGQdemU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame A68F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEFY0iPbX1hVDGQGN7lymc1E&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEFY0iPbX1hVDGQGN7lymc1E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNVBRziZ7-zz7bzyJ77VWEMhVSiPqx3Mpkvar265shG6gXGs-XJCgoA7hEyu9WKdX76ohOIgFktD7gggogo5OteebIDQal8pU6CQtonXobXbguX3Ir16KvlDSS7Z4RtiSHpaE8mDSYoORGkBYfEgHF55_Ct5JQ3zKOn3Efq5JkTlvGQdemU
Protocol
H2
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Fri, 06 Oct 2023 22:11:17 GMT
pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEFY0iPbX1hVDGQGN7lymc1E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame A68F 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNVBRziZ7-zz7bzyJ77VWEMhVSiPqx3Mpkvar265shG6gXGs-XJCgoA7hEyu9WKdX76ohOIgFktD7gggogo5OteebIDQal8pU6CQtonXobXbguX3Ir16KvlDSS7Z4RtiSHpaE8mDSYoORGkBYfEgHF55_Ct5JQ3zKOn3Efq5JkTlvGQdemU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Fri, 06 Oct 2023 22:11:17 GMT
pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 07BD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEN-ndNn_OSbIuQLm7WIJPD0&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame 07BD 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame 07BD 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNU4x7Kfo5LlrR0EhVRFG1WWZHzS4IyZB0lLkFgkC7ZxyadXXJl1mr2qGd4R6JZ9JdRcLTJK0gAu910yG3vTdYQ46w1OrRlHhVfj-i_sfFz-WYVdKrhNeAAQOzzOqDFmxdI0JW7404nvBdBrtZ2zC2aHouEYX9UxM8Pg-gaqyYGDM8OGnpA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gen_204
pagead2.googlesyndication.com/pagead/ Frame 55C1 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7869834887514&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 55C1 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7869834887514&version=m202309260101&ct=76&x=1&cor=6547587251476681000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 55C1 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D--3nUOMBmVuTE1CMkMqQ7sq-HgNp221ZzMBh7xAPzmmjesf-F0LqfLFYqYrNO6Z2en8UyVV_aW3hOlCqBKm1vgIba7w&cry=1&dbm_d=AKAmf-D2OqD5JUD9MFF7oupAFzdb8Opj1C7xpgARYaQ1dtDGAFw_Saq3bhn0EVqYucc5Yz3EB5qTBARv8RZRGFhtQIbY1AUZ9yeRT5tSUF_WsqzkDnjjwCu_9i6yr3CUkS4QnxmOLThrECiV4w2dCZAdH5YFc2B-Y88UVf82FpVcG1TF0LsXIGyk_QWN5N9KKucvb3az2-M24maAY5cSYhu3Em8UpHwi-fwR0QA-i3lZEOoqwebGWM9ljDBRvScT_1DQQ3oVV5427OasOXLzCibeuopYPofGKWIiosik5VNKY5yqKqbDahjCAXYKqldZKsmoJctv789odd3PCMoqpXXvmsWVD4gWrAx15xMxTW4DvNEWcohZ9OGke2dWzo5CBypmXJabTAmQ5QDziSspbAVRNQxHFcVev5RzlZV4slcs25ngkmRtFSHkfANVQTqL0F99c3kaDpADmvqVl460-SpkHld18TIgsDnN8d4bH5zIhRM4r-CSgw1Rq639lmsi1T9hm7NJrQT-Qnvb2Uy-0ORXePrtUl8lunL5zPvn3d5j6tkiZpoSbjwSPd-B3YQJ0Hu7wsRFj0z8pVxIilSSF1ElDZ2ZayXDhyNJ-ukMT4JlLBnSWGtMWzYcZZadvM49jPG2XyGvhm6ryvsofKbZ14gZNgS_ad4Juhy7AxcdJbuYyJheb6UFn3L0F-efiG-l2lMan3OcyrAzTNuIxQhSBMUY8jLSUNCU4CP0e8fvfyVu4UUnIoA1kFuZiK0DUhId72FZ8yv7MZXqxvsHD1L2fiBBPVcf2knQdt3bW4PYBH09HR_yix2AF-4xVi0CSBSplOGDuYMllmFeZzkHk8baC0mHPcndv6IsjLPseYd-lP6knYeo9dHjgodZLDo4G9p3uDXq6i2yZ5Ol_EXZ_bMchpftkhX6KPYrfDYZ5rUPihx05FVJBipfHeWuULjOz2nrfq00GCj6VXXB2w6NEauZn6VorPCKVpD7LRchubyV9cP87MvV9FAl1Qb94DtBO4vePVgSteNrSLG9KGNCPC0Nsv2QnYowajFykbxGUKJnoCDOBRZ1su3rgUfPV7VQlrhyUEirWPxwv5BZ-_2RFgWKbUx9Z77ZyvS-xvaP8UDRXr8EtUChE5hm9r6hnK0OjAlsehCL_Uvul0c5Znmvh96_EWtLwhLkHflrZEY2kOwp9gmYeVxMKuoKaNAN778KGB_KB0zuDwwGBC37TA6qoD973ln65PmXjPoh45zAaCFFcrhX5gUk7KU92hsI3ng6fVGa4g3ShQev4K1saNurL1YZwDNApVA-7a3Fd1mooVbQBrmTzBHwW9LRXdMj8Nvp8PvnjrxzooMWv7Egac2AVTd0qKmE9HPDXdnLPP41wL_moGpB6qowtDw8mGT8AJeiWnMWTmx7Vrvfm_70ozkuMIUXpHq4zjlZ6N-4PxsqVQQUNH-8nlmL8hBDaN1OI_ZKi8ZEtiPxj79mBwFuTyapwiW5ZBF6Dns7apq88lVOIsCpJ5QdIcyi0T-LaIrUnv-NzUqdXRGcn-0JhOW38m6A_WnQS07XeUCNU8kU9hftpy6VdKviqoupXGDzoUDD7ghxsCSruxuJ2djv7LOQHec7vqq2tEfr0syImR72C00gkT2MzUvQiwIr90QenzFpBU32WdGTOy_luTdTHeuLI-GlkBE8g9bsCIc4EbGPy82Bd2-Sy1hJcsjlJMeURMZpfWKAMSybFFQ9wRasvxPOgltFEm3Cu5QCy6tsHijNFoQ_mV-F1lFvCbDdZOuc2k-gmDaS6OFdsmgIb8zbTUtRxoCzp9o24ohJETaHrPgqVGnL9sKiAJjFjI5Y0WqrFAE3cd0lx_ncqyZE6XrgYGw9MNGSbhl56Rq4gfyevzSDBX-3zLfr50kXPP1zgPit4-YI8gWJP3NuJMVq6dScwQluiPtF5eLPyAapi9E36SLthGhNtYlGvLFxMNyQXlHwxDu5Ew-dJO46MPfp9dkO4BAy9-lROKwglrbBkPNfy6o9J-2PCRfIzQKkzoBPGxOoonoGxMINcTB7nwi2un_NW-kGN3p3Wz0xv2FrEBmQ6_i9ozNB2YyPggYsn04Z7kgvECs0zM4jvk9_s5z_3O8_3IoAUd5VPt8Cg22h6lfYilR0JqH9gkVd9PVKpdRcIvL6smCuwUlxQ8NlpOWmghvExEt4xcTEi_75UrNLEMiSY0FqkfvyeVuQes8OSPrwJaAoyO2onJsb3vbe-xFn-172EqaQki2MpFC6_yPDzv2oXv85S52x03WaPFDw1FiVPKxstZZrnAgwvWfNKtElxn0WIv7JrcoD_fXQQO92m4i8F-eZ8ViGzncKKc0GussoNifPYqZyNAMTk2uRUqw-T6O2B7tXxe0QnWXsnwXOcIMth6maSHzn4RVcyFp_YaEKsENjc1LownITmR62dixN8DJMUwuvjz_yHospC2zrsyIAqjsNcTAjZu_BxHiU-UJdWP-HWubaD_wc_f6sPAqs3gZAv6G3O4Lbnc1LWuWhRtywB-cVivt2hfd-rIex1RDZVzIOO4a4LBj4E5pHXgK_mTS4u_BJfNMbV0pU6OKArEFasnYkNkyTz3o6VXmMj4ouH6XQii5V6UloMSey0VKK2bowpdAB6_ZPxVWWDexoEa1Lldsxc2lWwZPVSUtsyzYnNj3rTZycinij4-8XIsD7rJS03pHsFQO1YBmUP7sV9QQ_7m1HIL0WSD4PHVomWWm8k7f5So1KbeViSqtHtUqKEjkggm0CwZxjgM08hx_RDKy1imNG4_Aeqc1Ln4qBb9fErZmsLCUPJEkYSq23VOMrKVT4xKHEFuKHZQQ2mMnx-0ahrByB8-BrMcovgaOsy2KljFk-yUy0CKxNq7tGnh1pHZacxt0jLdS92xy3JaUKN4hoGnrLTsDnOB2Ewnk8BRlJK0sRSgNStiI1bmtm3ukZtPoG6-drrn-jcqhsKUqzS8rj79_v40TTaPxmeJjkFGxbMaqpJB8j-oj_tJpaYdR00boOyeJ2C1hNlPefFnIxbykHXyW-_UVLTVfe93_apImFtn4qVwQVAQHcWSC1sCVVPcAGEurhUvG4VXsfOIyV5ZE7Ja1FJkrJd-9nPXyW6aIMLKiHW4tmdS5p1_l4ryB33kHoFp9mn5qZ2jNV-rx2W1N0om3wKxA0FeM6P0fiYHv_3_xQp50L_EcrbX-_kjujGnyd9vDOwIIFNo_vFj0PM-z6k8F9tyZcT7kz5J8ftsG3v8tfXygc2X9sy-h3zzXHpiBFOfL5nuMnlONK5CLt0qoXG1fgwrDvhDDcCW3ltKdWMB6kFM5z6LhWvjf8ZkzYJHYihncvyhfs17eEIU-ZX_u___38a7biYWXW087C2L-8GVq5dI4k9Mc_x5u75Px0wIoXeZTNooSMwGeOC7nTw6oysCZR7wc52DEvMjGGHVOC7bBhOFK-ODEPt1jUoQQoATU38_qj8s6a9-Pp0eXurqKiLlqCdES4G4IXYphd9NSVEdVYQO8w3V_G8OeTOtT7ENpnXqkgDkr1JOMoc4KApxDE8RaIXqPlX8xuoht8ZgAgl1msFVc-9Hg2bInnq9SIIz4S_g1bJ1z_8JEKtURoNGQJrXYU-e9uC5cjixtvH5SInbukemBNSnCBu-xdAWwbRSrZlgQQObulNAceoUcmiNmmcuOsM6V4zhmQ8pqu7mZmrq4-evk&cid=CAQSOwDICaaNYnt0tPYY_xVOGJao4yWBNQOmBWizMN64jYxCkeHIyw0d0goXFIVvbtT0DWRbvEw5SlyjRdVEGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=6547587251476681000&adk=2857193498&idt=102&cac=0&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
717a5c9def6237c1dc1f6ebe37778147e9514547dbb2ea8205478b67760eae89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38733
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 01CB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8000675312493&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 01CB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8000675312493&version=m202309260101&ct=76&x=1&cor=5182452158133475000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 01CB 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B06ZUgsN8JwQhC5OOyxDavWvb6xmHEHbnwSR2_Xfk_yqEbVN70D8rsm0XFf8t5VpeMl__abR2cWBnh-OUU1-08UokiBw&cry=1&dbm_d=AKAmf-CMpRl7_7PFSr9ZF74-bSgNxn5KgE0oABoZcYWNQzR8N66CynZRIQdyYStawPZw_UvcSzWsyiJnTBL-fl1rSzdtPzjIlLfJiIhil0V5MmMP2UmYhqY1qBL5uygQyMMueNi_y7IFmSkuAgTWeC_hrYspr71BC--MmvocdIMVznMU2lONnaz-f-kBbOr6X_k8dQoj43ZkQ9cC5ZTX6wfRdczEwUZnvXbbel1GeXWoqePvc0mxbnXIzMT2YmenNP4T1qnpO_eh47sBslh3ub5Pl8NNoDMzAaCuoUsOoBsj6ARq07Nj0IoiJZ_ttKooP-IYhD83gXEV6781AjSGM5RrRikOdjlxW9gmEGwu4pBamSY5epe7fIufmrcawQ5-WPkVQYGGzqDa5r8A9RhDSLOmWdUTyU-DOV-Z2mY99uBK7XlYnNcfivj-MiwlzQRntFb4P4nsSp38OY4JQgeWuASZspFkwIXUBmHLXa5meAzqDqyZ4oJMhLX7GXa0pb7nC1bnYO7n9JGrx796C0_XlssgmXTySOR2HfmarZKcODKHdKLIL2NGi9KNBfIGgdqKHZ1GGKlKYDP77BP9apwp9pAfS4qJsZT7QcOEPVjNmSIE1FiKhMHsBOhWK1_eewUvPQIXNSI-kDCPhq13eN7RnSYIh28wcXWNWWpZmgLbkZxVXExbzHGGGWo0YKRGH_AK-SrqDPKYYZy_-hPWClIyIUXVK_MTiwJfCZ88BeilZhKiOVlWJzIszfsShTUeUlqtFGEISgNOHQ0Xi_JBWD9tferQYHFMNk7zNWOgJ6pOrens7rc_3peOy4ugKosmiQTSnWI2Gg1eKqHZgD4FKa1-n3hX56tCwPpwEZYn5HCACdjXOj6qdJEZlHfy6jgBx15GKwNZlk1rPlHONLmTC7yki6UNjnuEbjpurHpohDOtcpSIPI6wrrzmtUyMnDUH9Na3V0jqKJ58rhxmFknDnQlOBSBLDMoOA8_dGfqJaN2iSl2ATJSAgwTuRu0c7wZh7K1gFlgeOQmjxf2NyUvEiqQ0sBawdSyW7e1Nx4J-GnmVI6U-1qRHn-_sIrA4XlonoaofmAKGUlZ8lkaujt6CVddYxsrJml-VGQO5ntmgnuSK66mUWp8ttDsCkYEd_VMV9pSKf_C69ZeHevcme1lQP9CqYUKCYmgKp8PjMgLLI1m4uzNxKfLfKfLkJOr3seJG2RHTYJ-Oq-CFEhqkwTC_AUSnfdiGfgWTzwY0AgRzljupXA2Qo8KzWgVTvBwDGMFTHdFSqhh4LShZf1Z_XYxl2z7v2sg4ZgaECVVNhLCjjOh4adFlz2ETz_t5od1twMJQ-b2zODwGYFE5czgECEhLLv-k9hBuiOL53Nv6PD__AdWeFYx2y6zBVknv8PfLdBJfrzDTJtlhIawqNcEPxAoo158lt59WQJXDOEiuX-JqggNEtFINRld5ONCzx6dAecgHK2bciYtmCF7c5lil_QwUuMqbVJ_fmptFHbzcApt9gmVHAvl4N8_v3Sj0Bq3BXCMwr7ZAXlEXaOqms5Vs5i9ZTFNCPYb-yGOmcnK9zsCv79U2pBDpcVM5ZbIa_tSZq71IJ4hvJhXSIU1-wqiV4W9Air8jQCacIf7IMDsiaafVfoeqcSB84vgdfXrQJBTsc7DG3jP9sre3s2ugQVaBRSskt3pFnhf8Oe6ZEyg6e6rko_2kJU0bHsW89VyjRZt9FP8N0sPwhO-wOQ4RF6fPpn3iy_cG5C6un0oL2KcxfWxHAbOr0tFccK5jMYls3h-cr5tKq08xCBZIbVFQFtsGYmirpQBW3seQWLk9XMEX6pYwi3LWkANXCFaCQ0vLWp70Cki41Eyohp4VP1tREvkwgNfS2-ZALzRrfjov8NHeBb8qRIZg6IfZlu8ZTzSRb7zEuq7Kevaqcn6QQn432xdyERJvHDCwaMnqm0s3kAYfZJCaaJz6kEsqAIOzUDmuDwLhvIeFunZqHLQ6ZVS__Wnucsl15u28XZr3brLQQSG2y3QlSJvzouU560sQiMv4lu-qWIdeqh8z-3u12CzP1C4cEyfS-5HGoa4Qne6oBNbR0lIVds6sjRPCdoqH384gHpjWtEvolSo6uhcmfGxZ11-ZO10zYUdPJ6MQToNkmNi74XRGfoI2Yt1Pr5zjmj8LM60vayAyabr_iSuz8Rn1VSoFU9itjwSmk7zvK3W7hMLi5Wnbs1cA59bVUlbIfhgQVXzZGxQ2RBEZ_d_5UkEFFZyZzjZ92ytBf0T_8CZ4_vKzqRugz5whCjM_zG7pXIwFVeiPO1J2FoxzVAdpY_J79b6YVaFjWHk0kXyFkRQhRCjyT-1FV3ahOtmpKrgP6N99OqV0VC-3bxybUcQB9KmyKFOc1v1nvQ2TH5CLJ_WrXcpgQCbfpfXAx22MFEusr9_Gp1p1-H5dPocuBj0TxkFn_cXWFanTUAWlWsZ9Yp_KmugZUm_y_YMega4G6DRY016wESei2Qjd_cWhDaBLkS3GIREJrMZd26Q3iQ-KyNi6ki6xcw6Y3yYY313BqeGJLoa7GYc7lF2pTR_IcQPcVHg_lHZ-b4O9w0ywf7Qd14TH8GTes1J3zJN2AMg9TiH4S9aYoZtLU0mDyycfVf8gnQAdsvm9JBDbgnpOmYw9D7jKQiapZxgURbLzx24Yb-L62hLBxvlJ19WEZ0hHBZrP8hgHSnkKA7VXCGKulud4ksKJDoFA-TsRZVcrrEbDkcBWU4En4nel5ZcA5Ls3ehWc9-az4IUHQe9B5kik1S3dvCV27Z7aVbFMGaDIZcTmQbC85jwAFfOhRju4G2YBXMqT4jcPFG7FBpq204KUnbqSnOmb_nJUSpGcvoHmMlnKpz8h81g_Y92dD5rTn6uUgnvjk3LKFt90pD3Ft_PeX0I9jM4boszmbeDv1vb0Ao9pUJGaONdoeoGxrgiBu-vh5gZSobA1On2dnK0E8jTTLcOuuDfDkMJES4_VL0slRFzBMAxAgkrvPkbxmMyEa_K9UWnS-fG_kC5gCtIlRZGN_js0RBe9NXQ6qwlW7ioodkurkrXFMcyCb6jor92DS2-EWcHZTqYbhK_TRRp1RfBqTLW0eErM5cBg0owNPz8o8TsTvrgeR5lkdERFEc_PtV4aMGRKaIe-DyKlhf8WF01LUEDSj9MPOGC_x9Lsrj2WInFSvGic6Zapu9q0UggqOwe6izK0kSVlOeU8-2tLE4nWjo8n89Vm68dWSU15IHNU3o9ZDIat4jCU1Y2kfedBJZ4MtMBM8v2281iCW5rpGKsKDTNwZtOKbGt1GfhXwvrK5Ebxnz406xfAnBo5F-Rqz01ag9D6P5BNvrldNyw-1buMzykylUOHc-jHm2RNhQMUL32G_71rdHbpMjCved5fa8EDXfFLctCVOGHP3zfqzKnFr15WkpI0bFoZIm0-bfNbunh4UnM-x56-zwCMH3rtNlk9B679GJJzVSZhH2gCZwQDkT3lGzpcPY4yf_7eZBxBWzFNBM9LM8yH79Axpw5fa_lEvmrz9Td877Tvimk-lGsK4E1KkZsMT-TA1apzQZE5402Eb0g4zqQIenOgdKGyZPoclA2rBXtkrmTW3PlgzHo7lLnepo2fM5LwDhiv1G9jYUleCimiftNr2LgBpHn289wqgaRva1olwMvxXFYuPeHFEWWvqiEzy3L0goRtd8pMJl-Oyo0oTiC6Ca1_yBmuAkZJa-KPzLFP3pGm&cid=CAQSOwDICaaNYnt0tPYY_xVOGJao4yWBNQOmBWizMN64jYxCkeHIyw0d0goXFIVvbtT0DWRbvEw5SlyjRdVEGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=5182452158133475000&adk=2086295851&idt=110&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f32df922fbfc079983f3b72366f39fe1ea8e623bda706fba595652aa0584119
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38612
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B224 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1173028801766&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B224 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1173028801766&version=m202309260101&ct=76&x=1&cor=9376248408820097000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B224 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dbt-Zq0sZjL1J-K6IrTaHjr5Ufq3BXBsaTQCxtxk1QbZTr5Y7p4lLN_4_Hyqx7J_IpE1TsS6dU_h1A1VjkMaPb1TumPQ&cry=1&dbm_d=AKAmf-C4ZvvRwCaXQ3tSk_OOnauk4gXUzIJtGmR4BA9o3-_VdYuZxkj9nFABOzRJM-tF-K5QN0pHa3mFDVBEYI09xhF8gQezkt8Sne3Bb8siVjLhwlzXVcBhqIKgmOTJW8Rsb0aJ1Az_COWubEVn8kCA7DL7QyB2Q2gc3Ry4cZEBdXPDIY0S-IuIJNOGBmvZOA4EDkcPh5Lq3nw2pXp5TdM9dzRr4nqQ_BkHWrDX6XQ7ne3_vTTw1Xggg2XhI9Hv7mrfchZwREX1Bz1mH7TSQn-lLQPoSE9gFD_nE3p6lPd4n4Kf2amdxgSy-38H_Gx1Z0zjnkUkQvS0CMvGpwnkf6pLgJcpve06knx73Bi466yLeAig7bAIqh7rrNCk14DmRjoFRO9X7MQKUUqM01SUQHjladMp5aSKXDkGCyJ2aFewf-Bd3tlEQhDoTTx1mLM0MpJmL4qoUxsI3xq1HpnrU-T-L-Ahsw14YSnhN0rU-bZzK8_QVziUV5awJxQgst4RuHLkJ6l4_U7qgAB13MUyjVPZ8AGm_oqUSCf2pc4QmTrcTfBAimQUMSevwuKv08kpTAcwV2wyPOSxF-J0uDHPiGMgQysw96hi1m22qQZjkiliJfKk1xmxfKGoCE3opeQpHR9Tx038un34S86iv8KlpT7vrt7KURoHYpcnipacpUgy-ujjutbZx3x3Gp1l0zTfRc3VOa8I12QFybP_ukJpOUnI8sKmpWLZwLOb8DFpXWZemnw_P2lWG_F3gEYS9ViTU9iFXOca5mN3CuuoBQughIqzoshfoMfGvy-nlGo_VBnyeUMi9YsOKNRBCAtLAwdigWLguuplmJtrFxnKB_FCaKeUs1TMgUr68Px0GviNuugdBC1DOSxLModJKtKVV7M_zIRiQkmw6e8WD4Y5dPbh5vHWBmw9M8P025kH9u9nW_v-5i-NVq_VWcpsyLoAoQOZPtIYaP0hrxIu8Q7hCqJoGB1RSB1b_zFKClttuKFgw0zV0QM_G20sU1NujKpXRd86BOgOrjOkORUEw2Zxy9lkSRF8mrEIPBdgzzkvP7jkDba_4G1Kh7Oaydx5xDq2qsIi8wnrX7suyw2KD5G-F80XzcLOGwBYy4jtm6CWXMNvLOz3M8L6ipb2YykWFfW3JhGg8zjz5x6is_ErRIJMRQ7kn0ONvJO23fefhFQ7vsRGEBKwJjoJMqngBlr5Arr-BfUt3BqDx3ibcn_fTfvrf07EdvKQWmgMQK8LqUQ8rANIXceYWJONOCKRbA_9m8UlbgE_eZXlRC_X-xC8DlSRLcs79M-WvM8O2afQ7N6SBDdBqCF3mj0nSDEzfORRpxj8I7dBhiGCUw1n0k_ziMbwICU7PzHc7Qumqx1L1d_7o-7sLx5V8c29sl-Kxw_NQN0VpHWljhC0fpymGCGdKD5VZzBQGVEafbWnyozI12kbHFDIUh7h6l_0aUTBMc7blv6hNwAR4p7LeZ9qscdfP31eawMndpCiAC1Qbs4-0B5_XPkIuXs0dXyIJ_k0ARCjw_Pmjh480iVbEGGGh-VG4LOTDXM7wBVLQQgUMv8KGWWYa4VFe6o3ns5cLPiZQlOJMyJ6rH0v-PXtUeLfS-XH4V2ZXCgrpZ9EMg8Jc30ppwpzdPAxJP9t2Kw9JjhdErnU9ggwLdCJLTDmJh_dkJpUida0skhO6VO8Z4ukKc1WwAmOL2IfYYWEKsH0x6Q7HtvCrhEGuDcB_YUyE1GPZvNyaRgk5SkcOVOGIkZdEMZCF6dbETCEOy4Xhh_jZPhxjndlRh2xOi0Rzhpx76gFpKqvwRoIf27FGpgsgmPI0SnpenQcOY-iTucQkJXEWvK1Yr5eb2PAU-PWAjuV4iA9Cn1OWFLDjTvlNhrhZ1yQqeR_2dVPvhspSRNk9K2-FvxgFRxcRGpwZb9D8hMXolEE_1fETaDzmQOvtiW7QRCgiCundsXJIOB3ib8ybW0Qe76W-f4Jqt-Qg2X9LWCE13asBRx5r3JazmrkWdtwngi4NCIteZ2HwY2IPjKqX24GY4FudzUxLk_hc7Q1KEdW5b_sehmk7H_9ZYs9FRvobLrSeH75ScLfyKBf-lUqZsCRM55Vd9PzqFAZX-6bkTesN3e-5FmPRqe53a5TcSqvUWEHaHm_Q1F3yCO-TCZ7npdEhnp6J55OEgO6k5g8h8cdjIKfigu9yQMV4e63Ynpk1bnZfO4bo-454iZwqF5xoRP5mTGi140nf6OflHRKTVgq4W2yqlTTNnEJXNy0H_eq18O1lrdt8t5aXf3zKA_NNu6Q8QVYwoVjrfX62vj2ICjcbQawfG5tJGG7w7GlXHUM_xSkDV9q6GxDUxfABmtWTv0AfH4vX6wMMq655dh-9ximfQh3CQhFD55xiQSE8fk2kJsX-O1FRHAUdiytPikjw2Yys--a6JtTFnal82TWZbPzjhPkvUB2Nc42JZcrO7mEXazs4KrWUdVwEea6906lVHAXNO0ZNHyjXz1kBVYDQ1crskwxWv0qVXGqkZky3ieCCcc2Y8kPoF0dq8iPM64-IU0pCdvJMZmXBlC5IFMewQRgjVangimtTirSg2ehJCFWdsVK3ZMhmoWLjLHJ5YyQNOOriPwRwc0jnDi8QMqPvKKMolsK0VK_Dz_wuB6miK5dGqK7rdoPNscKeohLkCa3FPDmhg8FY5iT9cj7wUMjZ1ElQ9swJ_WGauAf45ZaUfhpc2YEUsLnFHFza_KqsVXsqWASTHf3UKHMIySqjKP-kVc06O4YQ5fPcuib9ks3I6GHhJOzBrvCHxVU9XWW5gUJ2K6pSLFMWXRWtshmYqcIO6njuuG6G0iLnVGmkREfpzNtLQjYQTR9cTADE_j0PQbMYqlHW9Jmkw-7pYqfK9yISEXay1EebUyNWUdOeoYvrVCDpg08SdwaV6eKwdYZzA5V0J2bSKmB_ZPcPUJoF5lUOipolYTTiAQwUZblBzoZQFiihdHINAgAD-qzgy8idWPKvYkzDiqLTJm0u9JAg7ShHukkCvwkwN17ejTIYEn3_5YeW0Et727aT1_L_dioqyboEip1TjEqXGW5nDDTlRJ6jz7cINpUtzc1FYBFrJ-AXxLNv8TndyoTR8wX_GqLD2eIX9ltn1fTdt3fvgkbxjbv0Gn-3M-QjLLi_mCWD3dGwAxdxbF1vNwbTIGC4z4NvwrtSabScLZ_t7WG-bD1wlTu74jWB70UH0i-4Y1Ezphpl5uACJ_sDaIClbc2lRU7DvN3DPSnPvaAsT666JOVtPNeIK3tZt83Hg_T0fl2QFFwnUJJtGMa5Q1terJDTs-are7PmIzmeIUT0kc7qbNp3A-PNtKRit4h_EDdiUEbQ3saHNsOAI5rNCn0peyJd7z0wDUK2KSgPPDkjQCaPISygBde0QLTw_WioXFjF_9QCOIX2vSoD0RFskAD0m-4x-lod3XBHLCexcBKBvHN8YXIgRjs65HdxuX_nU-FpwJ_Cfko8BQI0cemEtbzHJJ5YRoa24G_ksrd5HDRli5prP2IWRn_rcwclN0pPrQxMbqhSv3uq0FkGOYyQnR_EEVerkFyDmyh7WdME3ZDB1XFw2BzMYVOR4y0LOsDDtHMqQ1KpfCyNHi6HO3iSkfA7JNoSVqvkDMqmpCgvCq2dJKabzIgvnyE0iPOtxwiHv2okGtIPPePGzQYuIsxBQdgPNKumez6-IgLxv8Yxpuqr7YTDAX_cBn8Y2nC6YPtkehx&cid=CAQSOwDICaaNYnt0tPYY_xVOGJao4yWBNQOmBWizMN64jYxCkeHIyw0d0goXFIVvbtT0DWRbvEw5SlyjRdVEGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=9376248408820097000&adk=3944675600&idt=106&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
125e7c5047ba2447e30fecd9017b76c31d4f52717418d000cdcd9b079f071893
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38387
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
c83b2b22008593dcf7dfb48d3b88d909d931caf4089210c8e6fa300d02335d84
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 06 Oct 2023 22:11:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 55C1 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
Origin
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 07:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Oct 2023 07:03:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 55C1 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D--3nUOMBmVuTE1CMkMqQ7sq-HgNp221ZzMBh7xAPzmmjesf-F0LqfLFYqYrNO6Z2en8UyVV_aW3hOlCqBKm1vgIba7w&cry=1&dbm_d=AKAmf-D2OqD5JUD9MFF7oupAFzdb8Opj1C7xpgARYaQ1dtDGAFw_Saq3bhn0EVqYucc5Yz3EB5qTBARv8RZRGFhtQIbY1AUZ9yeRT5tSUF_WsqzkDnjjwCu_9i6yr3CUkS4QnxmOLThrECiV4w2dCZAdH5YFc2B-Y88UVf82FpVcG1TF0LsXIGyk_QWN5N9KKucvb3az2-M24maAY5cSYhu3Em8UpHwi-fwR0QA-i3lZEOoqwebGWM9ljDBRvScT_1DQQ3oVV5427OasOXLzCibeuopYPofGKWIiosik5VNKY5yqKqbDahjCAXYKqldZKsmoJctv789odd3PCMoqpXXvmsWVD4gWrAx15xMxTW4DvNEWcohZ9OGke2dWzo5CBypmXJabTAmQ5QDziSspbAVRNQxHFcVev5RzlZV4slcs25ngkmRtFSHkfANVQTqL0F99c3kaDpADmvqVl460-SpkHld18TIgsDnN8d4bH5zIhRM4r-CSgw1Rq639lmsi1T9hm7NJrQT-Qnvb2Uy-0ORXePrtUl8lunL5zPvn3d5j6tkiZpoSbjwSPd-B3YQJ0Hu7wsRFj0z8pVxIilSSF1ElDZ2ZayXDhyNJ-ukMT4JlLBnSWGtMWzYcZZadvM49jPG2XyGvhm6ryvsofKbZ14gZNgS_ad4Juhy7AxcdJbuYyJheb6UFn3L0F-efiG-l2lMan3OcyrAzTNuIxQhSBMUY8jLSUNCU4CP0e8fvfyVu4UUnIoA1kFuZiK0DUhId72FZ8yv7MZXqxvsHD1L2fiBBPVcf2knQdt3bW4PYBH09HR_yix2AF-4xVi0CSBSplOGDuYMllmFeZzkHk8baC0mHPcndv6IsjLPseYd-lP6knYeo9dHjgodZLDo4G9p3uDXq6i2yZ5Ol_EXZ_bMchpftkhX6KPYrfDYZ5rUPihx05FVJBipfHeWuULjOz2nrfq00GCj6VXXB2w6NEauZn6VorPCKVpD7LRchubyV9cP87MvV9FAl1Qb94DtBO4vePVgSteNrSLG9KGNCPC0Nsv2QnYowajFykbxGUKJnoCDOBRZ1su3rgUfPV7VQlrhyUEirWPxwv5BZ-_2RFgWKbUx9Z77ZyvS-xvaP8UDRXr8EtUChE5hm9r6hnK0OjAlsehCL_Uvul0c5Znmvh96_EWtLwhLkHflrZEY2kOwp9gmYeVxMKuoKaNAN778KGB_KB0zuDwwGBC37TA6qoD973ln65PmXjPoh45zAaCFFcrhX5gUk7KU92hsI3ng6fVGa4g3ShQev4K1saNurL1YZwDNApVA-7a3Fd1mooVbQBrmTzBHwW9LRXdMj8Nvp8PvnjrxzooMWv7Egac2AVTd0qKmE9HPDXdnLPP41wL_moGpB6qowtDw8mGT8AJeiWnMWTmx7Vrvfm_70ozkuMIUXpHq4zjlZ6N-4PxsqVQQUNH-8nlmL8hBDaN1OI_ZKi8ZEtiPxj79mBwFuTyapwiW5ZBF6Dns7apq88lVOIsCpJ5QdIcyi0T-LaIrUnv-NzUqdXRGcn-0JhOW38m6A_WnQS07XeUCNU8kU9hftpy6VdKviqoupXGDzoUDD7ghxsCSruxuJ2djv7LOQHec7vqq2tEfr0syImR72C00gkT2MzUvQiwIr90QenzFpBU32WdGTOy_luTdTHeuLI-GlkBE8g9bsCIc4EbGPy82Bd2-Sy1hJcsjlJMeURMZpfWKAMSybFFQ9wRasvxPOgltFEm3Cu5QCy6tsHijNFoQ_mV-F1lFvCbDdZOuc2k-gmDaS6OFdsmgIb8zbTUtRxoCzp9o24ohJETaHrPgqVGnL9sKiAJjFjI5Y0WqrFAE3cd0lx_ncqyZE6XrgYGw9MNGSbhl56Rq4gfyevzSDBX-3zLfr50kXPP1zgPit4-YI8gWJP3NuJMVq6dScwQluiPtF5eLPyAapi9E36SLthGhNtYlGvLFxMNyQXlHwxDu5Ew-dJO46MPfp9dkO4BAy9-lROKwglrbBkPNfy6o9J-2PCRfIzQKkzoBPGxOoonoGxMINcTB7nwi2un_NW-kGN3p3Wz0xv2FrEBmQ6_i9ozNB2YyPggYsn04Z7kgvECs0zM4jvk9_s5z_3O8_3IoAUd5VPt8Cg22h6lfYilR0JqH9gkVd9PVKpdRcIvL6smCuwUlxQ8NlpOWmghvExEt4xcTEi_75UrNLEMiSY0FqkfvyeVuQes8OSPrwJaAoyO2onJsb3vbe-xFn-172EqaQki2MpFC6_yPDzv2oXv85S52x03WaPFDw1FiVPKxstZZrnAgwvWfNKtElxn0WIv7JrcoD_fXQQO92m4i8F-eZ8ViGzncKKc0GussoNifPYqZyNAMTk2uRUqw-T6O2B7tXxe0QnWXsnwXOcIMth6maSHzn4RVcyFp_YaEKsENjc1LownITmR62dixN8DJMUwuvjz_yHospC2zrsyIAqjsNcTAjZu_BxHiU-UJdWP-HWubaD_wc_f6sPAqs3gZAv6G3O4Lbnc1LWuWhRtywB-cVivt2hfd-rIex1RDZVzIOO4a4LBj4E5pHXgK_mTS4u_BJfNMbV0pU6OKArEFasnYkNkyTz3o6VXmMj4ouH6XQii5V6UloMSey0VKK2bowpdAB6_ZPxVWWDexoEa1Lldsxc2lWwZPVSUtsyzYnNj3rTZycinij4-8XIsD7rJS03pHsFQO1YBmUP7sV9QQ_7m1HIL0WSD4PHVomWWm8k7f5So1KbeViSqtHtUqKEjkggm0CwZxjgM08hx_RDKy1imNG4_Aeqc1Ln4qBb9fErZmsLCUPJEkYSq23VOMrKVT4xKHEFuKHZQQ2mMnx-0ahrByB8-BrMcovgaOsy2KljFk-yUy0CKxNq7tGnh1pHZacxt0jLdS92xy3JaUKN4hoGnrLTsDnOB2Ewnk8BRlJK0sRSgNStiI1bmtm3ukZtPoG6-drrn-jcqhsKUqzS8rj79_v40TTaPxmeJjkFGxbMaqpJB8j-oj_tJpaYdR00boOyeJ2C1hNlPefFnIxbykHXyW-_UVLTVfe93_apImFtn4qVwQVAQHcWSC1sCVVPcAGEurhUvG4VXsfOIyV5ZE7Ja1FJkrJd-9nPXyW6aIMLKiHW4tmdS5p1_l4ryB33kHoFp9mn5qZ2jNV-rx2W1N0om3wKxA0FeM6P0fiYHv_3_xQp50L_EcrbX-_kjujGnyd9vDOwIIFNo_vFj0PM-z6k8F9tyZcT7kz5J8ftsG3v8tfXygc2X9sy-h3zzXHpiBFOfL5nuMnlONK5CLt0qoXG1fgwrDvhDDcCW3ltKdWMB6kFM5z6LhWvjf8ZkzYJHYihncvyhfs17eEIU-ZX_u___38a7biYWXW087C2L-8GVq5dI4k9Mc_x5u75Px0wIoXeZTNooSMwGeOC7nTw6oysCZR7wc52DEvMjGGHVOC7bBhOFK-ODEPt1jUoQQoATU38_qj8s6a9-Pp0eXurqKiLlqCdES4G4IXYphd9NSVEdVYQO8w3V_G8OeTOtT7ENpnXqkgDkr1JOMoc4KApxDE8RaIXqPlX8xuoht8ZgAgl1msFVc-9Hg2bInnq9SIIz4S_g1bJ1z_8JEKtURoNGQJrXYU-e9uC5cjixtvH5SInbukemBNSnCBu-xdAWwbRSrZlgQQObulNAceoUcmiNmmcuOsM6V4zhmQ8pqu7mZmrq4-evk&cid=CAQSOwDICaaNYnt0tPYY_xVOGJao4yWBNQOmBWizMN64jYxCkeHIyw0d0goXFIVvbtT0DWRbvEw5SlyjRdVEGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=6547587251476681000&adk=2857193498&idt=102&cac=0&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
30752
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:38:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 55C1 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D--3nUOMBmVuTE1CMkMqQ7sq-HgNp221ZzMBh7xAPzmmjesf-F0LqfLFYqYrNO6Z2en8UyVV_aW3hOlCqBKm1vgIba7w&cry=1&dbm_d=AKAmf-D2OqD5JUD9MFF7oupAFzdb8Opj1C7xpgARYaQ1dtDGAFw_Saq3bhn0EVqYucc5Yz3EB5qTBARv8RZRGFhtQIbY1AUZ9yeRT5tSUF_WsqzkDnjjwCu_9i6yr3CUkS4QnxmOLThrECiV4w2dCZAdH5YFc2B-Y88UVf82FpVcG1TF0LsXIGyk_QWN5N9KKucvb3az2-M24maAY5cSYhu3Em8UpHwi-fwR0QA-i3lZEOoqwebGWM9ljDBRvScT_1DQQ3oVV5427OasOXLzCibeuopYPofGKWIiosik5VNKY5yqKqbDahjCAXYKqldZKsmoJctv789odd3PCMoqpXXvmsWVD4gWrAx15xMxTW4DvNEWcohZ9OGke2dWzo5CBypmXJabTAmQ5QDziSspbAVRNQxHFcVev5RzlZV4slcs25ngkmRtFSHkfANVQTqL0F99c3kaDpADmvqVl460-SpkHld18TIgsDnN8d4bH5zIhRM4r-CSgw1Rq639lmsi1T9hm7NJrQT-Qnvb2Uy-0ORXePrtUl8lunL5zPvn3d5j6tkiZpoSbjwSPd-B3YQJ0Hu7wsRFj0z8pVxIilSSF1ElDZ2ZayXDhyNJ-ukMT4JlLBnSWGtMWzYcZZadvM49jPG2XyGvhm6ryvsofKbZ14gZNgS_ad4Juhy7AxcdJbuYyJheb6UFn3L0F-efiG-l2lMan3OcyrAzTNuIxQhSBMUY8jLSUNCU4CP0e8fvfyVu4UUnIoA1kFuZiK0DUhId72FZ8yv7MZXqxvsHD1L2fiBBPVcf2knQdt3bW4PYBH09HR_yix2AF-4xVi0CSBSplOGDuYMllmFeZzkHk8baC0mHPcndv6IsjLPseYd-lP6knYeo9dHjgodZLDo4G9p3uDXq6i2yZ5Ol_EXZ_bMchpftkhX6KPYrfDYZ5rUPihx05FVJBipfHeWuULjOz2nrfq00GCj6VXXB2w6NEauZn6VorPCKVpD7LRchubyV9cP87MvV9FAl1Qb94DtBO4vePVgSteNrSLG9KGNCPC0Nsv2QnYowajFykbxGUKJnoCDOBRZ1su3rgUfPV7VQlrhyUEirWPxwv5BZ-_2RFgWKbUx9Z77ZyvS-xvaP8UDRXr8EtUChE5hm9r6hnK0OjAlsehCL_Uvul0c5Znmvh96_EWtLwhLkHflrZEY2kOwp9gmYeVxMKuoKaNAN778KGB_KB0zuDwwGBC37TA6qoD973ln65PmXjPoh45zAaCFFcrhX5gUk7KU92hsI3ng6fVGa4g3ShQev4K1saNurL1YZwDNApVA-7a3Fd1mooVbQBrmTzBHwW9LRXdMj8Nvp8PvnjrxzooMWv7Egac2AVTd0qKmE9HPDXdnLPP41wL_moGpB6qowtDw8mGT8AJeiWnMWTmx7Vrvfm_70ozkuMIUXpHq4zjlZ6N-4PxsqVQQUNH-8nlmL8hBDaN1OI_ZKi8ZEtiPxj79mBwFuTyapwiW5ZBF6Dns7apq88lVOIsCpJ5QdIcyi0T-LaIrUnv-NzUqdXRGcn-0JhOW38m6A_WnQS07XeUCNU8kU9hftpy6VdKviqoupXGDzoUDD7ghxsCSruxuJ2djv7LOQHec7vqq2tEfr0syImR72C00gkT2MzUvQiwIr90QenzFpBU32WdGTOy_luTdTHeuLI-GlkBE8g9bsCIc4EbGPy82Bd2-Sy1hJcsjlJMeURMZpfWKAMSybFFQ9wRasvxPOgltFEm3Cu5QCy6tsHijNFoQ_mV-F1lFvCbDdZOuc2k-gmDaS6OFdsmgIb8zbTUtRxoCzp9o24ohJETaHrPgqVGnL9sKiAJjFjI5Y0WqrFAE3cd0lx_ncqyZE6XrgYGw9MNGSbhl56Rq4gfyevzSDBX-3zLfr50kXPP1zgPit4-YI8gWJP3NuJMVq6dScwQluiPtF5eLPyAapi9E36SLthGhNtYlGvLFxMNyQXlHwxDu5Ew-dJO46MPfp9dkO4BAy9-lROKwglrbBkPNfy6o9J-2PCRfIzQKkzoBPGxOoonoGxMINcTB7nwi2un_NW-kGN3p3Wz0xv2FrEBmQ6_i9ozNB2YyPggYsn04Z7kgvECs0zM4jvk9_s5z_3O8_3IoAUd5VPt8Cg22h6lfYilR0JqH9gkVd9PVKpdRcIvL6smCuwUlxQ8NlpOWmghvExEt4xcTEi_75UrNLEMiSY0FqkfvyeVuQes8OSPrwJaAoyO2onJsb3vbe-xFn-172EqaQki2MpFC6_yPDzv2oXv85S52x03WaPFDw1FiVPKxstZZrnAgwvWfNKtElxn0WIv7JrcoD_fXQQO92m4i8F-eZ8ViGzncKKc0GussoNifPYqZyNAMTk2uRUqw-T6O2B7tXxe0QnWXsnwXOcIMth6maSHzn4RVcyFp_YaEKsENjc1LownITmR62dixN8DJMUwuvjz_yHospC2zrsyIAqjsNcTAjZu_BxHiU-UJdWP-HWubaD_wc_f6sPAqs3gZAv6G3O4Lbnc1LWuWhRtywB-cVivt2hfd-rIex1RDZVzIOO4a4LBj4E5pHXgK_mTS4u_BJfNMbV0pU6OKArEFasnYkNkyTz3o6VXmMj4ouH6XQii5V6UloMSey0VKK2bowpdAB6_ZPxVWWDexoEa1Lldsxc2lWwZPVSUtsyzYnNj3rTZycinij4-8XIsD7rJS03pHsFQO1YBmUP7sV9QQ_7m1HIL0WSD4PHVomWWm8k7f5So1KbeViSqtHtUqKEjkggm0CwZxjgM08hx_RDKy1imNG4_Aeqc1Ln4qBb9fErZmsLCUPJEkYSq23VOMrKVT4xKHEFuKHZQQ2mMnx-0ahrByB8-BrMcovgaOsy2KljFk-yUy0CKxNq7tGnh1pHZacxt0jLdS92xy3JaUKN4hoGnrLTsDnOB2Ewnk8BRlJK0sRSgNStiI1bmtm3ukZtPoG6-drrn-jcqhsKUqzS8rj79_v40TTaPxmeJjkFGxbMaqpJB8j-oj_tJpaYdR00boOyeJ2C1hNlPefFnIxbykHXyW-_UVLTVfe93_apImFtn4qVwQVAQHcWSC1sCVVPcAGEurhUvG4VXsfOIyV5ZE7Ja1FJkrJd-9nPXyW6aIMLKiHW4tmdS5p1_l4ryB33kHoFp9mn5qZ2jNV-rx2W1N0om3wKxA0FeM6P0fiYHv_3_xQp50L_EcrbX-_kjujGnyd9vDOwIIFNo_vFj0PM-z6k8F9tyZcT7kz5J8ftsG3v8tfXygc2X9sy-h3zzXHpiBFOfL5nuMnlONK5CLt0qoXG1fgwrDvhDDcCW3ltKdWMB6kFM5z6LhWvjf8ZkzYJHYihncvyhfs17eEIU-ZX_u___38a7biYWXW087C2L-8GVq5dI4k9Mc_x5u75Px0wIoXeZTNooSMwGeOC7nTw6oysCZR7wc52DEvMjGGHVOC7bBhOFK-ODEPt1jUoQQoATU38_qj8s6a9-Pp0eXurqKiLlqCdES4G4IXYphd9NSVEdVYQO8w3V_G8OeTOtT7ENpnXqkgDkr1JOMoc4KApxDE8RaIXqPlX8xuoht8ZgAgl1msFVc-9Hg2bInnq9SIIz4S_g1bJ1z_8JEKtURoNGQJrXYU-e9uC5cjixtvH5SInbukemBNSnCBu-xdAWwbRSrZlgQQObulNAceoUcmiNmmcuOsM6V4zhmQ8pqu7mZmrq4-evk&cid=CAQSOwDICaaNYnt0tPYY_xVOGJao4yWBNQOmBWizMN64jYxCkeHIyw0d0goXFIVvbtT0DWRbvEw5SlyjRdVEGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=6547587251476681000&adk=2857193498&idt=102&cac=0&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
30752
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:38:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 55C1 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
54773
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Oct 2024 06:58:24 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1B1E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84907
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 22:36:10 GMT
etag
48472445140208031
expires
Fri, 06 Oct 2023 22:36:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 55C1 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d864a36329866d8e4f2334958b7b2e2e2095a1db4995cad32dcfa2804ed1d41

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 01CB 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
Origin
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 07:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Oct 2023 07:03:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 01CB 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B06ZUgsN8JwQhC5OOyxDavWvb6xmHEHbnwSR2_Xfk_yqEbVN70D8rsm0XFf8t5VpeMl__abR2cWBnh-OUU1-08UokiBw&cry=1&dbm_d=AKAmf-CMpRl7_7PFSr9ZF74-bSgNxn5KgE0oABoZcYWNQzR8N66CynZRIQdyYStawPZw_UvcSzWsyiJnTBL-fl1rSzdtPzjIlLfJiIhil0V5MmMP2UmYhqY1qBL5uygQyMMueNi_y7IFmSkuAgTWeC_hrYspr71BC--MmvocdIMVznMU2lONnaz-f-kBbOr6X_k8dQoj43ZkQ9cC5ZTX6wfRdczEwUZnvXbbel1GeXWoqePvc0mxbnXIzMT2YmenNP4T1qnpO_eh47sBslh3ub5Pl8NNoDMzAaCuoUsOoBsj6ARq07Nj0IoiJZ_ttKooP-IYhD83gXEV6781AjSGM5RrRikOdjlxW9gmEGwu4pBamSY5epe7fIufmrcawQ5-WPkVQYGGzqDa5r8A9RhDSLOmWdUTyU-DOV-Z2mY99uBK7XlYnNcfivj-MiwlzQRntFb4P4nsSp38OY4JQgeWuASZspFkwIXUBmHLXa5meAzqDqyZ4oJMhLX7GXa0pb7nC1bnYO7n9JGrx796C0_XlssgmXTySOR2HfmarZKcODKHdKLIL2NGi9KNBfIGgdqKHZ1GGKlKYDP77BP9apwp9pAfS4qJsZT7QcOEPVjNmSIE1FiKhMHsBOhWK1_eewUvPQIXNSI-kDCPhq13eN7RnSYIh28wcXWNWWpZmgLbkZxVXExbzHGGGWo0YKRGH_AK-SrqDPKYYZy_-hPWClIyIUXVK_MTiwJfCZ88BeilZhKiOVlWJzIszfsShTUeUlqtFGEISgNOHQ0Xi_JBWD9tferQYHFMNk7zNWOgJ6pOrens7rc_3peOy4ugKosmiQTSnWI2Gg1eKqHZgD4FKa1-n3hX56tCwPpwEZYn5HCACdjXOj6qdJEZlHfy6jgBx15GKwNZlk1rPlHONLmTC7yki6UNjnuEbjpurHpohDOtcpSIPI6wrrzmtUyMnDUH9Na3V0jqKJ58rhxmFknDnQlOBSBLDMoOA8_dGfqJaN2iSl2ATJSAgwTuRu0c7wZh7K1gFlgeOQmjxf2NyUvEiqQ0sBawdSyW7e1Nx4J-GnmVI6U-1qRHn-_sIrA4XlonoaofmAKGUlZ8lkaujt6CVddYxsrJml-VGQO5ntmgnuSK66mUWp8ttDsCkYEd_VMV9pSKf_C69ZeHevcme1lQP9CqYUKCYmgKp8PjMgLLI1m4uzNxKfLfKfLkJOr3seJG2RHTYJ-Oq-CFEhqkwTC_AUSnfdiGfgWTzwY0AgRzljupXA2Qo8KzWgVTvBwDGMFTHdFSqhh4LShZf1Z_XYxl2z7v2sg4ZgaECVVNhLCjjOh4adFlz2ETz_t5od1twMJQ-b2zODwGYFE5czgECEhLLv-k9hBuiOL53Nv6PD__AdWeFYx2y6zBVknv8PfLdBJfrzDTJtlhIawqNcEPxAoo158lt59WQJXDOEiuX-JqggNEtFINRld5ONCzx6dAecgHK2bciYtmCF7c5lil_QwUuMqbVJ_fmptFHbzcApt9gmVHAvl4N8_v3Sj0Bq3BXCMwr7ZAXlEXaOqms5Vs5i9ZTFNCPYb-yGOmcnK9zsCv79U2pBDpcVM5ZbIa_tSZq71IJ4hvJhXSIU1-wqiV4W9Air8jQCacIf7IMDsiaafVfoeqcSB84vgdfXrQJBTsc7DG3jP9sre3s2ugQVaBRSskt3pFnhf8Oe6ZEyg6e6rko_2kJU0bHsW89VyjRZt9FP8N0sPwhO-wOQ4RF6fPpn3iy_cG5C6un0oL2KcxfWxHAbOr0tFccK5jMYls3h-cr5tKq08xCBZIbVFQFtsGYmirpQBW3seQWLk9XMEX6pYwi3LWkANXCFaCQ0vLWp70Cki41Eyohp4VP1tREvkwgNfS2-ZALzRrfjov8NHeBb8qRIZg6IfZlu8ZTzSRb7zEuq7Kevaqcn6QQn432xdyERJvHDCwaMnqm0s3kAYfZJCaaJz6kEsqAIOzUDmuDwLhvIeFunZqHLQ6ZVS__Wnucsl15u28XZr3brLQQSG2y3QlSJvzouU560sQiMv4lu-qWIdeqh8z-3u12CzP1C4cEyfS-5HGoa4Qne6oBNbR0lIVds6sjRPCdoqH384gHpjWtEvolSo6uhcmfGxZ11-ZO10zYUdPJ6MQToNkmNi74XRGfoI2Yt1Pr5zjmj8LM60vayAyabr_iSuz8Rn1VSoFU9itjwSmk7zvK3W7hMLi5Wnbs1cA59bVUlbIfhgQVXzZGxQ2RBEZ_d_5UkEFFZyZzjZ92ytBf0T_8CZ4_vKzqRugz5whCjM_zG7pXIwFVeiPO1J2FoxzVAdpY_J79b6YVaFjWHk0kXyFkRQhRCjyT-1FV3ahOtmpKrgP6N99OqV0VC-3bxybUcQB9KmyKFOc1v1nvQ2TH5CLJ_WrXcpgQCbfpfXAx22MFEusr9_Gp1p1-H5dPocuBj0TxkFn_cXWFanTUAWlWsZ9Yp_KmugZUm_y_YMega4G6DRY016wESei2Qjd_cWhDaBLkS3GIREJrMZd26Q3iQ-KyNi6ki6xcw6Y3yYY313BqeGJLoa7GYc7lF2pTR_IcQPcVHg_lHZ-b4O9w0ywf7Qd14TH8GTes1J3zJN2AMg9TiH4S9aYoZtLU0mDyycfVf8gnQAdsvm9JBDbgnpOmYw9D7jKQiapZxgURbLzx24Yb-L62hLBxvlJ19WEZ0hHBZrP8hgHSnkKA7VXCGKulud4ksKJDoFA-TsRZVcrrEbDkcBWU4En4nel5ZcA5Ls3ehWc9-az4IUHQe9B5kik1S3dvCV27Z7aVbFMGaDIZcTmQbC85jwAFfOhRju4G2YBXMqT4jcPFG7FBpq204KUnbqSnOmb_nJUSpGcvoHmMlnKpz8h81g_Y92dD5rTn6uUgnvjk3LKFt90pD3Ft_PeX0I9jM4boszmbeDv1vb0Ao9pUJGaONdoeoGxrgiBu-vh5gZSobA1On2dnK0E8jTTLcOuuDfDkMJES4_VL0slRFzBMAxAgkrvPkbxmMyEa_K9UWnS-fG_kC5gCtIlRZGN_js0RBe9NXQ6qwlW7ioodkurkrXFMcyCb6jor92DS2-EWcHZTqYbhK_TRRp1RfBqTLW0eErM5cBg0owNPz8o8TsTvrgeR5lkdERFEc_PtV4aMGRKaIe-DyKlhf8WF01LUEDSj9MPOGC_x9Lsrj2WInFSvGic6Zapu9q0UggqOwe6izK0kSVlOeU8-2tLE4nWjo8n89Vm68dWSU15IHNU3o9ZDIat4jCU1Y2kfedBJZ4MtMBM8v2281iCW5rpGKsKDTNwZtOKbGt1GfhXwvrK5Ebxnz406xfAnBo5F-Rqz01ag9D6P5BNvrldNyw-1buMzykylUOHc-jHm2RNhQMUL32G_71rdHbpMjCved5fa8EDXfFLctCVOGHP3zfqzKnFr15WkpI0bFoZIm0-bfNbunh4UnM-x56-zwCMH3rtNlk9B679GJJzVSZhH2gCZwQDkT3lGzpcPY4yf_7eZBxBWzFNBM9LM8yH79Axpw5fa_lEvmrz9Td877Tvimk-lGsK4E1KkZsMT-TA1apzQZE5402Eb0g4zqQIenOgdKGyZPoclA2rBXtkrmTW3PlgzHo7lLnepo2fM5LwDhiv1G9jYUleCimiftNr2LgBpHn289wqgaRva1olwMvxXFYuPeHFEWWvqiEzy3L0goRtd8pMJl-Oyo0oTiC6Ca1_yBmuAkZJa-KPzLFP3pGm&cid=CAQSOwDICaaNYnt0tPYY_xVOGJao4yWBNQOmBWizMN64jYxCkeHIyw0d0goXFIVvbtT0DWRbvEw5SlyjRdVEGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=5182452158133475000&adk=2086295851&idt=110&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
30752
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:38:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 01CB 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B06ZUgsN8JwQhC5OOyxDavWvb6xmHEHbnwSR2_Xfk_yqEbVN70D8rsm0XFf8t5VpeMl__abR2cWBnh-OUU1-08UokiBw&cry=1&dbm_d=AKAmf-CMpRl7_7PFSr9ZF74-bSgNxn5KgE0oABoZcYWNQzR8N66CynZRIQdyYStawPZw_UvcSzWsyiJnTBL-fl1rSzdtPzjIlLfJiIhil0V5MmMP2UmYhqY1qBL5uygQyMMueNi_y7IFmSkuAgTWeC_hrYspr71BC--MmvocdIMVznMU2lONnaz-f-kBbOr6X_k8dQoj43ZkQ9cC5ZTX6wfRdczEwUZnvXbbel1GeXWoqePvc0mxbnXIzMT2YmenNP4T1qnpO_eh47sBslh3ub5Pl8NNoDMzAaCuoUsOoBsj6ARq07Nj0IoiJZ_ttKooP-IYhD83gXEV6781AjSGM5RrRikOdjlxW9gmEGwu4pBamSY5epe7fIufmrcawQ5-WPkVQYGGzqDa5r8A9RhDSLOmWdUTyU-DOV-Z2mY99uBK7XlYnNcfivj-MiwlzQRntFb4P4nsSp38OY4JQgeWuASZspFkwIXUBmHLXa5meAzqDqyZ4oJMhLX7GXa0pb7nC1bnYO7n9JGrx796C0_XlssgmXTySOR2HfmarZKcODKHdKLIL2NGi9KNBfIGgdqKHZ1GGKlKYDP77BP9apwp9pAfS4qJsZT7QcOEPVjNmSIE1FiKhMHsBOhWK1_eewUvPQIXNSI-kDCPhq13eN7RnSYIh28wcXWNWWpZmgLbkZxVXExbzHGGGWo0YKRGH_AK-SrqDPKYYZy_-hPWClIyIUXVK_MTiwJfCZ88BeilZhKiOVlWJzIszfsShTUeUlqtFGEISgNOHQ0Xi_JBWD9tferQYHFMNk7zNWOgJ6pOrens7rc_3peOy4ugKosmiQTSnWI2Gg1eKqHZgD4FKa1-n3hX56tCwPpwEZYn5HCACdjXOj6qdJEZlHfy6jgBx15GKwNZlk1rPlHONLmTC7yki6UNjnuEbjpurHpohDOtcpSIPI6wrrzmtUyMnDUH9Na3V0jqKJ58rhxmFknDnQlOBSBLDMoOA8_dGfqJaN2iSl2ATJSAgwTuRu0c7wZh7K1gFlgeOQmjxf2NyUvEiqQ0sBawdSyW7e1Nx4J-GnmVI6U-1qRHn-_sIrA4XlonoaofmAKGUlZ8lkaujt6CVddYxsrJml-VGQO5ntmgnuSK66mUWp8ttDsCkYEd_VMV9pSKf_C69ZeHevcme1lQP9CqYUKCYmgKp8PjMgLLI1m4uzNxKfLfKfLkJOr3seJG2RHTYJ-Oq-CFEhqkwTC_AUSnfdiGfgWTzwY0AgRzljupXA2Qo8KzWgVTvBwDGMFTHdFSqhh4LShZf1Z_XYxl2z7v2sg4ZgaECVVNhLCjjOh4adFlz2ETz_t5od1twMJQ-b2zODwGYFE5czgECEhLLv-k9hBuiOL53Nv6PD__AdWeFYx2y6zBVknv8PfLdBJfrzDTJtlhIawqNcEPxAoo158lt59WQJXDOEiuX-JqggNEtFINRld5ONCzx6dAecgHK2bciYtmCF7c5lil_QwUuMqbVJ_fmptFHbzcApt9gmVHAvl4N8_v3Sj0Bq3BXCMwr7ZAXlEXaOqms5Vs5i9ZTFNCPYb-yGOmcnK9zsCv79U2pBDpcVM5ZbIa_tSZq71IJ4hvJhXSIU1-wqiV4W9Air8jQCacIf7IMDsiaafVfoeqcSB84vgdfXrQJBTsc7DG3jP9sre3s2ugQVaBRSskt3pFnhf8Oe6ZEyg6e6rko_2kJU0bHsW89VyjRZt9FP8N0sPwhO-wOQ4RF6fPpn3iy_cG5C6un0oL2KcxfWxHAbOr0tFccK5jMYls3h-cr5tKq08xCBZIbVFQFtsGYmirpQBW3seQWLk9XMEX6pYwi3LWkANXCFaCQ0vLWp70Cki41Eyohp4VP1tREvkwgNfS2-ZALzRrfjov8NHeBb8qRIZg6IfZlu8ZTzSRb7zEuq7Kevaqcn6QQn432xdyERJvHDCwaMnqm0s3kAYfZJCaaJz6kEsqAIOzUDmuDwLhvIeFunZqHLQ6ZVS__Wnucsl15u28XZr3brLQQSG2y3QlSJvzouU560sQiMv4lu-qWIdeqh8z-3u12CzP1C4cEyfS-5HGoa4Qne6oBNbR0lIVds6sjRPCdoqH384gHpjWtEvolSo6uhcmfGxZ11-ZO10zYUdPJ6MQToNkmNi74XRGfoI2Yt1Pr5zjmj8LM60vayAyabr_iSuz8Rn1VSoFU9itjwSmk7zvK3W7hMLi5Wnbs1cA59bVUlbIfhgQVXzZGxQ2RBEZ_d_5UkEFFZyZzjZ92ytBf0T_8CZ4_vKzqRugz5whCjM_zG7pXIwFVeiPO1J2FoxzVAdpY_J79b6YVaFjWHk0kXyFkRQhRCjyT-1FV3ahOtmpKrgP6N99OqV0VC-3bxybUcQB9KmyKFOc1v1nvQ2TH5CLJ_WrXcpgQCbfpfXAx22MFEusr9_Gp1p1-H5dPocuBj0TxkFn_cXWFanTUAWlWsZ9Yp_KmugZUm_y_YMega4G6DRY016wESei2Qjd_cWhDaBLkS3GIREJrMZd26Q3iQ-KyNi6ki6xcw6Y3yYY313BqeGJLoa7GYc7lF2pTR_IcQPcVHg_lHZ-b4O9w0ywf7Qd14TH8GTes1J3zJN2AMg9TiH4S9aYoZtLU0mDyycfVf8gnQAdsvm9JBDbgnpOmYw9D7jKQiapZxgURbLzx24Yb-L62hLBxvlJ19WEZ0hHBZrP8hgHSnkKA7VXCGKulud4ksKJDoFA-TsRZVcrrEbDkcBWU4En4nel5ZcA5Ls3ehWc9-az4IUHQe9B5kik1S3dvCV27Z7aVbFMGaDIZcTmQbC85jwAFfOhRju4G2YBXMqT4jcPFG7FBpq204KUnbqSnOmb_nJUSpGcvoHmMlnKpz8h81g_Y92dD5rTn6uUgnvjk3LKFt90pD3Ft_PeX0I9jM4boszmbeDv1vb0Ao9pUJGaONdoeoGxrgiBu-vh5gZSobA1On2dnK0E8jTTLcOuuDfDkMJES4_VL0slRFzBMAxAgkrvPkbxmMyEa_K9UWnS-fG_kC5gCtIlRZGN_js0RBe9NXQ6qwlW7ioodkurkrXFMcyCb6jor92DS2-EWcHZTqYbhK_TRRp1RfBqTLW0eErM5cBg0owNPz8o8TsTvrgeR5lkdERFEc_PtV4aMGRKaIe-DyKlhf8WF01LUEDSj9MPOGC_x9Lsrj2WInFSvGic6Zapu9q0UggqOwe6izK0kSVlOeU8-2tLE4nWjo8n89Vm68dWSU15IHNU3o9ZDIat4jCU1Y2kfedBJZ4MtMBM8v2281iCW5rpGKsKDTNwZtOKbGt1GfhXwvrK5Ebxnz406xfAnBo5F-Rqz01ag9D6P5BNvrldNyw-1buMzykylUOHc-jHm2RNhQMUL32G_71rdHbpMjCved5fa8EDXfFLctCVOGHP3zfqzKnFr15WkpI0bFoZIm0-bfNbunh4UnM-x56-zwCMH3rtNlk9B679GJJzVSZhH2gCZwQDkT3lGzpcPY4yf_7eZBxBWzFNBM9LM8yH79Axpw5fa_lEvmrz9Td877Tvimk-lGsK4E1KkZsMT-TA1apzQZE5402Eb0g4zqQIenOgdKGyZPoclA2rBXtkrmTW3PlgzHo7lLnepo2fM5LwDhiv1G9jYUleCimiftNr2LgBpHn289wqgaRva1olwMvxXFYuPeHFEWWvqiEzy3L0goRtd8pMJl-Oyo0oTiC6Ca1_yBmuAkZJa-KPzLFP3pGm&cid=CAQSOwDICaaNYnt0tPYY_xVOGJao4yWBNQOmBWizMN64jYxCkeHIyw0d0goXFIVvbtT0DWRbvEw5SlyjRdVEGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=5182452158133475000&adk=2086295851&idt=110&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
30752
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:38:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 01CB 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
54773
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Oct 2024 06:58:24 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame B224 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
Origin
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 07:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Oct 2023 07:03:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame B224 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dbt-Zq0sZjL1J-K6IrTaHjr5Ufq3BXBsaTQCxtxk1QbZTr5Y7p4lLN_4_Hyqx7J_IpE1TsS6dU_h1A1VjkMaPb1TumPQ&cry=1&dbm_d=AKAmf-C4ZvvRwCaXQ3tSk_OOnauk4gXUzIJtGmR4BA9o3-_VdYuZxkj9nFABOzRJM-tF-K5QN0pHa3mFDVBEYI09xhF8gQezkt8Sne3Bb8siVjLhwlzXVcBhqIKgmOTJW8Rsb0aJ1Az_COWubEVn8kCA7DL7QyB2Q2gc3Ry4cZEBdXPDIY0S-IuIJNOGBmvZOA4EDkcPh5Lq3nw2pXp5TdM9dzRr4nqQ_BkHWrDX6XQ7ne3_vTTw1Xggg2XhI9Hv7mrfchZwREX1Bz1mH7TSQn-lLQPoSE9gFD_nE3p6lPd4n4Kf2amdxgSy-38H_Gx1Z0zjnkUkQvS0CMvGpwnkf6pLgJcpve06knx73Bi466yLeAig7bAIqh7rrNCk14DmRjoFRO9X7MQKUUqM01SUQHjladMp5aSKXDkGCyJ2aFewf-Bd3tlEQhDoTTx1mLM0MpJmL4qoUxsI3xq1HpnrU-T-L-Ahsw14YSnhN0rU-bZzK8_QVziUV5awJxQgst4RuHLkJ6l4_U7qgAB13MUyjVPZ8AGm_oqUSCf2pc4QmTrcTfBAimQUMSevwuKv08kpTAcwV2wyPOSxF-J0uDHPiGMgQysw96hi1m22qQZjkiliJfKk1xmxfKGoCE3opeQpHR9Tx038un34S86iv8KlpT7vrt7KURoHYpcnipacpUgy-ujjutbZx3x3Gp1l0zTfRc3VOa8I12QFybP_ukJpOUnI8sKmpWLZwLOb8DFpXWZemnw_P2lWG_F3gEYS9ViTU9iFXOca5mN3CuuoBQughIqzoshfoMfGvy-nlGo_VBnyeUMi9YsOKNRBCAtLAwdigWLguuplmJtrFxnKB_FCaKeUs1TMgUr68Px0GviNuugdBC1DOSxLModJKtKVV7M_zIRiQkmw6e8WD4Y5dPbh5vHWBmw9M8P025kH9u9nW_v-5i-NVq_VWcpsyLoAoQOZPtIYaP0hrxIu8Q7hCqJoGB1RSB1b_zFKClttuKFgw0zV0QM_G20sU1NujKpXRd86BOgOrjOkORUEw2Zxy9lkSRF8mrEIPBdgzzkvP7jkDba_4G1Kh7Oaydx5xDq2qsIi8wnrX7suyw2KD5G-F80XzcLOGwBYy4jtm6CWXMNvLOz3M8L6ipb2YykWFfW3JhGg8zjz5x6is_ErRIJMRQ7kn0ONvJO23fefhFQ7vsRGEBKwJjoJMqngBlr5Arr-BfUt3BqDx3ibcn_fTfvrf07EdvKQWmgMQK8LqUQ8rANIXceYWJONOCKRbA_9m8UlbgE_eZXlRC_X-xC8DlSRLcs79M-WvM8O2afQ7N6SBDdBqCF3mj0nSDEzfORRpxj8I7dBhiGCUw1n0k_ziMbwICU7PzHc7Qumqx1L1d_7o-7sLx5V8c29sl-Kxw_NQN0VpHWljhC0fpymGCGdKD5VZzBQGVEafbWnyozI12kbHFDIUh7h6l_0aUTBMc7blv6hNwAR4p7LeZ9qscdfP31eawMndpCiAC1Qbs4-0B5_XPkIuXs0dXyIJ_k0ARCjw_Pmjh480iVbEGGGh-VG4LOTDXM7wBVLQQgUMv8KGWWYa4VFe6o3ns5cLPiZQlOJMyJ6rH0v-PXtUeLfS-XH4V2ZXCgrpZ9EMg8Jc30ppwpzdPAxJP9t2Kw9JjhdErnU9ggwLdCJLTDmJh_dkJpUida0skhO6VO8Z4ukKc1WwAmOL2IfYYWEKsH0x6Q7HtvCrhEGuDcB_YUyE1GPZvNyaRgk5SkcOVOGIkZdEMZCF6dbETCEOy4Xhh_jZPhxjndlRh2xOi0Rzhpx76gFpKqvwRoIf27FGpgsgmPI0SnpenQcOY-iTucQkJXEWvK1Yr5eb2PAU-PWAjuV4iA9Cn1OWFLDjTvlNhrhZ1yQqeR_2dVPvhspSRNk9K2-FvxgFRxcRGpwZb9D8hMXolEE_1fETaDzmQOvtiW7QRCgiCundsXJIOB3ib8ybW0Qe76W-f4Jqt-Qg2X9LWCE13asBRx5r3JazmrkWdtwngi4NCIteZ2HwY2IPjKqX24GY4FudzUxLk_hc7Q1KEdW5b_sehmk7H_9ZYs9FRvobLrSeH75ScLfyKBf-lUqZsCRM55Vd9PzqFAZX-6bkTesN3e-5FmPRqe53a5TcSqvUWEHaHm_Q1F3yCO-TCZ7npdEhnp6J55OEgO6k5g8h8cdjIKfigu9yQMV4e63Ynpk1bnZfO4bo-454iZwqF5xoRP5mTGi140nf6OflHRKTVgq4W2yqlTTNnEJXNy0H_eq18O1lrdt8t5aXf3zKA_NNu6Q8QVYwoVjrfX62vj2ICjcbQawfG5tJGG7w7GlXHUM_xSkDV9q6GxDUxfABmtWTv0AfH4vX6wMMq655dh-9ximfQh3CQhFD55xiQSE8fk2kJsX-O1FRHAUdiytPikjw2Yys--a6JtTFnal82TWZbPzjhPkvUB2Nc42JZcrO7mEXazs4KrWUdVwEea6906lVHAXNO0ZNHyjXz1kBVYDQ1crskwxWv0qVXGqkZky3ieCCcc2Y8kPoF0dq8iPM64-IU0pCdvJMZmXBlC5IFMewQRgjVangimtTirSg2ehJCFWdsVK3ZMhmoWLjLHJ5YyQNOOriPwRwc0jnDi8QMqPvKKMolsK0VK_Dz_wuB6miK5dGqK7rdoPNscKeohLkCa3FPDmhg8FY5iT9cj7wUMjZ1ElQ9swJ_WGauAf45ZaUfhpc2YEUsLnFHFza_KqsVXsqWASTHf3UKHMIySqjKP-kVc06O4YQ5fPcuib9ks3I6GHhJOzBrvCHxVU9XWW5gUJ2K6pSLFMWXRWtshmYqcIO6njuuG6G0iLnVGmkREfpzNtLQjYQTR9cTADE_j0PQbMYqlHW9Jmkw-7pYqfK9yISEXay1EebUyNWUdOeoYvrVCDpg08SdwaV6eKwdYZzA5V0J2bSKmB_ZPcPUJoF5lUOipolYTTiAQwUZblBzoZQFiihdHINAgAD-qzgy8idWPKvYkzDiqLTJm0u9JAg7ShHukkCvwkwN17ejTIYEn3_5YeW0Et727aT1_L_dioqyboEip1TjEqXGW5nDDTlRJ6jz7cINpUtzc1FYBFrJ-AXxLNv8TndyoTR8wX_GqLD2eIX9ltn1fTdt3fvgkbxjbv0Gn-3M-QjLLi_mCWD3dGwAxdxbF1vNwbTIGC4z4NvwrtSabScLZ_t7WG-bD1wlTu74jWB70UH0i-4Y1Ezphpl5uACJ_sDaIClbc2lRU7DvN3DPSnPvaAsT666JOVtPNeIK3tZt83Hg_T0fl2QFFwnUJJtGMa5Q1terJDTs-are7PmIzmeIUT0kc7qbNp3A-PNtKRit4h_EDdiUEbQ3saHNsOAI5rNCn0peyJd7z0wDUK2KSgPPDkjQCaPISygBde0QLTw_WioXFjF_9QCOIX2vSoD0RFskAD0m-4x-lod3XBHLCexcBKBvHN8YXIgRjs65HdxuX_nU-FpwJ_Cfko8BQI0cemEtbzHJJ5YRoa24G_ksrd5HDRli5prP2IWRn_rcwclN0pPrQxMbqhSv3uq0FkGOYyQnR_EEVerkFyDmyh7WdME3ZDB1XFw2BzMYVOR4y0LOsDDtHMqQ1KpfCyNHi6HO3iSkfA7JNoSVqvkDMqmpCgvCq2dJKabzIgvnyE0iPOtxwiHv2okGtIPPePGzQYuIsxBQdgPNKumez6-IgLxv8Yxpuqr7YTDAX_cBn8Y2nC6YPtkehx&cid=CAQSOwDICaaNYnt0tPYY_xVOGJao4yWBNQOmBWizMN64jYxCkeHIyw0d0goXFIVvbtT0DWRbvEw5SlyjRdVEGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=9376248408820097000&adk=3944675600&idt=106&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
30752
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:38:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame B224 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dbt-Zq0sZjL1J-K6IrTaHjr5Ufq3BXBsaTQCxtxk1QbZTr5Y7p4lLN_4_Hyqx7J_IpE1TsS6dU_h1A1VjkMaPb1TumPQ&cry=1&dbm_d=AKAmf-C4ZvvRwCaXQ3tSk_OOnauk4gXUzIJtGmR4BA9o3-_VdYuZxkj9nFABOzRJM-tF-K5QN0pHa3mFDVBEYI09xhF8gQezkt8Sne3Bb8siVjLhwlzXVcBhqIKgmOTJW8Rsb0aJ1Az_COWubEVn8kCA7DL7QyB2Q2gc3Ry4cZEBdXPDIY0S-IuIJNOGBmvZOA4EDkcPh5Lq3nw2pXp5TdM9dzRr4nqQ_BkHWrDX6XQ7ne3_vTTw1Xggg2XhI9Hv7mrfchZwREX1Bz1mH7TSQn-lLQPoSE9gFD_nE3p6lPd4n4Kf2amdxgSy-38H_Gx1Z0zjnkUkQvS0CMvGpwnkf6pLgJcpve06knx73Bi466yLeAig7bAIqh7rrNCk14DmRjoFRO9X7MQKUUqM01SUQHjladMp5aSKXDkGCyJ2aFewf-Bd3tlEQhDoTTx1mLM0MpJmL4qoUxsI3xq1HpnrU-T-L-Ahsw14YSnhN0rU-bZzK8_QVziUV5awJxQgst4RuHLkJ6l4_U7qgAB13MUyjVPZ8AGm_oqUSCf2pc4QmTrcTfBAimQUMSevwuKv08kpTAcwV2wyPOSxF-J0uDHPiGMgQysw96hi1m22qQZjkiliJfKk1xmxfKGoCE3opeQpHR9Tx038un34S86iv8KlpT7vrt7KURoHYpcnipacpUgy-ujjutbZx3x3Gp1l0zTfRc3VOa8I12QFybP_ukJpOUnI8sKmpWLZwLOb8DFpXWZemnw_P2lWG_F3gEYS9ViTU9iFXOca5mN3CuuoBQughIqzoshfoMfGvy-nlGo_VBnyeUMi9YsOKNRBCAtLAwdigWLguuplmJtrFxnKB_FCaKeUs1TMgUr68Px0GviNuugdBC1DOSxLModJKtKVV7M_zIRiQkmw6e8WD4Y5dPbh5vHWBmw9M8P025kH9u9nW_v-5i-NVq_VWcpsyLoAoQOZPtIYaP0hrxIu8Q7hCqJoGB1RSB1b_zFKClttuKFgw0zV0QM_G20sU1NujKpXRd86BOgOrjOkORUEw2Zxy9lkSRF8mrEIPBdgzzkvP7jkDba_4G1Kh7Oaydx5xDq2qsIi8wnrX7suyw2KD5G-F80XzcLOGwBYy4jtm6CWXMNvLOz3M8L6ipb2YykWFfW3JhGg8zjz5x6is_ErRIJMRQ7kn0ONvJO23fefhFQ7vsRGEBKwJjoJMqngBlr5Arr-BfUt3BqDx3ibcn_fTfvrf07EdvKQWmgMQK8LqUQ8rANIXceYWJONOCKRbA_9m8UlbgE_eZXlRC_X-xC8DlSRLcs79M-WvM8O2afQ7N6SBDdBqCF3mj0nSDEzfORRpxj8I7dBhiGCUw1n0k_ziMbwICU7PzHc7Qumqx1L1d_7o-7sLx5V8c29sl-Kxw_NQN0VpHWljhC0fpymGCGdKD5VZzBQGVEafbWnyozI12kbHFDIUh7h6l_0aUTBMc7blv6hNwAR4p7LeZ9qscdfP31eawMndpCiAC1Qbs4-0B5_XPkIuXs0dXyIJ_k0ARCjw_Pmjh480iVbEGGGh-VG4LOTDXM7wBVLQQgUMv8KGWWYa4VFe6o3ns5cLPiZQlOJMyJ6rH0v-PXtUeLfS-XH4V2ZXCgrpZ9EMg8Jc30ppwpzdPAxJP9t2Kw9JjhdErnU9ggwLdCJLTDmJh_dkJpUida0skhO6VO8Z4ukKc1WwAmOL2IfYYWEKsH0x6Q7HtvCrhEGuDcB_YUyE1GPZvNyaRgk5SkcOVOGIkZdEMZCF6dbETCEOy4Xhh_jZPhxjndlRh2xOi0Rzhpx76gFpKqvwRoIf27FGpgsgmPI0SnpenQcOY-iTucQkJXEWvK1Yr5eb2PAU-PWAjuV4iA9Cn1OWFLDjTvlNhrhZ1yQqeR_2dVPvhspSRNk9K2-FvxgFRxcRGpwZb9D8hMXolEE_1fETaDzmQOvtiW7QRCgiCundsXJIOB3ib8ybW0Qe76W-f4Jqt-Qg2X9LWCE13asBRx5r3JazmrkWdtwngi4NCIteZ2HwY2IPjKqX24GY4FudzUxLk_hc7Q1KEdW5b_sehmk7H_9ZYs9FRvobLrSeH75ScLfyKBf-lUqZsCRM55Vd9PzqFAZX-6bkTesN3e-5FmPRqe53a5TcSqvUWEHaHm_Q1F3yCO-TCZ7npdEhnp6J55OEgO6k5g8h8cdjIKfigu9yQMV4e63Ynpk1bnZfO4bo-454iZwqF5xoRP5mTGi140nf6OflHRKTVgq4W2yqlTTNnEJXNy0H_eq18O1lrdt8t5aXf3zKA_NNu6Q8QVYwoVjrfX62vj2ICjcbQawfG5tJGG7w7GlXHUM_xSkDV9q6GxDUxfABmtWTv0AfH4vX6wMMq655dh-9ximfQh3CQhFD55xiQSE8fk2kJsX-O1FRHAUdiytPikjw2Yys--a6JtTFnal82TWZbPzjhPkvUB2Nc42JZcrO7mEXazs4KrWUdVwEea6906lVHAXNO0ZNHyjXz1kBVYDQ1crskwxWv0qVXGqkZky3ieCCcc2Y8kPoF0dq8iPM64-IU0pCdvJMZmXBlC5IFMewQRgjVangimtTirSg2ehJCFWdsVK3ZMhmoWLjLHJ5YyQNOOriPwRwc0jnDi8QMqPvKKMolsK0VK_Dz_wuB6miK5dGqK7rdoPNscKeohLkCa3FPDmhg8FY5iT9cj7wUMjZ1ElQ9swJ_WGauAf45ZaUfhpc2YEUsLnFHFza_KqsVXsqWASTHf3UKHMIySqjKP-kVc06O4YQ5fPcuib9ks3I6GHhJOzBrvCHxVU9XWW5gUJ2K6pSLFMWXRWtshmYqcIO6njuuG6G0iLnVGmkREfpzNtLQjYQTR9cTADE_j0PQbMYqlHW9Jmkw-7pYqfK9yISEXay1EebUyNWUdOeoYvrVCDpg08SdwaV6eKwdYZzA5V0J2bSKmB_ZPcPUJoF5lUOipolYTTiAQwUZblBzoZQFiihdHINAgAD-qzgy8idWPKvYkzDiqLTJm0u9JAg7ShHukkCvwkwN17ejTIYEn3_5YeW0Et727aT1_L_dioqyboEip1TjEqXGW5nDDTlRJ6jz7cINpUtzc1FYBFrJ-AXxLNv8TndyoTR8wX_GqLD2eIX9ltn1fTdt3fvgkbxjbv0Gn-3M-QjLLi_mCWD3dGwAxdxbF1vNwbTIGC4z4NvwrtSabScLZ_t7WG-bD1wlTu74jWB70UH0i-4Y1Ezphpl5uACJ_sDaIClbc2lRU7DvN3DPSnPvaAsT666JOVtPNeIK3tZt83Hg_T0fl2QFFwnUJJtGMa5Q1terJDTs-are7PmIzmeIUT0kc7qbNp3A-PNtKRit4h_EDdiUEbQ3saHNsOAI5rNCn0peyJd7z0wDUK2KSgPPDkjQCaPISygBde0QLTw_WioXFjF_9QCOIX2vSoD0RFskAD0m-4x-lod3XBHLCexcBKBvHN8YXIgRjs65HdxuX_nU-FpwJ_Cfko8BQI0cemEtbzHJJ5YRoa24G_ksrd5HDRli5prP2IWRn_rcwclN0pPrQxMbqhSv3uq0FkGOYyQnR_EEVerkFyDmyh7WdME3ZDB1XFw2BzMYVOR4y0LOsDDtHMqQ1KpfCyNHi6HO3iSkfA7JNoSVqvkDMqmpCgvCq2dJKabzIgvnyE0iPOtxwiHv2okGtIPPePGzQYuIsxBQdgPNKumez6-IgLxv8Yxpuqr7YTDAX_cBn8Y2nC6YPtkehx&cid=CAQSOwDICaaNYnt0tPYY_xVOGJao4yWBNQOmBWizMN64jYxCkeHIyw0d0goXFIVvbtT0DWRbvEw5SlyjRdVEGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=9376248408820097000&adk=3944675600&idt=106&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
30752
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Oct 2023 13:38:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B224 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
54773
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Oct 2024 06:58:24 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 21D0 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84907
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 22:36:10 GMT
etag
48472445140208031
expires
Fri, 06 Oct 2023 22:36:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 01CB 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1459c4f6a79e1e6a9cefa5531ce5ecd663fc878952387df09cf52c8abc89d9dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
v2
id5-sync.com/gm/ 		276 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v2
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
c8d9e7465f0dafd4088fdbfd3ccc6e202e35af005fa004690a7781b213dd4fe8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 06 Oct 2023 22:11:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2374 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84907
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 22:36:10 GMT
etag
48472445140208031
expires
Fri, 06 Oct 2023 22:36:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B224 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2734079b0077105a2c1bf60bb9bf633ba7b782daae361910b00cf6832bd73f3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
174
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/174?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=656b9121-ab49-47b1-98f2-d203a2be7977&bctempid=&overruleReferrer=&time=2023-10-07T00%3A11%3A17%2B02%3A00&ts=1696630277629
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
89024af444a880aaa2d0d7ba58fd3da4d922fcba3315994a0617006a6582e3d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4767
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
4-qPt5WTd_IxGl3GMSIj4gdKFrQBsxSaxzsDbabcaKN0vKT8PO_Sog==
expires
Thu, 01 Jan 1970 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 095C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
116505
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 13:49:32 GMT
expires
Fri, 04 Oct 2024 13:49:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1B1E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC63FizG3lhYMag2IEpRxaI&google_cver=1&google_push=AXcoOmS5jMouWEpLhyZbGZnBORNun9xIrNk3VAyCeyi1MGBq5sqPX8lR-oVBuETVZCTI1MXrPwSz4yhDHzKlBnVSYp4Sf2Iz7PP3
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQyNTY4MTY0ODc1NzUwNjk4NA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC63FizG3lhYMag2IEpRxaI&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC63FizG3lhYMag2IEpRxaI&google_cver=1
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC63FizG3lhYMag2IEpRxaI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1B1E
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHujYF8bLAavx7YR_umcgwc&google_cver=1&google_push=AXcoOmSxq1mAhAZ2Wxvd6ZCotRiCSFXZn8kWXVocY0PbScJTnLe7GxgiuuOuG3f_ey_ICDNFItkIoIBGAdNi6n...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4Njk3MTU1MzEzMDA4NDUwOA%3D%3D&google_push=AXcoOmSxq1mAhAZ2Wxvd6ZCotRiCSFXZn8kWXVocY0PbScJTnLe7GxgiuuOuG3f_ey_ICDNFItkIoIBGAdNi6n3pZ7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4Njk3MTU1MzEzMDA4NDUwOA%3D%3D&google_push=AXcoOmSxq1mAhAZ2Wxvd6ZCotRiCSFXZn8kWXVocY0PbScJTnLe7GxgiuuOuG3f_ey_ICDNFItkIoIBGAdNi6n3pZ7W8WIS2zReI
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4Njk3MTU1MzEzMDA4NDUwOA%3D%3D&google_push=AXcoOmSxq1mAhAZ2Wxvd6ZCotRiCSFXZn8kWXVocY0PbScJTnLe7GxgiuuOuG3f_ey_ICDNFItkIoIBGAdNi6n3pZ7W8WIS2zReI
Date
Fri, 06 Oct 2023 22:11:17 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame 1B1E 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGl1GD_yPHzJa4c-iMPWnck&google_cver=1&google_push=AXcoOmSEcbf-plSSZguNzo8QRUXZkw6OMhECbd4qpT-FlPFWt3n3c_TPylP5b37sonKAeMczC80PcuED8-euqewbomfb94mc1t2E
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.71.227.249 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-227-249.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
dds
rtb.openx.net/sync/ Frame 1B1E 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEGG7Fw292elHkpH7iscxgLE&google_cver=1&google_push=AXcoOmSGynx2UMOSAORi_nreYw3--C44P06Yh8OlKXPOLIw6VcwPfNDqn1oWaBB6vj9K1WbC-j4fKKgfVUiDSD6ddYSdO6b6yAmd
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 1B1E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHTlytaJpTnntfnqdhCRdVg&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHTlytaJpTnntfnqdhCRdVg&google_hm=ZSCGBUp514elSDxBXhFiZAAACJQAAAAB&google_nid=index&google_push=AXcoOmQVA6jywHEIYXU-4ec8uT4SmhnbL9LvD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHTlytaJpTnntfnqdhCRdVg&google_hm=ZSCGBUp514elSDxBXhFiZAAACJQAAAAB&google_nid=index&google_push=AXcoOmQVA6jywHEIYXU-4ec8uT4SmhnbL9LvDMz0UQvv3fbhUKqRZLm7VUQqCuHh0df5iamxWltdx4YReFxW1jzc9OMknjkFdQI
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XdsnBBJhiSagE1%2B1YDbdXEVxT%2BbtRWBKNcdCnmq6ocAAGR00%2BX2jL8rBqe2n6z1P3X58sXrbmZDzfTJ56YPCg8qM9TxCcz%2Br1t406ql2E6C7VLkiyo14oIrgwUXpJClXcu1zsGyOiMang%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHTlytaJpTnntfnqdhCRdVg&google_hm=ZSCGBUp514elSDxBXhFiZAAACJQAAAAB&google_nid=index&google_push=AXcoOmQVA6jywHEIYXU-4ec8uT4SmhnbL9LvDMz0UQvv3fbhUKqRZLm7VUQqCuHh0df5iamxWltdx4YReFxW1jzc9OMknjkFdQI
cache-control
no-cache
cf-ray
81213d437b9c5d76-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 1B1E
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPYmjjl1OXC15w-wXVsIrnY&google_cver=1&google_push=AXcoOmSMTOgrSkPXpTv-umCxmG-GbnFLaiknoPOr7WYsRrZom9-kuFeqoeoWVYMGledf4Kh3szBGX7WfHP6AQN3Ou...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPYmjjl1OXC15w-wXVsIrnY&google_cver=1&google_push=AXcoOmSMTOgrSkPXpTv-umCxmG-GbnFLaiknoPOr7WYsRrZom9-kuFeqoeoWVYMGledf4Kh3szBGX7WfHP6AQN3Ou...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSMTOgrSkPXpTv-umCxmG-GbnFLaiknoPOr7WYsRrZom9-kuFeqoeoWVYMGledf4Kh3szBGX7WfHP6AQN3OurCk9w6GsmQ&google_hm=HcVzsGZHm0I66I6aS7G1i_gI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSMTOgrSkPXpTv-umCxmG-GbnFLaiknoPOr7WYsRrZom9-kuFeqoeoWVYMGledf4Kh3szBGX7WfHP6AQN3OurCk9w6GsmQ&google_hm=HcVzsGZHm0I66I6aS7G1i_gI
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 06 Oct 2023 22:11:17 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSMTOgrSkPXpTv-umCxmG-GbnFLaiknoPOr7WYsRrZom9-kuFeqoeoWVYMGledf4Kh3szBGX7WfHP6AQN3OurCk9w6GsmQ&google_hm=HcVzsGZHm0I66I6aS7G1i_gI
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1B1E
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEI00hkIgG3mcyzplASvlcuk&google_cver=1&google_push=AXcoOmSZZCnpz-Ba0EIGqMs8oxPEeF1GboxsdFgrlhjCB1UcsJOFGnYZX9wiBSp_Z-9RBBMhza9uxmQ7Vm79...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSZZCnpz-Ba0EIGqMs8oxPEeF1GboxsdFgrlhjCB1UcsJOFGnYZX9wiBSp_Z-9RBBMhza9uxmQ7Vm79chKzOR2VrZlVe79T
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSZZCnpz-Ba0EIGqMs8oxPEeF1GboxsdFgrlhjCB1UcsJOFGnYZX9wiBSp_Z-9RBBMhza9uxmQ7Vm79chKzOR2VrZlVe79T
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSZZCnpz-Ba0EIGqMs8oxPEeF1GboxsdFgrlhjCB1UcsJOFGnYZX9wiBSp_Z-9RBBMhza9uxmQ7Vm79chKzOR2VrZlVe79T
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 1B1E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IXbBRwgdc5i66iuAD5RcvprNJoxdbggcvecFwF_pYuLtwW2whsZzwAVfY1bf_B5xeUx5jd
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
300x250-IHG-EN.html
s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/ Frame A507 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/300x250-IHG-EN.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a0f5e1d7ff29b34670d0fc3a12341b0dca72bb90929c3e6c441f41b84f94765
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
343318
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2371
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 22:49:19 GMT
expires
Tue, 01 Oct 2024 22:49:19 GMT
last-modified
Fri, 22 Sep 2023 14:31:23 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 55C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsucEfcHuseY7db28OXuUJb_wqqzNuDtRp7wI_aUsbR_-GufUPdR0nv49gnihftwpSkOhfgevmDxoK2MlpY0_sN4i_1Cqc_sCJJGIwShaF7EYnMRSv90VFyHlvCiPOtnj5QpwfXK68Cu945gjKVjq9Pcwlr6moSrNcAGlfEMu9H-lWdiw7dsH7bbw3nZ_-KYcEqyqqQtILMVk0RlIFmUxYvIbyeC5pS96XmO0jDCZARMbFcIfhFOiO6VuBDo8lvDLfSgAg0G7bODVN3PrHJxxzsyZr3AxPRxy5dtITWqYLB68p5ycT_b60qH80gz00aLZNLF6Hyh6WonABxieWtT64WSFU2KETMbUqWKnFHh7ZbA9NDxFL6NdS6CAWV1W307E2efi7C58Kv7Nsvzw3OjGlEctR61QRYMOsr9HPZEkvafdCgyLnxpq8EWfznEz5A3xjj3doNH3JMmIkHeTSkvdc2lGOH1pHtVLXW4H3_BqtOW6N1jESmRqPRsaRNg8p5BDgTa5-U_AUXDzjLSTYv9XUP7QBkEKQSeob_7Au4EiNhdTr5i2vXRBmrg2GCkqi_t5GJ2nyg8fhSBxFcd0j437Pu9QPwckQxoIz1D-UoYVhQhmN55AenbsH7P_G-RXTbPxe_lIw0zXyrI5JIL4ukJsXjO6LhI8NiugzwIxhyKzd1FbOtjePuQh_0Je8p1DllGinvouZZWHbnn8W1Zf_HGRH8zcixKSicwpAQTY5jI8yit3sKcjPeFVaD-O6TDuIqGkOg0wsL1xloN7ykz8yS9djxY4xoec0cMA7BvE5WJZntHHFdqPySVCiznNmY4wqyk_N-twVXR-_oeZKQ5iEwbrMKpDW4ciHIVXwoHjQi8MVTVLhKOjHzQLMgNTX-3s9nOERfyKQzRU9Au3mm5l8zSrHcaOMmLYBZbZfNQ-3b_hs8Rr7tmxR5PaWp4gYwQidEN-_IuPsSB47jyfN_kB07cVX98tkfW6t5v-oHLRxibrfXxX--OHL7Pcc8Atsu31fMYKST3rNwJa5tssHpRRLIE3llItLaX99gBgWeJoQkeWndH1zyy3uIXAVvMBdVHWGdeFtlRfpf_Tg2I3WMe-H7KfrAZxhrM3O7M52JFyPPYXdAgKB3lRBzT3UEhwt17YunitU_44dsdFsazdWJ3JioXr_K2-YpU0il3PZsig8zZ7NhO5uRmXm4tSVxy6FdQJCxLtDr2z3h2Jd2SWWKZpXU-OzpBtfcdsynflH5WuR3x1euti5ijThtNegLrGeeBO7BIvZSkIlQXW_Np77LEAiD7eTVfPRrbgrVIy0ACNE-o4jSBGit2SWFmoF4pqJ3YB4zHRbCxgVqnC4tyl1r_-uYOgg_Trlqa0dZv2N5vetlnPI6yzkXIdWSgrcklGnXv4ylPObxgwUvr&sai=AMfl-YSspiw52NsIvyu6R9m2YDwNjOnWOmajyrCM5MLIfSgzONLP-W_mHExvAZRAhDRsyhTXZh8BxOa2wQZXzG5ly1DuUnJubJqnj8W9pner5Yz29386oPqxPny4Hr20j7NB1BBoeGQoaTQjDrg7jHadeorys2LWI5fISjAL7hkfPpXHxN49Zj9sp4LyiGq6k9gVkIflnESGqIAJuWM1-GMePtmqzzxyqHtxf5dPeGFsnD5wh2LOfNQOz95yDC-nUIzeKDPZECtK8Np1NPwsz6EPTFq3s_o-SA&sig=Cg0ArKJSzKRylr6toXKEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=179&cbvp=1&cstd=176&cisv=r20231004.77206&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 06 Oct 2023 22:11:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
firstevent
ihg.demdex.net/ Frame 55C1
Redirect Chain
  • https://ihg.demdex.net/event?d_event=imp&d_src=17025&d_creative=199413901&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=1176382447
  • https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199413901&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=1176382447
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199413901&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=1176382447
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
34.255.92.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-92-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v051-0bd2d01a2.edge-irl1.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
J5bXWtaOSCY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v051-037b42f7b.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
dkhJ6yyJSl4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199413901&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=1176382447
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
300x250-IHG-EN.html
s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/ Frame 9DBC 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/300x250-IHG-EN.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a0f5e1d7ff29b34670d0fc3a12341b0dca72bb90929c3e6c441f41b84f94765
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
343318
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2371
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 22:49:19 GMT
expires
Tue, 01 Oct 2024 22:49:19 GMT
last-modified
Fri, 22 Sep 2023 14:31:23 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 01CB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPYl6VIqdgG3I-1FOFcR7aj7lwtiOXBDZoXCnk3HRyRSo5lDMBbu5UTYBVHLMWrQo64oj76K1C4aocv49DIeBe0HwR3D2lueOtFpNY3kq295A9upt6MlSlEO04ZVjivZfyBxIfWVVkRW-KExkFE3KQ9zW_LLKmhF9ndMSZYCGRijMNzBTEDSyDW-jkrPld9saL-c1Cfj9C5a-xbaz8HJ8RQaEy5IZJPXKitAUGD7OKELSM_9wZwDA-jn8aG4TTFXvTRMqoRksadQEfFj9XeRiBshBWi6t9mMKj2dIru3b_EFvoF02DWfhOpWYxNZ2CbriKo3P4SMyyw_GlVeC0tUDoF5IeN-hSL99PveGhsXcoiRZemnXx0kiqQSF5RT7VSIZZhe32nXXpK3fsH2eJfPK44V_xvixR8lQcze2VN17rR9BzsdW-A9AnvaSDvcxqChffx5ddrJZlTWiUmmC7rlz824prIz8GovbSzBDr56UzFNeApk3royXYipc2k7ns9M9CyHUFFrXVpQydggKGQQYob4qcvsJhuBUpJj5ssN3z50ngnvl2ZhfRDOu5256fOHBOPzK_gHgDZVfHlyRS1Uyq7a58XBfHwHSvyjqSaLiNnU83RM835aEYQvoKjYkTGAl3unx2cWhAyFcsD1IVQVHkZODp_PTOhCUtmT3K0sogisa6z4boQU4fFYBQigQ2ewk7oENLl0jJthLFqQkZlED4uu0jbSZy-1KKfBSgbBLSQiLIGst-M6IzfmBmfoRKAsjhP4y7v-w_HBGMPRwznhI5X6Djnns9GawimGS0seJN6_xO1SloKguhE4XtyVCgs5Z9EjBeCbEunPprEk7MNO1SJVfJy4Ze1jHQ3lJrfD2ntQp2yytpIME1hEEXWkJMO3wUpD9m8wlps4eYPv8VkTzFFmCiud600J7SPoIguCvHsk7Z7NFU3mcsfDcKR2MG173xw-9nAmmxf15V-wJDVN_l4NXD7CXZ8jPDfWCReX9NFIKx6XOiWPI7yaw8TPYwzDMZm8rF7wVzNF7qw6eoFIpxs5D7MJSNJQbxeeBo7B7IVr1toWA6wkfT-l6sgj1lNrtYlE5QaLONW1FyELSusReCf1NMuZQ0VPK_qYaCX0F-SAahJk3RqdFuzn-xnO-iEoA42qpNXY4-TYnUBtYh5UQZbTHT_baDmAl2UHTLMghZP_1ThIjyTOL2lsOwYl-vY2LdcqQz9kugV-7qNDgQ08I5DOOVm8qbd8UajsE0KHJ2CzAlnBKNbnhCnEQ35vSgPzuumM8HBEAYyQO55asm65LXiTnIhm1_QUrxNEVA-m-hYTdvkzrcA2tT5Y7zQ9SRO1Uumf8cB0hQVx7uzW8Ndamj6Nui-BSj-DBA5CrCZOxlyLOTb17-nN3XKpBrMMi7QK91nB_1V-bOSQ&sai=AMfl-YR-2RDKrsPKnL1cGdD1m-McoZGE0jws-bUUjrOqF8TdwKfJnfm5EpvoRqXRC2ocCrZZdFRqbiEHyvaougmNBynSKSzX2nv35OIFkbifj3BgcsnXBpMG887AbHwXzDpOGcgE48f55DvJ3Y_Af-thxwQRMjVLcngVzK20MhcC7iLU4yOSbTOa97Os90to6Q1alWTgNs_WkjUs5PuKwWxRt8FIS5EsIze71qyF3Ym-UI5Bq2ffAbqAdy-79TAeDOuKFk42snhjmiR08_GbapAFttrgzSeELA&sig=Cg0ArKJSzKTn1g7gNtzPEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=141&cbvp=1&cstd=140&cisv=r20231004.06788&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 06 Oct 2023 22:11:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
firstevent
ihg.demdex.net/ Frame 01CB
Redirect Chain
  • https://ihg.demdex.net/event?d_event=imp&d_src=17025&d_creative=199413901&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=4166958040
  • https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199413901&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=4166958040
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199413901&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=4166958040
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
34.255.92.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-92-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v051-049aabfb2.edge-irl1.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
iubHnzfPTf4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v051-052b5c1af.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
6suNT6stRCw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199413901&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=4166958040
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
300x250-IHG-EN.html
s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/ Frame A01A 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/300x250-IHG-EN.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a0f5e1d7ff29b34670d0fc3a12341b0dca72bb90929c3e6c441f41b84f94765
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
343318
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2371
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 22:49:19 GMT
expires
Tue, 01 Oct 2024 22:49:19 GMT
last-modified
Fri, 22 Sep 2023 14:31:23 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B224 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWW_icCbkSTyVrKr9KulAvd_R_Ccvlu6UL2SweXWYJGH-ck3KH7eJw9Au9gKLniB9XYCYxBQ2QMqmtAAy9d67v5mILjXW-ioSU7B6lfUwx0D2vrnEm4tT-TNZtLWy5CZsGuyJgQNHUw8vK6ONfOJ5IMeE7Mw3nNN6b22_HgDKYSe3KwqsQvkGhnjQfK90WSlqHKhYXbwQRhJBa3QQ7bZJEynbdGu5p4O7MNTRcXnHwaZBBObpptTtwmv9bH-aZNkvxddu__e3j9SnUAai7N1_vsvU3AbxKnktMjkjBehFOMz98cKd_iOI3bTB11fKX_T3CphCWh1mmgQ1SDkSrxj6E-Pc2hz_DlWC2PpfTPMmmVeKZMBw0H_3pq279Ma5NiLvD_FRLTJUdRVAFgoaMLeRbVMWOmZbg7My3pZox4dahwzeDaCS2O1C2kHlxfbEBiILrsMx7w9pRC-ydP1OrMD-GjKbq555tLjLvV4ZlJmh4IcL2f2ptlWVK_pLGYKeO-dz2DlJ1VExmkSn0Pej89bm6rFx-f5clHuLODJEEd5vxBRu4PY3nqKDPiW_cYMNu4RX1Sj779qn0ar14PVl_xciYhO9zSsCQCR8QmPZRfpSTDsu8sjtVCJoolg1DQbPdChZdVAYZ19TvTE78CVSCE30fl8YDMgs2m2jUpyXAh9xdefojPqht8BAy-kd_8ccrhN6gO_kQ1Ze34SULlNtTc1rQ8v5h7eJkbcN5vaBTF6iUAmA48_Q4nCneUFc0qcNjSkXTHVyqB_kUxisdXCV8PXB5ROJG7XsiUYgiXp-cR2IkpuyLhzcEVCKdvDwsfrfHGc5-udMNvVxdV3Kfp0JCDsZZ7Co0DtOZQjkuYjW0LyRBWxzERyXmLhxvMMYlbzdBROdVW6Oa900Y9btvOfZP-twDbZ-jC1EXl8LwC2yS7OH7RXAFhTyuYcM96wdHGC8aazRgin0UdmU5bfttf-F8ChKIrmLZ2GxDBJks5kriIK-8Rh4cnvfFtmbxQhRSkpgh1I9NnzbkJvXq0OXBWjwsdUsE6qsWzWDWYs0FdxPC5ZlCABNzfCQJYBgd9xtozR5tmEPazUPUomSSmF_J2523KQ6E81nkv-DE-dNwVLbvL_Ac0C4h-khttWCZdJSmg4o-OKIzGFFq_-658dWWcXCfqKcxzpmYiEdmw8CRFPe0cctuKEt931C0l57sYbazzacAC60YSbfhB2PTOAjPHIvJZK0LZ0gveFv5zaH46Rlo-kxQe65Z4-cODn7tQVxkjear76qdorHm6Aiue-MDv_V4skrI4R2L--DNiMUpDLEWv3xkTYSB_e5YrS1B0_zkLvODXcp2f-1h8xF-njEgqNipmhufWGawScny5XfPQ-X2gl_fVmb97eOUDAmn1et4mL_K4VOsRePGUuzvQA&sai=AMfl-YQIxUisNhEFH4BKVsVzyTJRHqLjpF-LcyYUtM4jO-t8vd0rFBlKnNkRohKtSv-N0Uoq8cnfGsXH4TW0DtIOe0XKAMqIlkFmqLuoHZU2VkHWQmkcHiY3KsERdVmW6e18L9JPwbduf9OAjbkNtL_u4oc98a00fOhMXcuCegjGxT93mhMNmRNVHx_j_L2sA0VNwR2fwaNxgP_bxQvzWFNWDUH0TvbAsmOFykmnvBlSnfoUMwjg8XboJdHSxLLAcnNhRw7G1ntxX6tLS-ND56Y2NVuUIN9o4g&sig=Cg0ArKJSzMiq-d3tG8ejEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=143&cbvp=1&cstd=141&cisv=r20231004.08394&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 06 Oct 2023 22:11:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
firstevent
ihg.demdex.net/ Frame B224
Redirect Chain
  • https://ihg.demdex.net/event?d_event=imp&d_src=17025&d_creative=199413901&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=3173044097
  • https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199413901&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=3173044097
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199413901&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=3173044097
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
34.255.92.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-92-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v051-005d9595c.edge-irl1.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
9dQyFEcNSUA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v051-0dbbfaa59.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
LI+GCCMbSKc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199413901&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=3173044097
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
current
dclk-match.dotomi.com/match/bounce/ Frame 21D0 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKM81KUel4cnVuNL0jI0A2w&google_cver=1&google_push=AXcoOmQ_76imtgW5FuJDNW0Vm8XhxcVHbEF4xGwtYC7k4FjNyTamTk0HBo0XoLyv-9g5simV4X8UrWiHsQCo52Y14jOm6RBKHHg
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 21D0
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGGTgRCu_RiMTj7nLkrhud4&google_cver=1&google_push=AXcoOmRUtFYcWejR99PmRcKLPv6oxoys13fqRjua3XdN4KGLMG3-3rm0LmQyO4kThkKrSvQdo3GZKbcYyS6ks-30KByf04VpZRFF
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5460645101BF4468A7969F24CCE7C9D2&google_push=AXcoOmRUtFYcWejR99PmRcKLPv6oxoys13fqRjua3XdN4KGLMG3-3rm0LmQyO4kThkKrSvQdo3GZKbcYyS6ks-3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5460645101BF4468A7969F24CCE7C9D2&google_push=AXcoOmRUtFYcWejR99PmRcKLPv6oxoys13fqRjua3XdN4KGLMG3-3rm0LmQyO4kThkKrSvQdo3GZKbcYyS6ks-30KByf04VpZRFF
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 06 Oct 2023 22:11:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5460645101BF4468A7969F24CCE7C9D2&google_push=AXcoOmRUtFYcWejR99PmRcKLPv6oxoys13fqRjua3XdN4KGLMG3-3rm0LmQyO4kThkKrSvQdo3GZKbcYyS6ks-30KByf04VpZRFF
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 05 Oct 2023 22:11:17 GMT
google
match.adsrvr.org/track/cmf/ Frame 21D0 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE86AH-1twd3Ol7Oe8ykbsU&google_cver=1&google_push=AXcoOmTTMuh4uLzzSomUwKAFkpj7JsQGl1UDRg_UY223M669czFdIpvV8JJ_CXBGkKQsvpYmuMZhbg8zMXxBzEY0awTp0cqm4J5W
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
server
Kestrel
content-length
70
content-type
image/gif
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 21D0 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMJfcLfuW1M-rhXEn9jOq00&google_cver=1&google_push=AXcoOmQdFUK0xxZ3Bth0C0_tSQjyc6d_tO2LnfSECe9v8DPZ_mnWu60IQG37fnYeQCfsVVbD1iO0iWXAc270oyEndK0xFS9NF-2N
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 21D0
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEI00hkIgG3mcyzplASvlcuk&google_cver=1&google_push=AXcoOmQEtx0MFZiwhhIGk0v7iAPa5G1K105Q5Sfp2UUBuOXPxxkEqEUcKWNO4uIJYkmlPmHfvFhLIGNA7i1W...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQEtx0MFZiwhhIGk0v7iAPa5G1K105Q5Sfp2UUBuOXPxxkEqEUcKWNO4uIJYkmlPmHfvFhLIGNA7i1WXpDCqiWwDqeOHnH6
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQEtx0MFZiwhhIGk0v7iAPa5G1K105Q5Sfp2UUBuOXPxxkEqEUcKWNO4uIJYkmlPmHfvFhLIGNA7i1WXpDCqiWwDqeOHnH6
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQEtx0MFZiwhhIGk0v7iAPa5G1K105Q5Sfp2UUBuOXPxxkEqEUcKWNO4uIJYkmlPmHfvFhLIGNA7i1WXpDCqiWwDqeOHnH6
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 21D0
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEI00hkIgG3mcyzplASvlcuk&google_cver=1&google_push=AXcoOmQl_DgVdIHZbc4aZq4hRQPM8DItF5pfzoFcsOLqob0N3JsaXHfLjAQe8stSypeZI-Kq4Dtpw474D80...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQl_DgVdIHZbc4aZq4hRQPM8DItF5pfzoFcsOLqob0N3JsaXHfLjAQe8stSypeZI-Kq4Dtpw474D80dBjhD-qnyVTnzLcS8
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 21D0 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEweBCGA9pAFvCLqyCoPlfY&google_cver=1&google_push=AXcoOmSjNUefPt-R-XwtYLGMLaXlZj8OYKpZCMhQOJBttbtqg1HC959PhJZtpNk3ZNTFoAI4WiTt2ydrLS6H8tT21vN7dmv4CE4uCg
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.71.227.249 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-227-249.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 21D0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JbLLd6us2VopWrpIwmnPiTO7uQC097JZ5BVCWhSbh4OmoANTrb9LYY2vnhhNI0dtI_hdTymDs
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.182.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-182-115.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 06 Oct 2023 22:11:17 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.182.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-182-115.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 06 Oct 2023 22:11:17 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
pixel
cm.g.doubleclick.net/ Frame 2374
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOXN7wfJBmfvCMCX4hdE3j4&google_push=AXcoOmSCl1_kDjm4UGYl0P3NsIFjYjUdtu3ZV0IaZ3PEogHy2Cus2rWsPV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOXN7wfJBmfvCMCX4hdE3j4&google_push=AXcoOmSCl1_kDjm4UGYl0P3NsIFjYjUdtu3ZV0IaZ3PEogHy2Cus2rWsPVnQzWhtpeEPRP95dhUUrWPcGYgEZWtdLSxmYLa1HzCs_Q
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220045-FRA
pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1696630278.751880,VS0,VE88
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOXN7wfJBmfvCMCX4hdE3j4&google_push=AXcoOmSCl1_kDjm4UGYl0P3NsIFjYjUdtu3ZV0IaZ3PEogHy2Cus2rWsPVnQzWhtpeEPRP95dhUUrWPcGYgEZWtdLSxmYLa1HzCs_Q
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 2374 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMJfcLfuW1M-rhXEn9jOq00&google_cver=1&google_push=AXcoOmSEHOSgsCxa5yANHUIOm_NZeNw7LcnbnFWS4FzlHfb89F2P0Ci38sqae3bkXolJAOHOFpLt98sj0ZwtxUydjcJQ2rjJ4X6wbQ
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
x.bidswitch.net/ Frame 2374 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGl1GD_yPHzJa4c-iMPWnck&google_cver=1&google_push=AXcoOmTDnpVJojBLOb6MP4Oy4OaN1k2yj0mAp10or5vQzBdWNHBEANGWSniAbjI9eUD14G7_ExT8-9Y5oY_cmya3rjvOaxjSjWZm
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.71.227.249 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-227-249.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 2374
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAxaBBJzn-CbXA3Msw3ODG0&google_cver=1&google_push=AXcoOmT-92IV1AMnFlxkE-QtJMPJ4aje7P9KLiVLqr3yEPArmSqU2pURrbp7BpCk22YcqO2FWnh...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5GNVVaUjctQy02Q1E5&google_push=AXcoOmT-92IV1AMnFlxkE-QtJMPJ4aje7P9KLiVLqr3yEPArmSqU2pURrbp7BpCk22YcqO2FWnhAzJIZ01OrP0gm69TaR2HR3HVK9g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5GNVVaUjctQy02Q1E5&google_push=AXcoOmT-92IV1AMnFlxkE-QtJMPJ4aje7P9KLiVLqr3yEPArmSqU2pURrbp7BpCk22YcqO2FWnhAzJIZ01OrP0gm69TaR2HR3HVK9g
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5GNVVaUjctQy02Q1E5&google_push=AXcoOmT-92IV1AMnFlxkE-QtJMPJ4aje7P9KLiVLqr3yEPArmSqU2pURrbp7BpCk22YcqO2FWnhAzJIZ01OrP0gm69TaR2HR3HVK9g
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
-
s.ad.smaato.net/c/n/// Frame 2374 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHXiG4rx1YTMPJXP6vG12to&google_cver=1&google_push=AXcoOmT4fuMOk2lEEmHAJFqw354oROdJruoq3ROXmia8b95kX2OWcoJaG7YiV8HkLAUCoS7STdXSuDkXThYlQUJWnpk1Lfs62LMQ
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:de00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
cache-control
no-cache, must-revalidate
via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
MGN6jR8b4SHYdXcL7tXF_FPXWKb_NExhjqLuMksKkvD56sSeugDUsg==
x-cache
Miss from cloudfront
pixel
cm.g.doubleclick.net/ Frame 2374
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEI00hkIgG3mcyzplASvlcuk&google_cver=1&google_push=AXcoOmQqb2s798yc5dytzpQnpok4ZlkAPCL65OD49-ribb8TKfD7M4wOYuwgfgkH2WpCfcpUyFb-U4uSUF8S...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQqb2s798yc5dytzpQnpok4ZlkAPCL65OD49-ribb8TKfD7M4wOYuwgfgkH2WpCfcpUyFb-U4uSUF8Slo6hXtErQaoqkdLUJA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQqb2s798yc5dytzpQnpok4ZlkAPCL65OD49-ribb8TKfD7M4wOYuwgfgkH2WpCfcpUyFb-U4uSUF8Slo6hXtErQaoqkdLUJA
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQqb2s798yc5dytzpQnpok4ZlkAPCL65OD49-ribb8TKfD7M4wOYuwgfgkH2WpCfcpUyFb-U4uSUF8Slo6hXtErQaoqkdLUJA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ebda
match.360yield.com/match/ Frame 2374 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEJjk_iz6Qyf8DMA5EgKfjKE&google_cver=1&google_push=AXcoOmS8WEwmfwWW6d33ertX_Tg-S21qIOD2N0HNpEBbWDFCfwO58g5rwCY76zd0PxgmuWy-QElLL623YfFbH02fWm99LmmqlWcBCQ
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.243.192.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-192-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 06 Oct 2023 22:11:17 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
attr
cm.g.doubleclick.net/pixel/ Frame 2374 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ijdkcrpg2RVPFvJbbGiVIGyUDgKtgYf4PVURKHE06mzjJiCeTdwjhmXTTKIKIhaLpXle4g
Requested by
Host: 48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
URL: https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
getuserdbdata
app.matheranalytics.com/u/ 		54 B
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.matheranalytics.com/u/getuserdbdata
Requested by
Host: js.matheranalytics.com
URL: https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.255.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.255.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 06 Oct 2023 22:11:17 GMT
via
1.1 google
content-type
text/plain
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
1-gc-use1-c5270119
execute
c2.piano.io/xbuilder/experience/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
212fd0273860de34d223966448ce0be817de5407e97ad7d78c49034056a99c30
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
lhd3uq6ni7
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
81213d440c891c03-FRA
createjs.min.js
code.createjs.com/1.0.0/ Frame 9DBC 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/300x250-IHG-EN.html?ev=01_250
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:f::213:7edc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
300x250-IHG-EN.js
s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/ Frame 9DBC 		58 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/300x250-IHG-EN.js?1691589115398
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/300x250-IHG-EN.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c73d277d15112aa16567256f76275c0d205bbe80b00a6685faf5085ea1068e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/300x250-IHG-EN.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 04:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
238239
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8579
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 14:31:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Oct 2024 04:00:38 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame A507 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/300x250-IHG-EN.html?ev=01_250
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:f::213:7edc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
300x250-IHG-EN.js
s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/ Frame A507 		58 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/300x250-IHG-EN.js?1691589115398
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/300x250-IHG-EN.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c73d277d15112aa16567256f76275c0d205bbe80b00a6685faf5085ea1068e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/300x250-IHG-EN.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 04:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
238239
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8579
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 14:31:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Oct 2024 04:00:38 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame A01A 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/300x250-IHG-EN.html?ev=01_250
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:f::213:7edc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
300x250-IHG-EN.js
s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/ Frame A01A 		58 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/300x250-IHG-EN.js?1691589115398
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/300x250-IHG-EN.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c73d277d15112aa16567256f76275c0d205bbe80b00a6685faf5085ea1068e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15387406038508503040/300x250-HI-DE-refreshed/300x250-IHG-EN.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 04:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
238239
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8579
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 14:31:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Oct 2024 04:00:38 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 02B5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
116505
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 13:49:32 GMT
expires
Fri, 04 Oct 2024 13:49:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2831 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
116505
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 13:49:32 GMT
expires
Fri, 04 Oct 2024 13:49:32 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
pagead2.googlesyndication.com/bg/ Frame 095C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 07:33:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
139089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14668
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 07:33:08 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-TLXFLCR&v=3&t=t&pid=1036974437&cv=416&rv=3a40&tc=93&es=1&e=*&eid=886&u=AgAAAAAIAAAAAACI&h=Ag&tr=1ua.1gaawe.5gaawe.5ua&ti=1ua.1gaawe.1gaawe.1ua&z=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
pagead2.googlesyndication.com/bg/ Frame 02B5 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 07:33:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
139089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14668
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 07:33:08 GMT
21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
pagead2.googlesyndication.com/bg/ Frame 2831 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/21mMSjfcZkP8uSd7DAhQtto60Pqa34G2w50Go1Kr9uE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 07:33:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
139089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14668
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 07:33:08 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 01CB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPYl6VIqdgG3I-1FOFcR7aj7lwtiOXBDZoXCnk3HRyRSo5lDMBbu5UTYBVHLMWrQo64oj76K1C4aocv49DIeBe0HwR3D2lueOtFpNY3kq295A9upt6MlSlEO04ZVjivZfyBxIfWVVkRW-KExkFE3KQ9zW_LLKmhF9ndMSZYCGRijMNzBTEDSyDW-jkrPld9saL-c1Cfj9C5a-xbaz8HJ8RQaEy5IZJPXKitAUGD7OKELSM_9wZwDA-jn8aG4TTFXvTRMqoRksadQEfFj9XeRiBshBWi6t9mMKj2dIru3b_EFvoF02DWfhOpWYxNZ2CbriKo3P4SMyyw_GlVeC0tUDoF5IeN-hSL99PveGhsXcoiRZemnXx0kiqQSF5RT7VSIZZhe32nXXpK3fsH2eJfPK44V_xvixR8lQcze2VN17rR9BzsdW-A9AnvaSDvcxqChffx5ddrJZlTWiUmmC7rlz824prIz8GovbSzBDr56UzFNeApk3royXYipc2k7ns9M9CyHUFFrXVpQydggKGQQYob4qcvsJhuBUpJj5ssN3z50ngnvl2ZhfRDOu5256fOHBOPzK_gHgDZVfHlyRS1Uyq7a58XBfHwHSvyjqSaLiNnU83RM835aEYQvoKjYkTGAl3unx2cWhAyFcsD1IVQVHkZODp_PTOhCUtmT3K0sogisa6z4boQU4fFYBQigQ2ewk7oENLl0jJthLFqQkZlED4uu0jbSZy-1KKfBSgbBLSQiLIGst-M6IzfmBmfoRKAsjhP4y7v-w_HBGMPRwznhI5X6Djnns9GawimGS0seJN6_xO1SloKguhE4XtyVCgs5Z9EjBeCbEunPprEk7MNO1SJVfJy4Ze1jHQ3lJrfD2ntQp2yytpIME1hEEXWkJMO3wUpD9m8wlps4eYPv8VkTzFFmCiud600J7SPoIguCvHsk7Z7NFU3mcsfDcKR2MG173xw-9nAmmxf15V-wJDVN_l4NXD7CXZ8jPDfWCReX9NFIKx6XOiWPI7yaw8TPYwzDMZm8rF7wVzNF7qw6eoFIpxs5D7MJSNJQbxeeBo7B7IVr1toWA6wkfT-l6sgj1lNrtYlE5QaLONW1FyELSusReCf1NMuZQ0VPK_qYaCX0F-SAahJk3RqdFuzn-xnO-iEoA42qpNXY4-TYnUBtYh5UQZbTHT_baDmAl2UHTLMghZP_1ThIjyTOL2lsOwYl-vY2LdcqQz9kugV-7qNDgQ08I5DOOVm8qbd8UajsE0KHJ2CzAlnBKNbnhCnEQ35vSgPzuumM8HBEAYyQO55asm65LXiTnIhm1_QUrxNEVA-m-hYTdvkzrcA2tT5Y7zQ9SRO1Uumf8cB0hQVx7uzW8Ndamj6Nui-BSj-DBA5CrCZOxlyLOTb17-nN3XKpBrMMi7QK91nB_1V-bOSQ&sai=AMfl-YR-2RDKrsPKnL1cGdD1m-McoZGE0jws-bUUjrOqF8TdwKfJnfm5EpvoRqXRC2ocCrZZdFRqbiEHyvaougmNBynSKSzX2nv35OIFkbifj3BgcsnXBpMG887AbHwXzDpOGcgE48f55DvJ3Y_Af-thxwQRMjVLcngVzK20MhcC7iLU4yOSbTOa97Os90to6Q1alWTgNs_WkjUs5PuKwWxRt8FIS5EsIze71qyF3Ym-UI5Bq2ffAbqAdy-79TAeDOuKFk42snhjmiR08_GbapAFttrgzSeELA&sig=Cg0ArKJSzKTn1g7gNtzPEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=291&vt=11&dtpt=150&dett=3&cstd=140&cisv=r20231004.06788&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B224 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWW_icCbkSTyVrKr9KulAvd_R_Ccvlu6UL2SweXWYJGH-ck3KH7eJw9Au9gKLniB9XYCYxBQ2QMqmtAAy9d67v5mILjXW-ioSU7B6lfUwx0D2vrnEm4tT-TNZtLWy5CZsGuyJgQNHUw8vK6ONfOJ5IMeE7Mw3nNN6b22_HgDKYSe3KwqsQvkGhnjQfK90WSlqHKhYXbwQRhJBa3QQ7bZJEynbdGu5p4O7MNTRcXnHwaZBBObpptTtwmv9bH-aZNkvxddu__e3j9SnUAai7N1_vsvU3AbxKnktMjkjBehFOMz98cKd_iOI3bTB11fKX_T3CphCWh1mmgQ1SDkSrxj6E-Pc2hz_DlWC2PpfTPMmmVeKZMBw0H_3pq279Ma5NiLvD_FRLTJUdRVAFgoaMLeRbVMWOmZbg7My3pZox4dahwzeDaCS2O1C2kHlxfbEBiILrsMx7w9pRC-ydP1OrMD-GjKbq555tLjLvV4ZlJmh4IcL2f2ptlWVK_pLGYKeO-dz2DlJ1VExmkSn0Pej89bm6rFx-f5clHuLODJEEd5vxBRu4PY3nqKDPiW_cYMNu4RX1Sj779qn0ar14PVl_xciYhO9zSsCQCR8QmPZRfpSTDsu8sjtVCJoolg1DQbPdChZdVAYZ19TvTE78CVSCE30fl8YDMgs2m2jUpyXAh9xdefojPqht8BAy-kd_8ccrhN6gO_kQ1Ze34SULlNtTc1rQ8v5h7eJkbcN5vaBTF6iUAmA48_Q4nCneUFc0qcNjSkXTHVyqB_kUxisdXCV8PXB5ROJG7XsiUYgiXp-cR2IkpuyLhzcEVCKdvDwsfrfHGc5-udMNvVxdV3Kfp0JCDsZZ7Co0DtOZQjkuYjW0LyRBWxzERyXmLhxvMMYlbzdBROdVW6Oa900Y9btvOfZP-twDbZ-jC1EXl8LwC2yS7OH7RXAFhTyuYcM96wdHGC8aazRgin0UdmU5bfttf-F8ChKIrmLZ2GxDBJks5kriIK-8Rh4cnvfFtmbxQhRSkpgh1I9NnzbkJvXq0OXBWjwsdUsE6qsWzWDWYs0FdxPC5ZlCABNzfCQJYBgd9xtozR5tmEPazUPUomSSmF_J2523KQ6E81nkv-DE-dNwVLbvL_Ac0C4h-khttWCZdJSmg4o-OKIzGFFq_-658dWWcXCfqKcxzpmYiEdmw8CRFPe0cctuKEt931C0l57sYbazzacAC60YSbfhB2PTOAjPHIvJZK0LZ0gveFv5zaH46Rlo-kxQe65Z4-cODn7tQVxkjear76qdorHm6Aiue-MDv_V4skrI4R2L--DNiMUpDLEWv3xkTYSB_e5YrS1B0_zkLvODXcp2f-1h8xF-njEgqNipmhufWGawScny5XfPQ-X2gl_fVmb97eOUDAmn1et4mL_K4VOsRePGUuzvQA&sai=AMfl-YQIxUisNhEFH4BKVsVzyTJRHqLjpF-LcyYUtM4jO-t8vd0rFBlKnNkRohKtSv-N0Uoq8cnfGsXH4TW0DtIOe0XKAMqIlkFmqLuoHZU2VkHWQmkcHiY3KsERdVmW6e18L9JPwbduf9OAjbkNtL_u4oc98a00fOhMXcuCegjGxT93mhMNmRNVHx_j_L2sA0VNwR2fwaNxgP_bxQvzWFNWDUH0TvbAsmOFykmnvBlSnfoUMwjg8XboJdHSxLLAcnNhRw7G1ntxX6tLS-ND56Y2NVuUIN9o4g&sig=Cg0ArKJSzMiq-d3tG8ejEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=285&vt=11&dtpt=142&dett=3&cstd=141&cisv=r20231004.08394&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 55C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsucEfcHuseY7db28OXuUJb_wqqzNuDtRp7wI_aUsbR_-GufUPdR0nv49gnihftwpSkOhfgevmDxoK2MlpY0_sN4i_1Cqc_sCJJGIwShaF7EYnMRSv90VFyHlvCiPOtnj5QpwfXK68Cu945gjKVjq9Pcwlr6moSrNcAGlfEMu9H-lWdiw7dsH7bbw3nZ_-KYcEqyqqQtILMVk0RlIFmUxYvIbyeC5pS96XmO0jDCZARMbFcIfhFOiO6VuBDo8lvDLfSgAg0G7bODVN3PrHJxxzsyZr3AxPRxy5dtITWqYLB68p5ycT_b60qH80gz00aLZNLF6Hyh6WonABxieWtT64WSFU2KETMbUqWKnFHh7ZbA9NDxFL6NdS6CAWV1W307E2efi7C58Kv7Nsvzw3OjGlEctR61QRYMOsr9HPZEkvafdCgyLnxpq8EWfznEz5A3xjj3doNH3JMmIkHeTSkvdc2lGOH1pHtVLXW4H3_BqtOW6N1jESmRqPRsaRNg8p5BDgTa5-U_AUXDzjLSTYv9XUP7QBkEKQSeob_7Au4EiNhdTr5i2vXRBmrg2GCkqi_t5GJ2nyg8fhSBxFcd0j437Pu9QPwckQxoIz1D-UoYVhQhmN55AenbsH7P_G-RXTbPxe_lIw0zXyrI5JIL4ukJsXjO6LhI8NiugzwIxhyKzd1FbOtjePuQh_0Je8p1DllGinvouZZWHbnn8W1Zf_HGRH8zcixKSicwpAQTY5jI8yit3sKcjPeFVaD-O6TDuIqGkOg0wsL1xloN7ykz8yS9djxY4xoec0cMA7BvE5WJZntHHFdqPySVCiznNmY4wqyk_N-twVXR-_oeZKQ5iEwbrMKpDW4ciHIVXwoHjQi8MVTVLhKOjHzQLMgNTX-3s9nOERfyKQzRU9Au3mm5l8zSrHcaOMmLYBZbZfNQ-3b_hs8Rr7tmxR5PaWp4gYwQidEN-_IuPsSB47jyfN_kB07cVX98tkfW6t5v-oHLRxibrfXxX--OHL7Pcc8Atsu31fMYKST3rNwJa5tssHpRRLIE3llItLaX99gBgWeJoQkeWndH1zyy3uIXAVvMBdVHWGdeFtlRfpf_Tg2I3WMe-H7KfrAZxhrM3O7M52JFyPPYXdAgKB3lRBzT3UEhwt17YunitU_44dsdFsazdWJ3JioXr_K2-YpU0il3PZsig8zZ7NhO5uRmXm4tSVxy6FdQJCxLtDr2z3h2Jd2SWWKZpXU-OzpBtfcdsynflH5WuR3x1euti5ijThtNegLrGeeBO7BIvZSkIlQXW_Np77LEAiD7eTVfPRrbgrVIy0ACNE-o4jSBGit2SWFmoF4pqJ3YB4zHRbCxgVqnC4tyl1r_-uYOgg_Trlqa0dZv2N5vetlnPI6yzkXIdWSgrcklGnXv4ylPObxgwUvr&sai=AMfl-YSspiw52NsIvyu6R9m2YDwNjOnWOmajyrCM5MLIfSgzONLP-W_mHExvAZRAhDRsyhTXZh8BxOa2wQZXzG5ly1DuUnJubJqnj8W9pner5Yz29386oPqxPny4Hr20j7NB1BBoeGQoaTQjDrg7jHadeorys2LWI5fISjAL7hkfPpXHxN49Zj9sp4LyiGq6k9gVkIflnESGqIAJuWM1-GMePtmqzzxyqHtxf5dPeGFsnD5wh2LOfNQOz95yDC-nUIzeKDPZECtK8Np1NPwsz6EPTFq3s_o-SA&sig=Cg0ArKJSzKRylr6toXKEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=341&vt=11&dtpt=162&dett=3&cstd=176&cisv=r20231004.77206&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel.gif
px.moatads.com/ 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_HEADER1&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&t=1696630275828&de=325242733571&rx=870953204654&m=0&ar=0c7a73c5c3d-clean&iw=568cc09&q=1&cb=0&cu=1696630275828&ll=2&lm=0&ln=0&em=0&en=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=advanceddigitalheader640552616592&fd=1&it=500&ti=0&ih=2&pe=1%3A1469%3A1469%3A0%3A1447&fs=205668&na=261391145&cs=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-133.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Oct 2023 22:11:17 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310030101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71bda65dd208684995d965110a6f638aa1c3af19a70e6292dacfa78d812deb7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11935
x-xss-protection
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ud&error=uid%2Fmuid%2Fduid%20not%20found&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=f88c462d-2769-47ef-b239-e86a24d3db10&pid=10589f26-0906-4562-a5a7-cde16a23e047&dtm=1696630277959&qnm=_matherq&visible=1&tabid=88430363-3579-48d7-bc3a-3ed09683f0e5&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x13342&tofa=1696630276&vid=1&lvidt=1696630276&duid=d427a3e61b38adcc&fp=3108112066&cid=ma63527&mrk=484602605&cx=eyJ1c2VyREIiOnsic2VnbWVudHMiOltdLCJtZXRlckRhdGEiOnsibWV0ZXJUaHJlc2hvbGQiOiIwIiwicmVzZXRNZXRlciI6IjAifSwicGFnZVZpZXdzIjoiMiIsInVzZXJEQkZldGNoIjoiMSIsImVyciI6InVpZC9tdWlkL2R1aWQgbm90IGZvdW5kIiwibmV4dFVwZGF0ZSI6IjE4MDAwMDAiLCJuZXh0VXBkYXRlVFMiOiIxNjk2NjMyMDc3NzE5In19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.177.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-177-4.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 06 Oct 2023 22:11:18 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		588 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31871b52e6cf8ac1445d98d3289d2ad1d21e242a341772ba5ff0a0f802529a8e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Muao42satHu
pragma
no-cache
wn
prod-dash-10-0-121-52
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.004
cache-control
no-cache, no-store, must-revalidate
cf-ray
81213d45dc7a9972-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 40E0 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5cc8a7cc96d25d65f86e124be1402249c878071c9c07158588eca71752effad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
81213d45c83a368c-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Fri, 06 Oct 2023 22:11:18 GMT
expires
Fri, 06 Oct 2023 22:26:18 GMT
last-modified
Fri, 06 Oct 2023 22:11:18 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.001
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-86-162
x-forwarded-https
on
x-request-id
Muao42sbx5H
x-xss-protection
0
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-TLXFLCR&v=3&t=t&pid=1036974437&cv=416&rv=3a40&tc=93&es=1&e=gtm.load&eid=1095&u=AgAAAAAIAAAAAACI&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel.gif
px.moatads.com/ 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.mlive.com%2F-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BE%24%3D!!tZ.qm3MzI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-bmYFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Rw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1696630275828&de=325242733571&rx=870953204654&cu=1696630275828&m=2105&ar=0c7a73c5c3d-clean&iw=568cc09&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=13342&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1469%3A1469%3A0%3A1447&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205668&na=1026528530&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-133.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:18 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Oct 2023 22:11:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Oct 2023 22:11:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 095C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B71FkBYYgZeDJGr-WjuwPwOW-8AUAAAAAOAHgBAI&bg=!t7SltPvNAAYMG8UMLBs7ADQBe5WfOJQKuHMjV0pxAZ_o7GprMbeqClC5ei2EEiQdl3CJJ91Pb24ahRck8QtlVMfs5G9qAgAAAN5SAAAACGgBBwoAcaVafUxGsxqbAmj3LLbFl71adOy_Z7pt5Zk-7grSckI7DqkqDrqbDpbVjGuHhC_gpzMVTEJLx7Ie0k77TgNfni_dqzmIQRnf3Ia8l4LW7a5H3Yta3lgi84TkeUKph6d8pmoDDfE-JPWdx5m_j6j9iePjmQL-RcA2W97FMQhWkJLo2mYEpYmfSsXcwxbMFyH74WHMEdDmTW_opF-Z5NCxAGWoFYkYBkSLfHL2kTiarWycoLFPvz-xT1VB-KWOUuQxwpL9izdDNlsk_D7qrZj1tNOh_T3PvNkO1P16mhFX_jWI6KGhYkT32yPuV9I7qp1372mfyZf3cJ7znAzrcCobyxs9OUgQ931vFMRHw45vaIgXg7_hyGigjZpyHOJuljvev1A1kxEbJLXy0HtYGV0kYTOJAolT98lL-_IFEHtuZcwILZODm63_m1VPt7x-kW4C7plu2nYkyOwNP892ud6G15mO3gK9V5jnLvMWh1QhvlvMzJ2fWqg4Vj7Urfb2HhJfADzi06fA0GqpzGSAL0VwJ1EOIJAyGd7-W71ENCKSrpvD7V9zdTmn1Hw90FxHeunITlwRQbpwaI-raWmPXdLmSk6FvzQ-C7hmS0rGzROXxaMjPB7VdGyeBZ6ZQfSg08uTgmynpcolWaQ24dsCtv0suIki9Xd3erlL118tNXnFycd7Hvw0KdOQzjivL4chLPoKbha8ggYVdH9DgolgA-x3wZmUIxxV0ecipONJukUNZu8GYh7o9Ci6cSHvUzJ6OF0kbkrToJEXY67FHs6YAKF62ZC4EytgBVMOv69jbHRBfjYqDjMEqgfr5CapUvJGpbRQVGQnohFq6KlfgYOP8ujs4HjuTbb2K5Av7wP_DZDnoN48DVO-1OqmwIjPRDYQ7z53i52ahtFO3fimxjrSm6Q3-eZFSWQCRyJsDh00F43r3XIUoQfXS93o0aXtj0HtVW1k5ODnhh691FqkXlIICt_-8SI44ayPSYsaEtn43bxLpoiRIXZ89n6DTDsMk1FP343mxKi8AzvJM238QAW_kVjDhw3ZAWKbMdQP2i4WVTTkl9W-NJi34-_V_eGFQDcpTqnLzJQ4Wh4VV-jRFHVUBjBgopKiCkO-g_b4w9E3soFn4k1oxmezLx8T2mq3indkbE861H3qYO9EhU99FMUovoUOgGQLXw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metered=1%7C7&metername=Support%20Meter&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=cce2f17b-2260-415f-900f-08bf3f73f98f&pid=10589f26-0906-4562-a5a7-cde16a23e047&dtm=1696630278000&qnm=_matherq&visible=1&tabid=88430363-3579-48d7-bc3a-3ed09683f0e5&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x13342&tofa=1696630276&vid=1&lvidt=1696630276&duid=d427a3e61b38adcc&fp=3108112066&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoidGVtcGxhdGUiLCJkYXRhIjp7IjAiOnsidGVtcGxhdGVJZCI6Ik9UQzE3WDMyQkpDSSIsImRpc3BsYXlNb2RlIjoiaW5saW5lIiwiZXhwZXJpZW5jZUFjdGlvbklkIjoic2hvd1RlbXBsYXRlMU9EU0xBR1pYN1dYNzEiLCJleHBlcmllbmNlSWQiOiJFWEtFVTdZWDNaQUwiLCJvZmZlcklkIjoiZmFrZU9mZmVySWQiLCJzaG93Q2xvc2VCdXR0b24iOiIwIn19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMzYyOTg2Mzg0IiwicmVmVGltZSI6IjE2OTY2MzAyNzc5OTkifV19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.177.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-177-4.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 06 Oct 2023 22:11:18 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 02B5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BE6_OBYYgZaPeG-GTjuwP4eKjgAEAAAAAOAHgBAI&bg=!BQalBknNAAYMG8UMLBs7ADQBe5WfOIBZJedpXiDqL1jfn9Dkt5rbapb2zvlE2Y-dAr7JRv9FRxvegXB0CfXBvWhkS7vJAgAAAOZSAAAABmgBBwoAT67xEc0sEnaWCBR4Sg9-BeHT_bO27F3SvbR1cYn6OHBIrAX2XkjWLzrntD_WlKJRSM79jw0qIQSQlMj3VRBm4mNUQgAxWNOFIzhNHX873ymZAwIgDsBVI_7hUgmt1owFnDtdh2_4Xgj6yvxzeoDAP_2KceQLbqI43NrcTckksXwTWabUmGkA7g67HyztERY5R5E9ueneaO1q3i7NSahOu7cXpoefOjeas8FaSwFTOnTt8I9QhEalK276jHcPXgZvITrMx5VZLBF0RgEJX8Cb_APbBI_lbBlAdmpJ133odNK74aJayN2sbJcyY0l6SilTKwwOULvnrA6hBg-pHbiQh8rsuXdiytgGR4GL1nZC81hRrFDi3V6KrV8XZ6edJZBcPAulAfgMZX4puLv9JBYCMc6DNoKjgD_q4sSRfM7dbUi27fJ30YWL_3Ph9s8CflxReDmAh2WUYtJTe9DMY5VuedbomyZ6cgIbpnUICmvCMuX7XATvGhC2rZnXV_JNXfLAYORSfE6UEW_Kq2cSF6djbetDYvsDAVnAXBxgjxtyH-T8HpMvl-v9IV1vhBwTH_BPgXx1Xl-Z6lWWpHkfyPbv0NUHVoHvQ5HLlW7sTE4uDlOS2GoG_Nq8qSASYmTM3t3ABgi9qgL-Lkb8zpxh8kYoiWKYXTpL89zOJXuh8rimDMH5pNL1QbF0lvoaMP1kvxiq3s8xg4dSyIgpVx5FiYJ6JloLEdUHED-nrkCBPFzuNMoftiHpxPtJ5wbsw7Syvq2snTvLexa6Pj0a_v-bYauMykzX3F2MDgnNX7J3dS_4okWuCc0Q_MjelJJ11f_6j6o5mQ_W9RHytuXLAudsABe9d7Nkd4kQCcOBAIRzbhjlblOJejDPJ1RsbKOO7d77Z79eaVAYTR_UoSL0r9ikq0-TH8ff_hz-mH9yPuqh64QXub5RO7mB_aUE9AgSKIfnH6b-6EUScm_URIMeLN-Kiu2UiNoB4VqxR1VSipDdEYYmN6WLFXo1ebtxxxHROn9xPkC4gWgyZPXYgMmJ4TD78rt-gAcQGrSvYerjqh5HvSAChhlr-9-FsfjlnsqpLL6NfW9CfDxROP1P6ceNaILON4V8qwUk4lcTSAG31gxY8n6Sjjm30_4_oA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A161 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
20086
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 16:36:32 GMT
expires
Sat, 05 Oct 2024 16:36:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8593 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
71199b9ef842cbebbec277e39cd24727837d698b92f310c49083f12a19efaa27
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UCOImWAYhwFhU-nBL1MuXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-UCOImWAYhwFhU-nBL1MuXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 22:11:18 GMT
expires
Fri, 06 Oct 2023 22:11:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2831 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIZlABYYgZfTBG-KN9u8P542qgAsAAAAAOAHgBAI&bg=!dnWldTrNAAYMG8UMLBs7ADQBe5WfONzDDYM7kl_gy3faMb1mwYku_T_r6v1jfparFFfVcw9AE27gOgwg8rMYXrdmEqwwAgAAAPlSAAAABWgBB5kDC7S5Wd_bmwMLaiiGh2Rwxc2UYQwYe-Q4COEl4nhVVW-hOi1R97tTf3Uj_U01VYtxNptuea-PN5ev875wtizCwkJHwaxdVAegjIYR3KYFbK9Mz0uP0fJglb8U0eAdQ2m3gWzyk2HPa4yIhYqCCcknPSHMGQdpbImhflrVVIhd6_2TpM-MkdJ0GMFWWA97z5IG_N8dBD16SgGj7x31fxsWSYIatsIZtRNdKOsGGXF75mTI7VnBFT5oURAP1Wl1u3Kwhq1mqTeQiXxiQwtssr874SLgHDzdLdV8UxKIQkmYWrf93bggA7cqqMMoMkK_s0SAVGN1Xt3PTT8Q7Z-37SY437cbOGIkujL2XMVZczDPgjcpfGLZML063kmSllv0pWQOnD9W65Cht06cv690G2wAI2fBWbm2SIiGgUvRFTcClawKYRomuFZlUhns-mkaXqEjUofI1lyl2EoLlaJRjDWEiVSwIx3doAFNEsYiZZV1WT2CV-XXVKZCT2r8_icVBZpS6D2hiCOaJSeklsGWR53X2W2eKUUSPaHr6C6sMv_9Jjy2ounWSWFkkqmeQuACl191se_gFFgpHQb-ANAPvGDozJZ3ZIHkrYgtU7QTAa8n-9tU0vaDrOGI3rXiOukFn8asZNZh1mIvicUzLFZE56pVbnTs1PiQ8vEzT664yvkbywiX3FWAVTO9CEAfQC93PGV_n_V4U-7ViFbMihYX9xUHynh10E6CbjNUKt_ieOc0vRGHY3UY0w4CvhruJA_L63M31PaWmaEl_UothcdyCVfB-ahBtRC7jq63bm6OGFNpZdMWmGtTGDjM7Lhf_KPMXwy2M6_fVoPz0NcTp4_ISlbQQR2HeRt8Vz0mGgxpz0Q7ez2EfBP315Q1C6ZIx__ubRFvjH0LIwALoBJbpK9UGgk66FdGXCzD29I3oMpcOlg3KZ9xDOjjjNcZE2faehVnw-DIM6uMIz2-2hkwsVlHOSbVnjXPSKfgE6fIZFit7CEY7Wd9mFhNpZZ881kLR9bGrgjcteNc_vvaU5OQhRmH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame A161 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 13:29:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
31283
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 05 Oct 2024 13:29:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8593 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310030101&jk=1435955755824618&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 40E0 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
4552
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 02 Oct 2023 01:57:12 GMT
wn
prod-dash-10-0-84-158
server
cloudflare
etag
W/"26850-1696211832000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
81213d46a8c6368c-FRA
expires
Sat, 07 Oct 2023 00:11:18 GMT
piano-frame.css
static.advance.net/static/common/css/ Frame 40E0 		149 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.advance.net/static/common/css/piano-frame.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ea063cfc2b845816765a08e1fa3fcc4aa04e08bd8c065c4b3b2228313e4fb20c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 06 Oct 2023 22:11:18 GMT
x-shield-cache-expires
10
x-amz-request-id
6V6N1S1NKAS12TEM
age
283
x-cache
HIT, HIT
x-host
static.advance.net
content-length
23833
x-served-by
cache-iad-kcgs7200076-IAD, cache-fra-eddf8230059-FRA
last-modified
Mon, 18 Sep 2023 20:31:49 GMT
x-timer
S1696630278.247861,VS0,VE1
etag
"5a7756ec699d81cf984084bf1d743249"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 40E0 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
164987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m29bn71yR1QwJ2BRrIwH%2FI1h1UYCj33kQMrwlC%2FceeFoH0ujNAt2dJQcDMHncCvlvI51g6wJ%2FM4amHuT6Bm5UYvvGo%2B83rrV7NO8R187A58kzRrk9pNsrzGUy9mzokjOK0rnlvMkYzScUUd%2FYj5rj3Dv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81213d46ddb91e20-FRA
expires
Wed, 25 Sep 2024 22:11:18 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 40E0 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9135036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSp9Kbso2g3m9YeMH0p8TXpL3fia6JD%2BtL227GKSpclYSitcPzzDpr0ct5SlFi%2BPpDgtYBrXWb2xVMyUUQuv6iLBgc5YcXWb1XWWyeYWsvMQ9g2QrXxBdG79uzQk0FD3dZWl5qXNoOJ75Ln%2BhC0A1QuW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81213d46ddba1e20-FRA
expires
Wed, 25 Sep 2024 22:11:18 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 40E0 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6145476
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
34999
last-modified
Thu, 22 Jun 2023 10:45:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942631-88b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Hw%2B2FUJCl5ktgk3M7ouMNsIHetMQ%2Bdt6RX8Uy7ZYTG2Ud%2BMwk5P7TcBng%2FWVbs5Yl50qcq7Gf2%2FbCZFz9%2Fa%2BkxYKldsWfGoNCOEtx7SPav57D2t8nWFtA4bxt%2FHYsER6lW4fnuH0AvZML%2FxfO5DF94L"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81213d46ddbb1e20-FRA
expires
Wed, 25 Sep 2024 22:11:18 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 40E0 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
12853512
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OPJCEomGEr8vYw2H6jltmUpmOgJ19mj%2FX1Wd5TIAbF50GfiPF3hvYs9FMN9fZ5fR6S05q6%2FcpHI6gFPU0kB0Sr9deETMrgqPeSZu8bY1LAPSB68Ubeo0AOXIlXlI6w%2Bdx1JyXySFMX5qX6xpr8cJ%2BnuJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81213d46ddbc1e20-FRA
expires
Wed, 25 Sep 2024 22:11:18 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 40E0 		825 B
779 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1831094
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCoEUVFCWya%2FjkZ1MwMX4IHBWyMzyJMe1F42w3d1k%2BrRp5gxW8R8k9GEER3qPcsdkOpLNICXYSoMHGlWH%2F0YjhIhAGCTvsKA%2B%2FMi%2FSCcJ0LUhYHvEM5VRfZkGZic1XnUoa7iF6MXhG4srpaxuOT8JGDZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81213d46ddbd1e20-FRA
expires
Wed, 25 Sep 2024 22:11:18 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 40E0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
684749
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86CPWg6aiyRn0plYvVFHOrbL77xIdEce1z%2Fp0te2UPL9Q%2FGTDPI1Y4Jue9XQu8beh83NcL2RZdCdonwWT9NcBhWPOYPsdkZ8ambWTR6NXjRMTOj67Mx%2FkX%2F9DAZ51KC8FgONdDEID8%2F9qUxHXaHi%2Fhmv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81213d46ddbe1e20-FRA
expires
Wed, 25 Sep 2024 22:11:18 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 40E0 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
17621086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDCwnLd9egSsLY2Y3lD5UPR%2BZWzs6yhiOF3P%2BVTtiRx5r4I3cPYl2koi2oVzxB8%2F8ZJf4mJ5sIcRHWazre27gRXuQDxmYoNCH3iffHwtV3JJYb7UyDtJnnzW7OoQ8TwrMmor%2ByL%2FzBlhX9%2FVeHZu17y2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81213d46ddbf1e20-FRA
expires
Wed, 25 Sep 2024 22:11:18 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 40E0 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
13657977
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBnyWoCBmjwOJ8CanqM%2BAHU3o3nsakgxxUy5SQZbEln%2F5x7Epq30CJXulD19EGOhAoDVbmecK4u%2FeTIXmqBhNpmrZBlg7hVheC8jI3y7QOjjTHK6KnfIHH4WcJdrcBt9y%2BSmENNESP9vzStrladaGsZ6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81213d46edc41e20-FRA
expires
Wed, 25 Sep 2024 22:11:18 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 40E0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2665653
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
911
last-modified
Thu, 22 Jun 2023 10:45:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942630-38f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXQQaN53GebfK8TNhaxoEwWjfK7LmCm%2BtyA36N%2B4zRDa8qNYg3ClE8%2FTHRbj0dZBN4b02lpgCEGhVOJpVkBJ%2FO5IDVYN7zgzj3qU9ndFEBBKvs7ZGhDELEucTdlld2329b3bK6QmDewhqv5V4CTuwOFQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81213d46edc31e20-FRA
expires
Wed, 25 Sep 2024 22:11:18 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 40E0 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2600272
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6935
last-modified
Thu, 22 Jun 2023 10:45:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"6494262f-1b17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyqrvePe3q2gvA0A5cpHdkcH%2FttuLStBUtPsPPiNSNYD5bC5sS2lsLRAuoMkz9kROfNK2XM4CuTNZ6vuGFhWDDGJnEwJ9pBJz5JhRWhFKth1qfo846PhR%2Fbm0f0CidvKlb%2BklVSmoq3NWt%2BgiCXAwbVN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81213d46ddc01e20-FRA
expires
Wed, 25 Sep 2024 22:11:18 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame 40E0 		62 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=8Gu2Z8RCvZ&version=1691000262000&language=en_US
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b78bc5c07f038b149515d8a5cadf1533dd1cc438ee4a587fd2770c526304279a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Muao42s9AbG
pragma
wn
prod-dash-10-0-119-172
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
server-time
0.002
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
81213d46a8ca368c-FRA
expires
Sat, 7 Oct 2023 18:11:18 EDT
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame 40E0 		66 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=16.14.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bf3ec6451a3608f81a88558bccdcaaabf147ceea632f00d3943f1964e1e551d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
54971
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 02 Oct 2023 01:57:12 GMT
wn
prod-dash-10-0-121-52
server
cloudflare
etag
W/"67876-1696211832000"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
server-time
0.000
cache-control
public, max-age=86400
cf-ray
81213d46a8cc368c-FRA
expires
Sat, 07 Oct 2023 22:11:18 GMT
H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 40E0 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=16.14.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71c7aedae49a6990da4065e8f7aad98717a59fc6f80f436b8befb1cb70bc68db
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
924
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Oct 2023 13:32:00 GMT
wn
prod-dash-10-0-94-243
server
cloudflare
optimized-by
_sam
vary
Accept-Encoding
content-type
text/javascript
server-time
0.000
cache-control
public, max-age=603876
cf-ray
81213d46a8cd368c-FRA
expires
Fri, 13 Oct 2023 21:55:54 GMT
close-icon-white.svg
static.advance.net/static/common/img/piano/ Frame 40E0 		1 KB
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/close-icon-white.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6ff6cf159d19b9bbe64d44941f6f49ef7fa23656d723acac0eb88070e810d5e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 06 Oct 2023 22:11:18 GMT
x-shield-cache-expires
10
x-amz-request-id
R9MTJJWAH7YV1HW6
age
3673
x-cache
HIT, HIT
x-host
static.advance.net
content-length
610
x-served-by
cache-iad-kjyo7100175-IAD, cache-fra-eddf8230059-FRA
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1696630278.260190,VS0,VE1
etag
"404b790d9175ce8af75799ca9572d3cd"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
logo-mlive-inverse.svg
static.advance.net/static/common/img/paywall/lmg/ Frame 40E0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/paywall/lmg/logo-mlive-inverse.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 06 Oct 2023 22:11:18 GMT
x-shield-cache-expires
10
x-amz-request-id
SAT9MW7F515B3Z0N
age
4768
x-cache
HIT, HIT
x-host
static.advance.net
content-length
879
x-served-by
cache-iad-kcgs7200032-IAD, cache-fra-eddf8230059-FRA
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1696630278.281802,VS0,VE1
etag
"eddae84ef46240dace31d24e6e3f4dae"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
logo-mlive.svg
static.advance.net/static/common/img/paywall/lmg/ Frame 40E0 		2 KB
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/paywall/lmg/logo-mlive.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 06 Oct 2023 22:11:18 GMT
x-shield-cache-expires
10
x-amz-request-id
674H5GK1WJRBAW70
age
4768
x-cache
HIT, HIT
x-host
static.advance.net
content-length
879
x-served-by
cache-iad-kcgs7200092-IAD, cache-fra-eddf8230059-FRA
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1696630278.292975,VS0,VE1
etag
"eddae84ef46240dace31d24e6e3f4dae"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cannabisinsider-nj.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 40E0 		19 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/cannabisinsider-nj.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6066054d8669e8ca3c9a1ca53af6b3e80dba9361b59f023c82d7b55542b36fb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 06 Oct 2023 22:11:18 GMT
x-shield-cache-expires
10
x-amz-request-id
07F8MBZPAP9X8MA2
age
17823
x-cache
HIT, HIT
x-host
static.advance.net
content-length
14248
x-served-by
cache-iad-kiad7000030-IAD, cache-fra-eddf8230059-FRA
last-modified
Thu, 03 Mar 2022 17:31:43 GMT
x-timer
S1696630278.301710,VS0,VE3
etag
"aefa848511ed2323f5f7292cad413d91"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cannabisinsider-newyorkupstate.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 40E0 		16 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/cannabisinsider-newyorkupstate.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3b2ce9e63a7f14001e6af32ad0d3b19b045b916cf8073180d25688e4b3f49e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 06 Oct 2023 22:11:18 GMT
x-shield-cache-expires
10
x-amz-request-id
1NENCMNQX88K0QDF
age
10784
x-cache
HIT, HIT
x-host
static.advance.net
content-length
3492
x-served-by
cache-iad-kcgs7200121-IAD, cache-fra-eddf8230059-FRA
last-modified
Mon, 07 Mar 2022 18:18:54 GMT
x-timer
S1696630278.312496,VS0,VE1
etag
"67c5456929bc3d85c2333fc91a450c71"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
syracuse-cny.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 40E0 		64 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/syracuse-cny.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
924e4b297681729162fa238a756db89acf5a1dc0cd23c1204c9a4e4407493822

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 06 Oct 2023 22:11:18 GMT
x-shield-cache-expires
10
x-amz-request-id
31PWPYM55156SK9G
age
26786
x-cache
HIT, HIT
x-host
static.advance.net
content-length
48413
x-served-by
cache-iad-kiad7000094-IAD, cache-fra-eddf8230059-FRA
last-modified
Tue, 04 Jan 2022 20:10:53 GMT
x-timer
S1696630278.321297,VS0,VE1
etag
"30947d9aefcf59c3095181bf0123a29f"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
al-thelede.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 40E0 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/al-thelede.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
30e382a9546c4b436b0568f463e7c3274696c3c59f7aa871af91a33a967f05c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 06 Oct 2023 22:11:18 GMT
x-shield-cache-expires
10
x-amz-request-id
EBAHXZWEXVBJW871
age
36025
x-cache
HIT, HIT
x-host
static.advance.net
content-length
2079
x-served-by
cache-iad-kjyo7100029-IAD, cache-fra-eddf8230059-FRA
last-modified
Tue, 24 May 2022 18:14:31 GMT
x-timer
S1696630278.333708,VS0,VE1
etag
"1527b5427a70175541ef142224302fa8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
logo-lede_bhm-al.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 40E0 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/logo-lede_bhm-al.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70c0b487552a9a2ea102ed22ae505177c567320390f5136bcef5dd56d48d4f02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 06 Oct 2023 22:11:18 GMT
x-shield-cache-expires
10
x-amz-request-id
VF94TGH4G1TK91QJ
age
26013
x-cache
HIT, HIT
x-host
static.advance.net
content-length
44631
x-served-by
cache-iad-kiad7000053-IAD, cache-fra-eddf8230059-FRA
last-modified
Fri, 20 May 2022 13:44:08 GMT
x-timer
S1696630278.345628,VS0,VE1
etag
"a683a2407cd20aa2076aed1087f11b61"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
logo-lede_hsv-al.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 40E0 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/logo-lede_hsv-al.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c1a3cf6c5fae33a0a2b627a9785b585148970346adbbcc204a4519d05f9a089

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 06 Oct 2023 22:11:18 GMT
x-shield-cache-expires
10
x-amz-request-id
SQK75DV94MSEYV3K
age
7106
x-cache
HIT, HIT
x-host
static.advance.net
content-length
42755
x-served-by
cache-iad-kjyo7100080-IAD, cache-fra-eddf8230059-FRA
last-modified
Fri, 20 May 2022 13:44:08 GMT
x-timer
S1696630278.355724,VS0,VE2
etag
"1dc34579a74c449327a76697d00bb180"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
logo-lede_mob-al.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 40E0 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/logo-lede_mob-al.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d2b28582d25b3aa38daf12c501c7abc9297ae74d035ee343941f0938adec0524

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 06 Oct 2023 22:11:18 GMT
x-shield-cache-expires
10
x-amz-request-id
THSS8Z1X4TWHJWFB
age
16321
x-cache
HIT, HIT
x-host
static.advance.net
content-length
42953
x-served-by
cache-iad-kiad7000082-IAD, cache-fra-eddf8230059-FRA
last-modified
Fri, 20 May 2022 13:44:08 GMT
x-timer
S1696630278.367202,VS0,VE4
etag
"563af4d5a587fe270e3c6e43be6f32ec"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
penn-truecrime.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame 40E0 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/penn-truecrime.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d86ce55edee7f570d7fc315f84814e3b1171edef20e3778e10066727092638b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 06 Oct 2023 22:11:18 GMT
x-shield-cache-expires
10
x-amz-request-id
RB061CWQ0N9YD376
age
7521
x-cache
HIT, HIT
x-host
static.advance.net
content-length
7289
x-served-by
cache-iad-kcgs7200048-IAD, cache-fra-eddf8230059-FRA
last-modified
Tue, 05 Jul 2022 18:14:11 GMT
x-timer
S1696630278.380757,VS0,VE10
etag
"b3623ac64851022e99375a518b7bb87c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
close-icon-black.svg
static.advance.net/static/common/img/piano/ Frame 40E0 		1 KB
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/close-icon-black.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eef57151e6646e4f59ca6a1d749631ee2f89bf4d1b736fb4620b784cedbe0de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 06 Oct 2023 22:11:18 GMT
x-shield-cache-expires
10
x-amz-request-id
KPF0FT0HVBJE018C
age
1567
x-cache
HIT, HIT
x-host
static.advance.net
content-length
610
x-served-by
cache-iad-kjyo7100168-IAD, cache-fra-eddf8230059-FRA
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1696630278.399390,VS0,VE1
etag
"35ec888ec074218ee36fea53d51653a8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metered=1%7C7&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=aa85e823-9311-47dc-aa77-cea3140ea6e8&pid=10589f26-0906-4562-a5a7-cde16a23e047&dtm=1696630278002&qnm=_matherq&visible=1&tabid=88430363-3579-48d7-bc3a-3ed09683f0e5&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x13342&tofa=1696630276&vid=1&lvidt=1696630276&duid=d427a3e61b38adcc&fp=3108112066&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoidGVtcGxhdGUiLCJkYXRhIjp7IjAiOnsidGVtcGxhdGVJZCI6Ik9UQzE3WDMyQkpDSSIsImRpc3BsYXlNb2RlIjoiaW5saW5lIiwiZXhwZXJpZW5jZUFjdGlvbklkIjoic2hvd1RlbXBsYXRlMU9EU0xBR1pYN1dYNzEiLCJleHBlcmllbmNlSWQiOiJFWEtFVTdZWDNaQUwiLCJvZmZlcklkIjoiZmFrZU9mZmVySWQiLCJzaG93Q2xvc2VCdXR0b24iOiIwIn19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMzYyOTg2Mzg0IiwicmVmVGltZSI6IjE2OTY2MzAyNzgwMDIifV19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.177.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-177-4.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 06 Oct 2023 22:11:18 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
generate_204
tpc.googlesyndication.com/ Frame A161 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4Ggzww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-TLXFLCR&v=3&t=t&pid=1036974437&cv=416&rv=3a40&tc=93&es=1&e=*&eid=1108&u=AgAAAAAIAAAAAACI&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame 55C1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFjIs2wiBMRrzjQ21I534lXFn61uIU3jHMnQMptyJLXdBZepsV4K53mtZtfDbDOMucEfSJuyRzMNntF7Xfh70MhsWxXQT1YodN9SpSZIlL4FdPRTvUUCvPnq5OncMYdp4Gg74KQSNoI2zd&sai=AMfl-YTdAOIfD6ZCyrTS2V6lcUpqyPWtZqvhi9a9L-s8Z847VzYZ6No4hZLy_1ww895vf4gTOquYg1_RtP2MUpPwZHcarQoo3cgPpy-9f1JpiLXUV1d6KBwIObyNHfw&sig=Cg0ArKJSzN1c0-o7RZPMEAE&cid=CAQSOwDICaaNYnt0tPYY_xVOGJao4yWBNQOmBWizMN64jYxCkeHIyw0d0goXFIVvbtT0DWRbvEw5SlyjRdVEGAE&id=lidar2&mcvt=1000&p=165,1135,415,1435&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1117919376&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696630277123&rpt=401&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
piano-frame.js
static.advance.net/static/common/js/ Frame 40E0 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.advance.net/static/common/js/piano-frame.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
66fd57ba72d90085943ad028bb0a99da56ab6daba1a9030929e9504dc8ec12b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 06 Oct 2023 22:11:18 GMT
x-shield-cache-expires
10
x-amz-request-id
90D1S54BPTSR1B5E
age
507
x-cache
HIT, HIT
x-host
static.advance.net
content-length
3628
x-served-by
cache-iad-kcgs7200148-IAD, cache-fra-eddf8230059-FRA
last-modified
Tue, 18 Apr 2023 13:28:23 GMT
x-timer
S1696630279.616276,VS0,VE1
etag
"491a0b3bf098d18871981579ae670ba7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 01CB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0pgmJv2OstlZjslt9ma6tgiI4VwixtNsJstzZR8l6sci-SNntG4I80KXmhIvorth0FZCJNw_-elniWr1SB81yhXDB6bM-U2FcY6ADLAH0VjQzWlpSMzPv7b8LWSU7gkxlTqpYKSA5cMqc&sai=AMfl-YSYJXzJEq0Uo2Oa-yThXPoRLiqaLCb0T18XvbRMXDJC4zH0VZD0GSs7YljBbSWwbim1YlXbB1nwownPr1TD3fXeiNeszufCoeJcc7AUQM4gghRAZii1dbiyIzc&sig=Cg0ArKJSzC9OFf2EBpGzEAE&cid=CAQSOwDICaaNYnt0tPYY_xVOGJao4yWBNQOmBWizMN64jYxCkeHIyw0d0goXFIVvbtT0DWRbvEw5SlyjRdVEGAE&id=lidar2&mcvt=1001&p=857,165,1107,465&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1117919391&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696630277136&rpt=436&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B224 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdIyZWVhTb1OG3DeGW-jbSBfdYKKoBUONb8-nwTZH3vrfS1xMLj12u53xAcro25KeKHivm8NilMioSb2pAdG8cLdL7qGjKgoo0f0Il7ExPDSIbsmp78Ie-QvpwLE5ikIzj_F_cyOaLVEbi&sai=AMfl-YQ5RfXVj4ZEYveqwWaaVPLo7WMCmA8MlPWGOmUIhaVJEXG1yJPiQGbOcMWJhlrluejeE7xy21I9AQ26G5lAQ0sXxDMURa3W1eUDghPixm792kUF97iICVYHUX0&sig=Cg0ArKJSzDfw9-4foe6lEAE&cid=CAQSOwDICaaNYnt0tPYY_xVOGJao4yWBNQOmBWizMN64jYxCkeHIyw0d0goXFIVvbtT0DWRbvEw5SlyjRdVEGAE&id=lidar2&mcvt=1003&p=869,1135,1119,1435&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3501067380&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696630277145&rpt=456&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logAutoMicroConversion
api-v3.tinypass.com/api/v3/conversion/ 		49 B
257 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-v3.tinypass.com/api/v3/conversion/logAutoMicroConversion?page_title=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&url=https%3A%2F%2Fwww.mlive.com%2F&page_view_id=lnf5uzhn2bxay7q1&referrer=&content_author=&tags=null&content_type=website&tracking_id=%7Bkpdx%7DAAABA0iFKYjw9AoKOEd1Mlo4UkN2WhIQbG5mNXV6aG4yYnhheTdxMRoMRVhLRVU3WVgzWkFMIiUxODA4aDAwMDhvLTAwMDAzMm83MWUzaDdwbGlrdXBqNmxjcWRnKhpzaG93VGVtcGxhdGUxT0RTTEFHWlg3V1g3MTABOgxPVEMxN1gzMkJKQ0lCDU9UVllRRUxKTExWUU9SS3YtMjAyMy0xMC0wNy0wMC0xMS0xNi0xNTAtTHM5WWFhQzVsWVA3TXlxWS0wMGFkNjk3M2QxYTEyOGJkMjFhZTE1ZDNmMTA3NGJmM1oXMmEwMDpjOTg6MjA1MDphMDA3OjI6OjNiA2R3Y2iFr4epBnAQeAQ&browser_id=lnf5uzhnfg5dxgjr&event_type=EXTERNAL_EVENT&event_group_id=config&custom_params=%7B%22config%22%3A%22%7B%5C%22type%5C%22%3A%5C%22bottomfixed%5C%22%2C%5C%22version%5C%22%3A%5C%22cta%5C%22%2C%5C%22placement%5C%22%3A%5C%22bottom-fixed%5C%22%2C%5C%22newsletterId%5C%22%3A%5C%22%5C%22%2C%5C%22closable%5C%22%3A%5C%22true%5C%22%2C%5C%22scrollLock%5C%22%3A%5C%22true%5C%22%7D%22%7D&cookie_consents=null&previous_user_segments=null&callback=jsonp8761
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
229cfbc64a6ef1bef39ba3dd2b16750f834341d499f3fc79b497d7064c4a8dfa
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:18 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
81213d49ab31368c-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
64513e5c6a1f18baff4bbccb7fc25828
expires
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=966697132&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=nonblocking&ea=bottomfixed_shown&el=var%3A%22OTVYQELJLLVQO%22%7Cexp%3A%22EXKEU7YX3ZAL%22%7Cver%3A%22cta%22%7Cmet%3A%22Support%20Meter%22%7Ctot%3A%221%22%7Cmax%3A%227%22%7Cterm%3A%22%22&ev=0&_u=aDDAAEABAAQCACgFKAC~&jid=&gjid=&cid=362986384.1696630276&tid=UA-16643585-16&_gid=984519348.1696630276&gtm=45He3a40n81TLXFLCR&cd1=undefined&cd2=1---&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=GA%20-%20event%20call&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd64=undefined&cd65=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-b&cd99=undefined&cd102=undefined&cd103=undefined&cd61=362986384.1696630276&cd98=meterName%3A%20%22Support%20Meter%22%7C%7CtotalViews%3A%201%7C%7CmaxViews%3A%207&z=1822529866
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 15:45:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23131
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-TLXFLCR&v=3&t=t&pid=1036974437&cv=416&rv=3a40&tc=93&es=1&e=*&eid=1121&u=AgAAAAAIAAAAAACI&h=Ag&tr=1ua&ti=1ua&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metered=1%7C7&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=fa4095d5-7eee-4afe-b47c-f84aff36d8ef&pid=10589f26-0906-4562-a5a7-cde16a23e047&dtm=1696630278682&qnm=_matherq&visible=1&tabid=88430363-3579-48d7-bc3a-3ed09683f0e5&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x1200&tofa=1696630276&vid=1&lvidt=1696630276&duid=d427a3e61b38adcc&fp=3108112066&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJjdXN0b21fZXZlbnQiLCJhY3Rpb24iOiJjb25maWciLCJkYXRhIjp7ImV2ZW50TmFtZSI6ImNvbmZpZyIsInBhcmFtcyI6eyJjb25maWciOiJ7XCJ0eXBlXCI6XCJib3R0b21maXhlZFwiLFwidmVyc2lvblwiOlwiY3RhXCIsXCJwbGFjZW1lbnRcIjpcImJvdHRvbS1maXhlZFwiLFwibmV3c2xldHRlcklkXCI6XCJcIixcImNsb3NhYmxlXCI6XCJ0cnVlXCIsXCJzY3JvbGxMb2NrXCI6XCJ0cnVlXCJ9In19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMzYyOTg2Mzg0IiwicmVmVGltZSI6IjE2OTY2MzAyNzg2ODEifV19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.177.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-177-4.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 06 Oct 2023 22:11:18 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
farnhamheadline-semi-bold.woff
fonts.advance.net/fonts/v1/farnham-headline-semi-bold/ Frame 40E0 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/v1/farnham-headline-semi-bold/farnhamheadline-semi-bold.woff
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 06 Oct 2023 22:11:18 GMT
x-shield-cache-expires
10
x-amz-request-id
6RJM7ZGC70MCBMAP
age
52711
x-cache
HIT, HIT
x-host
fonts.advance.net
content-length
37160
x-served-by
cache-iad-kiad7000038-IAD, cache-fra-eddf8230102-FRA
last-modified
Wed, 19 Sep 2018 19:27:30 GMT
x-timer
S1696630279.721252,VS0,VE1
etag
"c9a8222fbabe6b700baacd21dd7a1f61"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
s-maxage-ignore=86400, no-store
166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
fonts.advance.net/fonts/v1/benton-sans-regular/ Frame 40E0 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/v1/benton-sans-regular/166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 06 Oct 2023 22:11:18 GMT
x-shield-cache-expires
10
x-amz-request-id
D5KM3ZME90N522WB
age
0
x-cache
HIT, HIT
x-host
fonts.advance.net
content-length
55125
x-served-by
cache-iad-kjyo7100118-IAD, cache-fra-eddf8230102-FRA
last-modified
Tue, 16 Jul 2019 16:35:54 GMT
x-timer
S1696630279.721198,VS0,VE102
etag
"63c3700153fd19bac6ac63c816251c03"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
maxage=600
448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
fonts.advance.net/fonts/v1/benton-sans-medium/ Frame 40E0 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/v1/benton-sans-medium/448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 06 Oct 2023 22:11:18 GMT
x-shield-cache-expires
10
x-amz-request-id
H0PKHTB6YFSTYXE1
age
285108
x-cache
HIT, HIT
x-host
fonts.advance.net
content-length
54040
x-served-by
cache-iad-kcgs7200033-IAD, cache-fra-eddf8230102-FRA
last-modified
Mon, 10 Jun 2019 14:09:26 GMT
x-timer
S1696630279.721262,VS0,VE2
etag
"00b8650c0e6992c5c9ced8f621e43ffd"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
s-maxage-ignore=2629800, no-store
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-TLXFLCR&v=3&t=t&pid=1036974437&cv=416&rv=3a40&tc=93&es=1&e=*&eid=1318&u=AgAAAAAIAAAAAACI&h=Ag&tr=1googtag.5googtag.1gaawe.5gaawe&ti=2googtag.2googtag.1gaawe.1gaawe&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310030101&jk=1435955755824618&bg=!h4SlhMvNAAbjlzx0w5c7ADQBe5WfOOxHUIc_ajkTjnAMxGE9h9o0slpv6pKU13v5qxfqvSFYLl6-N09v7NGklblw6MNBAgAAAExSAAAABmgBBwoASSomhZpFQ2qVdNye9-WpDYGwp6FXpqJz0VKDTb-OlVaMbFN64-PoAH1ZJb9z1dYgoBbssLPbwy7qHwLXyBjP1oHHfHpKHzO2fCuZAsQjbbjrYlPS6ojqy0TQ_lHhJ75ys8RJDDe8sAjG4CZ5LyU5LooiRugXR_n5fABlcU9J5hHSwUjJlzVg-Y5AlxNLuPXDPPp6DjymsdtH4mv1X0HoQrZKJfHTqbFy1JMApZS6_YLskctyGyDlgcSlat--FMNFM-sQEj9nSHEZOjvD6s5rujUiOBnptnzEQW11-dWIDk7Z_MYuGZw-DgVddD3gBp3D3uhWTjf7pXRvX6ct5OSY28UZ2b3nf2gy8hlhiBfXSFF2SsZQRZfApVgW8UD0l8DVeBazY2xyB-j3JLepaF578EihmOKuIAvwxyoG_PnoUr5bHHaGTT4yrGg00An141l99eaD7zlb4y5Fi3H45r_TnrvEoPi5zjAbEl60VuFzYB9P_w6qB1jFgFx4see6hLdsYoqryJ1LBtFjuC9ZXDhmRcisaZ4pUX-ZWytJQ1cnt-9-oYHSuLGPnVC8h73SSkVc2-EKsi_CpO9Wu0ZD9ycEV6T-3uSaA2r1tliTJru0A2qN_c-ZUx0Xi1eo99z9CTYEkOx-J1K1ch1eYpyZMdE7Fjjf8Gn6tZJIrxM582FbWE9IkZreqV0OziZ6ZXH4x1ZHoD0ylVWUiH8UA3V6MYb4c-AMjsXsf1jz55RCIFYaCy_nkdAweymIWDFCjmgKHOFi-_LW5rd2bppedieoD-LdPP0p0rzZ1gOAXoQ-qffAKSIPHVHstLMSmbZtw-MkVwRx29ZCPXDgDwSxad4qmwXwQYlwXC5AhM9qJPZEd-1sF_2HJT7-RddOWUf55BoGJGNwxhxQ-kOZknZ9j384m7L4MPIszoL7ErSK0tMpq47JXMkGlpPHVkA5EUgG2A3T_tAFqspEqGlvA9lHBCRClCVXv5MvLhYGxFMVIzY2KSuD9iSYmpTTZLFarOpPH4xmHweV_fqoM63s_yw7Y3gHoG0OkrA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
115
check.analytics.rlcdn.com/check/ 		25 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-61.mxp63.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 22:11:18 GMT
via
1.1 4e78864de8e88865aeedd2f9849556b6.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P3
x-amzn-trace-id
Root=1-65208606-1c73fc680ec183ee78f02d47
x-amzn-requestid
ae629ba5-e4d1-4804-9f13-7d9b775dc664
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
MZnhHHfqDoEEV3w=
content-length
25
x-amz-cf-id
2k2LRgdPgYC1_-WOiOwg6hXRBthbeQvfbquRg0mwR6cVX5YjpO97Mg==
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metered=1%7C7&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=4868987b-337a-4740-a3c6-4b1abd4c9b68&pid=10589f26-0906-4562-a5a7-cde16a23e047&dtm=1696630278684&qnm=_matherq&visible=1&tabid=88430363-3579-48d7-bc3a-3ed09683f0e5&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x1200&tofa=1696630276&vid=1&lvidt=1696630276&duid=d427a3e61b38adcc&fp=3108112066&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJjdXN0b21fZXZlbnQiLCJhY3Rpb24iOiJjb25maWciLCJkYXRhIjp7ImV2ZW50TmFtZSI6ImNvbmZpZyIsInBhcmFtcyI6eyJjb25maWciOiJ7XCJ0eXBlXCI6XCJib3R0b21maXhlZFwiLFwidmVyc2lvblwiOlwiY3RhXCIsXCJwbGFjZW1lbnRcIjpcImJvdHRvbS1maXhlZFwiLFwibmV3c2xldHRlcklkXCI6XCJcIixcImNsb3NhYmxlXCI6XCJ0cnVlXCIsXCJzY3JvbGxMb2NrXCI6XCJ0cnVlXCJ9In19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMzYyOTg2Mzg0IiwicmVmVGltZSI6IjE2OTY2MzAyNzg2ODQifV19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.177.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-177-4.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 06 Oct 2023 22:11:18 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 55C1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7869834887514&version=m202309260101&ct=76&x=1&cor=6547587251476681000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B224 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1173028801766&version=m202309260101&ct=76&x=1&cor=9376248408820097000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 01CB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8000675312493&version=m202309260101&ct=76&x=1&cor=5182452158133475000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-TLXFLCR&v=3&t=t&pid=1036974437&cv=416&rv=3a40&tc=93&e=*&eid=1121&u=AgAAAAAIAAAAAACI&h=Ag&tr=5ua&ti=1ua&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:19 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gaAccount
buy.tinypass.com/api/v3/anon/assets/ 		52 B
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca01f77fc2af3237d57461b0efbb4b1cb453868261fddbc210b64477fdb2a7c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 06 Oct 2023 22:11:21 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-dash-10-0-130-102
server
cloudflare
p3p
CP="NON DSP COR OUR IND"
access-control-allow-origin
*
server-time
0.001
content-type
application/json
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
cf-ray
81213d583a119972-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
Mxao42syX0H
envelope
lexicon.33across.com/v1/ 		49 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000001PAW0LAAX&gdpr=0&src=pbjs&ver=7.54.4
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 22:11:21 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
prebid
id5-sync.com/api/config/ 		135 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 06 Oct 2023 22:11:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
3723
idx.liadm.com/idex/prebid/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/3723?duid=94c49eadf2ac--01hc3gpzy90m3zhvqm9dt8fedm&resolve=nonId&resolve=uid2&resolve=index&resolve=magnite&resolve=medianet&resolve=bidswitch
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.246.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-246-137.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 06 Oct 2023 22:11:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
trace-id
dc8a272e6ad722ab
vary
Origin
request-time
1
id
id.crwdcntrl.net/ 		43 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.65.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-65-49.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:21 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.30.179
access-control-allow-credentials
true
content-length
43
expires
0
envelope
api.rlcdn.com/api/identity/ 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Oct 2023 22:11:21 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
checksync.php
contextual.media.net/ Frame 7330 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
68cfce12ea1f94852224851aac036f21d3b0306312e5245b35cc194f0bfa1708
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8023
content-type
text/html; charset=UTF-8
date
Fri, 06 Oct 2023 22:11:21 GMT
expires
Sun, 08 Oct 2023 22:11:21 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 7641 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
171
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81213d5c7c1e2c32-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 06 Oct 2023 22:11:21 GMT
expires
Sat, 07 Oct 2023 02:11:21 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6347 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 06 Oct 2023 22:11:21 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C83E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=163065
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 06 Oct 2023 22:11:21 GMT
expires
Sun, 08 Oct 2023 19:29:06 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
match.adsrvr.org/track/ 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:21 GMT
server
Kestrel
content-length
70
content-type
image/gif
cm
trc.taboola.com/sg/prebidJS/1/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/prebidJS/1/cm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Fri, 06 Oct 2023 22:11:21 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7945
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230132-FRA
pragma
no-cache
server
nginx
x-timer
S1696630282.677262,VS0,VE9
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
c83b2b22008593dcf7dfb48d3b88d909d931caf4089210c8e6fa300d02335d84
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 06 Oct 2023 22:11:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 6347 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d549edaec6c891a028d9a89a9dd9a6195088e3738ec82cf878fb2abee39c2725

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 22:11:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Oct 2023 19:36:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77183
Connection
keep-alive
Content-Length
10540
Expires
Sat, 07 Oct 2023 19:37:44 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 1D20 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f8245f260d5044329a08fbbc526832dce0a063ce8775f6caebd4813167cb9bb

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81213d5cae5e03ec-FRA
content-encoding
br
content-type
text/html
date
Fri, 06 Oct 2023 22:11:21 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fstoNQsgKKf91xiGoAK9IHlPB%2BJsp%2Be8UwouAj2CnBiW%2FiLnEPcdzov%2FOYIWXtKsjKpNKGJwCzsrQZk2q1tGcJDRwp%2Flvwf9DOR%2BlmKJuITp%2FNmmSOXVm5zY8vAcHFa4NrhtvBy0tffo%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
392.json
id5-sync.com/g/v2/ 		276 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/392.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
9929755473cce0aed31651ed3076fa5326987e87080f21a959154dd3a775f88a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 06 Oct 2023 22:11:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame C83E 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70537964&p=159879&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1eaa4bc3cca6537ba0fe1aa33f4e12429ec0beb9c1ec5c4fdc7f41834af1cb35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 06 Oct 2023 22:11:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
khaos.json
token.rubiconproject.com/ Frame 6347 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 1D20
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSCGBUp514elSDxBXhFiZAAACJQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHTlytaJpTnntfnqdhCRdVg&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHTlytaJpTnntfnqdhCRdVg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnmI4B%2F7tbVTJ749LMf7xrPpW%2FymavkDHe75E3511wg9DAh1SFt5%2BePZOB8JoGAUwJqma2RGmLVzmlpyEIhykxNXEB2sL8jYIv6aDQ8Zun0ZPOF4NMtmQnPlo88zg8yM0%2FKabio2tDh%2Fbw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81213d5d1ec503ec-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHTlytaJpTnntfnqdhCRdVg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 1D20 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:21 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 1D20
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSCGBUp514elSDxBXhFiZAAACJQAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSCGBUp514elSDxBXhFiZAAACJQAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSCGBUp514elSDxBXhFiZAAACJQAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 22:11:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WM4P4F60Z37KKTK51CMY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 22:11:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S2TMCX39EBPPQXB4NECG
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSCGBUp514elSDxBXhFiZAAACJQAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZSCGBUp514elSDxBXhFiZAAACJQAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1D20 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZSCGBUp514elSDxBXhFiZAAACJQAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:5aec:1139:b771:4a28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 1D20
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=0348644b-f21a-4e01-b71f-3bac2f59f32c&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=0348644b-f21a-4e01-b71f-3bac2f59f32c&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKJRFntL8z%2FshT2VLwVveE3uZIIrBt5xZpcFTqM5maZo%2BqHdCQpmtSBFF0zlfkxtD52CO2ncwy6CMEhzRsZUfgCTYoavCHaNnFvCaBM0KakISc7Ip5xw7e8pjFrSwsLWFy4cQEUby6H4Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
81213d5d8f3c03ec-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=0348644b-f21a-4e01-b71f-3bac2f59f32c&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Fri, 06 Oct 2023 22:11:21 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 1D20
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455421488293363
43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455421488293363
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9XgdzO1bbyVN0UaK26SP23LRXJD1qwSTq0Fr10oDcv86L6UdtMIsxXBeBN8FaIWSmLgbOfVY9guUFfMEvnpfBondahsIe6lGWqmvxJ6XWU4aABDE49bGdD%2FCVc8npm1XYbmpKC2ns7YLg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81213d5e2fc003ec-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455421488293363
Date
Fri, 06 Oct 2023 22:11:21 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame 1D20
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZSCGBQAVzsZ5FgA_
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZSCGBQAVzsZ5FgA_
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOqHtg0rxPPGFdEquLGeFn5LA8VY91RfLlEa7cwSIirZIRCXQdZlWEhcYt4JFwI3fwRAdeyeoBvCaBcTYKGQBY%2FDa1ZfDLtfji4j15v3uvh0q%2Fxw9BJRXUX1G4Q756p6fKGa1GblbSywEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81213d5d0eb203ec-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-fra-etou8220045-FRA
pragma
no-cache
date
Fri, 06 Oct 2023 22:11:21 GMT
via
1.1 varnish
server
Varnish
x-timer
S1696630282.750867,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZSCGBQAVzsZ5FgA_
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
ssbsync.smartadserver.com/api/ Frame 1D20 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:21 GMT
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 1D20 		43 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZSCGBUp514elSDxBXhFiZAAA%262196
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:21 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
9940
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
81213d5d0c9b2c32-FRA
content-length
43
expires
Sat, 07 Oct 2023 22:11:21 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5184
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 06 Oct 2023 22:11:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 22:11:21 GMT
expires
Fri, 06 Oct 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
719290
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame F064
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=290FDCC0-79CE-4D73-920B-72E06B032633&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=290FDCC0-79CE-4D73-920B-72E06B032633&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=290FDCC0-79CE-4D73-920B-72E06B032633&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 06 Oct 2023 22:11:22 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ENKM0HDJF4RNAH7Y110W

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 06 Oct 2023 22:11:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=290FDCC0-79CE-4D73-920B-72E06B032633&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
7NDV4AH6TFG7VEJ1D7B1
Pug
simage2.pubmatic.com/AdServer/ Frame 06F7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3816782713399180414&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3816782713399180414&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 06 Oct 2023 22:11:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
7cbac56a-cce3-462c-962e-3ab66337652f
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 06 Oct 2023 22:11:21 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3816782713399180414&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
178.162.209.134; 178.162.209.134; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 81CC
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JMmjSirKoUM_mKMfdpm8GSGep0M_yqFDIsgWai_w
42 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JMmjSirKoUM_mKMfdpm8GSGep0M_yqFDIsgWai_w
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 06 Oct 2023 22:11:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 06 Oct 2023 22:11:21 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=JMmjSirKoUM_mKMfdpm8GSGep0M_yqFDIsgWai_w
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C83E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KQ_cwHnOTXOSC3LgawMmMw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:21 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=163065
accept-ranges
bytes
content-length
5606
expires
Sun, 08 Oct 2023 19:29:06 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame C83E 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=290FDCC0-79CE-4D73-920B-72E06B032633&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.65.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-65-49.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:21 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.23.65
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame C83E
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=942093340
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=290FDCC0-79CE-4D73-920B-72E06B032633
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=290FDCC0-79CE-4D73-920B-72E06B032633
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:21 GMT
via
1.1 google
last-modified
Fri, 06 Oct 2023 22:11:22 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=290FDCC0-79CE-4D73-920B-72E06B032633
date
Fri, 06 Oct 2023 22:11:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame C83E
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=290FDCC0-79CE-4D73-920B-72E06B032633
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aTI4RVdESU1mdzNSLTJlbm9odFMtS1J4UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8785908147014257948&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
54.144.174.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-174-219.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Fri, 06 Oct 2023 22:11:22 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 06 Oct 2023 22:11:22 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame C83E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjkwRkRDQzAtNzlDRS00RDczLTkyMEItNzJFMDZCMDMyNjMz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 06 Oct 2023 22:11:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C83E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPtIY53Of7HwwyAgDsdpz_Y&google_cver=1
42 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPtIY53Of7HwwyAgDsdpz_Y&google_cver=1
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 06 Oct 2023 22:11:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPtIY53Of7HwwyAgDsdpz_Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame C83E 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 05 Oct 2023 22:11:21 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C83E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8785908147014257948
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8785908147014257948
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 06 Oct 2023 22:11:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8785908147014257948
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame C83E 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:21 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58292/ Frame C83E 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=290FDCC0-79CE-4D73-920B-72E06B032633&redir=true&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 22:11:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=45je3a40&_p=966697132&gdid=dYWJhMj&cid=362986384.1696630276&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dp=%2F&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1696630275&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BE%24%3D!!tZ.qm3MzI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-bmYFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-5CQrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-Rw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=13342&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=13342&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1696630275828&de=325242733571&rx=870953204654&cu=1696630275828&m=7205&ar=0c7a73c5c3d-clean&iw=568cc09&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1469%3A1469%3A4199%3A1447&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5074&cd=0&ah=5074&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205668&na=1248474043&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-133.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 22:11:23 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Oct 2023 22:11:23 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEN-ndNn_OSbIuQLm7WIJPD0&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

674 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 function| admiral object| googletag object| sophi number| a object| sophiSegments object| BOOMR_mq string| BOOMR_API_key object| BOOMR string| environment object| adiData object| dataLayer object| Fusion object| OneTrustStub object| react object| React function| setImmediate function| clearImmediate object| ReactDOM object| PropTypes object| StyledComponents function| 4dm1r11545242527 object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| $OPHI_GN function| sophiTag object| Snowplow object| idl object| teads_analytics string| bcHostname object| pArray function| adiGetLotameValue number| times function| waitFor object| lotameSegments object| atsScript boolean| isOriginalIDL undefined| revgenDebug string| bcAffiliateProp string| logStyle function| handleProfileProperties function| debouncedHandleProfileProperties function| loadValuesFromBlueConic function| debounce function| storeIDLInfo function| setOriginalIDL function| retry function| retryGetProfileProps function| emitIDLInfo function| retryEmitIDLInfo function| setLiveRampsIDL function| waitForBcPageView function| waitForATS function| waitForAuth0 function| waitForWall function| waitForBC function| pathValue object| IDLExists object| isIDLReportingPending object| isProfileUpdatePending object| atsPromise object| profilePromise object| loginAuth0Promise object| emailWallPromise object| pianoScript string| GoogleAnalyticsObject function| ga object| PARSELY object| ntv undefined| debug function| removeHash function| debugLog function| backfillNativo object| clientScript object| _comscore function| fbq function| _fbq string| meterContentType function| twq object| _linkedin_data_partner_ids boolean| _already_called_lintrk function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| adiTrackPromise object| adiTrack object| regeneratorRuntime function| iFrameResize function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| otCcpaOptOut function| dnsfeed object| otStubData object| CDP object| apstag object| pbjs boolean| bcDFPCallbackCalled function| bcDFPCallback object| lotame_963 object| AdManager function| setAdiDataAffiliateMarket function| adhesionInit object| Advance object| tp object| SWG object| atsenvelopemodule object| fbcapimodule object| ats function| onYouTubeIframeAPIReady object| gaGlobal object| SUBSCRIPTIONS object| COMSCORE object| ns_p object| gaplugins object| twttr object| process undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 undefined| nQuery number| ntvLoadStart object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| blueConicPreListeners function| BCClass object| blueConicClient object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadedadvanceddigitalheader640552616592 object| __otccpaooLocation object| _mather number| _zid object| _matherq object| tid function| lotameIsCompatible function| lt963_ba function| lt963_b undefined| lt963_c undefined| lt963_ca undefined| lt963_da function| lt963_ea object| lt963_e function| lt963_fa function| lt963_g function| lt963_ha object| lt963_ object| lt963_na object| lt963_oa object| lt963_Oa object| lt963_Ya object| lt963_Za object| lt963_7 function| lt963_aa function| lt963_a function| lt963_d function| lt963_f function| lt963_h function| lt963_ga function| lt963_ia function| lt963_i function| lt963_ja function| lt963_j function| lt963_k function| lt963_l function| lt963_m function| lt963_n function| lt963_la function| lt963_ka function| lt963_o function| lt963_p function| lt963_ma function| lt963_q function| lt963_r function| lt963_s function| lt963_t function| lt963_u function| lt963_sa function| lt963_pa function| lt963_qa function| lt963_w function| lt963_ra function| lt963_x function| lt963_y function| lt963_z function| lt963_A function| lt963_v function| lt963_B function| lt963_C function| lt963_ta function| lt963_D function| lt963_E function| lt963_ua function| lt963_F function| lt963_G function| lt963_va function| lt963_H function| lt963_I function| lt963_J function| lt963_wa function| lt963_L function| lt963_M function| lt963_K function| lt963_xa function| lt963_ya function| lt963_N function| lt963_za function| lt963_Aa function| lt963_Ba function| lt963_Ca function| lt963_Da function| lt963_Ea function| lt963_Fa function| lt963_Ja function| lt963_Ga function| lt963_Ha function| lt963_Ia function| lt963_Ka function| lt963_Ma function| lt963_La function| lt963_Na function| lt963_O function| lt963_Pa function| lt963_Qa function| lt963_Ra function| lt963_Sa function| lt963_Ta function| lt963_Ua function| lt963_Va function| lt963_Wa function| lt963_Xa function| lt963_P function| lt963__a function| lt963_0a function| lt963_1a function| lt963_Q function| lt963_R function| lt963_2a function| lt963_S function| lt963_T function| lt963_3a function| lt963_4a function| lt963_5a function| lt963_U function| lt963_V function| lt963_W function| lt963_X function| lt963_Y function| lt963_6a function| lt963_9a function| lt963_8a function| lt963_7a function| lt963_Z function| lt963__ function| lt963_0 function| lt963_1 function| lt963_4 function| lt963_ab function| lt963_cb function| lt963_bb function| lt963_eb function| lt963_db function| lt963_2 function| lt963_gb function| lt963_ib function| lt963_hb function| lt963_3 function| lt963_$a function| lt963_fb function| lt963_jb function| lt963_kb function| lt963_lb function| lt963_mb function| lt963_5 function| lt963_6 function| lt963_nb function| lt963_ob function| lt963_pb function| lt963_qb function| lt963_rb function| lt963_sb function| lt963_tb function| lt963_ub function| lt963_vb function| lt963_wb function| lt963_8 function| lt963_zb function| lt963_Ab function| lt963_yb function| lt963_xb function| lt963_Cb function| lt963_Bb function| lt963_Eb function| lt963_Db function| lt963_Fb function| lt963_Gb function| lt963_Hb function| lt963_Ib function| lt963_Jb function| lt963_Kb function| lt963_Mb function| lt963_Pb function| lt963_Ob function| lt963_Lb function| lt963_Sb function| lt963_Nb function| lt963_Qb function| lt963_Ub function| lt963_Tb function| lt963_Vb function| lt963_Rb function| lt963_Wb function| lt963_Xb function| lt963_Yb function| lt963_9 function| lt963_Zb function| lt963__b function| lt963_0b function| lt963_1b function| lt963_2b function| lt963_$ function| lt963_3b function| lt963_4b function| lt963_5b function| lt963_6b function| lt963_7b function| lt963_8b function| lt963_9b function| lt963_$b function| lt963_bc function| lt963_cc function| lt963_dc function| lt963_ac object| ggeac object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| apscustom object| pbjsChunk object| _pbjsGlobals object| mnet object| liQ_instances object| gaData function| _typeof string| url string| ptitle function| lintrk boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion function| ___tp object| lotame_sync_16576 object| default_gsi object| google object| closure_lm_896368 object| __G_ID_CLIENT__ object| Optanon object| OneTrust function| gtag string| OnetrustActiveGroups string| OptanonActiveGroups undefined| google_measure_js_timing number| google_unique_id object| currentSegments object| segmentWhiteList object| filteredSegments object| filteredAudGov object| filteredAudIndividual object| filteredAudVoter object| filteredAudMVD object| filteredAudMayoral object| filteredAudMidterm2022 object| bc_json175 function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| PublisherCommonId object| ID5 object| __id5_instances function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| ox_esp object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_141 object| Criteo object| Criteo_identitytag_141 number| BOOMR_configt object| _33across object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| $ object| _bcp object| justDetectAdblock function| BlueConicEngagement function| RuleService object| bcConnectionUtil function| BlueConicDataLayerUtility function| md5 string| _contentURL string| _title object| bcSegmentsArray number| bcchunkSize number| num string| chunkString object| bcGASegment string| bcGASegmentName undefined| dcrSegmentsMI object| bc_json176 number| BOOMR_onload object| PianoESPConfig object| GoogleGcLKhOms object| google_image_requests

124 Cookies

Domain/Path Name / Value
h312.mlive.com/DG/DEFAULT Name: BCSessionID
Value: 656b9121-ab49-47b1-98f2-d203a2be7977
advancelocal.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 656b9121-ab49-47b1-98f2-d203a2be7977
www.sign-verifymailaccountxsa.duckdns.org/ Name: PHPSESSID
Value: 843a2400b59aaea6672b2d980ac3bc51
.mlive.com/ Name: sophiTagses.073a
Value: *
.mlive.com/ Name: _sp_duid
Value: 02bdedc9-2fac-4b45-9bfe-80add58b138e
.mlive.com/ Name: _gcl_au
Value: 1.1.1512120469.1696630275
.mlive.com/ Name: utag_vnum
Value: 1699222275330&vn=1
.mlive.com/ Name: utag_invisit
Value: true
.mlive.com/ Name: utag_dslv_s
Value: Less than 1 day
.mlive.com/ Name: sophiTagid.073a
Value: 02bdedc9-2fac-4b45-9bfe-80add58b138e.1696630275.1.1696630276.1696630275.91b2d453-4d13-40b8-9e0c-a80bfbca556a
www.mlive.com/ Name: last_visit_bc
Value: 1696630275887
.mlive.com/ Name: _ml_ses
Value: *
.mlive.com/ Name: lotame_domain_check
Value: mlive.com
.postrelease.com/ Name: opt_out
Value: 1
.twitter.com/ Name: guest_id_marketing
Value: v1%3A169663027592555295
.twitter.com/ Name: guest_id_ads
Value: v1%3A169663027592555295
.twitter.com/ Name: personalization_id
Value: "v1_b0/GV8GJj/ScBMqVMTDZ/A=="
.twitter.com/ Name: guest_id
Value: v1%3A169663027592555295
.t.co/ Name: muc_ads
Value: 21637765-8806-4859-a47e-cf19f43d9f49
www.mlive.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.mlive.com/ Name: _li_dcdm_c
Value: .mlive.com
.mlive.com/ Name: _lc2_fpi
Value: 94c49eadf2ac--01hc3gpzy90m3zhvqm9dt8fedm
.mlive.com/ Name: pbjs_sharedId
Value: 4861eb59-d4f5-43cb-b379-e9d87429b644
.mlive.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.mlive.com/ Name: _ga
Value: GA1.2.362986384.1696630276
.mlive.com/ Name: _gid
Value: GA1.2.984519348.1696630276
.mlive.com/ Name: _gat_UA-16643585-16
Value: 1
www.mlive.com/ Name: _lr_geo_location_state
Value: HE
www.mlive.com/ Name: _lr_geo_location
Value: DE
.mlive.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.mlive.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1696630276109%2C%22slts%22:0}
.mlive.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=e0beda879c87a663ea2562ef4690d49b%22%2C%22session_count%22:1%2C%22last_session_ts%22:1696630276109}
www.mlive.com/ Name: ntvSession
Value: {"id":6697587,"placementID":773533,"lastInteraction":1696630276176,"sessionStart":1696630276176,"sessionEndDate":1696716000000,"experiment":""}
www.mlive.com/ Name: ln_or
Value: eyIzMjUyMzc4IjoiZCJ9
www.mlive.com/ Name: authsource_origin
Value: false
www.mlive.com/ Name: usprivacy
Value: 1---
.mlive.com/ Name: _fbp
Value: fb.1.1696630276347.1811354104
.linkedin.com/ Name: li_sugr
Value: badf88ff-4ee0-49bf-9143-ed7679c60286
.linkedin.com/ Name: bcookie
Value: "v=2&0658a9f8-983e-48d3-8bb6-e58c08e3bd93"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3061:u=1:x=1:i=1696630276:t=1696716676:v=2:sig=AQHQEtFGZMOOeVyZPU4rRHYJsTlGO4Zo"
.mlive.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Sat+Oct+07+2023+00%3A11%3A16+GMT%2B0200+(Central+European+Summer+Time)&version=202309.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=a1ba1cf4-cede-4d71-b947-9175ff92a269&interactionCount=0&landingPath=https%3A%2F%2Fwww.mlive.com%2F&groups=1912%3A0%2CC0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0
.postrelease.com/ Name: visitor
Value: ""
.postrelease.com/ Name: status
Value: 0
.postrelease.com/ Name: ver
Value: 1
.rubiconproject.com/ Name: khaos
Value: LNF5UZR7-C-6CQ9
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqqlb8AA567rC+IXqvPVzt4X6LBWwGzep07cZe5xyGZWUhO7cMMI05YdMjVyH5gNUvWNsmdfkbiHcxuhZpbWKLtxl5Kj60wWhy+xUA9sgf/4eNEKcfJxgEB
.mlive.com/ Name: __gads
Value: ID=6b93ae258e4eee56:T=1696630276:RT=1696630276:S=ALNI_Mbx5j0Yovw0A2YnAJb2LIiNeG82EQ
.mlive.com/ Name: __gpi
Value: UID=00000c8fc08e492c:T=1696630276:RT=1696630276:S=ALNI_Man84L6zsBhxQ1dA7MozPb_n9g5iw
.criteo.com/ Name: uid
Value: 6b048098-65d5-4e58-99d3-217385d5b6fc
.mlive.com/ Name: _awl
Value: 2.1696630276.5-877918a23933c8996d4b3a026f3bce0c-6763652d6575726f70652d7765737431-0
.linkedin.com/ Name: UserMatchHistory
Value: AQJ9-6EjtSmpjwAAAYsHC4GuCiQk02OiFm6Nlq3AJwT3jN4JgSgw13DBNE-v5QkhrRPXVyVFGESafg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKcOx3RecaknwAAAYsHC4Gud4THqUVw8Jqnsw-b5eMUYJ3HYrP-f6irQmF6LqjdOv_MmCUp7rQ2lixCzFMGVQ
.openx.net/ Name: i
Value: 80d6e701-0638-4133-bef2-4588824fcb8e|1696630276
.www.linkedin.com/ Name: bscookie
Value: "v=1&20231006221116c5ea5fec-b59f-492a-86f2-26f09e566f42AQHEpAI4biOYialourZEcPhdsw9Ww2Eo"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTY2MzAyNzY7MjswMjFXGa7CwOjBCzLOwBgkKz7t52x9AEUZSJp6e3ljnEZ5pQ==
.mlive.com/ Name: cto_bundle
Value: OUsJ2192b1dZRXhueUVoYjlYWmJCQ2JDJTJCS0lZM0F3Q0F0WnRNRXNVU1pTaEI2azhLSzJlSE0lMkIlMkZuSGZNY0J4NEVrQVNMRlg3ZlFjZHFtaTNEemxCNks4WWk3SEZ2UnR2emFGRDk5YmViY3FzakclMkJ0RlNaWkc3UCUyRlliSUZPMGxXUEhVa3FyVXFMY3hmbFNWcXYlMkJFN0lWV3p6UlElM0QlM0Q
.doubleclick.net/ Name: DSID
Value: NO_DATA
.liadm.com/ Name: lidid
Value: 56e6d37b-04da-4c6d-87b5-6d98dc3244e1
www.mlive.com/ Name: BCSessionID
Value: 656b9121-ab49-47b1-98f2-d203a2be7977
.doubleclick.net/ Name: IDE
Value: AHWqTUm5PNftP7pb9yt-My-roNgvCwvRaNH6n8cyVDvoIViFmA8Q43p9FdNn_Q8z6k0
advancelocal.blueconic.net/ Name: AWSALBCORS
Value: RUc4LXPzSvz4LlBnL+ttXuruzTBToq+384bb9VwUC0kUzaIquM87sk15pVZC10OUzNtgQXDyze8sgdTgJbkfkMFtkcKCQD0lRraTyET9+IjE6P+OF3/RAtxElfLz
.casalemedia.com/ Name: CMID
Value: ZSCGBUp514elSDxBXhFiZAAA
.casalemedia.com/ Name: CMPS
Value: 2196
.casalemedia.com/ Name: CMPRO
Value: 2196
.adnxs.com/ Name: uuid2
Value: 3816782713399180414
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2H`gY_I/P!1yIE`fS1ueD1W-044)d+]UgR@C?i@@mB]poLafIowG#))Xf.K1JCjy`%#1<.g4dkXstGt!@@?.)cKe!
.doubleclick.net/ Name: APC
Value: AfxxVi7Sb_qy_WFM_2jcfscudlEBUS7lNKkE83hOMYeqpFWQRl8UhQ
.adfarm1.adition.com/ Name: UserID1
Value: 7286971553130084508
.mlive.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lnf5uzhnfg5dxgjr%22%7D
.mlive.com/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
.lijit.com/ Name: ljt_reader
Value: HcVzsGZHm0I66I6aS7G1i_gI
.turn.com/ Name: uid
Value: 2425681648757506984
.simpli.fi/ Name: suid
Value: 5460645101BF4468A7969F24CCE7C9D2
.blismedia.com/ Name: b
Value: 65208605CB84E2074A38C63FBLIS
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZSCGBQAVzsZ5FgA_
.demdex.net/ Name: demdex
Value: 37788439087270633850750725960366580251
.ihg.demdex.net/ Name: ihg
Value: 37788439087270633850750725960366580251
h312.mlive.com/ Name: AWSALB
Value: 1ivxTes3iB+dS2Ea8UWL0mPjv/Rsx+ePayAHVBUCJg1nOqE0dHwUv7+nEQd7NCRejHkLTFCRgoRW73k/wxjkpDWQeFllosKQUEl3YCOAYCTsxxoSffvgpPsfPaG3
h312.mlive.com/ Name: AWSALBCORS
Value: 1ivxTes3iB+dS2Ea8UWL0mPjv/Rsx+ePayAHVBUCJg1nOqE0dHwUv7+nEQd7NCRejHkLTFCRgoRW73k/wxjkpDWQeFllosKQUEl3YCOAYCTsxxoSffvgpPsfPaG3
.www.mlive.com/ Name: RT
Value: "z=1&dm=www.mlive.com&si=1726544a-18cc-45d0-9780-0efab8cd9106&ss=lnf5uxmz&sl=1&tt=38n&rl=1&ld=38p"
.piano.io/ Name: __cf_bm
Value: bV.5ce9Aqi0rdzdZlPlJUEm28cDs5l.sejo.W.nI1uk-1696630277-0-AUVpCTMwjBvc2pA/7mm3YcEtpZl84l7/PxmNIp0dmmzZXALH/CwZsWPrwPwj1DGYsmT5zdn2/I/5jQqrlDOAXNk=
.mlive.com/ Name: __tbc
Value: %7Bkpex%7DYf5MR-fcxUNKJAAIP-9hTBzkETUvAJy1XUK9Qjvc8nqeHqX2PJilglda91ubTy3t
.mlive.com/ Name: __pat
Value: -14400000
.mlive.com/ Name: __pvi
Value: eyJpZCI6InYtMjAyMy0xMC0wNy0wMC0xMS0xNi0xNTAtTHM5WWFhQzVsWVA3TXlxWS0wMGFkNjk3M2QxYTEyOGJkMjFhZTE1ZDNmMTA3NGJmMyIsImRvbWFpbiI6Ii5tbGl2ZS5jb20iLCJ0aW1lIjoxNjk2NjMwMjc3OTg0fQ%3D%3D
.mlive.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXQF8g
.mlive.com/ Name: xbc
Value: %7Bkpex%7D5yaRFtvc0GTb0Wz7kizDLsezgJzTv0Ur5egnXmgKlOvUUCtEbPN5a72D074PjaWFaNEI8iRBbvw6zZ1Dp0pJOgdMK_YT0MyB5j2lJEM4-l4ZFdyLSHaKP8foIrvFBip3VbGxSeuHM1iy83kPZ6eSZ9IWdgZ-Qk97V2EVFEuaxFxkKldO2vGOmev-XDtE2nVaDN7xG7KQdm1BowkbtM8Sn2ZW9tp3rXNHzxyloKCmPjRgPIjr9l2zEMIkHQYLQlEvMEMSW6bf14FexAM6PYCCJCZP_pyWYVAyvAmJtsR8a_UcZwNxxP9hOXGM5Ss6e8jtqWi_1zAwRc8Wwu6qjuhvLfY7Xctl9y-JUdIbtosfsKK6vC7LGm535qdkR-fuCO7_mHWXHSAJBWkgpMCquVRSPzV4Tj7WyWHxDbhwy3DG-IDaoBMn2rZhf36x_MssXrBwRwys-OZdlH_7UM577A2sbFl87gTGC0XUu17vb5A9Z58eMdUWyWrZVAX9ZgwIQG1r02IVVIxSN_q8D9wbnY6itaWocIN66ecYwmLeKiDE63R1zv-fIqTVFVJFFE_HKZM9T0V5LkhZSXlxwQJ2tk9VG9qO9VqFHE_YwFLJRfX7GSAeap5R3j0rWHvG7Zg4Hf91FLaM3xxWO7vSXtK6VqtNOhtpUOVgCDDPRc-cWYU7-520cwY04W2OIw47R0NcCbq48mIr-KzhWdVG_b6fEN86rDJGhsXFI4HiAk4Lx08YXb5dSGCfFDJlE5m0YLv9Juzpn_8J8kM6MhBlt5dcy--prC3AKueuYXpZPR5a_526-w_qBG57mMns9mdXKqX4MuRod5RfL5G8ek-WON8524GiHtzqG9hvaioX-6Zp0L7Lzqk_GMJ0yJ-u1yKlHdIWqHFQR1QKAHzAZke-DIA3kTWKvIN6pNE3cTUM9pKwf_H8GkuXuU_s_YQNL7TenmdH741yGcPWmW-xKvTjE-UpNlJmZ6XjvQ7yC3sOV8V3khFRncU5D88yeyMPOpnjFRsPew3mh9qtq9259gzuBMsBs6TxLSrkjtfMC3xOL9ot-jiLxyhfFuD6cK1eCGBW_GTcwggsWiyOUAsjNCThrWYCr0Vch4EC4wKniidDDuonkA6Vrt2Y3ePb70Vf_gZs8dWqVAUogNSVUQ5DhufMvZPGetEapQ
.www.mlive.com/ Name: _pc_sup_support_acq-sup2
Value: 10
.tinypass.com/ Name: LANG
Value: en_US
.tinypass.com/ Name: LANG_CHANGED
Value: en_US
.mlive.com/ Name: utag_vs
Value: 5
.mlive.com/ Name: utag_dslv
Value: 1696630278670
www.mlive.com/ Name: offer_config
Value: %257B%2522type%2522%253A%2522bottomfixed%2522%252C%2522version%2522%253A%2522cta%2522%252C%2522placement%2522%253A%2522bottom-fixed%2522%252C%2522newsletterId%2522%253A%2522%2522%252C%2522closable%2522%253A%2522true%2522%252C%2522scrollLock%2522%253A%2522true%2522%257D
.mlive.com/ Name: _ml_id
Value: d427a3e61b38adcc.1696630276.1.1696630279.1696630276
.mlive.com/ Name: _ga_GG8B674XK4
Value: GS1.1.1696630275.1.0.1696630278.0.0.0
www.mlive.com/ Name: _lr_sampling_rate
Value: 100
www.mlive.com/ Name: _lr_retry_request
Value: true
www.mlive.com/ Name: _lr_env_src_ats
Value: false
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 290FDCC0-79CE-4D73-920B-72E06B032633
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 159879:2
.pubmatic.com/ Name: DPSync3
Value: 1697760000%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1697760000%3A220_13_54_251_3_8_21_56%7C1697846400%3A35%7C1697155200%3A223
.csync.loopme.me/ Name: viewer_token
Value: 0348644b-f21a-4e01-b71f-3bac2f59f32c
.quantserve.com/ Name: d
Value: EOUBCwGPKvijAA
.quantserve.com/ Name: mc
Value: 65208609-d2ede-c3b69-60904
.yahoo.com/ Name: A3
Value: d=AQABBAmGIGUCEK0i7JAjYD6pptBsnHnZ6BYFEgEBAQHXIWUqZQAAAAAA_eMAAA&S=AQAAAnf-grDS7TD2TKU5dwboDN4
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-JMmjSirKoUM_mKMfdpm8GSGep0M_yqFDIsgWai_w&KRTB&19420-JMmjSirKoUM_mKMfdpm8GSGep0M_yqFDIsgWai_w&KRTB&22979-JMmjSirKoUM_mKMfdpm8GSGep0M_yqFDIsgWai_w&KRTB&23403-JMmjSirKoUM_mKMfdpm8GSGep0M_yqFDIsgWai_w
.pubmatic.com/ Name: PugT
Value: 1696630281
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEPtIY53Of7HwwyAgDsdpz_Y&KRTB&23025-CAESEPtIY53Of7HwwyAgDsdpz_Y&KRTB&23386-CAESEPtIY53Of7HwwyAgDsdpz_Y
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3816782713399180414&KRTB&23339-3816782713399180414
.weborama.fr/ Name: AFFICHE_W
Value: T@K@WyvdKftP10
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZmlmZmxgZGFoaWQBAM6UFQIQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjSxsDCyNDY2MxbiM9RNL_UxriwJMSnM8agEABQpA-ElAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjSxsDCyNDY2MxbiM9RNL_UxriwJMSnM8agEABQpA-ElAAAA
.mlive.com/ Name: __li_idex_cache_e30
Value: %7B%7D
www.mlive.com/ Name: pbjs_li_nonid
Value: %7B%7D
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8785908147014257948
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8785908147014257948&KRTB&23263-8785908147014257948&KRTB&23481-8785908147014257948
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.audrte.com/ Name: arcki2
Value: i28EWDIMfw3R-2enohtS-KRxQ!20220908!1696630282183!ip#178.162.209.134
.audrte.com/ Name: arcki2_pubmatic
Value: 290FDCC0-79CE-4D73-920B-72E06B032633!20220908!1696630282186
.amazon-adsystem.com/ Name: ad-id
Value: A0Xo5P2NcUJDieMjuTymn3c
.audrte.com/ Name: arcki2_ddp2
Value: i28EWDIMfw3R-2enohtS-KRxQ!20220908!1696630282312

7 Console Messages

Source Level URL
Text
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEN-ndNn_OSbIuQLm7WIJPD0&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://code.createjs.com/1.0.0/createjs.min.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://code.createjs.com/1.0.0/createjs.min.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://code.createjs.com/1.0.0/createjs.min.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=115
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=290FDCC0-79CE-4D73-920B-72E06B032633&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

48585fd4964fd69eb31c9ed551a2d59b.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.google.com
ad.turn.com
ads.pubmatic.com
ads.rubiconproject.com
advancelocal.blueconic.net
ampcid.google.com
ampcid.google.de
analytics.twitter.com
ap.lijit.com
api-v3.tinypass.com
api.rlcdn.com
app.matheranalytics.com
apps.sophi.io
at.teads.tv
ats-wrapper.privacymanager.io
bcp.crwdcntrl.net
buy.tinypass.com
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
c2.piano.io
cdn-ima.33across.com
cdn.ampproject.org
cdn.cookielaw.org
cdn.id5-sync.com
cdn.indexww.com
cdn.linkedin.oribi.io
cdn.parsely.com
cdn.prod.uidapi.com
cdn.sophi.io
cdn.tinypass.com
cdnjs.cloudflare.com
check.analytics.rlcdn.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
cr.frontend.weborama.fr
csync.loopme.me
d1z2jf7jlzjs58.cloudfront.net
dclk-match.dotomi.com
direct.adsrvr.org
dis.criteo.com
display.bidder.taboola.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
ead.mlive.com
ecollector-us-east.sophi.io
eus.rubiconproject.com
exchange.postrelease.com
experience.tinypass.com
fastlane.rubiconproject.com
fonts.advance.net
geo.privacymanager.io
geolocation.onetrust.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
h312.mlive.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
idx.liadm.com
ihg.demdex.net
image2.pubmatic.com
image6.pubmatic.com
jadserve.postrelease.com
js-sec.indexww.com
js.matheranalytics.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.360yield.com
match.adsrvr.org
micro.rubiconproject.com
mlive.com
mug.criteo.com
news.google.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.media.net
privacy.crwdcntrl.net
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
r.turn.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.go-mpulse.net
s.ntv.io
s0.2mdn.net
satisfycork.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
snap.licdn.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.advance.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
sync.teads.tv
t.co
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.linkedin.com
www.mlive.com
www.sign-verifymailaccountxsa.duckdns.org
x.bidswitch.net
z.moatads.com
sync.search.spotxchange.com
104.102.35.84
104.102.56.239
104.18.24.18
104.18.26.193
104.18.27.193
104.18.35.167
104.244.42.133
104.244.42.195
104.79.89.16
107.178.250.234
108.138.1.25
108.138.9.235
108.139.243.57
108.139.243.61
108.156.2.94
13.107.42.14
141.95.33.111
142.250.186.34
143.204.98.69
146.75.120.157
15.197.193.217
151.101.130.133
151.101.194.133
151.101.2.49
151.101.65.44
162.19.138.83
162.240.229.36
172.217.23.98
178.250.1.9
178.250.7.13
18.244.179.43
18.66.100.58
18.66.122.48
184.30.17.133
184.30.20.22
185.64.189.112
185.64.190.78
185.64.191.210
185.86.139.104
193.0.160.130
198.47.127.205
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
216.52.2.86
23.215.22.18
23.32.184.192
23.56.202.187
23.56.203.202
2600:1901:0:328a::1
2600:1901:0:8344::
2600:1f18:730:b120:ec5e:651e:a0cc:77a3
2600:9000:211e:de00:1b:5138:8a40:93a1
2600:9000:21f3:7c00:8:48e:53c0:93a1
2600:9000:2204:da00:2:53b2:240:93a1
2600:9000:2250:f400:a:e047:753:6381
2602:803:c003:200::44
2606:4700:10::6816:3456
2606:4700:4400::ac40:9b77
2606:4700::6811:190e
2606:4700::6811:c276
2606:4700::6812:82ec
2606:4700::6812:a07e
2606:4700::6812:eff8
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2a00:1450:4001:806::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:810::200e
2a00:1450:4001:812::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::2008
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2001
2a00:1450:4001:830::200d
2a00:1450:4001:831::200e
2a00:1450:400c:c0b::9d
2a02:2638:3::3
2a02:2638:d::d
2a02:26f0:1700:38a::11a6
2a02:26f0:3500:12::1730:17b4
2a02:26f0:480:f::213:7ec6
2a02:26f0:480:f::213:7edc
2a02:26f0:7100:59a::11a6
2a02:fa8:8806:16::1400
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:600::300
2a05:d018:d29:3602:5aec:1139:b771:4a28
3.71.227.249
3.75.62.37
34.102.146.192
34.111.129.221
34.111.131.239
34.120.107.143
34.120.133.55
34.120.63.153
34.234.124.95
34.243.192.150
34.255.92.83
34.96.105.8
35.186.255.72
35.204.158.49
35.214.208.147
35.227.252.103
35.244.159.8
37.157.6.233
37.252.171.149
44.198.246.137
51.89.9.254
52.17.236.99
52.17.99.225
52.19.1.158
52.20.110.47
52.208.65.49
52.222.236.26
52.222.250.115
52.223.1.76
52.223.6.21
52.46.130.91
52.58.182.115
52.7.177.4
54.144.174.219
65.9.66.104
67.220.224.150
69.173.144.165
85.114.159.118
95.101.149.233
99.83.138.34
99.86.4.71
01bdef6899556557278bc7b2625c85ac6db906abf6a1f90ea1c785bd779e905b
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
0491ae138f72a82b01394694c6a524ab9d5f4430552567ffcb2f405a85eaca2c
05516cb7d5e1ee4b0e5b73d0053f311cf3f3770bcaa7da4cd6c2fd180269be84
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0709e11f34bb1e47193a170bc8baf94732a32a867443b29be840c550cc03981d
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0f8245f260d5044329a08fbbc526832dce0a063ce8775f6caebd4813167cb9bb
11f08bc0ed24c4b85ca08b55c13b3b3aa2ca53f67c6fd98041f05246380c0779
125803a501caaf185baf2bee91c8a5855ac00eb3db4d834e45c95b660d0f5808
125e7c5047ba2447e30fecd9017b76c31d4f52717418d000cdcd9b079f071893
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1459c4f6a79e1e6a9cefa5531ce5ecd663fc878952387df09cf52c8abc89d9dc
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17c3dab99f83d00fa510dcb7428bc4f045768515e29d825ca53dbb678dbdb05b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
198e362fd4a64c0f1397b4ef5b7559f3ca19ef05c521ee6afad62a208ceb9255
1a469ff79765d6cac20235109f11f0a2da02e4fa2fa374b831680c77489e88ce
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1eaa4bc3cca6537ba0fe1aa33f4e12429ec0beb9c1ec5c4fdc7f41834af1cb35
212fd0273860de34d223966448ce0be817de5407e97ad7d78c49034056a99c30
21ee64f9aef61a94c2e9b819c82a6847c7207f342364bb49e70369403a27925e
229cfbc64a6ef1bef39ba3dd2b16750f834341d499f3fc79b497d7064c4a8dfa
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
2734079b0077105a2c1bf60bb9bf633ba7b782daae361910b00cf6832bd73f3d
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
28445ab5a58bac3609ddba4d1200c1797a766b538fd6b0bdb0926fbe386f327c
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
28a669c7ee4519c5c60a775a5c32da42e3288e5277ed89318e5f1658b97aefbf
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2d864a36329866d8e4f2334958b7b2e2e2095a1db4995cad32dcfa2804ed1d41
2f1d0d010b11b8db7686e58faa820b8cbc1b7dad3e1d3119371db0853ffdee53
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9
30e382a9546c4b436b0568f463e7c3274696c3c59f7aa871af91a33a967f05c4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31871b52e6cf8ac1445d98d3289d2ad1d21e242a341772ba5ff0a0f802529a8e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33effbd2bd6c3622e7b8756704fd21312d2d989ecb5945f2f1b15f483eda647f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
3a0f5e1d7ff29b34670d0fc3a12341b0dca72bb90929c3e6c441f41b84f94765
3b2ce9e63a7f14001e6af32ad0d3b19b045b916cf8073180d25688e4b3f49e40
3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08
3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34
3f5684bf5aa4a6eb5c9015394c8739dff39377a73adf72c30ba511d0ab5b50f3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
463f6c3193f3f6bc51396c167d3c422aff59f6db0cc687b3904eff923d59b375
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
481428a037dc42e7879ab8d116337f23cc826024cb969e1816331d1a8f91ad51
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4920b4a1784410c00403badedf0b60055ba282d694d54a826920915f65dc130c
49266b870070451555426f23686d7c2839e9e7ff91cfa5fe10b05de32ed9efa9
49b1485a151b82944796c5a354059e9678e19256d30d5ecea984550fc05a5845
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
4fb1d13154b4b396d3ce77eb8294a859bef473d7d991624d266b0247c419a9ef
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556445e2f9066b537a1f6fd90cf07c0371f48b125f7ceee0208502626aa76f0b
559c079867566720da46826020ce8d11f509e819f6dd20a846d147293cd8fc90
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
574328a322b7f4618099d133a0d1e3b04bc86078dd412bf9ee1aab597f73cb35
57f3eaf90d3458244d6123682e014e563e5973d634ee0e96860920cf6876f1d6
5954325f6bd6f73e64dfda170956868a0012a2d2476b08c5c1d549255d818b18
59a137b893436c8961cf69adc6df4108a7e9b34c849257cbee6246d6d8c5b089
5acf46ed5150382e62916ae61ab4b11940db927dd1edf9f0718543845d894f7e
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628
5e949e0ba546cccd944b7fc64ebc3f97123638dd1b3af8eec5732cd599c2ed46
5f26dfc3f5d603822dd5eb17c772720fd8d984f3fa596f757973dabe24ebda6e
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fe498f984078cc4039385dc4a4befa8cbd53ae03eb24187cac828668ca60415
6043e3d6dd4163ac3956c05ffc12cb735e031faea6c313c40a3a494b26a97442
6066054d8669e8ca3c9a1ca53af6b3e80dba9361b59f023c82d7b55542b36fb0
60723d88508a1cfecf512adfaef5b4575c905e76d2e06f313768adbe010686d0
608f9c14d8d47f4ab81d25ebab7fe78612e2732910991563683fa6856cc23d40
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
655854f3ed230573c72563400e32d76772be3ab0009e2ade0833093d721f6821
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66fd57ba72d90085943ad028bb0a99da56ab6daba1a9030929e9504dc8ec12b7
68b5df8a16ee7bbfd4789f8533b7f9882f9095625a8be1f56e352bc10710484d
68cfce12ea1f94852224851aac036f21d3b0306312e5245b35cc194f0bfa1708
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
698329dd1fc6b30372d071a74100ef560d3732eccdd96c3fd80270d7d1896ea7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6cf4c124192a41dd7b3a34164704815d80149e1b60d0c79ca41e4f8ae7446a68
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21
6ff6cf159d19b9bbe64d44941f6f49ef7fa23656d723acac0eb88070e810d5e4
702c805fec65a8cc8c6c40aed34123b021e5ed6107cc6dfdebc4b0fc2e229887
70c0b487552a9a2ea102ed22ae505177c567320390f5136bcef5dd56d48d4f02
71199b9ef842cbebbec277e39cd24727837d698b92f310c49083f12a19efaa27
717a5c9def6237c1dc1f6ebe37778147e9514547dbb2ea8205478b67760eae89
71bda65dd208684995d965110a6f638aa1c3af19a70e6292dacfa78d812deb7f
71c7aedae49a6990da4065e8f7aad98717a59fc6f80f436b8befb1cb70bc68db
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
78e87484dde71edfb64644cd383b0a084f9790391d4878d653ccd46c7adcfb70
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c6022e340dda6659be9b9634f43591ebc0161c5930e8943cf37e364bcc52988
7c73d277d15112aa16567256f76275c0d205bbe80b00a6685faf5085ea1068e0
7e46eaf30b9ae0e2b5adcfee2b6df2e9721bc9b9a353fc80c67bc4960bd3157c
7fcb0b10f11c74eca3b3479a6bb45b4d5b76e34d74eefe8d484ac47aab248d0b
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
812b959d6d83258a5af91753b1fbe5a8c966f49785b688e8b8d3ffd076a6f452
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
81d96c2c7c2e932a708503820d985a2cec124fb641787b758321ffae78359ce8
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a7e0a669ecd904df3449d55575a02b54635faba73cf1dd1daffe4092cf3ce6
8728f8dca179702ef29834344aa8ee847d86f32c1f8f77fc5b6d7f3cc3e8c589
89024af444a880aaa2d0d7ba58fd3da4d922fcba3315994a0617006a6582e3d8
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8bf800ff39456132bb43924379faaae92451a6356a9ff195d48c13a4f727ff90
8c5caf62a158905a8d830801064f4b05c9ff565b3fe66e1b7f10d187e37f7b48
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f32df922fbfc079983f3b72366f39fe1ea8e623bda706fba595652aa0584119
8ff7a39b857b8b187a4ae48759c8289cd7b76af4c4fd979c6602c229136cc6dc
9146309036ab19e7167d2fd34718c0b81a338e1689556ff30e5abad73804cf6f
924e4b297681729162fa238a756db89acf5a1dc0cd23c1204c9a4e4407493822
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94f1d3480679dc97247747bc153e1736946823bcdc976f494fe930572cc91608
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9929755473cce0aed31651ed3076fa5326987e87080f21a959154dd3a775f88a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46
9ae3010c1058d028d2e7154bdd314fb1b3aa2c7168d66b4907d77b8f4dd27fda
9bf3ec6451a3608f81a88558bccdcaaabf147ceea632f00d3943f1964e1e551d
9c1a3cf6c5fae33a0a2b627a9785b585148970346adbbcc204a4519d05f9a089
9ca01f77fc2af3237d57461b0efbb4b1cb453868261fddbc210b64477fdb2a7c
9d62d9aea2bff2d1ac55b1ba27810da80cb67f89a5d4395167cc610f62baba12
9e0b144f5006b5e0dec0f3aba95f4ad25fbfdb9b1ba5d691f3a6a3d93bffbed4
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a36980eca87dbd7579cda55d021225ad965021d649a3552e2bae1f68d69d95f6
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
a513c4bdc410b1b170760ddfd2f2fd6fd0dbfb7b2a479af80e2586fec8a6dcc8
a517853cd091f9f7a25f8a8807924c26d9da0c106f6afc25dceca2caa5d032a4
a651cd46addba7c5b294a885d6cf7ef283073dd4c6cb64d095106eb21991ec43
a7e702f15b65f58d32945e27b8416dac2811afad1a828a9a617d5c0c1cc85b21
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa4687e23a916498d06c165c9d1e0939782769f9f40d1d4a60282faa2abcdb83
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad2370973f65438cd0b6f09f9932e2fcdacfcff4f75c0e9a0f1100bad3d7a90d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af94fc09d431a736245c0e59d0c2efb0a04ae78499cd702bf23fe33490eb0777
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b5cc8a7cc96d25d65f86e124be1402249c878071c9c07158588eca71752effad
b78bc5c07f038b149515d8a5cadf1533dd1cc438ee4a587fd2770c526304279a
b9afeb90db17ffa772a8bbc38f8ae37524ac4c0660dfc228f528cfe36a38d53d
bb5e59be9d91ab09c743760da7054e15b0651ff22256c268c6b715a2d5f3ccf9
bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc
bc2406b2176025b949ef983c74399c618b679f5f951a2c9083be7bc7c5244c04
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8
c5e8b15783b7006170ef8add156b242f8347681f5ea1d68b3511fed234eaa575
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c8164ab49ff3d32ffbe7e6ad17e8b16e8765b94ab42088494bfad6ce09be8893
c83b2b22008593dcf7dfb48d3b88d909d931caf4089210c8e6fa300d02335d84
c8d9e7465f0dafd4088fdbfd3ccc6e202e35af005fa004690a7781b213dd4fe8
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f
c96b67edd277b9d12add863bf157c68853eb1429929972195f629cddc8b6b48f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0341356cfb4d58cbb1232584946600669c49371e5d1a4db23819aa35b2cba2d
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2b28582d25b3aa38daf12c501c7abc9297ae74d035ee343941f0938adec0524
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d549edaec6c891a028d9a89a9dd9a6195088e3738ec82cf878fb2abee39c2725
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d86ce55edee7f570d7fc315f84814e3b1171edef20e3778e10066727092638b9
db598c4a37dc6643fcb9277b0c0850b6da3ad0fa9adf81b6c39d06a352abf6e1
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e028d0f111689896548323fb7598db807d18599fc28521d5ed5f74668710e6d3
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
e1d772e2bc257233f5107749498de4cfd3402a6e768e079e1a78fee56c0d9468
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5696a4c04cb9236e69390a6a84619091cfe6ce887e5747c74f3214a69419484
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
e72270f73bf7bc9102618270928acf80f21a972a149a4f912f26eb8801e7a47d
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8ff96f34e3df3fd72dae99e3f3d83ec463c7c0cc4098abac65591a4dcef0a62
e9296b739cc8d76fae4e5896d3ed9c2a80077a5ca3b055438447b94bf13149b6
ea063cfc2b845816765a08e1fa3fcc4aa04e08bd8c065c4b3b2228313e4fb20c
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ecefe5351fb12a0404abd074632306791e7b8a99ae93eff97facbf2670edb58b
eef57151e6646e4f59ca6a1d749631ee2f89bf4d1b736fb4620b784cedbe0de6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
f9bfdd3a464a0d30774672616e5b5a692359b0e78863abbb5dbf7f905d2428db
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804
fbae957908d4237a9b3454d8c3efc563d6311c556888e9e3234088696330e69f
fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1