urlscan.io logo urlscan.io
SecurityTrails logo

www.mlive.com Open in urlscan Pro
2a02:26f0:3400::1702:d59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tester.serveblog.net/
Effective URL: https://www.mlive.com/
Submission: On October 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 113 IPs in 10 countries across 83 domains to perform 420 HTTP transactions. The main IP is 2a02:26f0:3400::1702:d59, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.mlive.com. The Cisco Umbrella rank of the primary domain is 51253.
TLS certificate: Issued by R3 on October 14th 2022. Valid for: 3 months.
This is the only time www.mlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 78.111.89.4 208951 (AS-ITGLOB...)
1 1 34.199.56.222 14618 (AMAZON-AES)
36 2a02:26f0:340... 20940 (AKAMAI-ASN1)
10 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:1901:0:3... 15169 (GOOGLE)
1 65.9.95.37 16509 (AMAZON-02)
1 65.9.95.88 16509 (AMAZON-02)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
8 52.223.1.76 16509 (AMAZON-02)
3 2600:9000:224... 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2606:4700:440... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 23.203.77.3 16625 (AKAMAI-AS)
3 18.65.33.229 16509 (AMAZON-02)
3 65.9.95.100 16509 (AMAZON-02)
1 2.18.232.7 16625 (AKAMAI-AS)
13 65.9.95.59 16509 (AMAZON-02)
13 88.221.169.143 16625 (AKAMAI-AS)
1 18.155.153.59 16509 (AMAZON-02)
7 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 65.9.94.183 16509 (AMAZON-02)
1 23.35.237.64 16625 (AKAMAI-AS)
2 108.157.4.80 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 2a02:26f0:780... 20940 (AKAMAI-ASN1)
1 199.232.136.157 54113 (FASTLY)
1 108.138.15.119 16509 (AMAZON-02)
1 2 107.178.250.234 15169 (GOOGLE)
1 23.35.237.56 16625 (AKAMAI-AS)
2 44.206.223.61 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
2 52.16.152.32 16509 (AMAZON-02)
3 34.254.133.1 16509 (AMAZON-02)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 54.146.133.189 14618 (AMAZON-AES)
2 34.251.33.168 16509 (AMAZON-02)
1 18.66.248.86 16509 (AMAZON-02)
1 23.206.210.112 16625 (AKAMAI-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.97.61 16509 (AMAZON-02)
8 52.210.161.152 16509 (AMAZON-02)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.195 13414 (TWITTER)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 65.9.99.209 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 3.219.38.131 14618 (AMAZON-AES)
1 52.17.99.225 16509 (AMAZON-02)
3 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
3 185.64.189.112 62713 (AS-PUBMATIC)
3 2602:803:c004... 26667 (RUBICONPR...)
3 104.18.18.126 13335 (CLOUDFLAR...)
3 34.107.148.139 396982 (GOOGLE-CL...)
3 34.255.132.76 16509 (AMAZON-02)
1 162.19.138.82 16276 (OVH)
1 162.19.138.118 16276 (OVH)
6 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.156.207.182 14618 (AMAZON-AES)
3 162.19.138.119 16276 (OVH)
1 184.24.1.216 16625 (AKAMAI-AS)
1 35.164.244.115 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
1 18.225.3.171 16509 (AMAZON-02)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
4 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
9 24 142.250.185.130 15169 (GOOGLE)
3 20 185.80.39.216 27381 (CASALE-MEDIA)
4 6 185.89.211.116 29990 (ASN-APPNEX)
1 2 52.209.195.35 16509 (AMAZON-02)
4 142.250.186.130 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 178.250.0.157 44788 (ASN-CRITE...)
6 3.66.159.87 16509 (AMAZON-02)
22 151.101.194.133 54113 (FASTLY)
1 35.244.159.8 15169 (GOOGLE)
9 2600:1f18:1ac... 14618 (AMAZON-AES)
3 3 35.204.74.118 396982 (GOOGLE-CL...)
5 15.197.193.217 16509 (AMAZON-02)
3 6 185.64.190.78 62713 (AS-PUBMATIC)
1 3.71.169.66 16509 (AMAZON-02)
2 2 185.89.210.122 29990 (ASN-APPNEX)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 3.125.151.135 16509 (AMAZON-02)
2 2 216.52.2.19 30282 (AS-INAPCD...)
1 1 2600:9000:212... 16509 (AMAZON-02)
1 1 52.214.0.144 16509 (AMAZON-02)
3 13.226.153.37 16509 (AMAZON-02)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 82.113.101.132 6805 (TDDE-ASN1)
3 151.101.66.133 54113 (FASTLY)
1 2600:1901:0:8... 15169 (GOOGLE)
1 34.120.133.55 396982 (GOOGLE-CL...)
3 2.18.235.93 16625 (AKAMAI-AS)
6 104.18.12.76 13335 (CLOUDFLAR...)
3 23.35.236.201 16625 (AKAMAI-AS)
2 23.205.235.133 16625 (AKAMAI-AS)
5 104.18.19.126 13335 (CLOUDFLAR...)
4 7 52.46.143.56 16509 (AMAZON-02)
2 4 69.173.144.165 26667 (RUBICONPR...)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 3 2a05:d018:d29... 16509 (AMAZON-02)
2 3 52.94.222.140 16509 (AMAZON-02)
2 2 2620:116:800d... 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 185.183.112.148 60350 (VP)
1 1 3.211.35.247 14618 (AMAZON-AES)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 151.101.130.49 54113 (FASTLY)
1 1 103.229.206.240 30419 (MEDIAMATH...)
1 54.170.88.182 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
1 66.155.71.150 13768 (COGECO-PEER1)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 52.48.159.197 16509 (AMAZON-02)
420 113
1    78.111.89.4 (United States)

ASN208951 (AS-ITGLOBALCOM ITGLOBAL.COM, NL)
tester.serveblog.net
1    34.199.56.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-56-222.compute-1.amazonaws.com
mlive.com
36    2a02:26f0:3400::1702:d59 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.mlive.com
10    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    2600:1901:0:328a::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
satisfycork.com
1    65.9.95.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-37.prg50.r.cloudfront.net
cdn.sophi.io
1    65.9.95.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-88.prg50.r.cloudfront.net
apps.sophi.io
1    2a02:26f0:1700:38c::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    52.223.1.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8fd921d2017b5f79.awsglobalaccelerator.com
collector2.sophi.io
3    2600:9000:224a:2600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2a02:26f0:3500:991::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
2    2606:4700:4400::ac40:929e (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
10    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2606:4700::6812:a6e0 (United States)

ASN13335 (CLOUDFLARENET, US)
pub.doubleverify.com
2    23.203.77.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
3    18.65.33.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-33-229.ams1.r.cloudfront.net
c.amazon-adsystem.com
3    65.9.95.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-100.prg50.r.cloudfront.net
tags.crwdcntrl.net
1    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
13    65.9.95.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-59.prg50.r.cloudfront.net
h312.mlive.com
13    88.221.169.143 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-143.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    18.155.153.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-153-59.ham50.r.cloudfront.net
ats.rlcdn.com
7    2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
api-v3.tinypass.com
3    2a00:1450:4001:806::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
4    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    65.9.94.183 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-94-183.prg50.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1    23.35.237.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-64.deploy.static.akamaitechnologies.com
s.ntv.io
2    108.157.4.80 (Germany)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-80.dus51.r.cloudfront.net
sb.scorecardresearch.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a02:26f0:780::5f65:36db (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
1    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
at.teads.tv
2    44.206.223.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-223-61.compute-1.amazonaws.com
advancelocal.blueconic.net
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    52.16.152.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-152-32.eu-west-1.compute.amazonaws.com
privacy.crwdcntrl.net
id.crwdcntrl.net
3    34.254.133.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-133-1.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    2600:1f18:730:b130:9041:297a:f663:9c51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    54.146.133.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-133-189.compute-1.amazonaws.com
rp4.liadm.com
2    34.251.33.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-33-168.eu-west-1.compute.amazonaws.com
vtrk.doubleverify.com
1    18.66.248.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-86.dus51.r.cloudfront.net
geo.privacymanager.io
1    23.206.210.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    65.9.97.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-97-61.prg50.r.cloudfront.net
cdn.parsely.com
8    52.210.161.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-161-152.eu-west-1.compute.amazonaws.com
jadserve.postrelease.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
3    65.9.99.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-99-209.prg50.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
3    3.219.38.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-38-131.compute-1.amazonaws.com
www.i.matheranalytics.com
1    52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
p1.parsely.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
3    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
3    34.255.132.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-132-76.eu-west-1.compute.amazonaws.com
exchange.postrelease.com
1    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
lbs.eu-1-id5-sync.com
6    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    54.156.207.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-207-182.compute-1.amazonaws.com
idx.liadm.com
3    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
1    184.24.1.216 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-1-216.deploy.static.akamaitechnologies.com
ead.mlive.com
1    35.164.244.115 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-244-115.us-west-2.compute.amazonaws.com
id.sharedid.org
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    18.225.3.171 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-225-3-171.us-east-2.compute.amazonaws.com
prod.uidapi.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
4    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
21    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
13    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
24    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
20    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
dsum.casalemedia.com
6    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    52.209.195.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-195-35.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
13    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
6    3.66.159.87 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-159-87.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
22    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
realestate.mlive.com
static.advance.net
images-re.mlive.com
report-re.mlive.com
classimage.advance.net
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
9    2600:1f18:1aca:4281:b95e:67d4:aaa7:d102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
3    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
5    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
6    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    3.71.169.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
2    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    3.125.151.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-151-135.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    2600:9000:2127:3a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    52.214.0.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-0-144.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
3    13.226.153.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-153-37.dus51.r.cloudfront.net
check.analytics.rlcdn.com
9    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    82.113.101.132 (Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de
portal.o2online.de
3    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
fonts.advance.net
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
3    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
6    104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
7    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    2a05:d018:d29:3601:a0c6:b0ce:b43:b1c0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    3.211.35.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-35-247.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    54.170.88.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-88-182.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    52.48.159.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-159-197.eu-west-1.compute.amazonaws.com
d.adroll.com
Apex Domain
Subdomains		 Transfer
54 mlive.com
mlive.com — Cisco Umbrella Rank: 47491
www.mlive.com — Cisco Umbrella Rank: 51253
h312.mlive.com — Cisco Umbrella Rank: 88966
ead.mlive.com — Cisco Umbrella Rank: 98152
realestate.mlive.com — Cisco Umbrella Rank: 408974
images-re.mlive.com — Cisco Umbrella Rank: 425645
report-re.mlive.com — Cisco Umbrella Rank: 419041
2 MB
43 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317
262 KB
38 googlesyndication.com
29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
210 KB
28 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 519
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439
dsum.casalemedia.com — Cisco Umbrella Rank: 1311
19 KB
22 advance.net
static.advance.net — Cisco Umbrella Rank: 31179
classimage.advance.net — Cisco Umbrella Rank: 190518
fonts.advance.net — Cisco Umbrella Rank: 68429
440 KB
21 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3162
ads.rubiconproject.com — Cisco Umbrella Rank: 2637
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2961
eus.rubiconproject.com — Cisco Umbrella Rank: 596
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
token.rubiconproject.com — Cisco Umbrella Rank: 682
141 KB
16 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 313
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 534
s.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1205
58 KB
14 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 594
fw.adsafeprotected.com — Cisco Umbrella Rank: 794
dt.adsafeprotected.com — Cisco Umbrella Rank: 546
97 KB
13 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
411 KB
13 moatads.com
z.moatads.com — Cisco Umbrella Rank: 404
px.moatads.com — Cisco Umbrella Rank: 481
91 KB
12 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 470
image6.pubmatic.com — Cisco Umbrella Rank: 671
ads.pubmatic.com — Cisco Umbrella Rank: 495
19 KB
11 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1192
exchange.postrelease.com — Cisco Umbrella Rank: 5153
7 KB
10 google.com
accounts.google.com — Cisco Umbrella Rank: 83
ampcid.google.com — Cisco Umbrella Rank: 2113
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
78 KB
10 sophi.io
cdn.sophi.io — Cisco Umbrella Rank: 16255
apps.sophi.io — Cisco Umbrella Rank: 28182
collector2.sophi.io — Cisco Umbrella Rank: 23938
45 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 413
234 KB
9 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216
87 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
secure.adnxs.com — Cisco Umbrella Rank: 438
8 KB
8 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1160
privacy.crwdcntrl.net — Cisco Umbrella Rank: 19212
bcp.crwdcntrl.net — Cisco Umbrella Rank: 818
id.crwdcntrl.net — Cisco Umbrella Rank: 1481
37 KB
7 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 7590
cdn.tinypass.com — Cisco Umbrella Rank: 5417
buy.tinypass.com — Cisco Umbrella Rank: 4501
api-v3.tinypass.com — Cisco Umbrella Rank: 15354
142 KB
6 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 608
cdn.indexww.com — Cisco Umbrella Rank: 1375
5 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
311 B
6 media.net
prebid.media.net — Cisco Umbrella Rank: 1238
contextual.media.net — Cisco Umbrella Rank: 570
25 KB
6 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1436
match.adsrvr.org — Cisco Umbrella Rank: 356
insight.adsrvr.org — Cisco Umbrella Rank: 632
4 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
region1.google-analytics.com — Cisco Umbrella Rank: 2668
20 KB
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426
ups.analytics.yahoo.com — Cisco Umbrella Rank: 294
2 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
www.linkedin.com — Cisco Umbrella Rank: 591
px4.ads.linkedin.com — Cisco Umbrella Rank: 6090
3 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1193
id5-sync.com — Cisco Umbrella Rank: 471
34 KB
5 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 10761
www.i.matheranalytics.com — Cisco Umbrella Rank: 10567
42 KB
5 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1421
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4027
api.rlcdn.com — Cisco Umbrella Rank: 825
39 KB
4 doubleverify.com
pub.doubleverify.com — Cisco Umbrella Rank: 5865
vtrk.doubleverify.com — Cisco Umbrella Rank: 1586
18 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 841
2 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 425
mug.criteo.com — Cisco Umbrella Rank: 2786
7 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
140 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 3373
google-bidout-d.openx.net — Cisco Umbrella Rank: 3217
571 B
3 liadm.com
rp.liadm.com — Cisco Umbrella Rank: 1652
rp4.liadm.com — Cisco Umbrella Rank: 7432
idx.liadm.com — Cisco Umbrella Rank: 2587
1 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
197 KB
3 satisfycork.com
satisfycork.com — Cisco Umbrella Rank: 26029
28 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 578
633 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 729
1013 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 303
2 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 828
s.tribalfusion.com — Cisco Umbrella Rank: 2234
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1358
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1440
681 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2800
p1.parsely.com — Cisco Umbrella Rank: 2165
21 KB
2 blueconic.net
advancelocal.blueconic.net — Cisco Umbrella Rank: 24460
2 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 742
4 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
2 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1269
at.teads.tv — Cisco Umbrella Rank: 4239
4 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 678
482 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
196 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1300
c.go-mpulse.net — Cisco Umbrella Rank: 595
50 KB
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1484
181 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 740
759 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 602
191 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 508
433 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 462
662 B
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2662
182 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 723
576 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1415
300 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 766
425 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 4732
295 B
1 o2online.de
portal.o2online.de — Cisco Umbrella Rank: 66484
639 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 306
5 KB
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 660
504 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 717
477 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 13419
589 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 4180
3 KB
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1055
55 B
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 3897
5 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 680
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3591
8 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 3439
904 B
1 google.de
ampcid.google.de — Cisco Umbrella Rank: 55915
460 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 547
726 B
1 t.co
t.co — Cisco Umbrella Rank: 483
377 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1340
17 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1492
594 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 624
15 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3184
144 KB
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1 KB
1 serveblog.net
tester.serveblog.net
406 B
0 inmobi.com Failed
sync.inmobi.com Failed
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
420 83
Domain Requested by
36 www.mlive.com www.mlive.com
24 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
www.mlive.com
21 pagead2.googlesyndication.com 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
www.mlive.com
securepubads.g.doubleclick.net
18 static.advance.net realestate.mlive.com
static.advance.net
buy.tinypass.com
www.mlive.com
18 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
13 s0.2mdn.net 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
www.mlive.com
s0.2mdn.net
13 tpc.googlesyndication.com 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
13 h312.mlive.com www.mlive.com
h312.mlive.com
10 px.moatads.com 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
www.mlive.com
10 securepubads.g.doubleclick.net www.mlive.com
securepubads.g.doubleclick.net
29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
www.googletagservices.com
10 cdn.cookielaw.org www.mlive.com
cdn.cookielaw.org
9 cdnjs.cloudflare.com buy.tinypass.com
9 dt.adsafeprotected.com 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
www.mlive.com
8 jadserve.postrelease.com s.ntv.io
www.mlive.com
8 collector2.sophi.io cdn.sophi.io
7 s.amazon-adsystem.com 4 redirects ssum-sec.casalemedia.com
6 image6.pubmatic.com 3 redirects ads.pubmatic.com
6 prebid-a.rubiconproject.com micro.rubiconproject.com
6 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
6 www.facebook.com www.mlive.com
5 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 pixel.rubiconproject.com 2 redirects
4 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
4 match.adsrvr.org 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.mlive.com
4 googleads.g.doubleclick.net 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
www.mlive.com
4 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.mlive.com
3 cdn.indexww.com ssum-sec.casalemedia.com
3 aax-eu.amazon-adsystem.com 2 redirects
3 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
3 ads.pubmatic.com micro.rubiconproject.com
3 js-sec.indexww.com micro.rubiconproject.com
3 contextual.media.net micro.rubiconproject.com
3 fonts.advance.net static.advance.net
3 check.analytics.rlcdn.com micro.rubiconproject.com
3 um.simpli.fi 3 redirects
3 www.googletagservices.com 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
3 www.google.com 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 id5-sync.com cdn.id5-sync.com
micro.rubiconproject.com
3 exchange.postrelease.com micro.rubiconproject.com
3 prebid.media.net micro.rubiconproject.com
3 htlb.casalemedia.com micro.rubiconproject.com
3 fastlane.rubiconproject.com micro.rubiconproject.com
3 hbopenbid.pubmatic.com micro.rubiconproject.com
3 px.ads.linkedin.com 2 redirects
3 www.i.matheranalytics.com www.mlive.com
3 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
3 adservice.google.com securepubads.g.doubleclick.net
3 bcp.crwdcntrl.net tags.crwdcntrl.net
3 connect.facebook.net www.mlive.com
connect.facebook.net
3 accounts.google.com www.mlive.com
accounts.google.com
3 z.moatads.com www.mlive.com
z.moatads.com
29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
3 tags.crwdcntrl.net www.mlive.com
securepubads.g.doubleclick.net
3 c.amazon-adsystem.com www.mlive.com
c.amazon-adsystem.com
3 static.adsafeprotected.com satisfycork.com
29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
3 satisfycork.com www.mlive.com
satisfycork.com
2 ups.analytics.yahoo.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 cms.quantserve.com 2 redirects
2 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
2 ap.lijit.com 2 redirects
2 x.bidswitch.net 2 redirects
2 secure.adnxs.com 2 redirects
2 fw.adsafeprotected.com 1 redirects googleads.g.doubleclick.net
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects www.mlive.com
2 cdn.id5-sync.com www.mlive.com
securepubads.g.doubleclick.net
2 vtrk.doubleverify.com pub.doubleverify.com
2 region1.google-analytics.com www.googletagmanager.com
2 advancelocal.blueconic.net h312.mlive.com
2 js.matheranalytics.com 1 redirects www.mlive.com
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 sb.scorecardresearch.com www.mlive.com
2 pub.doubleverify.com www.mlive.com
pub.doubleverify.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 www.googletagmanager.com www.mlive.com
www.googletagmanager.com
1 d.adroll.com ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 pixel-sync.sitescout.com ssum-sec.casalemedia.com
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 sync.mathtag.com 1 redirects
1 casale-match.dotomi.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 sync.adotmob.com 1 redirects
1 ad.turn.com 1 redirects
1 api.rlcdn.com micro.rubiconproject.com
1 id.crwdcntrl.net micro.rubiconproject.com
1 lexicon.33across.com micro.rubiconproject.com
1 insight.adsrvr.org js.adsrvr.org
1 api-v3.tinypass.com cdn.tinypass.com
1 portal.o2online.de www.mlive.com
1 ajax.googleapis.com buy.tinypass.com
1 ads.yieldmo.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 ads.travelaudience.com 1 redirects
1 s.tribalfusion.com 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 classimage.advance.net 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
1 c2.piano.io cdn.tinypass.com
1 cs.emxdgt.com 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
1 report-re.mlive.com realestate.mlive.com
1 images-re.mlive.com realestate.mlive.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 realestate.mlive.com 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
1 mug.criteo.com www.mlive.com
1 prod.uidapi.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 id.sharedid.org securepubads.g.doubleclick.net
1 ead.mlive.com www.mlive.com
1 idx.liadm.com micro.rubiconproject.com
1 stats.g.doubleclick.net www.google-analytics.com
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 px4.ads.linkedin.com www.mlive.com
1 www.linkedin.com 1 redirects
1 p1.parsely.com www.mlive.com
1 ampcid.google.de www.google-analytics.com
1 analytics.twitter.com www.mlive.com
1 t.co www.mlive.com
1 cdn.tinypass.com experience.tinypass.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 ampcid.google.com www.google-analytics.com
1 secure.cdn.fastclick.net www.mlive.com
1 geo.privacymanager.io ats.rlcdn.com
1 rp4.liadm.com www.mlive.com
1 rp.liadm.com 1 redirects
1 ads.rubiconproject.com micro.rubiconproject.com
1 privacy.crwdcntrl.net tags.crwdcntrl.net
1 at.teads.tv a.teads.tv
1 js.adsrvr.org www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 s.ntv.io www.mlive.com
1 d1z2jf7jlzjs58.cloudfront.net www.mlive.com
1 experience.tinypass.com www.mlive.com
1 ats.rlcdn.com www.mlive.com
1 a.teads.tv www.googletagmanager.com
1 micro.rubiconproject.com www.mlive.com
1 c.go-mpulse.net s.go-mpulse.net
1 s.go-mpulse.net www.mlive.com
1 apps.sophi.io www.mlive.com
1 cdn.sophi.io www.mlive.com
1 mlive.com 1 redirects
1 tester.serveblog.net 1 redirects
0 sync.inmobi.com Failed 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
0 cs.chocolateplatform.com Failed 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
420 149
Subject Issuer Validity Valid
advancelocal.web.arc-cdn.net
R3		 2022-10-14 -
2023-01-12		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
satisfycork.com
R3		 2022-08-28 -
2022-11-26		 3 months crt.sh
cdn.sophi.io
Amazon		 2022-10-18 -
2023-11-15		 a year crt.sh
apps.sophi.io
Amazon		 2022-04-17 -
2023-05-16		 a year crt.sh
akstat.io
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-15 -
2023-04-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.sophi.io
Amazon		 2022-05-11 -
2023-06-09		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-08 -
2023-04-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
h299.reckon.news
Amazon		 2022-07-01 -
2023-07-30		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-24 -
2023-10-26		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-05 -
2022-11-03		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.blueconic.net
Amazon		 2022-07-08 -
2023-08-06		 a year crt.sh
vtrk.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2021-12-03 -
2023-01-04		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.parsely.com
Amazon		 2022-06-05 -
2023-07-04		 a year crt.sh
*.postrelease.com
Amazon		 2022-02-17 -
2023-03-18		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.i.matheranalytics.com
Amazon		 2022-01-13 -
2023-02-11		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.liadm.com
Amazon		 2022-09-30 -
2023-10-29		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
li.lisecurelink.com
R3		 2022-10-11 -
2023-01-09		 3 months crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-10-06 -
2023-01-04		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.uidapi.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
advancelocal.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-04-25 -
2023-05-27		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2022-05-18 -
2023-06-19		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2022-04-27 -
2023-04-26		 a year crt.sh
analytics.rlcdn.com
Amazon		 2022-07-27 -
2023-08-25		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-11 -
2023-03-08		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2022-10-24 -
2023-01-22		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
adroll.mgr.consensu.org
Amazon		 2022-08-10 -
2023-09-08		 a year crt.sh

This page contains 34 frames:

Primary Page: https://www.mlive.com/
Frame ID: 6E058E366F0908B68B7BDE1F2FB42EB0
Requests: 215 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: A24D7E8CBD7632C064B15C0EFC572FEB
Requests: 1 HTTP requests in this frame

Frame: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 740AFDCFF45A3671E33C9632A3696229
Requests: 1 HTTP requests in this frame

Frame: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B4B1474305CE6C47E5BB2F37816A15B7
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQqqLI1AMYiIjx1QEwAQ&v=APEucNWByJxmzbnFeh_5bJVyVTk0-MPRXHhDVraQUnPdl1fKopKZw2QpEGIqFULEDjSAN73k5ETZeGB_S5EECV6ss9Pj4-2XqMsdKcnQOzKb3YyIFBLJjihHaAcgN4xzgwb1CT1B9byuGub1XT1afFZh7bjr4iCFUs6JEvPcMQMmY5DAnqXMiUnvKkO3q4AfzFrrbatdPzat
Frame ID: 80C13F787A7FB4DF8ED15540B9051B9D
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mlive.com
Frame ID: FF324ED0F8075A998FB6BE6D72773758
Requests: 2 HTTP requests in this frame

Frame: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 55C9E4D8687AC50BC8306199968E8689
Requests: 18 HTTP requests in this frame

Frame: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C38EEBDE4A8FA3FA8ABDE57E48FDACA7
Requests: 15 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 68436DC97219C963A412084D9D959D0B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 18B04991FAA031D0CA73D113D5BCD05A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 73B50443938263A0B9EF44001D90A1B5
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiCsOjSATAB&v=APEucNV6Y9eagMH6-isC6dLK-Dgy1FXAjmVjeoEOQYteFqap_WzHjb17jlXMZG4D9bh7jVZAxZXbmBkEPB4eIuDh_r3mDCL870EZFLWLFbT1vvJyfo9nBTWAhg5hUPeOSm23egObZ3NwSUAPCpg79XVnLwym4hdqyOe233Rv2Y4qP9fBFgGHCCzj_7JzjpDgdC_7YYkv7KE_
Frame ID: 216F5DA6281BD0A59294FC6C0B79A7C1
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 18F71CC0D5C80E9E31525D97A811ECBD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 50332A5B8962AE44C1737DC86202E2D5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1366169D0CAB4A057049225266113A1C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=zNlfRLLAn6&t=1&renderingType=2&ev=01_247
Frame ID: 1EA9C6BD7971159D39B5DD37C89B03EB
Requests: 14 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Frame ID: E679C9415B1905362F3BDB95F185F4A7
Requests: 29 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Frame ID: 13535AA50BFAEDB86DEB43F758D861D8
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=4pdxx2d&ref=https%3A%2F%2Fwww.mlive.com%2F&upid=p5qqvcp&upv=1.1.0
Frame ID: ACA6CE1D8F2B1F4CE618285870159F09
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D999CC0E01CD70A166BFAC76017E0E85
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED52128BE8A9A045662E0FA8EC84473B
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 39BFDC44A35F621B2BF558AD17D857D3
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AE3429EEA88BDF82448017AD7C96BD15
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Frame ID: A6F67D46AD903F182187A2F39CECCCB4
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: CDF4AF709781FB1E017C4C3D14548E8B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Frame ID: C8115C47BB829DD92A63AD0E757B8AC4
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 837CFC5B035A59600D886210784C7113
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 4BCCD32F685546DE6D00E4C51909C2FB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 91B06FE5F175059A037EC1A61CA76A46
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1A68DE579C00892431EE0D1EA5246B65
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Frame ID: A6C9B46C219F44CA3BEC2A8A7ECC10F7
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 56A7CF8524F1C0BF5E351EE0C597E27E
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 0C235A9B4B72485EE77EDBCC49191263
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 6DCE47A20A782DE12B900BE55F79E3F4
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Michigan Local News, Breaking News, Sports & WeatherLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://tester.serveblog.net/ HTTP 307
    https://mlive.com/ HTTP 301
    https://www.mlive.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

420
Requests

88 %
HTTPS

34 %
IPv6

83
Domains

149
Subdomains

113
IPs

10
Countries

5049 kB
Transfer

13527 kB
Size

112
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tester.serveblog.net/ HTTP 307
    https://mlive.com/ HTTP 301
    https://www.mlive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68
  • https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1608 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
Request Chain 82
  • https://rp.liadm.com/j?dtstmp=1666800586473&se=e30&duid=94c49eadf2ac--01ggagx3q71n38rp8qej376wns&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1666800586473&se=e30&duid=94c49eadf2ac--01ggagx3q71n38rp8qej376wns&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTI%3D&n3pc=true
Request Chain 120
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1666800587006&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1666800587006%26url%3Dhttps%253A%252F%252Fwww.mlive.com%252F%26tm%3Dgtmv2%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1666800587006&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1666800587006&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQJSuDW_u0stTgAAAYQVDpNBI6ZYH4lLRqnz45Mjn7ikKgU94ssm-1t1m_dIWGVb5zbsTuhJ
Request Chain 180
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdS_4hHLenyvugIEUD5N_s&google_cver=1
Request Chain 192
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1lbzD33GGWRZ-tmoa801QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnX0yibR3UvJO7hObWDbo4&google_cver=1
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEN6t2ae1bulQmhj0pi1CUOw&google_cver=1
Request Chain 194
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM3NTQwNDk5NDYwMzExOTMxMw%3D%3D
Request Chain 211
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=mlive.com&sn=ChromeSyncframe&so=0&topUrl=www.mlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=5zEVx3xpZHc4a1ZRRmlpTTB0cnFVVU43TFk4SGcyTElSNEJlLzhCcFhTSTZFaWtEeXpIaVU2bjJJbXMwbzlQaGNQeXJXU0E2VGpiMWY4WUlzWGZKQy95SlFIT3huVG45QktUTTJ6U0pVTUJ4ZnIybGFER252QldvalJtUHNwWVhvLzF0MlN3bzRlY2I1YkdkeCtMMDBKWmxnTTVqMVRwZ0tsR2hXdUVIRWNtek5TUGtUeG9nVFkzQzdKZE0vZmN6NzNBZ0ZBWG12S085U2dyZFJBSXhiR2d0SDZ1VEFrMGV6cSs4UFRNZHZvZ2VOTlVRMHZJb3c1aDZNMDRpUmxlUThoeWp3S0xqck53UkZhemVhajlSVkF4dWdvUT09fA&cppv=2
Request Chain 236
  • https://fw.adsafeprotected.com/rfw/st/1211306/66366053/4.js?ias_dspID=3&ias_campId=1009359348&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=18640445752&bidurl=https://www.mlive.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h36M2hLpQGEqGnl2FoitQW&adContainerId=gcc_zFtZY927DpCY-gbCk574Bw&cbFunctionName=goog_wrapCb_zFtZY927DpCY-gbCk574Bw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.mlive.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.mlive.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:db2a79c1-7682-aec6-3b07-20cec73b70cc,c:saoMui,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-7577479748-rjftr,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tlo1pfS+11%7C12%7C13%7C14%7C15*.1211306-66366053%7C151%7C1521%7C153%7C16%7C17%7C181%7C19,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:38,oid:9d894ad2-5548-11ed-9915-f2d7f37bd671,v:19.8.358,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 247
  • https://um.simpli.fi/gp_match?google_gid=CAESEORduiFVFHCVHHX2sPe7Wi4&google_cver=1&google_push=AZmPxg-QhYv2HI6gYQa5MzjHBz8SRbx_9c2w-Q0DsrAZSs4Fl5NSYQ094OtGlbbR4J061ESkeni0gf3iUNHdAMZG7Cmar4o5LWoXQw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0E463376ABA24F1684CEE61B363D9950&google_push=AZmPxg-QhYv2HI6gYQa5MzjHBz8SRbx_9c2w-Q0DsrAZSs4Fl5NSYQ094OtGlbbR4J061ESkeni0gf3iUNHdAMZG7Cmar4o5LWoXQw
Request Chain 249
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHwinvMmomzF_TXk8s0GEPk&google_cver=1&google_push=AZmPxg_oRpE4wI9i8BuRYBn47tEJ_BA_C5De8J7BmezTfsuUumzYpZeZmsr74JLRblHVmJnRah6ZG7VBXW3qa1LfkGkkiyGrCGALKA HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHwinvMmomzF_TXk8s0GEPk&google_cver=1&google_push=AZmPxg_oRpE4wI9i8BuRYBn47tEJ_BA_C5De8J7BmezTfsuUumzYpZeZmsr74JLRblHVmJnRah6ZG7VBXW3qa1LfkGkkiyGrCGALKA&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8ZVoHvReQzWuKG2K0e9qIA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_oRpE4wI9i8BuRYBn47tEJ_BA_C5De8J7BmezTfsuUumzYpZeZmsr74JLRblHVmJnRah6ZG7VBXW3qa1LfkGkkiyGrCGALKA
Request Chain 253
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEGnSCin-yjXgI_UiJyMEqv4&google_cver=1&google_push=AZmPxg_JDdRj03Eum2FtQjHaUnldTKmIZ8oaONOtDcN0aak5Sj_uaTSu5x7AsQBmnVsIRr2ZGfrHI6fSok1Efpz-wY5xr8qqCj1Q-CI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzM3NTQwNDk5NDYwMzExOTMxMw%3D%3D&google_gid=CAESEGnSCin-yjXgI_UiJyMEqv4&google_cver=1&google_push=AZmPxg_JDdRj03Eum2FtQjHaUnldTKmIZ8oaONOtDcN0aak5Sj_uaTSu5x7AsQBmnVsIRr2ZGfrHI6fSok1Efpz-wY5xr8qqCj1Q-CI
Request Chain 255
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnX0yibR3UvJO7hObWDbo4&google_cver=1
Request Chain 256
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1lbzD33GGWRZ-tmoa801QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnX0yibR3UvJO7hObWDbo4&google_cver=1
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEVQD10W5rOQnU0x1TJUNas&google_cver=1
Request Chain 258
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM3NTQwNDk5NDYwMzExOTMxMw%3D%3D
Request Chain 272
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOxvXvPygOQrv-6HgU5HftY&google_cver=1&google_push=AZmPxg-4xQyYX2c1vYY8FxCK2Hjt7oxaFBtYKufhp-DPTX24kazYq9Zfc_-bt0ysGKFjR0ODdjBkvFNCOCoYVfdd02pHFzV_1EAjvnPz16MI_RzXwR7JUNahbu0DI5vSCAyj4sLnqEryzg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-4xQyYX2c1vYY8FxCK2Hjt7oxaFBtYKufhp-DPTX24kazYq9Zfc_-bt0ysGKFjR0ODdjBkvFNCOCoYVfdd02pHFzV_1EAjvnPz16MI_RzXwR7JUNahbu0DI5vSCAyj4sLnqEryzg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOxvXvPygOQrv-6HgU5HftY&google_cver=1&google_push=AZmPxg-4xQyYX2c1vYY8FxCK2Hjt7oxaFBtYKufhp-DPTX24kazYq9Zfc_-bt0ysGKFjR0ODdjBkvFNCOCoYVfdd02pHFzV_1EAjvnPz16MI_RzXwR7JUNahbu0DI5vSCAyj4sLnqEryzg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-4xQyYX2c1vYY8FxCK2Hjt7oxaFBtYKufhp-DPTX24kazYq9Zfc_-bt0ysGKFjR0ODdjBkvFNCOCoYVfdd02pHFzV_1EAjvnPz16MI_RzXwR7JUNahbu0DI5vSCAyj4sLnqEryzg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 273
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEHBfYr3QMP_sqNzg8-ouwx4&google_cver=1&google_push=AZmPxg-kQpFbG20iUZ7t7mG6x_EvvE2j-JgLwEFKEuDM4uk7syJyqrC4zjSPzm5Wzfj4D2fJ1hY0MkCiWRbqCTmYz1NA25VnCCZqxp5fKNkQArWSmpsB8j-M6UlmSAAqwfHykk_Ff3vFymM HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=D6qk0n2lTky-DifQlrepDQ2&google_push=AZmPxg-kQpFbG20iUZ7t7mG6x_EvvE2j-JgLwEFKEuDM4uk7syJyqrC4zjSPzm5Wzfj4D2fJ1hY0MkCiWRbqCTmYz1NA25VnCCZqxp5fKNkQArWSmpsB8j-M6UlmSAAqwfHykk_Ff3vFymM
Request Chain 274
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHc2ttvty1DLvoojo003HnI&google_cver=1&google_push=AZmPxg_SrzinhPD2BWcl8-F1JhvDMPWVFRh7Up8Iy5ikwyZhIenV1BAeLrBkCOsHaE1RPyuAHBs8EYHc9deNWOj8jrMas22-RFg8Q9wnJzeeiFYkAjeZGqJqTqy3NVtwVLGVZIDw8FXD2s4 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHc2ttvty1DLvoojo003HnI&google_cver=1&google_push=AZmPxg_SrzinhPD2BWcl8-F1JhvDMPWVFRh7Up8Iy5ikwyZhIenV1BAeLrBkCOsHaE1RPyuAHBs8EYHc9deNWOj8jrMas22-RFg8Q9wnJzeeiFYkAjeZGqJqTqy3NVtwVLGVZIDw8FXD2s4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_SrzinhPD2BWcl8-F1JhvDMPWVFRh7Up8Iy5ikwyZhIenV1BAeLrBkCOsHaE1RPyuAHBs8EYHc9deNWOj8jrMas22-RFg8Q9wnJzeeiFYkAjeZGqJqTqy3NVtwVLGVZIDw8FXD2s4&google_hm=EieYcLRwQvWIcC0pB0A0Tw==
Request Chain 275
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJTVkLa6xs3vaXKwt3sQDF4&google_cver=1&google_push=AZmPxg_QctcpCuh1joS0FKY7P5TfeUs4WTqDgxXVp0V9xxEW65SmtUIQzTgk--gvkh1XLMLgC8M0V6SsF1rP8ousk20xLP2PupsDbc1r6CYd6zl4jlThOg7zp_eDNeEYYn_wRe4cK5VBeYc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=noTWukQ9QJu5y68WkWOuEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_QctcpCuh1joS0FKY7P5TfeUs4WTqDgxXVp0V9xxEW65SmtUIQzTgk--gvkh1XLMLgC8M0V6SsF1rP8ousk20xLP2PupsDbc1r6CYd6zl4jlThOg7zp_eDNeEYYn_wRe4cK5VBeYc
Request Chain 276
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKCdioWjVldhc854q6cutWU&google_cver=1&google_push=AZmPxg8GwUncxRT16XIfMIXDPB9h3u3-dxtFnNQUWliQ-_RObN7ypHYUBRDKuJNOgEzGltoimVV0Hzf_grm0PgbzLas0tKLwFinzp4vN2jfAptOv8L6Vxtb0CEOQLjvlRC1KnfeEvcc1ACY HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKCdioWjVldhc854q6cutWU&google_cver=1&google_push=AZmPxg8GwUncxRT16XIfMIXDPB9h3u3-dxtFnNQUWliQ-_RObN7ypHYUBRDKuJNOgEzGltoimVV0Hzf_grm0PgbzLas0tKLwFinzp4vN2jfAptOv8L6Vxtb0CEOQLjvlRC1KnfeEvcc1ACY&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8GwUncxRT16XIfMIXDPB9h3u3-dxtFnNQUWliQ-_RObN7ypHYUBRDKuJNOgEzGltoimVV0Hzf_grm0PgbzLas0tKLwFinzp4vN2jfAptOv8L6Vxtb0CEOQLjvlRC1KnfeEvcc1ACY&google_hm=Fi9psGZH7LxdFaeSTzKS2wf_
Request Chain 277
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEF1w56M4KNQu_ux48WLM2Fs&google_cver=1&google_push=AZmPxg-twF3YasVlAq2lwZYp1Cynh4rhikIS-8kVkqZRrcFLollNJ0dKOjshS0-bWl_9XQ6Hg54F2jpbgol47G17qvqvailnhWzfNN0KHpgFdm_NSfhBAtEjKC5R6-969d-xHwk1B0tJ8Fc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-twF3YasVlAq2lwZYp1Cynh4rhikIS-8kVkqZRrcFLollNJ0dKOjshS0-bWl_9XQ6Hg54F2jpbgol47G17qvqvailnhWzfNN0KHpgFdm_NSfhBAtEjKC5R6-969d-xHwk1B0tJ8Fc
Request Chain 278
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEC2xGgQlEvoy0J25aTNC054&google_cver=1&google_push=AZmPxg-29Qgh5Jkp2TKUyrstXIaeW3Di8SndDAmPdLEnLFSkRMz8Ym0VWgIASS4f6KXnS2eSS1Z_aAJQtKfxeSh01vvR7y4vBzuomE3_lg87rQZEWtqzKelm7plJcEBzbsEgnkfl9nZFWZw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg-29Qgh5Jkp2TKUyrstXIaeW3Di8SndDAmPdLEnLFSkRMz8Ym0VWgIASS4f6KXnS2eSS1Z_aAJQtKfxeSh01vvR7y4vBzuomE3_lg87rQZEWtqzKelm7plJcEBzbsEgnkfl9nZFWZw&google_hm=Z2JjNTcyNTRiMWY2NzM2NGJkZDU=
Request Chain 380
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=awaGARF_SZOet7LH9CCEzg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=awaGARF_SZOet7LH9CCEzg
Request Chain 381
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2E3ZmU5YTNkMjlkNGY1MjgxMjFiOWEwNTFiMjQxNTdmYmFlOTVlYQ&us_privacy=1---
Request Chain 382
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9PU189Y-1R-11BC&us_privacy=1---
Request Chain 384
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Ew23hQK33QkgJlz7Hqa7Ecn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=620454464160705921
Request Chain 385
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uRG4O-QmSdiFDQynHYiVCA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uRG4O-QmSdiFDQynHYiVCA
Request Chain 386
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFIbtpzC1SAjYte47DLqE8s&google_cver=1
Request Chain 387
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlQVTE4OVktMVItMTFCQw==&us_privacy=1---
Request Chain 388
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPycI9nl_XMlweoJikBhlPY&google_cver=1
Request Chain 389
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB&dcc=t
Request Chain 392
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=vM0vAL-cfginzi5du8s3AenILFunmyNfv5q2EHE2
Request Chain 393
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3798927038721358070
Request Chain 394
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0E463376ABA24F1684CEE61B363D9950
Request Chain 395
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Request Chain 398
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB&dcc=t
Request Chain 399
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPycI9nl_XMlweoJikBhlPY&google_cver=1
Request Chain 400
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3375404994603119313
Request Chain 401
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0E463376ABA24F1684CEE61B363D9950
Request Chain 402
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FAcEGRn1Q_5jOyLGzbmWUFD_B2w
Request Chain 403
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1666886993
Request Chain 404
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y1lb0QAC7A_GLQAW HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1lb0QAC7A_GLQAW&_test=Y1lb0QAC7A_GLQAW
Request Chain 406
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3d126359-5bd2-4300-8bac-5823ac5816c1
Request Chain 408
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB
Request Chain 410
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210822122564305
Request Chain 411
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=GG7AmRs_kZEDbcHEGjnYkE1skJgDP8LFGjwabLPN
Request Chain 412
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3375404994603119313

420 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mlive.com/
Redirect Chain
  • http://tester.serveblog.net/
  • https://mlive.com/
  • https://www.mlive.com/
418 KB
76 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
8e0a6387f968f1dfe4b5cbed92f4f94ffffb595727a224919dcbe96e16d12cb0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-true-ttl
-1
cache-control
private, max-age=60
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Wed, 26 Oct 2022 16:09:45 GMT
etag
W/"674cf-GK6gNYS5dYf7kZXmwM+cV8Iovgg"
expires
Wed, 26 Oct 2022 16:10:45 GMT
last-modified
Wed, 26 Oct 2022 16:08:33 GMT
referrer-policy
no-referrer-when-downgrade
server
openresty
server-timing
cdn-cache; desc=HIT edge; dur=14
vary
Accept-Encoding
x-akamai-transformed
9 74846 0 pmb=mRUM,2

Redirect headers

akamai-true-ttl
-1
cache-control
private, max-age=0
content-length
0
content-security-policy
upgrade-insecure-requests
date
Wed, 26 Oct 2022 16:09:44 GMT
expires
Wed, 26 Oct 2022 16:09:44 GMT
location
https://www.mlive.com/
referrer-policy
no-referrer-when-downgrade
server
AkamaiGHost
server-timing
cdn-cache; desc=HIT edge; dur=1
default.css
www.mlive.com/pf/dist/components/output-types/ 		45 B
566 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/output-types/default.css?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
62FXZ2QXTXRW5JGG
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=168
content-length
57
x-amz-id-2
urgPMV8oQu9FyS8DGDVGGAp8SFzYAmckqnxPscj/z3WG9+k/+JuHzt7zNEliBnAJYO55/li+i+Y=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:08:30 GMT
server
openresty
etag
"534bb0614e61e484cae7d5dc8ecc424c"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 16:09:45 GMT
default.css
www.mlive.com/pf/dist/components/combinations/ 		394 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/combinations/default.css?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
3b2b8b2a38c693a6bbd0c1cb0f47fe2bd9e9aa2a8811cd27a21b3f7caad3d995
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
62FHX91S0PVPQBYG
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=192
content-length
61208
x-amz-id-2
XLcfSo23qmTsMpzdR6ya9inH6vZ0XcnI4eN1pYJhmdN+8Kq9tIH5y/xNH8yvJQ8el7RaY1PWu4E=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:08:30 GMT
server
openresty
etag
W/"449081213600fa849ba548ce9febd6aa"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
expires
Thu, 26 Oct 2023 16:09:45 GMT
style.css
www.mlive.com/pf/resources/dist/mlive/css/ 		2 KB
980 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a931a595224623594f03d1f067ea040da1239dcefb3a411cbe57912774d81f2a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
62FYGQYV1XXC453H
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=167
content-length
493
x-amz-id-2
gFc9LtEiNDRV9bPCBqFDeNvtRfqhud5NEPpHxKdwpStyvD1DU47wplGxM3g+ltx+pAEj2445eg4=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:08:29 GMT
server
openresty
etag
W/"f4e39cab5ded6a0184674a39d1e9ae7b"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 26 Oct 2023 16:09:45 GMT
react.js
www.mlive.com/pf/dist/engine/ 		340 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/engine/react.js?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f85c6264fa47fb0d6254524ba826136250eacca8cef1eb770c3d49059eabb38a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
62FW9D392W4KD7CQ
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=71
content-length
102881
x-amz-id-2
MvuRw5DXJTiGYVDl4Hm1zPF7Ni7OmuzRvQR0RWTA50Jzn50SH8i+m20YolIool7o8/9u1jsT0To=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:08:30 GMT
server
openresty
etag
W/"f7fe14c7e8be44522b6b1f754115c84c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Thu, 26 Oct 2023 16:09:45 GMT
default.js
www.mlive.com/pf/dist/components/combinations/ 		2 MB
351 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/combinations/default.js?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
3d12c8aa6d760257d326777000294e215316c01f31fdf27ba33f3e1ab8cd6e49
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
62FK51K3HKT2J0KF
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=99
content-length
358117
x-amz-id-2
VNPbfALFqTji38+6kceg6p92vCEsaM/SN9FO7Lc9kqlWuL/uWDxcPIX0ePkcuu1HTTxizHMd6eo=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:08:30 GMT
server
openresty
etag
W/"a6ef8c22f9b03775525c5bb941e05eb7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Thu, 26 Oct 2023 16:09:45 GMT
166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
www.mlive.com/pf/resources/fonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
62FYHFRVX64P1G61
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=154
content-length
54391
x-amz-id-2
Qb8gmODmx6N9Uu9JYcB9s4ztOt0tnZ+iQuprVydJzgl5usqzuiyTjkQcrmrYZLsrI7efb/5gFAo=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:08:29 GMT
server
openresty
etag
W/"63c3700153fd19bac6ac63c816251c03"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 26 Oct 2023 16:09:45 GMT
448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
www.mlive.com/pf/resources/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
62FR4SHV498VETW5
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=155
content-length
53376
x-amz-id-2
DENf8pPWEk8HDnffvTTwK+yrxxPl2uU0T9sD6wE4b2wQkxTnq50zfu/tZehbjZexU1ts1kX7Er0=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:08:29 GMT
server
openresty
etag
W/"00b8650c0e6992c5c9ced8f621e43ffd"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 26 Oct 2023 16:09:45 GMT
a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff
www.mlive.com/pf/resources/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
62FR47GSZXBJVF38
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=145
content-length
53862
x-amz-id-2
N1Y9YnhdYlimUPhPW74zHAoZRMEML8WnX1Ud1LCruPfNuQGndFrK004PJMHWdneFMpt4/DV6rj0=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:08:29 GMT
server
openresty
etag
W/"527a99c70868c89d6be3cc11a8feb999"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 26 Oct 2023 16:09:45 GMT
farnhamheadline-medium.woff
www.mlive.com/pf/resources/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/farnhamheadline-medium.woff?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
62FN816KVPN3K68N
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=155
content-length
36831
x-amz-id-2
fjWI5wbyZ1NwDYZMs3syjAkNH/iQ8ocJRbu71e3aL318VR+kZtrTcfxtvc8deijGrakz9zuDiUk=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:08:29 GMT
server
openresty
etag
W/"05b85684cbf3bc11490297c50cfd67c3"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 26 Oct 2023 16:09:45 GMT
farnhamheadline-semi-bold.woff
www.mlive.com/pf/resources/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/farnhamheadline-semi-bold.woff?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
62FWJNZ9FV96HTXV
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=171
content-length
37066
x-amz-id-2
53D/87zxvx/KNd5mGbPkPFvv+b7CJV4OAli7mun5OeuRSuC4lE22FsHDt3OmYt60sJBsJpNcHbU=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:08:29 GMT
server
openresty
etag
W/"c9a8222fbabe6b700baacd21dd7a1f61"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 26 Oct 2023 16:09:45 GMT
62O27JGHDVBRVKAEVCERIBUGJU.JPG
www.mlive.com/resizer/9hkrFltfmqjaKCHInAHqHihHQmM=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/9hkrFltfmqjaKCHInAHqHihHQmM=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/62O27JGHDVBRVKAEVCERIBUGJU.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
ecd5a2193701d7d27d8805f7d65c715a0078d48debfee9c3f8bbee498362484a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 00:23:31 GMT
server
Akamai Image Manager
etag
"0ec46a95372b92d01b71ab0ea59ee408067acac2"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31479207
server-timing
cdn-cache; desc=HIT, edge; dur=91
content-length
33643
expires
Thu, 26 Oct 2023 00:23:12 GMT
iabCcpaIntegrationScript-noGAM.js
cdn.cookielaw.org/opt-out/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 16:09:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ZkLmnzyu8aoAQNwZHm6Yqw==
age
13658
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b10196fb-d01e-001b-0346-28f674000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
7604754cba2f9bfe-FRA
logo_main.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_main.svg?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
62FT5X4SWR8QZ2F3
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=80
content-length
660
x-amz-id-2
pmrRCTYuSdNtaBZL+Dy09yYs7uj6dO1l7dGgsfQuU6nMSuNN8AEPEsQguaX7gat+9R/Pzvh9T8k=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:08:30 GMT
server
openresty
etag
W/"351c57e1a77c618772f5966a7f2094ee"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 26 Oct 2023 16:09:45 GMT
logo_main_sm.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_main_sm.svg?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
62FTDAF490EEQGJ2
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=81
content-length
902
x-amz-id-2
VBJZ9VaNZkIwgBxc5xPZV+OlzLlvFIgmCtRBPEHZzpsXb3ZcOukW9k8qBwrDXNXZtvrl0wrHlhA=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:08:30 GMT
server
openresty
etag
W/"cb98cda61d359616349bbc2a92540ddb"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 26 Oct 2023 16:09:45 GMT
social-monochrome.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/social-monochrome.svg?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
B8SS664TN09BWG2S
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=77
content-length
603
x-amz-id-2
fh2x4lnlQ1JpZj9+/Xyi2CowpKOneDbK0d+ptyDt5MqWNSPDbZWacvYFc8CTvIXRee1OqEF5YpU=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:08:30 GMT
server
openresty
etag
W/"7819fa78e2e7770bb40587187d83cb87"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 26 Oct 2023 16:09:45 GMT
logo_footer.png
www.mlive.com/pf/resources/images/mlive/logos/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_footer.png?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
fbaacd40862bf1ea965f26571bf04a2609f80f3ba82af73ccd0d840bb19db1c2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:34:24 GMT
server
Akamai Image Manager
x-serial
1806
x-check-cacheable
YES
etag
W/"be8042e858f0c6b5cd87834c8aafe76d"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31533907
server-timing
cdn-cache; desc=MISS, edge; dur=102, origin; dur=52
content-length
2314
expires
Thu, 26 Oct 2023 15:34:52 GMT
footer-logo-advance.svg
www.mlive.com/pf/resources/images/common/logos/ 		18 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/logos/footer-logo-advance.svg?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
25c3fb46576f9c03a7aa53f9e84261623a1a1d7aef5cc0024641d040a89c02ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
62FXXR39ZC1QMHW9
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=MISS, edge; dur=116, origin; dur=29
content-length
5265
x-amz-id-2
lqkL8WikuJahVxGaYWRqz4bqjkY3nChBaUqZ5yjWsidRx5tYGlF8ytRkEIgQL6wguIpmQ3BIDMQ=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:08:29 GMT
server
openresty
etag
W/"165b66ce6f4daa48f02b4871f04b31e4"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 26 Oct 2023 16:09:45 GMT
ad-choices-arrow.png
www.mlive.com/pf/resources/images/common/logos/ 		190 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/logos/ad-choices-arrow.png?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:34:55 GMT
server
Akamai Image Manager
x-serial
1019
x-check-cacheable
YES
etag
W/"c6e75cc6be8dcb2f2d1ab36209f3c3b7"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31533896
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=218
content-length
190
expires
Thu, 26 Oct 2023 15:34:41 GMT
v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
satisfycork.com/ 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
7fc868b33340c1a971c4b08735f1f578c733509875b2deb6ba188dbce9ce762f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Wed, 26 Oct 2022 16:09:45 GMT
x-datacenter
gce-europe-west1
etag
"4c4567909f9b5befa0223525d9e5ed121e7aec9b17a7a9711a3b4e5da18f64c5"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-dg9q
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
673376020
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sophi.min.js
cdn.sophi.io/latest/ 		124 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sophi.io/latest/sophi.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-37.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
096a0419a3787b284e7105edeebc7cf4915cb9549f3b433258f65483acc24510

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 11:53:37 GMT
content-encoding
br
via
1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront)
x-amz-version-id
77yKHytHO_pcAyQcoklw1dHdk4sqBtp0
last-modified
Tue, 04 Oct 2022 14:09:32 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
15369
x-amz-server-side-encryption
AES256
etag
W/"dfd164092f8d8abc70b55ba8c1bc2e80"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
6orzKS4e_jBj7kdczy7uPKys6beV97pgOluJ4syPC7BzJ16mAweJIg==
al-mlive.segments.min.js
apps.sophi.io/latest/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.sophi.io/latest/al-mlive.segments.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-88.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
36b72120fc731ea29b1d2cabe92dc59386f9a1d95b25c965d38e63656ba237f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
Jq1U2kMTOCiBAmHVtPNHt2NT.I9ZGTe8
content-encoding
gzip
via
1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
date
Wed, 26 Oct 2022 16:06:25 GMT
last-modified
Thu, 20 Oct 2022 19:50:15 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
201
etag
W/"1a6bdc48b2d80dff46c51dac3b30ceef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=0
x-amz-cf-id
okBA3aMgvv7QYnFKKlZRkqB8y2-22zHJXb6oQbMJf-NRTZjdMZJC0Q==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
e0VkrpV+7zqDAjQ/RMXPsw==
age
9814
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7151
x-ms-lease-status
unlocked
last-modified
Wed, 26 Oct 2022 02:02:31 GMT
server
cloudflare
etag
0x8DAB6F624527072
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1d22a46b-001e-009a-01ec-e85423000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7604754cba349bfe-FRA
SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:38c::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
br
last-modified
Wed, 21 Sep 2022 10:50:51 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
gtm.js
www.googletagmanager.com/ 		430 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ab1934d32603a6d634bc028083a38737653dabfb9e5733b42f136ad8bf504042
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123727
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 15:47:37 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Oct 2022 16:09:45 GMT
01.png
www.mlive.com/pf/resources/images/common/weather/tiny/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/weather/tiny/01.png?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=927
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
3fc70270a527227c6493bc5a1c703f4bef2373f857cb7606b711b4d2fa14684a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=927
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:34:16 GMT
server
Akamai Image Manager
x-serial
140
x-check-cacheable
YES
etag
W/"943580722d571b890fa63310005293d9"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31533862
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=870
content-length
1372
expires
Thu, 26 Oct 2023 15:34:07 GMT
chevron-white.svg
www.mlive.com/pf/resources/images/common/arrows/ 		864 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/arrows/chevron-white.svg?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=927
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=927
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
RYH4J7ZHHPMRYTWS
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=135
content-length
486
x-amz-id-2
pwQQ4Ae8ZvYY4cLovHtsgj49w/FfZ0WYPvseSiXZQBLZxSsRNw6vtdrUjYHhdTdOXBEeRm4IUbg=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:08:29 GMT
server
openresty
etag
W/"691552a6377a1dfc9eeae87d6aeb8931"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 26 Oct 2023 16:09:45 GMT
ULU3JYTJWFA6FCMLKUHDLH5QVQ.JPG
www.mlive.com/resizer/LTQoj1fDCVS3q3cSONLNaFO_oPc=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/LTQoj1fDCVS3q3cSONLNaFO_oPc=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ULU3JYTJWFA6FCMLKUHDLH5QVQ.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1a4d51920d99cd8e9abe29524536f77b14f1da36341418e6982b42354f90b3a5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 10:13:15 GMT
x-serial
325
server
Akamai Image Manager
x-check-cacheable
YES
etag
"ccd02e0b46d02c7bf799d7903fc5527cc8dcecb9"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31514652
server-timing
cdn-cache; desc=HIT, edge; dur=48
content-length
67008
expires
Thu, 26 Oct 2023 10:13:57 GMT
5RBHNWT4XNB4VACETUTGC3STQQ.jpg
www.mlive.com/resizer/gZDUCIRtYf9KJQHoxZnlePNJKSc=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/gZDUCIRtYf9KJQHoxZnlePNJKSc=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/5RBHNWT4XNB4VACETUTGC3STQQ.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
770aad911af818964b7aeede1374fb97d2d0d9d1c28864d2c8bb4ae01b9bb59a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Oct 2022 15:20:35 GMT
server
Akamai Image Manager
etag
"87e9d942fea86b660ea0a7a476a779acef18b2ff"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31446725
server-timing
cdn-cache; desc=HIT, edge; dur=43
content-length
69914
expires
Wed, 25 Oct 2023 15:21:50 GMT
JYCTGR33OJA5DAHQJNITYJTRKE.jpg
www.mlive.com/resizer/J-MSjQqahn4CW3cAz8T_k46_oSo=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/J-MSjQqahn4CW3cAz8T_k46_oSo=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/JYCTGR33OJA5DAHQJNITYJTRKE.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
50b99267d16165d9c297bc7695007762b5f88c03759bf809c5fbc4835693db17
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 14:40:07 GMT
server
Akamai Image Manager
etag
"6e4d121ee3d4e7552b1157e9dd8876d831c8ead4"
content-type
image/webp
cache-control
private, no-transform, max-age=31530572
server-timing
cdn-cache; desc=HIT, edge; dur=249
content-length
18026
expires
Thu, 26 Oct 2023 14:39:17 GMT
newsletter.svg
www.mlive.com/pf/resources/images/mlive/promo/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/promo/newsletter.svg?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=927
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a7e702f15b65f58d32945e27b8416dac2811afad1a828a9a617d5c0c1cc85b21
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=927
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
JY9F4YWMNZ16RMGK
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=115
content-length
1059
x-amz-id-2
4GNKK5QxQjhcdfp3QPTIvOslrRUoVlSMBuBbUpFo71qXydERIpgBNxeMi4DX+q+9MC6wP4WCnfk=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:08:30 GMT
server
openresty
etag
W/"22c89d844df3fcb416b9291f7e668863"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 26 Oct 2023 16:09:45 GMT
chevron-black-right.svg
www.mlive.com/pf/resources/images/common/arrows/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/arrows/chevron-black-right.svg?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=927
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=927
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
28H2F7EVSMR6039P
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=89
content-length
746
x-amz-id-2
1M8EAgjGd1hVs/Iw3n8eBTA3E8w1M9uWLINj0Rtz9omfbchas3HoxmTkSwlvXtocpv4sLeaq+Q0=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:08:29 GMT
server
openresty
etag
W/"4347be806f2c6a630a5407afb75ab920"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 26 Oct 2023 16:09:45 GMT
BRDIH2PUDVGRRGMBR2C45MY2PQ.JPG
www.mlive.com/resizer/AXlVRVQEnbxfSMQvbOFOjVILi9Q=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/AXlVRVQEnbxfSMQvbOFOjVILi9Q=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/BRDIH2PUDVGRRGMBR2C45MY2PQ.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
f2c8df2e07886836ef7c7313b8039fba5aa61b94776ccd7720c671cd10cbd8c7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 04:49:16 GMT
x-serial
860
server
Akamai Image Manager
x-check-cacheable
YES
etag
"e92e6fd6e5932a2dc092d3a1f2d34c80222df4f8"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31495205
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=173
content-length
42542
expires
Thu, 26 Oct 2023 04:49:50 GMT
2BJVBI2KBJDR7FKP4I33LXHFIQ.jpg
www.mlive.com/resizer/H4A1eaToZ17jqRgfjMvh3Pz-xqw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/H4A1eaToZ17jqRgfjMvh3Pz-xqw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/2BJVBI2KBJDR7FKP4I33LXHFIQ.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
d7253e9e79c4b14ef221c963a8c2a1aa952f0f3c510e3f1bfdbfe830b16feb93
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 26 Oct 2022 16:09:46 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:43:42 GMT
x-serial
1903
server
Akamai Image Manager
x-check-cacheable
YES
etag
"1a35b6a94dc206e8f658de97468beb8d4094d7a0"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31534446
server-timing
cdn-cache; desc=MISS, edge; dur=344, origin; dur=159
content-length
36953
expires
Thu, 26 Oct 2023 15:43:52 GMT
SG2R2FXAWRALXMUJ3SEX2TU3KE.JPG
www.mlive.com/resizer/OY0QOX1vWMLZFuUj7Z_KiAumRIA=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/OY0QOX1vWMLZFuUj7Z_KiAumRIA=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/SG2R2FXAWRALXMUJ3SEX2TU3KE.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
542c02c33feb7e472d8c5c18468ef1015c3b67aa2c9c638f67cda9fed37c13c5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 13 Oct 2022 23:25:52 GMT
server
Akamai Image Manager
etag
"72eeb59617ea1068f6da8c2b0aa2e711a462c7be"
content-type
image/jpeg
cache-control
private, no-transform, max-age=30439038
server-timing
cdn-cache; desc=HIT, edge; dur=92
content-length
32938
expires
Fri, 13 Oct 2023 23:27:03 GMT
KU43BN4TJJEKZJNFGR6T2OIISQ.jpg
www.mlive.com/resizer/vmfvlXPAZ4srcdS_2YjiW30c6hg=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/vmfvlXPAZ4srcdS_2YjiW30c6hg=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/KU43BN4TJJEKZJNFGR6T2OIISQ.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5ead9dc81443e198243fe698e77682d4de171a7b1d163201510c314663a95e2f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 26 Oct 2022 16:09:46 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:53:57 GMT
server
Akamai Image Manager
etag
"8e937ab6f092c56746a011ddc390ad02917fae09"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31535078
server-timing
cdn-cache; desc=HIT, edge; dur=333
content-length
34619
expires
Thu, 26 Oct 2023 15:54:24 GMT
EMDFTZHIJBGFPK2D7EWWDSPROM.JPG
www.mlive.com/resizer/O0-czeLYsS9PCjvlVh65Y39yrIU=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/O0-czeLYsS9PCjvlVh65Y39yrIU=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/EMDFTZHIJBGFPK2D7EWWDSPROM.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
d28e6b8b87b449ddfe1ac483bcbffbb124ed03eb6b385c39165dcde2dfaaf9fd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 13:07:20 GMT
x-serial
14
server
Akamai Image Manager
x-check-cacheable
YES
etag
"6e1138da56504e2811e8400788e3259d2ac9736d"
content-type
image/webp
cache-control
private, no-transform, max-age=31525080
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=246
content-length
21790
expires
Thu, 26 Oct 2023 13:07:45 GMT
37CFLKG3EVDCPH2INR6753AL7A.JPG
www.mlive.com/resizer/uXzCCIpQi-1iEy1M1RZdYMUgqbM=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/uXzCCIpQi-1iEy1M1RZdYMUgqbM=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/37CFLKG3EVDCPH2INR6753AL7A.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
38cc296c174d243dc99f1b97c56241f41b7cfe6ad1dffd77720ec666f3ba1184
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 14:28:13 GMT
server
Akamai Image Manager
etag
"e99f73702b3ec0917ecbde7a44d05423c19d3d80"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31529894
server-timing
cdn-cache; desc=HIT, edge; dur=71
content-length
62932
expires
Thu, 26 Oct 2023 14:27:59 GMT
6PWAWGTKTFHOZF4VJALHFHE3VU.png
www.mlive.com/resizer/E_SBdBwDTPmFzW1W9Ys3p6soZmc=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/E_SBdBwDTPmFzW1W9Ys3p6soZmc=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/6PWAWGTKTFHOZF4VJALHFHE3VU.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
edc5af2135a0a8234cac71cea28282ff98840341e86070b1176ee049badcc797
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date
Wed, 26 Oct 2022 16:09:45 GMT
content-security-policy
upgrade-insecure-requests
x-check-cacheable
YES
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=80
content-length
22632
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 05 Jun 2022 13:34:08 GMT
x-serial
332
server
Akamai Image Manager
etag
"b063eca7a2bb6a72c86a58e25b50ed32efb5ddaa"
x-edgeconnect-cache-status
1
content-type
image/webp
cache-control
private, no-transform, max-age=29964491
x-datastream-cache-status
1
expires
Sun, 08 Oct 2023 11:37:56 GMT
3AGBPLT4DFGZLMVJJU2GENQ6HY.jpg
www.mlive.com/resizer/bNDkvgxo_82pEXeoCsiADMPz0n0=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/bNDkvgxo_82pEXeoCsiADMPz0n0=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/3AGBPLT4DFGZLMVJJU2GENQ6HY.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
fa3878b3d80419076891b1eaffed0457d80acb2f1be1e5c2e2cd222f49f80874
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 26 Oct 2022 16:09:46 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:10:52 GMT
x-serial
1612
server
Akamai Image Manager
x-check-cacheable
YES
etag
"67d0312726cd4d76f233291bef166fb15829858b"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31532439
server-timing
cdn-cache; desc=MISS, edge; dur=269, origin; dur=123
content-length
63928
expires
Thu, 26 Oct 2023 15:10:25 GMT
92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f8bba3185dc65a7168148a020df7fea04e09e96a393a00bc159a002c56637ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 16:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
hop+4RB5NFNZEHY2vFXYeg==
age
4604
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1462
x-ms-lease-status
unlocked
last-modified
Wed, 07 Sep 2022 14:40:44 GMT
server
cloudflare
etag
0x8DA90DEF22DE641
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5b96ca58-f01e-0147-52cc-c241d8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7604754d88d69c00-FRA
expires
Wed, 26 Oct 2022 20:09:45 GMT
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
600
content-length
0
date
Wed, 26 Oct 2022 16:09:46 GMT
server
nginx
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 26 Oct 2022 16:09:46 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
skeleton.js
static.adsafeprotected.com/ 		17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
21867102
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
AEeWCUw5EBjfkkVYFFtMEsaScK6rZhNsKNlebPs9gMUT_NAJSKjiIg==
config.json
c.go-mpulse.net/api/ 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ&d=www.mlive.com&t=5556002&v=1.720.0&sl=0&si=8488af8f-e237-4db7-8e5d-e91914c7af7f-rkdbk8&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=468260
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:991::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
28445ab5a58bac3609ddba4d1200c1797a766b538fd6b0bdb0926fbe386f327c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 26 Oct 2022 16:09:45 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		51 B
220 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26462b222954f5b5e059f11449f8c038da1b57569ffae0a3ab3825c8bb7f92da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
7604754ee8679b3d-FRA
vary
Accept-Encoding
content-type
text/javascript
pennant-api
www.mlive.com/pf/api/v3/content/fetch/ 		189 B
512 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/api/v3/content/fetch/pennant-api?query=%7B%22arcSite%22%3A%22mlive%22%7D&d=927&_website=mlive
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/engine/react.js?d=927
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
6d998d111b9bfc44f3a4b44c8e54ec1f0373edd223facb779329c26ade0db6a9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
If-Modified-Since
1666800432346
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
120
date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 26 Oct 2022 16:05:12 GMT
server
openresty
etag
W/"bd-H1gvWFaG+NuAmqcT1/06CA88giI"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=0
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=83
content-length
144
expires
Wed, 26 Oct 2022 16:09:46 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=927
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d9a539735b859bdea8d2964cdd6660a5f3c7ae457eb52d4f12a301c43293fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27366
x-xss-protection
0
server
sffe
etag
"1374 / 78 of 1000 / last-modified: 1666782419"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 26 Oct 2022 16:09:46 GMT
pub.js
pub.doubleverify.com/signals/ 		67 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=927
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a023adfd550395882ad5f709709df8f21bfeb2b04ced99e3942222d8f81724c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
content-security-policy
frame-ancestors 'self'
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=14400, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
timing-allow-origin
*
cf-ray
7604754f7f4dbbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
10071.js
micro.rubiconproject.com/prebid/dynamic/ 		415 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/10071.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=927
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ccf12e17b53c357fc5b31306123426cefbf4bc9580a58b6028e84e6f6cf58f6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
last-modified
Wed, 26 Oct 2022 00:41:04 GMT
server
Apache
vary
Accept-Encoding
edge-cache-tag
prod-prebid-10071_MI_Desktop_Mobile.js
content-type
text/javascript
access-control-expose-headers
x-trp-pba
cache-control
public, must-revalidate, max-age=0
content-length
118980
x-trp-pba
{"ruleId":"9","rulePos":0,"ruleName":"MI_Default","wrapperName":"10071_MI_Desktop_Mobile","isPrimary":true,"randomProb":52,"account":10071,"device":"desktop","country":"DE","host":"mlive.com","isMobile":false,"isTablet":false,"reqHost":"micro.rubiconproject.com","referrer":["https://www.mlive.com/"],"xForwardedFor":"","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36","query":"","ranAt":"2022-10-26T16:09:46.164Z","runId":"1666800586164-4804","wrapperPath":"/prebid/10071_MI_Desktop_Mobile.js","redirectUrl":"/prebid/get-wrapper/MI_Default/10071_MI_Desktop_Mobile.js"}
expires
Thu, 27 Oct 2022 01:04:44 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		177 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=927
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.33.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-33-229.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a752ea20296d4beeb826b29be8e0bc967422defba3b1fb18ef910422270830c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 15:37:58 GMT
content-encoding
gzip
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 16:04:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, AMS1-P1
age
1909
x-amz-server-side-encryption
AES256
etag
W/"325ba14a3555ca64958500cbd00f9a35"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
yxC9InDdNQ2Z4btIZ_4salgHzFdyCwkAIHOzx3v4yjrRFPH3T-YhWA==
lt.min.js
tags.crwdcntrl.net/lt/c/963/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=927
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-100.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0e243e9b5013996c5ab54dd8838f270d8f39f8b2249e5de7a391f12814ae8c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 04:25:46 GMT
content-encoding
gzip
via
1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 19:55:23 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
42241
x-amz-server-side-encryption
AES256
etag
W/"313df5c09fb7c78265de8e3a165df111"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
zvF3KEjEy_hs8LFkLUxAjhxhlMzY4c2sQw6HCQkOZMJUi15M7-Wgow==
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9347c1d8c30a6dab610953c8568d20ddff10e1e41021fb6cc3aea9098c842065

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
e3HRkV45dlKSU2VLXzuV.1qsEv2pzDxO
date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
br
last-modified
Thu, 29 Sep 2022 14:53:50 GMT
x-amz-request-id
B6G3SCA7DFMGTQ1N
etag
"17c0d6e20839220eda6b6705a5927ecd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3375
x-amz-id-2
PCshiiBIFny1pvCQg5XwLWiOIi2ShVt5IDTjeBVJyNRxn6aX2gzXkCrD41FlmdVjz3xVVQ3Jj/c=
script.js
h312.mlive.com/ 		148 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/script.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-59.prg50.r.cloudfront.net
Software
- /
Resource Hash
a9fad541e10caeebefedf8a2e64eb955f2168545c2368b38e42e79ce1f04025b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:07:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PRG50-C1
age
139
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
45893
x-xss-protection
1; mode=block
last-modified
Thu, 20 Oct 2022 11:12:10 GMT
server
-
etag
e80855a7bb3d6b1b88932e7dc392c8d3
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
81D-wxkumncfqbYq2dZP4AeqlhtqJAZcIrjZYmTgr89wg6Fyrlrk_g==
expires
Wed, 26 Oct 2022 16:17:26 GMT
moatheader.js
z.moatads.com/advanceddigitalheader640552616592/ 		237 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9db8cefbffa1d13f2f34b9ec6d90b41bc17d3387e46e053cbd8ff1d0fd2e8493

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
last-modified
Tue, 11 Oct 2022 16:12:28 GMT
server
AmazonS3
x-amz-request-id
F48CB6A9YPS6FETF
etag
"21ddcf0064a7977e74f05294c5f6d8f6"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=48247
accept-ranges
bytes
content-length
84208
x-amz-id-2
E6skiN09cFEIU87X6vEw56gJ8ckhz92nXEzCBx3EAU51RFVHmgy88LcWNgMFieeHqrm6YL3/X9I=
ats.js
ats.rlcdn.com/ 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.153.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-153-59.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
gzip
via
1.1 b1798c28d0a3b77deb65265a32d0e278.cloudfront.net (CloudFront)
date
Wed, 26 Oct 2022 03:33:17 GMT
x-amz-cf-pop
HAM50-P2
age
45389
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
etag
W/"148e21f812b555a13b2a9c6b616141f4"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-id
lDSrdP7dRqb0lIAv4X3024lkH6Yxi0OCYqQDADeab_-CWg85Z7LvUA==
load
experience.tinypass.com/xbuilder/experience/ 		338 B
586 B 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
2013
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Md0adkrtGdt
pragma
wn
prod-dash-10-0-122-234
last-modified
Wed, 26 Oct 2022 15:36:13 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
server-time
0.009
cache-control
public, max-age=1800
cf-ray
760475503d8c9bfb-FRA
expires
Wed, 26 Oct 2022 16:39:46 GMT
main-menu-hamburger-white.svg
www.mlive.com/pf/resources/images/common/icons/ 		1 KB
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/main-menu-hamburger-white.svg?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=927
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
1cb614c81c491878e5b6256098b31fb4f68b7bbde5e60b21334d085db7e37549
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=927
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
RYHDGPDT2G87HB1Y
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=25
content-length
455
x-amz-id-2
dzxQsQgvkQLhfA3MUXj/o7SPG+jZmZr6Iv5Sj7vGFElx30x5+YaJuEv7E8L2iYlDZWnBxkWsS3c=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:08:29 GMT
server
openresty
etag
W/"4c13e35767d4f1fc45fe58d883b78893"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 26 Oct 2023 16:09:46 GMT
client
accounts.google.com/gsi/ 		191 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=927
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
570a0988755ed679ee57c73669c72ce35925d151760b3da59adee3b57430defd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RLSoVezSPh5a76erJROwRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
content-security-policy
script-src 'report-sample' 'nonce-RLSoVezSPh5a76erJROwRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 26 Oct 2022 16:09:46 GMT
user-white.svg
www.mlive.com/pf/resources/images/common/icons/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/user-white.svg?d=927
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=927
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3400::1702:d59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=927
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
RYH3BV18DTM7SASH
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=24
content-length
2508
x-amz-id-2
RAheD81dx6n9oZuVdyQ6tEz2PQpKFovAiLRE8LfCAO/AsDksVAQXx50a5tny3K9R3pWf5LiFfx8=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 15:08:29 GMT
server
openresty
etag
W/"fdc13d9553130cf8463df06e8ba5682d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 26 Oct 2023 16:09:46 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		42 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f535a51459b52869c655d036a26642811651265429aecc1ce589733146bbd757
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
760475501cf59b9e-FRA
access-control-allow-headers
Content-Type
content-length
42
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 26 Oct 2022 15:01:58 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4068
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 26 Oct 2022 17:01:58 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-183.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 04:25:56 GMT
Via
1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
Age
42230
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
t0bYwzT0b-lbj2NaeCfdnsw_TkV33ttqUb0vavJliDHGJuE82lHnAw==
Expires
Thu, 27 Oct 2022 04:25:56 GMT
load.js
s.ntv.io/serve/ 		510 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1159500ec113a58c8e68c1889b0d7a4bf551f10c01173442dc90b72c562ccfe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 16:09:46 GMT
Content-Encoding
gzip
x-amz-request-id
T2K3VG1AJWZCMX3K
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
UPCHuoqtRLrtEWW0nzbFWg7zNErNKu4tys7jlWIdhFPxfKnXFUkgG/IT6pAKRpksPbMAwl0052s=
Last-Modified
Thu, 20 Oct 2022 21:57:33 GMT
Server
AmazonS3
ETag
"9e2e60d697f7f675f0225473545f3e1a"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.80 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-80.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:24:23 GMT
content-encoding
gzip
via
1.1 5db4f6b1c04035a37ba6548e89b362be.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
age
45924
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
gjKq_EQ4QdGXSdcGvTVEXY2CIYf0PGBAEfPsDCBIJe1A_S60b7qoqQ==
fbevents.js
connect.facebook.net/en_US/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e432523f77f554cf143883486329c1e97472bed166a3efd6c2a8ec8299caafca
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 26 Oct 2022 16:09:46 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27045
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
hSuHhGoF5lSzDODAmqp8o0SgTJo15YMWYHzco23PtEyRT1PW+jXkMMBAM9hEUs4OXZjT5bLnphD68lxEcy1ODg==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		996 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:36db Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
156544cd13b925123ef0a1b00a86d757161c0352c181070c26ffd2988316db74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
last-modified
Mon, 24 Oct 2022 21:01:38 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=9331
accept-ranges
bytes
content-length
470
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 15:04:19 GMT
etag
"d4de8398858246712016031c834bb061+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15317
x-served-by
cache-iad-kjyo7100153-IAD, cache-hhn11544-HHN
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 22:44:17 GMT
Content-Encoding
gzip
Via
1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
62730
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
k0bN5DR107rrHpyrVKw6ezc1gNTsAD7bN8WnQGLz-ul4ABiqm0qeLQ==
ml.br.js
js.matheranalytics.com/static/ltm/ma63527/all/15/
Redirect Chain
  • https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1608
  • https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
142 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
68b5df8a16ee7bbfd4789f8533b7f9882f9095625a8be1f56e352bc10710484d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 22:48:18 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 07 Apr 2021 17:41:03 GMT
server
nginx
age
62488
etag
"8be38a11960c372ea9c4119961294047"
vary
Accept-Encoding
x-cache
HIT Wed, 07 Apr 2021 17:49:14 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42243

Redirect headers

date
Wed, 26 Oct 2022 16:09:46 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
4-gc-euw1-10928
js
www.googletagmanager.com/gtag/ 		215 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7df5140aba6469907d6618318b0f15614e5d6bb5c365df41502ac49375500be5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76688
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 26 Oct 2022 16:09:46 GMT
fpc
at.teads.tv/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_11014&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=a89a58d&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:46 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.mlive.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Wed, 26 Oct 2022 16:09:46 GMT
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		16 B
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?&callback=bc_json597
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.223.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-223-61.compute-1.amazonaws.com
Software
- /
Resource Hash
b72875eb9318e5b1b2728107ad2bcff1edcdbb3d2a157ba92adccb36ee4f0ea7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=2oeaj0&_p=1892687978&cid=1729966134.1666800586&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1666800586&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&en=page_view&_fv=1&_nsi=1&_ss=1&ep.headline=undefined&ep.author=undefined&ep.entry_id=undefined&ep.page_type=homepage&ep.product=homepage-beta&ep.platform=desktop&ep.page_path=%2F&ep.user_subscription_status=undefined&ep.ab_test_group_user=sub-group-b&ep.search_term=undefined&ep.targeting_codes=undefined&ep.targeting_codes2=undefined&ep.targeting_codes3=undefined&ep.targeting_codes4=undefined&ep.targeting_codes5=undefined&ep.targeting_codes6=undefined&ep.entry_tags=undefined&ep.referring_subdomain=undefined&ep.browser_cookie_region=undefined&epn.monthly_visit_number=1&ep.content_region=undefined&ep.content_topics=undefined&ep.blog_category=undefined&ep.word_count=undefined&ep.section=Home%20Page&ep.article_date_original=undefined&ep.article_date_updated=undefined&ep.entity_type=undefined&ep.entity_value=undefined&ep.auxiliaries=undefined&ep.gigya_user_id=undefined&ep.usprivacy_cookie=undefined
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pub.json
pub.doubleverify.com/signals/ 		48 B
359 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.json?ctx=20823471&cmp=DV460143&signals=ids,bsc&url=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4901ee2e5c2b93c887cca0a2e3f188379d5ce25edca56836564e10014db76
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=900
access-control-allow-credentials
true
timing-allow-origin
*
cf-ray
760475514c8fbb3d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202208.1.0/ 		375 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202208.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0766007565870c9a9ce93e31236bc0119fd01fff87ed569848a2a486e931c0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
PoUkurh3GT3DbFeu3QcwyA==
age
358
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
91152
x-ms-lease-status
unlocked
last-modified
Fri, 02 Sep 2022 06:26:19 GMT
server
cloudflare
etag
0x8DA8CAC0C067309
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
915f4702-c01e-008c-1d9f-be95bd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
76047550fc819bfe-FRA
set
privacy.crwdcntrl.net/consent/ 		61 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy.crwdcntrl.net/consent/set?ct=skip&ca=1&ccd=1&cds=1&cta=1&c=963
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.152.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-152-32.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
5f26dfc3f5d603822dd5eb17c772720fd8d984f3fa596f757973dabe24ebda6e

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.28.142
access-control-allow-credentials
true
content-length
61
expires
0
data
bcp.crwdcntrl.net/6/ 		24 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.133.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-133-1.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
3499c2bfdc525e4672c8a2d78d7fb89e7cadd4b4c84a58daf8c30f3a2c7cee59

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

expires
0
pragma
no-cache
date
Wed, 26 Oct 2022 16:09:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.19.227
access-control-allow-credentials
true
content-length
24
x-consent
absent
pubads_impl_2022102001.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 15:53:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130516
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 26 Oct 2023 15:53:19 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		218 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d668f82f398ea679cc5913c2eebc7cf9db9be07bf086e55fd30b2799fb43aa08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 26 Oct 2022 16:09:46 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3178&u=https%3A%2F%2Fwww.mlive.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.33.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-33-229.ams1.r.cloudfront.net
Software
Server /
Resource Hash
e7261fe5ce66c71ad531ce6da47cd76b7b875cea04c6fe7cfe616b0cad05cd3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 10:51:39 GMT
via
1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS1-P1
age
19087
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1378
x-amz-cf-id
2NN2n-23E2Gw6Pl6XqcgFNCyv6CXcrJ5Kr3_D6dQyzEvKUp5-yZQHg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.33.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-33-229.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
GByBGE9Pk5QvO6waz.2OH5fe1oGEkMED
content-encoding
gzip
via
1.1 1a89beee9d72657437f5e91f57220804.cloudfront.net (CloudFront)
date
Tue, 25 Oct 2022 20:05:17 GMT
x-amz-cf-pop
AMS1-P1
age
72630
x-cache
Hit from cloudfront
last-modified
Fri, 21 Oct 2022 19:58:26 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
4-Pt0ixEvUe4TLRdfgAZcqwQUEUcKc2KQTJO71nQ5tGaxlCZRiKmxA==
10071-pbjs-floors.json
ads.rubiconproject.com/floors/ 		62 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/10071-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-77-3.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
939dc6ba8600c880d01216456efe6532fae0312d85bc20942bd2b8ac1783ffb7

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
last-modified
Wed, 26 Oct 2022 15:41:04 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
6837
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1666800586473&se=e30&duid=94c49eadf2ac--01ggagx3q71n38rp8qej376wns&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid
  • https://rp4.liadm.com/j?dtstmp=1666800586473&se=e30&duid=94c49eadf2ac--01ggagx3q71n38rp8qej376wns&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTI%3D&n3pc=true
42 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1666800586473&se=e30&duid=94c49eadf2ac--01ggagx3q71n38rp8qej376wns&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTI%3D&n3pc=true
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
54.146.133.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-133-189.compute-1.amazonaws.com
Software
/
Resource Hash
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:47 GMT
x-pixel-event-id
39c0c25a-a5f4-42cd-8fb9-fef1fb400e65
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
1e307ee465b4138b
content-length
42
x-xss-protection
1; mode=block

Redirect headers

date
Wed, 26 Oct 2022 16:09:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1666800586473&se=e30&duid=94c49eadf2ac--01ggagx3q71n38rp8qej376wns&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTI%3D&n3pc=true
access-control-allow-origin
https://www.mlive.com
request-time
0
access-control-allow-credentials
true
trace-id
34e3558e0be2b66c
content-length
0
x-xss-protection
1; mode=block
/
vtrk.doubleverify.com/ 		0
181 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=9facecd6-570b-4781-a460-47381bc7d4d9&z=756173884992&ctx=20823471&cd160=0eed22ad-50d7-4a48-8db0-d2118d21f9a3&cd161=https%3A%2F%2Fwww.mlive.com%2F&ea=load-pq&cd180=network&cm180=204&cm181=40&cm182=37&cm183=53&cm184=69&cm185=4&cm186=369&cmp=DV460143
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.33.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-33-168.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 26 Oct 2022 16:09:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
/
geo.privacymanager.io/ 		28 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-86.dus51.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:40:37 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront), 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, DUS51-P1
age
52149
x-amzn-requestid
19c15604-9eb6-4cd4-a5c8-fd53b7621bd2
x-amzn-trace-id
Root=1-63589015-4cb78fe85e6d33767629158a;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
altzWHl_joEFw-w=
content-length
28
x-amz-cf-id
pE5_pzGDv5l28_IZma0Ok7DOlP7fOzdKdXjrui5zdfbLmE_K6V2I3Q==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
v2lbaYJV6vV3Remoysai3AbP-pyLcNbYUk8KEjcrDPGX3vlFjyFIxlyYgvuZtSAzJG-fFxSSH
satisfycork.com/ 		191 B
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/v2lbaYJV6vV3Remoysai3AbP-pyLcNbYUk8KEjcrDPGX3vlFjyFIxlyYgvuZtSAzJG-fFxSSH
Requested by
Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
096b00bf402906f87d0f1460a17c08f336525961c8fc5a04ec31f2963d43ed13
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Wed, 26 Oct 2022 16:09:46 GMT
via
1.1 google
x-buildnumber
673376020
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
x-hostname
fen-hoothoot-europe-west1-spot-dg9q
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Wed, 26 Oct 2022 16:09:45 GMT
iframe.html
z.moatads.com/hd09824092/ Frame A24D 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=3367
content-length
1374
content-type
text/html
date
Wed, 26 Oct 2022 16:09:46 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
x-amz-id-2
bLl72GtpcxM8rSKIodQlKgK0BRPdEbxIV8PPGYh9PcLqpR363i0Z1TjhY7+mRyWYYTxnhPRiG5Y=
x-amz-request-id
A3423FE5772816F0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:14:48 GMT
server
Apache
etag
"d4ed-5eaee7c12df48-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17131
expires
Wed, 26 Oct 2022 16:24:46 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-100.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23aef003c4242cb0ae5f2718af07508a5b5c9421e5319bb7073d8f949611faf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 16:35:07 GMT
content-encoding
gzip
via
1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified
Fri, 21 Oct 2022 16:31:57 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
84880
x-amz-server-side-encryption
AES256
etag
W/"c5c4d121a5858863b74c49b5d8a57578"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
q6bCIAq7IujjQYWB4qPQWBx6SpNjDCoc6ucENgk88_5H5E8LMjxDeA==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
BNJ6QE5JEPQ6QZQN
age
3366
etag
W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7604755338b66939-FRA
x-amz-id-2
hJmPwVJFjVRFjjxB02rGj7iGRK80JkfiG0N/xC3qR9uTKG4G8bnSsVqbVVPjooGi44s5hsva9Y4=
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 26 Oct 2022 16:09:46 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
600
content-length
0
date
Wed, 26 Oct 2022 16:09:46 GMT
server
nginx
publisher:getClientId
ampcid.google.com/v1/ 		74 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94
x-xss-protection
0
b
sb.scorecardresearch.com/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6034988&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&cs_it=b3&cv=3.8.0.210223&ns__t=1666800586653&ns_c=UTF-8&c7=https%3A%2F%2Fwww.mlive.com%2F&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&c9=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.80 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-80.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
via
1.1 5db4f6b1c04035a37ba6548e89b362be.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
HJY_iJwD4D0GNj2gITPQJzTrVXrI2za8VgvP0r5CtxArztjpgc-f1Q==
x-cache
Miss from cloudfront
p.js
cdn.parsely.com/keys/mlive.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/mlive.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.97.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-97-61.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
public
date
Tue, 25 Oct 2022 19:47:24 GMT
content-encoding
gzip
via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
last-modified
Wed, 29 Jun 2022 14:34:05 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
73342
etag
W/"62bc62dd-df3e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
VaButoaKnQnEdkqF8IM4OyLCpHuldlO_rzeu2GQcnUEBNRQ6oyS_uw==
expires
Wed, 26 Oct 2022 19:47:24 GMT
120978121945017
connect.facebook.net/signals/config/ 		294 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/120978121945017?v=2.9.88&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f24a54baabab817d87c367e6186b8fca6657732088d348019818795dcc711f1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 26 Oct 2022 16:09:46 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86760
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
6RX7g4jF3cFEyYmkjXoWKjsBdOJNLK96y1usti5WyxdSJF3/2wlJ7difHgekxLkCb4YG1arEYJnsGLEe9POVdQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
style
accounts.google.com/gsi/ 		533 B
328 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-sO_y88qh3tAW0vx-B0eZzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-sO_y88qh3tAW0vx-B0eZzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 26 Oct 2022 16:09:46 GMT
status
accounts.google.com/gsi/ 		40 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=339703812340-kido2ms26ssegr4jpn27vo7ro7hgkjme.apps.googleusercontent.com&as=DyDTP2Hvrf%2B1yK5ORvRPpQ
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22cb3e9ea757df9ff3c90cc0d1525eba1f0e06cd1cc766e9d49ab69c6e544199
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-ZSPUh5r6OokmhosZ-CpI4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-ZSPUh5r6OokmhosZ-CpI4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:36db Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
last-modified
Mon, 24 Oct 2022 21:02:26 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=9283
accept-ranges
bytes
content-length
3063
t
jadserve.postrelease.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.mlive.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.161.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-161-152.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
70405700397f978e042aa1c5e1c876e837edf6c4e71ca745e6090a519c130608

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
1433
expires
Mon, 1 Jan 1990 12:00:00 GMT
tinypass.min.js
cdn.tinypass.com/api/ 		324 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca8dadef9ebae06187186d125d1fd52c4d40b4ff60b7f2102074dec4442f5d9c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
x-amz-version-id
JmVMHwGv40n39lZgwpe.7C6rpczg8gss
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
NBJJD2DJHJWNN6ZD
age
3590
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
pqXS2+dXroQ5LQWmHKfUaFXZdDS3EiWSqq4uLKPch7Jrp8gzJFVGE4W56smPrH0xW0GRx/aAytA=
last-modified
Tue, 25 Oct 2022 09:35:49 GMT
server
cloudflare
etag
W/"c68353db19338d3a760a6370649648b3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
760475532d7b9bfb-FRA
expires
Wed, 26 Oct 2022 20:09:46 GMT
en.json
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/09119d5f-27a6-429d-a491-4d6d379a3bb4/ 		81 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/09119d5f-27a6-429d-a491-4d6d379a3bb4/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202208.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ec4f813ce8f006e01f0888e4c5871b4064b64585face027d84aee807f059907
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
cQbcs11AN4ydJklsb+a9/g==
age
4604
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
17623
x-ms-lease-status
unlocked
last-modified
Wed, 07 Sep 2022 14:40:48 GMT
server
cloudflare
etag
0x8DA90DEF48CB48A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8da96da8-901e-00f2-55ce-c20a72000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
760475532dc39c00-FRA
expires
Wed, 26 Oct 2022 20:09:46 GMT
/
vtrk.doubleverify.com/ 		0
182 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=9facecd6-570b-4781-a460-47381bc7d4d9&z=589238445946&ctx=20823471&cd160=7a465c5f-db88-4238-b197-44f9f90afe19&cd161=https%3A%2F%2Fwww.mlive.com%2F&ea=error&cd110=unknown%20error&cmp=DV460143
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.33.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-33-168.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 26 Oct 2022 16:09:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
adsct
t.co/1/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=7d66582e-d77e-4a20-940d-05f4a2bd585e&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=2ff18e21-ad77-4629-ba9f-a510e56a4649&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.27
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time
116
date
Wed, 26 Oct 2022 16:09:46 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
8f02e00ecf672010
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
f8fe5401aef1b3faa093d1983e26bab887c9ded82315b39d6504285db3924cb0
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=7d66582e-d77e-4a20-940d-05f4a2bd585e&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=2ff18e21-ad77-4629-ba9f-a510e56a4649&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.27
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time
107
date
Wed, 26 Oct 2022 16:09:46 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
79b9bf5e316efba2
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
af8d40c928f82937d7f24bc057d0d5a6aa08ad4fd1c3e44a0f69d4cc2e00b7ab
content-length
43
map
bcp.crwdcntrl.net/6/ 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.133.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-133-1.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ad32abe55deedaf3b7f65a361b9771b327f9259b8b22fb67b56e69f7cff6d2ad

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.26.132
access-control-allow-credentials
true
content-length
60
expires
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4487996302750641&correlator=1368742238702586&eid=31060439%2C31068457%2C31070232&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x91%7C970x91&ifi=1&adks=2024654923&sfv=1-0-38&fsbs=1&prev_scp=rg_adslot%3DInFeed_Center_Wide_Adhesion%26rg_atf%3Dtrue%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Center_Wide_Adhesion%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Center_Wide_Adhesion%26rg_a9%3DAdvance_MI_ATF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta&eri=1&cust_params=IDS%3Dtimeout%26BSC%3Dtimeout%26pts_pid%3D9facecd6-570b-4781-a460-47381bc7d4d9%26amznbid%3D0%26amznp%3D0%26ccaud%3D0%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26rg_pvid%3D26709183-cd47-45a0-bc1f-052b1277997b&sc=1&cookie_enabled=1&abxe=1&dt=1666800586802&lmt=1666800513&dlt=1666800585312&idt=1431&adxs=0&adys=12108&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&frm=20&vis=1&psz=728x4&msz=728x0&fws=4&ohw=728&ga_vid=1729966134.1666800586&ga_sid=1666800587&ga_hid=1892687978&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bca5ada6a55eb6c600092520e0e4d9b24b526fb821e8b6c33cabb76575c61b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
564
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 740A 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 16:09:47 GMT
expires
Thu, 26 Oct 2023 16:09:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		64 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.mlive.com%2F&pid=1nnTeLn2ditjr&cb=0&ws=1600x1200&v=22.10.131733&t=1500&slots=%5B%7B%22sd%22%3A%22ad-small-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.99.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-99-209.prg50.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:47 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-amz-rid
JEZ7ZWD02MNPXWMKJBN7
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
FGx_9JU4bTEVN7kvAFIHwQtFFldhqtOemLLF3XYFse-GdCOc5Vo_0g==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		64 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.mlive.com%2F&pid=1nnTeLn2ditjr&cb=1&ws=1600x1200&v=22.10.131733&t=1500&slots=%5B%7B%22sd%22%3A%22ad-small-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.99.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-99-209.prg50.r.cloudfront.net
Software
Server /
Resource Hash
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:47 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-amz-rid
E0QP4CFZMS518C3CTHJM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
JPyQ40QEo7bLAcEKvTYS73FM6kXgtPYCA4Tx-b5NRHzF8XomGFReNg==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		64 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.mlive.com%2F&pid=1nnTeLn2ditjr&cb=2&ws=1600x1200&v=22.10.131733&t=1500&slots=%5B%7B%22sd%22%3A%22ad-large-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.99.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-99-209.prg50.r.cloudfront.net
Software
Server /
Resource Hash
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:47 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-amz-rid
W5D8HK9P2KYYWYZE912Y
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
RsTXolBPoVqZ_r3aAZMErG3B3xdgX3saAcp4RmVX0Legg2qd_w3T0g==
publisher:getClientId
ampcid.google.de/v1/ 		3 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
v2xmy5oD7U15Zhm_7WW-dRgtx4HAzwyhYTMyrL3ZTLirppLflIBDxgYwLPbj827Z2PdiRrLfM
satisfycork.com/ 		3 B
27 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/v2xmy5oD7U15Zhm_7WW-dRgtx4HAzwyhYTMyrL3ZTLirppLflIBDxgYwLPbj827Z2PdiRrLfM
Requested by
Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Wed, 26 Oct 2022 16:09:46 GMT
via
1.1 google
x-buildnumber
673376020
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
x-hostname
fen-hoothoot-europe-west1-spot-dg9q
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sec=Home%20Page&prem=0&ptype=homepage&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=844e39e5-0a10-4e50-82cf-6924baf2aaef&pid=143b5a1e-517e-4020-b6ba-d5b5fb90666e&dtm=1666800586899&qnm=_matherq&visible=1&tabid=6321cb26-8562-41cd-9477-0d004cc6c6c7&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x12108&tofa=1666800587&vid=1&lvidt=1666800587&duid=b6f6841523aafdab&fp=1496457183&cid=ma63527&mrk=484602605&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY2NjgwMDU4Mzg2MyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMG1iIiwiZnN0UGFpbnQiOiIxNzU5IiwiZmV0Y2hTIjoiMTEzOSIsImRvbWFpblMiOiIxMTM5IiwiZG9tYWluRSI6IjEyNDQiLCJjb25uUyI6IjEyNDQiLCJjb25uRSI6IjEzNzYiLCJzc2xTIjoiMTI4MSIsInJlcXVTIjoiMTM3NiIsInJlc3BTIjoiMTQ0NSIsInJlc3BFIjoiMTY5MSIsImRvbUxvYWQiOiIxNDQ5IiwiZG9tSW50ZXIiOiIxODExIiwiZG9tTG9hZFMiOiIyMDk2IiwiZG9tTG9hZEUiOiIyMjc4In0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTcyOTk2NjEzNCIsInJlZlRpbWUiOiIxNjY2ODAwNTg2ODk5In1dLCJ1c2VyRGF0YSI6eyJpc0xvY2FsIjoiMCJ9fQ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.38.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-38-131.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Wed, 26 Oct 2022 16:09:47 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
otFlat.json
cdn.cookielaw.org/scripttemplates/202208.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202208.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202208.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ivRWEcgBmKISMHohZLmqHg==
age
7970
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3007
x-ms-lease-status
unlocked
last-modified
Fri, 02 Sep 2022 06:26:11 GMT
server
cloudflare
etag
0x8DA8CAC07455974
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
f5c4c0c1-601e-012f-2acc-c21f89000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7604755489179c00-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202208.1.0/assets/ 		62 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202208.1.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202208.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 16:09:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
swAgHfEDuh0iqMy2LpxrJQ==
age
4604
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14749
x-ms-lease-status
unlocked
last-modified
Fri, 02 Sep 2022 06:26:12 GMT
server
cloudflare
etag
0x8DA8CAC07E21E7C
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cd85ed7f-901e-0157-3ccc-c2773e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
76047554891c9c00-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202208.1.0/assets/ 		22 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202208.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202208.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 16:09:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
B55i3ZY9miZIaUrwjufy0w==
age
7970
x-ms-lease-status
unlocked
last-modified
Fri, 02 Sep 2022 06:26:26 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
f443b176-601e-016b-65cc-c2c3e5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
7604755489209c00-FRA
596
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		163 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/596?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2022-10-26T16%3A09%3A46%2B00%3A00&ts=1666800586948
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-59.prg50.r.cloudfront.net
Software
- /
Resource Hash
53481b579a70cf026061caa67a89e99a1240b511b7177ec70e5095b9747bdb63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 16:09:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
31023
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
7u5cIodPDJLBJ_WObJSpnpnCkPbrOnI7TAnkt-RzegysS7VYvgm7eg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
p1.parsely.com/plogger/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1666800586981&plid=81600560&idsite=mlive.com&url=https%3A%2F%2Fwww.mlive.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.mlive.com%2F&sref=&sts=1666800586974&slts=0&title=Michigan+Local+News%2C+Breaking+News%2C+Sports+%26amp%3B+Weather&date=Wed+Oct+26+2022+16%3A09%3A46+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=68450658&u=pid%3D7c319e1c6ac0b888872c95d2deeee006
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 16:09:47 GMT
Cache-Control
no-cache
Last-Modified
Wednesday, 26-Oct-2022 16:09:47 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1666800587006&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1666800587006%26url%3Dhttps%253A%252F%252Fwww.mlive.com%252F%26t...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1666800587006&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1666800587006&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQJSuDW_u0stTgAAAYQVDpNBI6ZYH4lLRqnz45Mjn7ikKgU94ssm-1t...
0
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1666800587006&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQJSuDW_u0stTgAAAYQVDpNBI6ZYH4lLRqnz45Mjn7ikKgU94ssm-1t1m_dIWGVb5zbsTuhJ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:47 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 772C5649FEE740489578DA5C3A3893F0 Ref B: DUS30EDGE0909 Ref C: 2022-10-26T16:09:47Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXr8kDzAwvVrIm3wWe1VA==

Redirect headers

date
Wed, 26 Oct 2022 16:09:46 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 06AF3FB446E14DCA8DBA4424605978C2 Ref B: FRAEDGE1707 Ref C: 2022-10-26T16:09:47Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1666800587006&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQJSuDW_u0stTgAAAYQVDpNBI6ZYH4lLRqnz45Mjn7ikKgU94ssm-1t1m_dIWGVb5zbsTuhJ
x-li-proto
http/2
content-length
0
x-li-uuid
AAXr8kDu7H2yX0nXd8jNkA==
230823541501762
connect.facebook.net/signals/config/ 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/230823541501762?v=2.9.88&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
996fa0685c2bfb1e85fb1856d3e833ad4a644d9d7ebbb4f916c7c9d7a39eb3f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 26 Oct 2022 16:09:47 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86469
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
op+gAdTvXq5efwHEn3mRglo6qreQKltLD4PeaB2lv6LgVDTH3OIXVwOpd0ZRoaBjEvCw5u0wQrJAj5E26c3EPw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 26 Oct 2022 16:09:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		387 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311380&zone_id=1940286&size_id=15&eid_pubcid.org=25b84b59-b6be-4a62-8951-caf4f2f208b9%5E1&rf=https%3A%2F%2Fwww.mlive.com%2F&tg_i.aupname=344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right_Tall%2Crg_platform%3Ddesktop&tg_i.pbadslot=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-2&tk_flint=dmpbjs_v7.11.1&x_source.tid=eb79c90c-c776-47f6-9742-4822efd36341&l_pb_bid_id=46fb994c119484&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.2&rp_maxbids=1&p_gpid=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-2&slots=1&rand=0.47448822097387766
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
deab221f3dc3691db43d0cb0f7f9011722788534d270364d1d45d8ac5ac91d5f

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:47 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.mlive.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
387
Expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=488240&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225b3611842827e8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.mlive.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.11.1%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%2F%22%2C%22tmax%22%3A1000%2C%22syncsPerBidder%22%3A3%2C%22pbadslot%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-2%22%2C%22adunitcode%22%3A%22ad-small-2%22%2C%22divId%22%3A%22ad-small-2%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226ef08aa67a0914%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22488240%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%22%2C%22gpid%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-2%22%2C%22tid%22%3A%22eb79c90c-c776-47f6-9742-4822efd36341%22%7D%2C%22bidfloor%22%3A0.2%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2225b84b59-b6be-4a62-8951-caf4f2f208b9%22%7D%5D%7D%5D%7D%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1473e602563a7b2363f83910a720b774df3075d0c06135b97240b882278d067

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
760475563cf2903a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
prebid.media.net/rtb/ 		338 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b1314651e952f8e5a322bc40218003a488225b1a53a78321a94fdff2cd08478d

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:47 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
prebid
exchange.postrelease.com/ 		0
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1134023&ntv_pas=eyIxMTM0MDIzIjpbWzMwMCwyNTBdXSwibGVuZ3RoIjoxfQ==&ntv_ppf=eyJhZC1zbWFsbC0yIjp7ImJhbm5lciI6eyIzMDB4MjUwIjowLjIsIioiOjAuMn0sIioiOnsiKiI6MC4yLCIzMDB4MjUwIjowLjJ9fX0=&ntv_pb_rid=93ae852ae2e06a&ntv_ppc=W3siYWRVbml0Q29kZSI6ImFkLXNtYWxsLTIiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX1d&ntv_dbr=eyJhZC1zbWFsbC0yIjowfQ==&ntv_url=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.132.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-132-76.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:47 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
prebid
exchange.postrelease.com/ 		0
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1134020&ntv_pas=eyIxMTM0MDIwIjpbWzMwMCwyNTBdXSwibGVuZ3RoIjoxfQ==&ntv_ppf=eyJhZC1zbWFsbC0xIjp7ImJhbm5lciI6eyIzMDB4MjUwIjowLjIxLCIqIjowLjIxfSwiKiI6eyIqIjowLjIsIjMwMHgyNTAiOjAuMn19fQ==&ntv_pb_rid=11e1a2688fb301d&ntv_ppc=W3siYWRVbml0Q29kZSI6ImFkLXNtYWxsLTEiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX1d&ntv_dbr=eyJhZC1zbWFsbC0yIjowLCJhZC1zbWFsbC0xIjowfQ==&ntv_url=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.132.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-132-76.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:47 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=488238&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213e61c2cea01c06%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.mlive.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.11.1%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%2F%22%2C%22tmax%22%3A1000%2C%22syncsPerBidder%22%3A3%2C%22pbadslot%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-1%22%2C%22adunitcode%22%3A%22ad-small-1%22%2C%22divId%22%3A%22ad-small-1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214a4a1746007fe4%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22488238%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%22%2C%22gpid%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-1%22%2C%22tid%22%3A%22a99b8e31-c8fe-4cfd-a915-9fedef37376d%22%7D%2C%22bidfloor%22%3A0.21%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2225b84b59-b6be-4a62-8951-caf4f2f208b9%22%7D%5D%7D%5D%7D%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
904145ca10805d387ac4c822d1971970a12183763e0cf13a8d98a4f4d0c6a79e

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
760475563cf5903a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
prebid.media.net/rtb/ 		338 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7018ef6516685c3cd9061b79c3dc69e428a52e851f2a7d8a2779d3be1d1cb3e3

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:47 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 26 Oct 2022 16:09:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		402 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311380&zone_id=1940284&size_id=15&eid_pubcid.org=25b84b59-b6be-4a62-8951-caf4f2f208b9%5E1&rf=https%3A%2F%2Fwww.mlive.com%2F&tg_i.bsc=timeout&tg_i.aupname=344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Left_Tall%2Crg_platform%3Ddesktop&tg_i.pbadslot=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-1&tk_flint=dmpbjs_v7.11.1&x_source.tid=a99b8e31-c8fe-4cfd-a915-9fedef37376d&l_pb_bid_id=20901ad8b0328d8&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.21&rp_maxbids=1&p_gpid=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-1&slots=1&rand=0.17815016065144307
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
043cb184846466217196d2f035683628db71e02bf5db4c18e0c3244ce8e646b0

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:47 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.mlive.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
402
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		338 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6c787056c9c77b51c896bb424b9c07d8fa7ce99d3fb523656cef820513eb5547

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:47 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
prebid
exchange.postrelease.com/ 		0
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1134023&ntv_pas=eyIxMTM0MDIzIjpbWzMwMCwyNTBdXSwibGVuZ3RoIjoxfQ==&ntv_ppf=eyJhZC1sYXJnZS0xIjp7ImJhbm5lciI6eyIzMDB4MjUwIjowLjIxLCIqIjowLjIxfSwiKiI6eyIqIjowLjIsIjMwMHgyNTAiOjAuMn19fQ==&ntv_pb_rid=23df0ef45c5674c&ntv_ppc=W3siYWRVbml0Q29kZSI6ImFkLWxhcmdlLTEiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX1d&ntv_dbr=eyJhZC1zbWFsbC0yIjowLCJhZC1zbWFsbC0xIjowLCJhZC1sYXJnZS0xIjowfQ==&ntv_url=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.132.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-132-76.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:47 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		403 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311380&zone_id=1940286&size_id=15&eid_pubcid.org=25b84b59-b6be-4a62-8951-caf4f2f208b9%5E1&rf=https%3A%2F%2Fwww.mlive.com%2F&tg_i.bsc=timeout&tg_i.aupname=344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right_Tall%2Crg_platform%3Ddesktop&tg_i.pbadslot=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-large-1&tk_flint=dmpbjs_v7.11.1&x_source.tid=4861efba-4708-4b4d-9db0-848d9902fd73&l_pb_bid_id=2674bb46d70144f&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.21&rp_maxbids=1&p_gpid=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-large-1&slots=1&rand=0.5835958636712661
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ed2778e59caa59e3850bf37a92c58e223e0f15fdb23ed94b40dac7e7958ff9ab

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:47 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.mlive.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
403
Expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=488240&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2227e1dae169e6256%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.mlive.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.11.1%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%2F%22%2C%22tmax%22%3A1000%2C%22syncsPerBidder%22%3A3%2C%22pbadslot%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-large-1%22%2C%22adunitcode%22%3A%22ad-large-1%22%2C%22divId%22%3A%22ad-large-1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2228b244cc4e4a42f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22488240%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%22%2C%22gpid%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-large-1%22%2C%22tid%22%3A%224861efba-4708-4b4d-9db0-848d9902fd73%22%7D%2C%22bidfloor%22%3A0.21%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2225b84b59-b6be-4a62-8951-caf4f2f208b9%22%7D%5D%7D%5D%7D%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
299ac897bf054963b26158ce4b4ac1fc890f2bb4ff4391df89496584c42598fb

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
760475563cf4903a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 26 Oct 2022 16:09:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1892687978&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAQCACgFK~&jid=1109415242&gjid=346705143&cid=1729966134.1666800586&tid=UA-16643585-16&_gid=592516121.1666800587&_r=1&gtm=2wgaj0TLXFLCR&cd1=undefined&cd2=undefined&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd44=undefined&cd46=homepage-beta&cd47=desktop&cd50=GA%20pageview%20-%20template%20-%20All%20Pages&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-b&cd61=1729966134.1666800586&z=391091977
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
94900eef3169da435997d7ba8f6aa6373a12fb9f23efdd4fedcca2ee193f14bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 26 Oct 2022 16:09:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		34 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
d8def9352b359d9621219e56cc36f020b5c375e5b7c23c3c264c144531acd8b2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 26 Oct 2022 16:09:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
34
vary
Origin
content-type
application/json
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=7042976&ntv_pl=773533
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.161.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-161-152.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:47 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=44896f6d-ca27-4da5-9a5a-9621646cb096&ntv_fl=MMTdWyeJBcdLcDTtFfyiRIW1J4RFfT92NPEX72OFNwbEW8VTFPrmwDwkNplRyDVGe4qntL1NYky7ZkDbB2XTeCriraSgFOxBO2o1p9F4ewKuNyMSzVeSOYw1iPYsPCbKpB4_CVo2PFXX8lVQz6ITbRIZWxjmyTQ3G38YHfyjP1m3RfPd_ssf7bpXLScqWr0U&ntv_ht=yltZYwA&ntv_at=303,302&ntv_a=AAAAAAAAAAnc0LA&ord=1666800587209&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.161.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-161-152.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:47 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=acf85ee0-4d6b-44f3-8ce8-986e9ed838c4&ntv_fl=wklKktgzCnjHRw7QsGHOxzNhXSYYdxQ6qfiLggX0SK52_RjZQdo4NP10SbnmXi9ln9lz_kaWgzr1M8eDdmSLuUjcopKTC1B_5-G3swJyYRl7oN0X5h4Axq4zxgh-wtsp5rMeWBtTspbAhdpHHYCgOwv-g2jrF20-9O8EaO0asYfs5DsS8HZqK2JIUq_TfqSq&ntv_ht=yltZYwA&ntv_at=303&ntv_a=AAAAAAAAAAUr0QA&ord=1666800587211&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.161.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-161-152.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:47 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=4811875d-863f-416e-8285-9f0b153c64d8&ntv_fl=No53AUp_qTJmWJYNLYz3zDH7Dla8D2Bigrcdt2SscM2-g_4YTePfiSyS_qsxt1QOxb7E6EVd9Uv-ZqFKxL65ACJzp0CdXBaxmLq0UfmZJRnrH_8K8SG7XnI6xlk7Nw6QU_3zuX4nHzZdLQV2Lycg70nLyNrOuzCxBl9R4H9mkXi1ef5RLsujf_S4xglQorBM&ntv_ht=yltZYwA&ntv_at=303&ntv_a=AAAAAAAAAAU70QA&ord=1666800587211&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.161.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-161-152.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:47 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=4811875d-863f-416e-8285-9f0b153c64d8&ntv_fl=No53AUp_qTJmWJYNLYz3zDH7Dla8D2Bigrcdt2SscM2-g_4YTePfiSyS_qsxt1QOxb7E6EVd9Uv-ZqFKxL65ACJzp0CdXBaxmLq0UfmZJRnrH_8K8SG7XnI6xlk7Nw6QU_3zuX4nHzZdLQV2Lycg70nLyNrOuzCxBl9R4H9mkXi1ef5RLsujf_S4xglQorBM&ntv_ht=yltZYwA&ntv_at=323&ntv_a=AAAAAAAAAAU70QA&ntv_jtr=3&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.161.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-161-152.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:47 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=15db3f7b-9107-42fe-9788-aa98b2229190&ntv_fl=miNEdYZhkQ016qn5OkGErteWbVfee99L6iQoR7ftguTW1abeZDYxlby5yabVHo9vtgnGlThpCWTnbBaGiDzlDD_c81ZfBrKPdRV83zr7D0GfU2czYMaGN7wF2lEB84gY0PgYAtOnFBxyCOsC1HKW7bvkk6CKPCzBfWanrYQeAJtXVJgY6s1U2tUtGH8pr1X7&ntv_ht=yltZYwA&ntv_at=303&ntv_a=AAAAAAAAAAVL0QA&ord=1666800587212&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.161.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-161-152.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:47 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1097042&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.161.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-161-152.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:47 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
FormLogo.jpg
cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/9db7a06a-4f0a-4b5b-8abb-9f3aac23afb7/f8bc963b-b2e8-45f7-80d3-988cede5f448/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/9db7a06a-4f0a-4b5b-8abb-9f3aac23afb7/f8bc963b-b2e8-45f7-80d3-988cede5f448/FormLogo.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 16:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/VgjLzERih8MeSo4vme4Lw==
age
4110
content-length
90639
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Tue, 15 Dec 2020 19:27:11 GMT
server
cloudflare
etag
0x8D8A12F6B751639
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
c4ce03f6-a01e-011b-01d2-21b021000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
76047556790b9bfe-FRA
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 16:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
LpuayL42jB78xRllx0vkOw==
age
13843
x-ms-lease-status
unlocked
last-modified
Wed, 26 Oct 2022 02:02:39 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
c37cee13-901e-001c-7fe9-e800f1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
76047556790e9bfe-FRA
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		904 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4487996302750641&correlator=1368742238702586&eid=31060439%2C31068457%2C31070232&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50&fluid=height&ifi=2&adks=767953642&sfv=1-0-38&fsbs=1&prev_scp=rg_adslot%3DInFeed_Native_C%26rg_atf%3Dfalse%26rg_iab%3Dfalse%26rg_grid%3D1%26rg_counter%3D1%26rg_gpid%3DMI-desktop-InFeed_Native_C%26rg_pagetype%3Dhomepage%26rg_product%3Diabfalse&eri=1&cust_params=IDS%3Dtimeout%26BSC%3Dtimeout%26pts_pid%3D9facecd6-570b-4781-a460-47381bc7d4d9%26ccaud%3D%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26rg_pvid%3D26709183-cd47-45a0-bc1f-052b1277997b&sc=1&cookie=ID%3D5560e9f85cd424c7-227e6e5a65d60052%3AT%3D1666800586%3AS%3DALNI_MbYe1UyPD-Cv7VPIOaYy03wJRNZ9A&gpic=UID%3D00000b16ed60ec72%3AT%3D1666800586%3ART%3D1666800586%3AS%3DALNI_MY5byTkVFT2N0HR4EMGovgD6CljwA&abxe=1&dt=1666800587265&lmt=1666800513&dlt=1666800585312&idt=1431&adxs=517&adys=1343&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&frm=20&vis=1&psz=566x24&msz=566x24&fws=0&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=1729966134.1666800586&ga_sid=1666800587&ga_hid=1892687978&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa012296221e3ae07465cf29142aa04e99dd794c222a5d32884dcbdd216a326f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
432
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1666800587290&sw=1600&sh=1200&v=2.9.88&r=stable&ec=0&o=30&fbp=fb.1.1666800587288.1542894621&it=1666800586667&coo=false&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Oct 2022 16:09:47 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1666800587292&sw=1600&sh=1200&v=2.9.88&r=stable&ec=0&o=30&fbp=fb.1.1666800587288.1542894621&it=1666800586667&coo=false&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Oct 2022 16:09:47 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1666800587293&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&cd[content_name]=undefined&sw=1600&sh=1200&v=2.9.88&r=stable&ec=1&o=30&fbp=fb.1.1666800587288.1542894621&it=1666800586667&coo=false&tm=1&exp=c0&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Oct 2022 16:09:47 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1666800587294&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&cd[content_name]=undefined&sw=1600&sh=1200&v=2.9.88&r=stable&ec=1&o=30&fbp=fb.1.1666800587288.1542894621&it=1666800586667&coo=false&tm=1&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Oct 2022 16:09:47 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-16643585-16&cid=1729966134.1666800586&jid=1109415242&gjid=346705143&_gid=592516121.1666800587&_u=aADAAEAAAAQCACgFK~&z=1116850216
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 26 Oct 2022 16:09:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 26 Oct 2022 16:09:47 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
600
content-length
0
date
Wed, 26 Oct 2022 16:09:47 GMT
server
nginx
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4487996302750641&correlator=1368742238702586&eid=31060439%2C31068457%2C31070232&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=3&adks=197823415&sfv=1-0-38&fsbs=1&prev_scp=rg_adslot%3DInFeed_Left_Tall%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_position%3Dundefined%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Left_Tall%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Left_Tall%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Left_Tall%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3DMI-desktop-InFeed_Left_Tall-2&eri=1&cust_params=IDS%3Dtimeout%26BSC%3Dtimeout%26pts_pid%3D9facecd6-570b-4781-a460-47381bc7d4d9%26ccaud%3D%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26rg_pvid%3D26709183-cd47-45a0-bc1f-052b1277997b&sc=1&cookie=ID%3D5560e9f85cd424c7-227e6e5a65d60052%3AT%3D1666800586%3AS%3DALNI_MbYe1UyPD-Cv7VPIOaYy03wJRNZ9A&gpic=UID%3D00000b16ed60ec72%3AT%3D1666800586%3ART%3D1666800586%3AS%3DALNI_MY5byTkVFT2N0HR4EMGovgD6CljwA&abxe=1&dt=1666800587459&lmt=1666800513&dlt=1666800585312&idt=1431&adxs=165&adys=847&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&frm=20&vis=1&psz=300x274&msz=300x274&fws=512&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=1729966134.1666800586&ga_sid=1666800587&ga_hid=1892687978&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ff7aaa3f926fbc17afbc505f88e9892ef1b3a250b1388f807aed72137c4193c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10144
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4487996302750641&correlator=1368742238702586&eid=31060439%2C31068457%2C31070232&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=4&adks=197823414&sfv=1-0-38&fsbs=1&prev_scp=rg_adslot%3DInFeed_Right_Tall%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_position%3Dundefined%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right_Tall%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Right_Tall%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right_Tall%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3DMI-desktop-InFeed_Right_Tall-2&eri=1&cust_params=IDS%3Dtimeout%26BSC%3Dtimeout%26pts_pid%3D9facecd6-570b-4781-a460-47381bc7d4d9%26ccaud%3D%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26rg_pvid%3D26709183-cd47-45a0-bc1f-052b1277997b&sc=1&cookie=ID%3D5560e9f85cd424c7-227e6e5a65d60052%3AT%3D1666800586%3AS%3DALNI_MbYe1UyPD-Cv7VPIOaYy03wJRNZ9A&gpic=UID%3D00000b16ed60ec72%3AT%3D1666800586%3ART%3D1666800586%3AS%3DALNI_MY5byTkVFT2N0HR4EMGovgD6CljwA&abxe=1&dt=1666800587482&lmt=1666800513&dlt=1666800585312&idt=1431&adxs=1135&adys=155&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&frm=20&vis=1&psz=300x24&msz=300x24&fws=0&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=1729966134.1666800586&ga_sid=1666800587&ga_hid=1892687978&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af7c79793cb8a573f8bf749d78ae3a6ef88ab80c31c4a4f836634c9384b30867
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10160
x-xss-protection
0
google-lineitem-id
1731144295
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138224669406
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4487996302750641&correlator=1368742238702586&eid=31060439%2C31068457%2C31070232&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=5&adks=455907384&sfv=1-0-38&fsbs=1&prev_scp=rg_adslot%3DInFeed_Right_Tall%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_position%3Dundefined%26rg_counter%3D2%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right_Tall%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Right_Tall%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right_Tall%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3DMI-desktop-InFeed_Right_Tall-2&eri=1&cust_params=IDS%3Dtimeout%26BSC%3Dtimeout%26pts_pid%3D9facecd6-570b-4781-a460-47381bc7d4d9%26ccaud%3D%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26rg_pvid%3D26709183-cd47-45a0-bc1f-052b1277997b&sc=1&cookie=ID%3D5560e9f85cd424c7-227e6e5a65d60052%3AT%3D1666800586%3AS%3DALNI_MbYe1UyPD-Cv7VPIOaYy03wJRNZ9A&gpic=UID%3D00000b16ed60ec72%3AT%3D1666800586%3ART%3D1666800586%3AS%3DALNI_MY5byTkVFT2N0HR4EMGovgD6CljwA&abxe=1&dt=1666800587497&lmt=1666800513&dlt=1666800585312&idt=1431&adxs=1135&adys=865&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&frm=20&vis=1&psz=300x24&msz=300x24&fws=512&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=1729966134.1666800586&ga_sid=1666800587&ga_hid=1892687978&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99ecf504385478183fd796325c3b9f0e89a9f46d8ec0a0cbb469d3546ee277d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10599
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
3723
idx.liadm.com/idex/prebid/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/3723?duid=94c49eadf2ac--01ggagx3q71n38rp8qej376wns
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.207.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-207-182.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 26 Oct 2022 16:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
trace-id
87175a0a48916c94
vary
Origin
request-time
1
392.json
id5-sync.com/g/v2/ 		216 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/392.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
b20559e97825eff33a87ed98c58331e393570f3208bfdf78212720ac12286562
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 26 Oct 2022 16:09:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
f10fcd10c9705f7ae982038bf727015f
h312.mlive.com/plugin/plugin/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/plugin/plugin/f10fcd10c9705f7ae982038bf727015f
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-59.prg50.r.cloudfront.net
Software
- /
Resource Hash
ca5805535039702aa3de76d2173996b709dc597e5668949f650b833cdd4569a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 18:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PRG50-C1
age
594608
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
36940
x-xss-protection
1; mode=block
last-modified
Tue, 18 Oct 2022 18:59:39 GMT
server
-
etag
f10fcd10c9705f7ae982038bf727015f
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
hpGhlwIb6rp11u64Jl9W-ADrInK7SUgmsIgI8TZn8Gny4dkVnFAIFQ==
expires
Thu, 19 Oct 2023 18:59:39 GMT
LB-Zone-1
h312.mlive.com/DG/DEFAULT/rest/rpc/596/ 		354 B
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/596/LB-Zone-1?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=3b4b2f9a-cfcd-4e48-a5b3-5843459e43a6&overruleReferrer=&time=2022-10-26T16%3A09%3A47%2B00%3A00&ts=1666800587703
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-59.prg50.r.cloudfront.net
Software
- /
Resource Hash
7539a3d41fbfd4690e92f7f821153f408f7b304afe55d337f583817a32da9dc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
233
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
nLk829tuoqO1hzBXCJyJaEst_Np71HYIyn8DCYjHlwOr6G_jFnY-1A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
baker
ead.mlive.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ead.mlive.com/baker?dtstmp=1666800587756
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.24.1.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-1-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
2d556cfd6bd629f982cd54c3b0df7eab
h312.mlive.com/plugin/library/ 		317 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/plugin/library/2d556cfd6bd629f982cd54c3b0df7eab
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-59.prg50.r.cloudfront.net
Software
- /
Resource Hash
9f40461c8c607d5bdb6c485325b66b30d3d3a431b9d0c0d1be47fb4fcd1b072b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 20:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PRG50-C1
age
2922281
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
102118
x-xss-protection
1; mode=block
last-modified
Wed, 21 Sep 2022 20:25:06 GMT
server
-
etag
2d556cfd6bd629f982cd54c3b0df7eab
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
-AOD-GMt0ery-MoGX34zQsGLWQvOuH9dDL643A6fQk2YX_vpwHRLTw==
expires
Fri, 22 Sep 2023 20:25:06 GMT
LB-Zone-1
h312.mlive.com/DG/DEFAULT/rest/rpc/596/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/596/LB-Zone-1?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=3b4b2f9a-cfcd-4e48-a5b3-5843459e43a6&overruleReferrer=&time=2022-10-26T16%3A09%3A47%2B00%3A00&ts=1666800587780
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-59.prg50.r.cloudfront.net
Software
- /
Resource Hash
cb15fa1668f0b0f4d0f28ae4876ae14ac464d61b749230ec40aca8319f72bbb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1155
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
iewkcKQaoi4kqZ3DN8d_8UQypxiVkXNpBSUL7MwNPs7nqfP1vq9iDg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=Microdata&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1666800587793&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22og%3Adescription%22%3A%22Get%20the%20latest%20Michigan%20Local%20News%2C%20Sports%20News%20%26amp%3B%20US%20breaking%20News.%20View%20daily%20MI%20weather%20updates%2C%20watch%20videos%20and%20photos%2C%20join%20the%20discussion%20in%20forums.%20Find%20more%20news%20articles%20and%20stories%20online%20at%20MLive.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia.mlive.com%2Fstatic%2Fmlive%2Fstatic%2Fimg%2Flogos%2Flogo_fb.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22og%3Asite_name%22%3A%22mlive%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%22%7D%5D&sw=1600&sh=1200&v=2.9.88&r=stable&ec=2&o=30&fbp=fb.1.1666800587288.1542894621&it=1666800586667&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Oct 2022 16:09:47 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=Microdata&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1666800587795&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22og%3Adescription%22%3A%22Get%20the%20latest%20Michigan%20Local%20News%2C%20Sports%20News%20%26amp%3B%20US%20breaking%20News.%20View%20daily%20MI%20weather%20updates%2C%20watch%20videos%20and%20photos%2C%20join%20the%20discussion%20in%20forums.%20Find%20more%20news%20articles%20and%20stories%20online%20at%20MLive.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia.mlive.com%2Fstatic%2Fmlive%2Fstatic%2Fimg%2Flogos%2Flogo_fb.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22og%3Asite_name%22%3A%22mlive%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%22%7D%5D&sw=1600&sh=1200&v=2.9.88&r=stable&ec=2&o=30&fbp=fb.1.1666800587288.1542894621&it=1666800586667&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Oct 2022 16:09:47 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
pubcid.min.js
id.sharedid.org/lib/ 		732 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/lib/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.244.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-244-115.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
cache-control
public, max-age=86400
last-modified
Wed, 26 Oct 2022 04:09:18 GMT
accept-ranges
bytes
content-length
732
vary
accept-encoding
content-type
application/javascript
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 14:55:37 GMT
content-encoding
gzip
age
1214051
x-guploader-uploadid
ADPycdtOeWvsDFPiWsWQ9evx4YNQGTd8nY_VAUfr8nrF_l5_DYpV_n0fBRS6CyfSjINRA5AOcNv0zYTnrujHlQUIkYJQ2w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 12 Oct 2023 14:55:37 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9608ec4ea86f70691860daf1b477654e08357662b2fdc33568a376b0fcbdf5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
QHFT6EZESVEF3FKF
age
3105
etag
W/"52bb09fbb0a7c9360d68135b7668a1d7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7604755aceaa6939-FRA
x-amz-id-2
bswbzwTihHt9KtNRp+WlgSbRCVUWb3tYFGypd16G/FXyxgIQIeUL3hSc/+bfcdXz1mhpNY/lNAo=
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-100.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f242f280a342b863b71dc67408bcdde0ce2dcf2d02e9dfa8500605dc26a06ed9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 16:35:07 GMT
content-encoding
gzip
via
1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified
Fri, 21 Oct 2022 16:32:12 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
84881
x-amz-server-side-encryption
AES256
etag
W/"a576cab5f14785e90bbbb12b6ee95a83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
oATcDhpqS_4m69TWorBItKT6H9TNDr8aRc5CRNrMMVKtFjzyAQAaUg==
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 27 Oct 2022 16:09:48 GMT
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.225.3.171 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-225-3-171.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
cache-control
public, max-age=86400
last-modified
Tue, 17 May 2022 17:30:07 GMT
accept-ranges
bytes
content-length
4559
vary
accept-encoding
content-type
application/javascript
container.html
29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B4B1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 16:09:47 GMT
expires
Thu, 26 Oct 2023 16:09:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
map
bcp.crwdcntrl.net/6/ 		20 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.133.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-133-1.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

expires
0
pragma
no-cache
date
Wed, 26 Oct 2022 16:09:48 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.9.232
access-control-allow-credentials
true
content-length
20
x-consent
absent
increment
id5-sync.com/api/esp/ 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 26 Oct 2022 16:09:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
85 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
efc62d27b08f0a359af4af35f2668118fbcd0740ba0f111262c8432c70be5210

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-1Q8svIDEoFvj3tv0eKO1FE48s3Y"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 26 Oct 2022 16:09:48 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.mlive.com
location
/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
googleads.g.doubleclick.net/xbbe/ Frame 80C1 		624 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQqqLI1AMYiIjx1QEwAQ&v=APEucNWByJxmzbnFeh_5bJVyVTk0-MPRXHhDVraQUnPdl1fKopKZw2QpEGIqFULEDjSAN73k5ETZeGB_S5EECV6ss9Pj4-2XqMsdKcnQOzKb3YyIFBLJjihHaAcgN4xzgwb1CT1B9byuGub1XT1afFZh7bjr4iCFUs6JEvPcMQMmY5DAnqXMiUnvKkO3q4AfzFrrbatdPzat
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 16:09:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame B4B1 		82 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DILg1FjbcuQ0zYSPKIyyOe5O2RWWb5uJFx0e9nHbhX999FyBgSbURLKx0PZSNJ68KOvficsj6CJeF6gYrsAuBdvIi0tAPMxRjVahBXsRvOjxHywNaihG2le25rQQWNtoC9AxhUhFpTYSaEHIUHtpi3hiDSPoBkR2-FjTV5hRkjizszM6M&dbm_d=AKAmf-B-OGfdboRKoDIqCifUn0LsSxYYDKFAAw8RfkYT2ynHx9e_ax6Vyh2tzeqBiUCRObPjy9UlSYhaxuOVD2_ukyYDzJ_66K7RbgrU0wvHRueeyEkqlR28O6oYSKS0ygI0CIM15zoSmqtfMzDIr5j0q8Og2TQCEjwdiuhKW2LZJQGWpWLR1hfL3Bv4mVYyNlJklwVfALUuf93ETJzcrJ_FRm_l0WDPi1Lmxc6Kl6CQdTbxLxPekDCEcVKI64DtaQOZoyS7CVKxtk3DpnmSkDsYhB7f7wr_4Tu3Vd0lLe4ioFU34fSvKUvbr-x92POLOUpeVFge016TrrnUKuhFb5NLCgpQlD-cBQoFkadtOb7oLUDGXPRkIPAl_cnKHruoMWomzuT6kGfi57ZCDaZ0gHUi2aqihjDYq2zt7Kc-HzgeBJ7yp_BaI4V9CHoa2Zjld6V2_B_zdjvjtliTe68CkSE_3lE9rhRj7-3QazD6CzvpV2HZRabvtqGsHH-BHF7byHYoVD_VgY1FoJ6yqphNRbnCMtpgdKMqgZW7A0mo_Nplcu8v7gc8RVKQB-r83djJ4t38FwG3ysYgAi8Q5xzxB4qOdHlvuXyzjrWiV0oXkvDXdZKAKq0Z9GTxrzhOHCdBru9WbwjUCc9qZ_o1iMzkfXcslwueJpplFs-585tXh6u4VpKmjTNJ6LEwelupyKjbs749o12DvclSmTp_iTsxzqBI44VB1GOPLhBA3hGRNZ9V1OzSRpH8NthxVK6VLmCtvke1zmZPniFUt0AqpFdm22vBqGH1mXPF06psVUkHRZSwcLVHJml3_aFFo9iNxiRClKawqShi3VFFwd7oBlJBeUgNSLR5Vi7jXWRujsM7nhJcSZKERjubklXROZ7fKg67ovHG0G4EQSDwCxXnh8VLQRN9PLOnr3fWsm1qPYmwWHb4FzMR1Fg49IfR4PzEz123c3-f2qTHzmgkE7xMKsMn2UylF6rRX6y8jIhmyAXsXCZLf3yzsztafuHmsq_Akq-cIUT0yXOy7RJ5zp32MXWZvHB_6M0yoJwkjJKX6VPD3EWIBbNPHroO0bxASJFmWHb4_sIoim0dRwY4LmCncV7rRR-Z8Kp0zXL4uJoAvGGEx02RHURtULSYpKwsWkDBLn6jy7EBIYf06C6NoqyvN_V8s8cId1lQkDPDcwQaisjW4YcdeO2omUg1mt_tQ6Qf22vW8e9VgYjzzYNrF67LxSSAKZOgphnvk8Z82-iiGRYd2tEKC1uxYBeZ_ggVh9epNWsofGSvPIrf6jhp6CnZxI17AA4v3y2QszPoQR7rhujq_YXKcuYYozMijeK-WROdFIERkO_StlwJY5yZn0iPWVNKP8J5AEk9oCAma3Gxlx5CHpPBtMsqqMTKhRWsHA4xmFMPvsJ3HMhaGnepdAf-a5vgX6iiJBSeGzruvyMBociYbX-lBkbMlk7mEpNtdAFGfgvdCzCN9l4pUDJbbTvZGEdwxAVrUhgnZ9wuUH-4cYoL8TD6gnCb1cCn_OuXgCnhPPeKxC40IoxfEefqwdhBS_cIgkehIOD2Qawvz8fc_-Zb_bSQWycnJwQPJTbIWG53u8XTRLak5yDNt71Ngsboc5-YAPtlXGTIDKme734AhKhwtQzGJFPjeOELfHaf7ZR9o98K1Ua5ePGrDYmw2w3lD_zMxj4tzydBVSY33qNcIpir4gNpxfF5g9tl_GU1NtmTks7Zg5UF6UKK_iMBRewsetp0XWQQ2A1ipggY5GCmTh3ZHZEp4ZELSLhrFFouWG9HCmiB5YestSmXaXfLDtJBBaqLaW1jYsjQCuitQdO6vtkUeuGmJHZ6xHiWZKZJBjw1FIV_IxbsXmT0i3pF7mLxx6SVr2xMmC4GOwST6Q_2vGSC2AZPk-9xiDBFRtqGzmcRcITKTQjkG50UqJByrHelsu9ofJhaxUycvtno3seN4_iqf5_ccplubRwiVCvq2VFUi1m8XUWL6JaQsZodht4wNuV5dPRx_RrLFSmUUzYxeOBBm437tHZQnXXbqQi5XzkqU82vKcK1rhuYdWqsdoWrpEDk4ne1wu3owhiU4VXcYb-LwcX4AhjR06QwximVwDTSlXK0HCY7L6ygUIw07jnRmiNlXORP6xMJjowtSO7KF8MFktWXjkn62n81nDyeft79bAP7LNfonLEz9eaSOx96zT7KHOpIky3jfFGc3xVROSy6yUvthZtOFYjXFUtWeafhifk0pEbzKmvgbntPLnImqmpjDREhBRBwn78gNAiUfLDjZ9-YINf0JlhqCgzX1LgpEWoitZsCt09l5rn3dCnEg7vd31JaC9BINfvgR2KH7ED521jrnjGShm9Sn2w1q-rNGdEFtTqJ18MRs6T7Hb8NhCBzYxqWtvyAbdg--mgZhbw_bosvCW3HxAu8SED1LoJ55NGGVr1inoq8_Ob2TlOBrYaDClK3m-VmgbN6hciHgW0u0ZXBdhLaAoIFXoFepXrKWFk2IYkMfFxcl7dA5VQB4I5nM1t-WsecGXkaMR6JvC5G-ZinqNPmpfy0UV75SeCJzXant2ZO0BlNF5HKJqu0lb1K2i95pheMafQUdxRQ7VekIiiJKcR6z6KtjKZErpTD_SUiWRWU-dgyFZ_yPBbshSB-wydw-4BBWRwrEyS_kNb7hz0KiW6xi7Q05QpwKjHB5F6tflD0EtV6G7ePuwSKwoGIwtFv0YFdmFR9ehQ9DaCV_x7YhZvTwNp38822B74v2Js1oJbcbJNynidRkWZR703GSPGwKqVltzppY0b86TgNP2GN_4UzyDrtMlkmpiLVXIfQpAV8FRo7OMkJ1DCEkSaynJLef1oTSPKOok6esMkBjzm9wQvmRSbFUfFTci8imTHyoLyJclIxH4a7o-Xl1jQ_3_oETuO3dFOQX8qIOgPwIhQThWeoz1I-5VbXw6s5vFdmDUFm5Wbl1QovcEDrxBkxLPk3zl4gBP0aLhEZ6CjWfWJGoAHXOr4YOOguu0bUc6LtFAcmrsEYRaaftx_1xc5Wq__J9ZCrE7nx3gNpGRqPcyUyKlytrKzc0EbZr1sT13kSg7OExnsfwLg3T50SbROKb68tvKZ7oXlxTzdrZO-qGXoyFKday2a6IdRgDP96_9hht0OYsdhKppmpb_DfMwLKxoeK_zmDOxdOfN2NAyjACqAZE0m6tlRgEXXG48E7IwRVPw_SDJ4c0V6s4M0fK7LzEzYs0M8leJ2DptU91qro4HuEdl0ZQ0K-3qAA9nYxrcnhXvFKCmsPQBvUoeMrMlzITCWjYF_iewrNXYLGe1blYy5vR1oyyNPaaNWep6c3aQfEnkGzMPOIGxSirKUeOgUWiGsxE4nhOfzdukJdSfO_vL_qgkkslkA34loMYlcwD8DAbXDOReqYZQ9a&cid=CAASJORolSQXB2ARse38S5zfm5ZInclU3UCYEQLRr8vRWGwgABCycg&rfl=1%2Chttps%253A%252F%252Fwww.mlive.com%252F%240
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab265cf023b5ccdf901e5c0e1d31a3e72e23496b023e7da4a7059a11c28eb3bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36113
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B4B1 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AyNM1VH7RnOVJKQoAKiapzW0hUEnropcfcNeKOXayVKcNqYoTaMDYGKcC4TRAJW56dk0v1C0HTjMP4YFHrdLUGSupH0GbkGSxLOyCAZ5jqivsaaKw
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame B4B1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/window_focus_fy2021.js
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 14:50:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
4730
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 14:50:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/ Frame B4B1 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221025/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 14:50:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
4785
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7367
x-xss-protection
0
server
cafe
etag
4759548068123418343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 14:50:03 GMT
l
www.google.com/ads/measurement/ Frame B4B1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJmBH-72aIdTc9TXT1dRPuU6ctx4tmlo5SLprIbv4vOW_ZFhDN3uc2KOT0_xA2jAEXUa-0-z099Km5SxojbPkhx6ZOHg
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B4B1 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 16:09:48 GMT
syncframe
gum.criteo.com/ Frame FF32 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mlive.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 16:09:47 GMT
server
Kestrel
server-processing-duration-in-ticks
850559
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
container.html
29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 55C9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 16:09:47 GMT
expires
Thu, 26 Oct 2023 16:09:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		66 B
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?bcsessionid=3b4b2f9a-cfcd-4e48-a5b3-5843459e43a6&&callback=bc_json598
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.223.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-223-61.compute-1.amazonaws.com
Software
- /
Resource Hash
33d59b5d2877871655406cee46ec086a6759cd5ffc951cb9a28bd551c235621b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 80C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdS_4hHLenyvugIEUD5N_s&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdS_4hHLenyvugIEUD5N_s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQqqLI1AMYiIjx1QEwAQ&v=APEucNWByJxmzbnFeh_5bJVyVTk0-MPRXHhDVraQUnPdl1fKopKZw2QpEGIqFULEDjSAN73k5ETZeGB_S5EECV6ss9Pj4-2XqMsdKcnQOzKb3YyIFBLJjihHaAcgN4xzgwb1CT1B9byuGub1XT1afFZh7bjr4iCFUs6JEvPcMQMmY5DAnqXMiUnvKkO3q4AfzFrrbatdPzat
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdS_4hHLenyvugIEUD5N_s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 80C1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1lbzD33GGWRZ-tmoa801QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnX0yibR3UvJO7hObWDbo4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnX0yibR3UvJO7hObWDbo4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQqqLI1AMYiIjx1QEwAQ&v=APEucNWByJxmzbnFeh_5bJVyVTk0-MPRXHhDVraQUnPdl1fKopKZw2QpEGIqFULEDjSAN73k5ETZeGB_S5EECV6ss9Pj4-2XqMsdKcnQOzKb3YyIFBLJjihHaAcgN4xzgwb1CT1B9byuGub1XT1afFZh7bjr4iCFUs6JEvPcMQMmY5DAnqXMiUnvKkO3q4AfzFrrbatdPzat
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnX0yibR3UvJO7hObWDbo4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 80C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEN6t2ae1bulQmhj0pi1CUOw&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEN6t2ae1bulQmhj0pi1CUOw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQqqLI1AMYiIjx1QEwAQ&v=APEucNWByJxmzbnFeh_5bJVyVTk0-MPRXHhDVraQUnPdl1fKopKZw2QpEGIqFULEDjSAN73k5ETZeGB_S5EECV6ss9Pj4-2XqMsdKcnQOzKb3YyIFBLJjihHaAcgN4xzgwb1CT1B9byuGub1XT1afFZh7bjr4iCFUs6JEvPcMQMmY5DAnqXMiUnvKkO3q4AfzFrrbatdPzat
Protocol
HTTP/1.1
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:48 GMT
AN-X-Request-Uuid
bf047954-273d-405a-b41e-655dda4d759b
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEN6t2ae1bulQmhj0pi1CUOw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 80C1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM3NTQwNDk5NDYwMzExOTMxMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM3NTQwNDk5NDYwMzExOTMxMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQqqLI1AMYiIjx1QEwAQ&v=APEucNWByJxmzbnFeh_5bJVyVTk0-MPRXHhDVraQUnPdl1fKopKZw2QpEGIqFULEDjSAN73k5ETZeGB_S5EECV6ss9Pj4-2XqMsdKcnQOzKb3YyIFBLJjihHaAcgN4xzgwb1CT1B9byuGub1XT1afFZh7bjr4iCFUs6JEvPcMQMmY5DAnqXMiUnvKkO3q4AfzFrrbatdPzat
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:48 GMT
AN-X-Request-Uuid
e5d1ee61-e1fd-463f-b762-0d3239c8ab4f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM3NTQwNDk5NDYwMzExOTMxMw%3D%3D
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
moatad.js
z.moatads.com/advancedigitaldfp80721595993/ Frame 55C9 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/advancedigitaldfp80721595993/moatad.js
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
024f4d26c6e410562f6206ea9b5eb3bccef42acc54e840e38216c568fc971276

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
content-encoding
gzip
last-modified
Tue, 11 Oct 2022 16:13:32 GMT
server
AmazonS3
x-amz-request-id
MAD3S2Z1ZYZCJMFK
etag
"72a4e19790ba2e3f19148e5e2363dc07"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=48284
accept-ranges
bytes
content-length
4489
x-amz-id-2
b/ry9PZsl6URlszPB+akTxbN8opfMio1xxvCK2On21/rZ1uq/JSmKfjR0IzX/C0fD7vGv4De4jo=
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 55C9 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 03:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
478947
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 21 Oct 2023 03:07:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 55C9 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 16:09:48 GMT
596
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/596?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=3b4b2f9a-cfcd-4e48-a5b3-5843459e43a6&bctempid=&overruleReferrer=&time=2022-10-26T16%3A09%3A48%2B00%3A00&ts=1666800588347
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-59.prg50.r.cloudfront.net
Software
- /
Resource Hash
bd66cc65e11c33a4be1fc8c94f459f60c37eb4d3e8bd8cf6cddc3acae0d0c7bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
3520
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
RQmOPb2kAaSrkTMxX8WaED51lloz1tDI36wfriP0atrndddHFYUi8g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
predict
h312.mlive.com/rest/custom/frontend/listener_realtime_model/ 		2 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/rest/custom/frontend/listener_realtime_model/predict?itemId=93193c90-1299-460a-add2-602384af02fc&profileId=3b4b2f9a-cfcd-4e48-a5b3-5843459e43a6
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/plugin/plugin/f10fcd10c9705f7ae982038bf727015f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-59.prg50.r.cloudfront.net
Software
- /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
2
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, no-cache="Set-Cookie"
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
seuc0FN8M_pmF54cgYcy6h4YaN18-cU36Q39AcDFyJkgoOzknWsHZw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
596
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		365 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/596?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=3b4b2f9a-cfcd-4e48-a5b3-5843459e43a6&bctempid=&overruleReferrer=&time=2022-10-26T16%3A09%3A48%2B00%3A00&ts=1666800588415
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-59.prg50.r.cloudfront.net
Software
- /
Resource Hash
b57468dd279b82b88e7f922ddc76d2cb14b7745d8d4b78d17094f6d7cabc8fe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
174
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
OJTtmzWirHsms3VHLTB3F0WhQyYu1eARBV4F8600dnZaV8oi1PFL7A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
596
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/596?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=3b4b2f9a-cfcd-4e48-a5b3-5843459e43a6&bctempid=&overruleReferrer=&time=2022-10-26T16%3A09%3A48%2B00%3A00&ts=1666800588416
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-59.prg50.r.cloudfront.net
Software
- /
Resource Hash
e80c968cfa1c6ed1a490aea83dd984e2aafd2e29e1e71ac4a8e2df3b7535b6d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
164
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
EmjVXUfzcTM7Gx_1zuXVWUtjywlpEbBLWqwN8ovdPpgnRrBZJrKf2Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1892687978&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blueconic&ea=segments&_u=aDDAAEABAAQCACgFK~&jid=&gjid=&cid=1729966134.1666800586&tid=UA-16643585-16&_gid=592516121.1666800587&gtm=2wgaj0TLXFLCR&cd1=undefined&cd2=1---&cd3=undefined&cd6=&cd11=&cd16=undefined&cd18=undefined&cd19=undefined&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd44=undefined&cd46=homepage-beta&cd47=desktop&cd50=Blueconic%20-%20event%20call&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=&cd62=undefined&cd63=&cd64=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-b&cd61=1729966134.1666800586&cd76=a0002%2Ca0016%2Ca0022%2Ca0037&cd77=undefined&cd78=undefined&cd79=undefined&cd80=undefined&cd85=undefined&cd89=undefined&cd96=1&cm1=undefined&cm2=undefined&cm3=undefined&cm4=undefined&z=303193348
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 19:23:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74763
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
596
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/596?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=3b4b2f9a-cfcd-4e48-a5b3-5843459e43a6&bctempid=&overruleReferrer=&time=2022-10-26T16%3A09%3A48%2B00%3A00&ts=1666800588437
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-59.prg50.r.cloudfront.net
Software
- /
Resource Hash
71cd626d596d50654b4bcd5717428749cc3680041dd390a5328e9263f77e7578
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
164
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
lPMeYCl4hK0ilyOqFOpc9e9MWDV-9Yxb5XIkf3qYLEn69EzyTFltug==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 55C9 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&d=ADVANCEDDIGITAL_DFP1%3A343101415%3A387186655%3A-&de=733135061732&t=1666800588525&i=MOAT_FEATHER_DEBUG1&gw=advancedigitaldfp80721595993&cm=10&f=1&bq=0&ar=e27dbc83ae5-clean&iw=faafe60&dMoatOQs=moatClientLevel1%3D1491967615%26moatClientLevel2%3D571433575%26moatClientLevel3%3D1731144295%26moatClientLevel4%3D138224669406%26moatClientSlicer1%3D343101415%26moatClientSlicer2%3D387186655%26zMoatAU%3D%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%26zMoatProduct%3Dhomepage-beta%26zMoatPS%3D%26zMoatSlot%3DInFeed_Right_Tall%26zMoatPlatform%3Ddesktop%26zMoatVersion%3D%26zMoatATF%3Dfalse%26refresh%3D1%26zMoatCounter%3D1&fq=1&sy=1&gh=1&wb=2&g=0&na=1519526984&cs=0
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 26 Oct 2022 16:09:48 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1211306/66366053/ Frame B4B1 		237 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1211306/66366053/skeleton.js?ias_dspID=3&ias_campId=1009359348&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=18640445752&bidurl=https://www.mlive.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h36M2hLpQGEqGnl2FoitQW
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DILg1FjbcuQ0zYSPKIyyOe5O2RWWb5uJFx0e9nHbhX999FyBgSbURLKx0PZSNJ68KOvficsj6CJeF6gYrsAuBdvIi0tAPMxRjVahBXsRvOjxHywNaihG2le25rQQWNtoC9AxhUhFpTYSaEHIUHtpi3hiDSPoBkR2-FjTV5hRkjizszM6M&dbm_d=AKAmf-B-OGfdboRKoDIqCifUn0LsSxYYDKFAAw8RfkYT2ynHx9e_ax6Vyh2tzeqBiUCRObPjy9UlSYhaxuOVD2_ukyYDzJ_66K7RbgrU0wvHRueeyEkqlR28O6oYSKS0ygI0CIM15zoSmqtfMzDIr5j0q8Og2TQCEjwdiuhKW2LZJQGWpWLR1hfL3Bv4mVYyNlJklwVfALUuf93ETJzcrJ_FRm_l0WDPi1Lmxc6Kl6CQdTbxLxPekDCEcVKI64DtaQOZoyS7CVKxtk3DpnmSkDsYhB7f7wr_4Tu3Vd0lLe4ioFU34fSvKUvbr-x92POLOUpeVFge016TrrnUKuhFb5NLCgpQlD-cBQoFkadtOb7oLUDGXPRkIPAl_cnKHruoMWomzuT6kGfi57ZCDaZ0gHUi2aqihjDYq2zt7Kc-HzgeBJ7yp_BaI4V9CHoa2Zjld6V2_B_zdjvjtliTe68CkSE_3lE9rhRj7-3QazD6CzvpV2HZRabvtqGsHH-BHF7byHYoVD_VgY1FoJ6yqphNRbnCMtpgdKMqgZW7A0mo_Nplcu8v7gc8RVKQB-r83djJ4t38FwG3ysYgAi8Q5xzxB4qOdHlvuXyzjrWiV0oXkvDXdZKAKq0Z9GTxrzhOHCdBru9WbwjUCc9qZ_o1iMzkfXcslwueJpplFs-585tXh6u4VpKmjTNJ6LEwelupyKjbs749o12DvclSmTp_iTsxzqBI44VB1GOPLhBA3hGRNZ9V1OzSRpH8NthxVK6VLmCtvke1zmZPniFUt0AqpFdm22vBqGH1mXPF06psVUkHRZSwcLVHJml3_aFFo9iNxiRClKawqShi3VFFwd7oBlJBeUgNSLR5Vi7jXWRujsM7nhJcSZKERjubklXROZ7fKg67ovHG0G4EQSDwCxXnh8VLQRN9PLOnr3fWsm1qPYmwWHb4FzMR1Fg49IfR4PzEz123c3-f2qTHzmgkE7xMKsMn2UylF6rRX6y8jIhmyAXsXCZLf3yzsztafuHmsq_Akq-cIUT0yXOy7RJ5zp32MXWZvHB_6M0yoJwkjJKX6VPD3EWIBbNPHroO0bxASJFmWHb4_sIoim0dRwY4LmCncV7rRR-Z8Kp0zXL4uJoAvGGEx02RHURtULSYpKwsWkDBLn6jy7EBIYf06C6NoqyvN_V8s8cId1lQkDPDcwQaisjW4YcdeO2omUg1mt_tQ6Qf22vW8e9VgYjzzYNrF67LxSSAKZOgphnvk8Z82-iiGRYd2tEKC1uxYBeZ_ggVh9epNWsofGSvPIrf6jhp6CnZxI17AA4v3y2QszPoQR7rhujq_YXKcuYYozMijeK-WROdFIERkO_StlwJY5yZn0iPWVNKP8J5AEk9oCAma3Gxlx5CHpPBtMsqqMTKhRWsHA4xmFMPvsJ3HMhaGnepdAf-a5vgX6iiJBSeGzruvyMBociYbX-lBkbMlk7mEpNtdAFGfgvdCzCN9l4pUDJbbTvZGEdwxAVrUhgnZ9wuUH-4cYoL8TD6gnCb1cCn_OuXgCnhPPeKxC40IoxfEefqwdhBS_cIgkehIOD2Qawvz8fc_-Zb_bSQWycnJwQPJTbIWG53u8XTRLak5yDNt71Ngsboc5-YAPtlXGTIDKme734AhKhwtQzGJFPjeOELfHaf7ZR9o98K1Ua5ePGrDYmw2w3lD_zMxj4tzydBVSY33qNcIpir4gNpxfF5g9tl_GU1NtmTks7Zg5UF6UKK_iMBRewsetp0XWQQ2A1ipggY5GCmTh3ZHZEp4ZELSLhrFFouWG9HCmiB5YestSmXaXfLDtJBBaqLaW1jYsjQCuitQdO6vtkUeuGmJHZ6xHiWZKZJBjw1FIV_IxbsXmT0i3pF7mLxx6SVr2xMmC4GOwST6Q_2vGSC2AZPk-9xiDBFRtqGzmcRcITKTQjkG50UqJByrHelsu9ofJhaxUycvtno3seN4_iqf5_ccplubRwiVCvq2VFUi1m8XUWL6JaQsZodht4wNuV5dPRx_RrLFSmUUzYxeOBBm437tHZQnXXbqQi5XzkqU82vKcK1rhuYdWqsdoWrpEDk4ne1wu3owhiU4VXcYb-LwcX4AhjR06QwximVwDTSlXK0HCY7L6ygUIw07jnRmiNlXORP6xMJjowtSO7KF8MFktWXjkn62n81nDyeft79bAP7LNfonLEz9eaSOx96zT7KHOpIky3jfFGc3xVROSy6yUvthZtOFYjXFUtWeafhifk0pEbzKmvgbntPLnImqmpjDREhBRBwn78gNAiUfLDjZ9-YINf0JlhqCgzX1LgpEWoitZsCt09l5rn3dCnEg7vd31JaC9BINfvgR2KH7ED521jrnjGShm9Sn2w1q-rNGdEFtTqJ18MRs6T7Hb8NhCBzYxqWtvyAbdg--mgZhbw_bosvCW3HxAu8SED1LoJ55NGGVr1inoq8_Ob2TlOBrYaDClK3m-VmgbN6hciHgW0u0ZXBdhLaAoIFXoFepXrKWFk2IYkMfFxcl7dA5VQB4I5nM1t-WsecGXkaMR6JvC5G-ZinqNPmpfy0UV75SeCJzXant2ZO0BlNF5HKJqu0lb1K2i95pheMafQUdxRQ7VekIiiJKcR6z6KtjKZErpTD_SUiWRWU-dgyFZ_yPBbshSB-wydw-4BBWRwrEyS_kNb7hz0KiW6xi7Q05QpwKjHB5F6tflD0EtV6G7ePuwSKwoGIwtFv0YFdmFR9ehQ9DaCV_x7YhZvTwNp38822B74v2Js1oJbcbJNynidRkWZR703GSPGwKqVltzppY0b86TgNP2GN_4UzyDrtMlkmpiLVXIfQpAV8FRo7OMkJ1DCEkSaynJLef1oTSPKOok6esMkBjzm9wQvmRSbFUfFTci8imTHyoLyJclIxH4a7o-Xl1jQ_3_oETuO3dFOQX8qIOgPwIhQThWeoz1I-5VbXw6s5vFdmDUFm5Wbl1QovcEDrxBkxLPk3zl4gBP0aLhEZ6CjWfWJGoAHXOr4YOOguu0bUc6LtFAcmrsEYRaaftx_1xc5Wq__J9ZCrE7nx3gNpGRqPcyUyKlytrKzc0EbZr1sT13kSg7OExnsfwLg3T50SbROKb68tvKZ7oXlxTzdrZO-qGXoyFKday2a6IdRgDP96_9hht0OYsdhKppmpb_DfMwLKxoeK_zmDOxdOfN2NAyjACqAZE0m6tlRgEXXG48E7IwRVPw_SDJ4c0V6s4M0fK7LzEzYs0M8leJ2DptU91qro4HuEdl0ZQ0K-3qAA9nYxrcnhXvFKCmsPQBvUoeMrMlzITCWjYF_iewrNXYLGe1blYy5vR1oyyNPaaNWep6c3aQfEnkGzMPOIGxSirKUeOgUWiGsxE4nhOfzdukJdSfO_vL_qgkkslkA34loMYlcwD8DAbXDOReqYZQ9a&cid=CAASJORolSQXB2ARse38S5zfm5ZInclU3UCYEQLRr8vRWGwgABCycg&rfl=1%2Chttps%253A%252F%252Fwww.mlive.com%252F%240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.195.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-195-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2a9a69292f2943c5deae441aec5bea4934f95fffe301ea2ebb119bcd5f69f5d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:48 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame B4B1 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DILg1FjbcuQ0zYSPKIyyOe5O2RWWb5uJFx0e9nHbhX999FyBgSbURLKx0PZSNJ68KOvficsj6CJeF6gYrsAuBdvIi0tAPMxRjVahBXsRvOjxHywNaihG2le25rQQWNtoC9AxhUhFpTYSaEHIUHtpi3hiDSPoBkR2-FjTV5hRkjizszM6M&dbm_d=AKAmf-B-OGfdboRKoDIqCifUn0LsSxYYDKFAAw8RfkYT2ynHx9e_ax6Vyh2tzeqBiUCRObPjy9UlSYhaxuOVD2_ukyYDzJ_66K7RbgrU0wvHRueeyEkqlR28O6oYSKS0ygI0CIM15zoSmqtfMzDIr5j0q8Og2TQCEjwdiuhKW2LZJQGWpWLR1hfL3Bv4mVYyNlJklwVfALUuf93ETJzcrJ_FRm_l0WDPi1Lmxc6Kl6CQdTbxLxPekDCEcVKI64DtaQOZoyS7CVKxtk3DpnmSkDsYhB7f7wr_4Tu3Vd0lLe4ioFU34fSvKUvbr-x92POLOUpeVFge016TrrnUKuhFb5NLCgpQlD-cBQoFkadtOb7oLUDGXPRkIPAl_cnKHruoMWomzuT6kGfi57ZCDaZ0gHUi2aqihjDYq2zt7Kc-HzgeBJ7yp_BaI4V9CHoa2Zjld6V2_B_zdjvjtliTe68CkSE_3lE9rhRj7-3QazD6CzvpV2HZRabvtqGsHH-BHF7byHYoVD_VgY1FoJ6yqphNRbnCMtpgdKMqgZW7A0mo_Nplcu8v7gc8RVKQB-r83djJ4t38FwG3ysYgAi8Q5xzxB4qOdHlvuXyzjrWiV0oXkvDXdZKAKq0Z9GTxrzhOHCdBru9WbwjUCc9qZ_o1iMzkfXcslwueJpplFs-585tXh6u4VpKmjTNJ6LEwelupyKjbs749o12DvclSmTp_iTsxzqBI44VB1GOPLhBA3hGRNZ9V1OzSRpH8NthxVK6VLmCtvke1zmZPniFUt0AqpFdm22vBqGH1mXPF06psVUkHRZSwcLVHJml3_aFFo9iNxiRClKawqShi3VFFwd7oBlJBeUgNSLR5Vi7jXWRujsM7nhJcSZKERjubklXROZ7fKg67ovHG0G4EQSDwCxXnh8VLQRN9PLOnr3fWsm1qPYmwWHb4FzMR1Fg49IfR4PzEz123c3-f2qTHzmgkE7xMKsMn2UylF6rRX6y8jIhmyAXsXCZLf3yzsztafuHmsq_Akq-cIUT0yXOy7RJ5zp32MXWZvHB_6M0yoJwkjJKX6VPD3EWIBbNPHroO0bxASJFmWHb4_sIoim0dRwY4LmCncV7rRR-Z8Kp0zXL4uJoAvGGEx02RHURtULSYpKwsWkDBLn6jy7EBIYf06C6NoqyvN_V8s8cId1lQkDPDcwQaisjW4YcdeO2omUg1mt_tQ6Qf22vW8e9VgYjzzYNrF67LxSSAKZOgphnvk8Z82-iiGRYd2tEKC1uxYBeZ_ggVh9epNWsofGSvPIrf6jhp6CnZxI17AA4v3y2QszPoQR7rhujq_YXKcuYYozMijeK-WROdFIERkO_StlwJY5yZn0iPWVNKP8J5AEk9oCAma3Gxlx5CHpPBtMsqqMTKhRWsHA4xmFMPvsJ3HMhaGnepdAf-a5vgX6iiJBSeGzruvyMBociYbX-lBkbMlk7mEpNtdAFGfgvdCzCN9l4pUDJbbTvZGEdwxAVrUhgnZ9wuUH-4cYoL8TD6gnCb1cCn_OuXgCnhPPeKxC40IoxfEefqwdhBS_cIgkehIOD2Qawvz8fc_-Zb_bSQWycnJwQPJTbIWG53u8XTRLak5yDNt71Ngsboc5-YAPtlXGTIDKme734AhKhwtQzGJFPjeOELfHaf7ZR9o98K1Ua5ePGrDYmw2w3lD_zMxj4tzydBVSY33qNcIpir4gNpxfF5g9tl_GU1NtmTks7Zg5UF6UKK_iMBRewsetp0XWQQ2A1ipggY5GCmTh3ZHZEp4ZELSLhrFFouWG9HCmiB5YestSmXaXfLDtJBBaqLaW1jYsjQCuitQdO6vtkUeuGmJHZ6xHiWZKZJBjw1FIV_IxbsXmT0i3pF7mLxx6SVr2xMmC4GOwST6Q_2vGSC2AZPk-9xiDBFRtqGzmcRcITKTQjkG50UqJByrHelsu9ofJhaxUycvtno3seN4_iqf5_ccplubRwiVCvq2VFUi1m8XUWL6JaQsZodht4wNuV5dPRx_RrLFSmUUzYxeOBBm437tHZQnXXbqQi5XzkqU82vKcK1rhuYdWqsdoWrpEDk4ne1wu3owhiU4VXcYb-LwcX4AhjR06QwximVwDTSlXK0HCY7L6ygUIw07jnRmiNlXORP6xMJjowtSO7KF8MFktWXjkn62n81nDyeft79bAP7LNfonLEz9eaSOx96zT7KHOpIky3jfFGc3xVROSy6yUvthZtOFYjXFUtWeafhifk0pEbzKmvgbntPLnImqmpjDREhBRBwn78gNAiUfLDjZ9-YINf0JlhqCgzX1LgpEWoitZsCt09l5rn3dCnEg7vd31JaC9BINfvgR2KH7ED521jrnjGShm9Sn2w1q-rNGdEFtTqJ18MRs6T7Hb8NhCBzYxqWtvyAbdg--mgZhbw_bosvCW3HxAu8SED1LoJ55NGGVr1inoq8_Ob2TlOBrYaDClK3m-VmgbN6hciHgW0u0ZXBdhLaAoIFXoFepXrKWFk2IYkMfFxcl7dA5VQB4I5nM1t-WsecGXkaMR6JvC5G-ZinqNPmpfy0UV75SeCJzXant2ZO0BlNF5HKJqu0lb1K2i95pheMafQUdxRQ7VekIiiJKcR6z6KtjKZErpTD_SUiWRWU-dgyFZ_yPBbshSB-wydw-4BBWRwrEyS_kNb7hz0KiW6xi7Q05QpwKjHB5F6tflD0EtV6G7ePuwSKwoGIwtFv0YFdmFR9ehQ9DaCV_x7YhZvTwNp38822B74v2Js1oJbcbJNynidRkWZR703GSPGwKqVltzppY0b86TgNP2GN_4UzyDrtMlkmpiLVXIfQpAV8FRo7OMkJ1DCEkSaynJLef1oTSPKOok6esMkBjzm9wQvmRSbFUfFTci8imTHyoLyJclIxH4a7o-Xl1jQ_3_oETuO3dFOQX8qIOgPwIhQThWeoz1I-5VbXw6s5vFdmDUFm5Wbl1QovcEDrxBkxLPk3zl4gBP0aLhEZ6CjWfWJGoAHXOr4YOOguu0bUc6LtFAcmrsEYRaaftx_1xc5Wq__J9ZCrE7nx3gNpGRqPcyUyKlytrKzc0EbZr1sT13kSg7OExnsfwLg3T50SbROKb68tvKZ7oXlxTzdrZO-qGXoyFKday2a6IdRgDP96_9hht0OYsdhKppmpb_DfMwLKxoeK_zmDOxdOfN2NAyjACqAZE0m6tlRgEXXG48E7IwRVPw_SDJ4c0V6s4M0fK7LzEzYs0M8leJ2DptU91qro4HuEdl0ZQ0K-3qAA9nYxrcnhXvFKCmsPQBvUoeMrMlzITCWjYF_iewrNXYLGe1blYy5vR1oyyNPaaNWep6c3aQfEnkGzMPOIGxSirKUeOgUWiGsxE4nhOfzdukJdSfO_vL_qgkkslkA34loMYlcwD8DAbXDOReqYZQ9a&cid=CAASJORolSQXB2ARse38S5zfm5ZInclU3UCYEQLRr8vRWGwgABCycg&rfl=1%2Chttps%253A%252F%252Fwww.mlive.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 12:01:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
14895
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11429
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 12:01:33 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame B4B1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DILg1FjbcuQ0zYSPKIyyOe5O2RWWb5uJFx0e9nHbhX999FyBgSbURLKx0PZSNJ68KOvficsj6CJeF6gYrsAuBdvIi0tAPMxRjVahBXsRvOjxHywNaihG2le25rQQWNtoC9AxhUhFpTYSaEHIUHtpi3hiDSPoBkR2-FjTV5hRkjizszM6M&dbm_d=AKAmf-B-OGfdboRKoDIqCifUn0LsSxYYDKFAAw8RfkYT2ynHx9e_ax6Vyh2tzeqBiUCRObPjy9UlSYhaxuOVD2_ukyYDzJ_66K7RbgrU0wvHRueeyEkqlR28O6oYSKS0ygI0CIM15zoSmqtfMzDIr5j0q8Og2TQCEjwdiuhKW2LZJQGWpWLR1hfL3Bv4mVYyNlJklwVfALUuf93ETJzcrJ_FRm_l0WDPi1Lmxc6Kl6CQdTbxLxPekDCEcVKI64DtaQOZoyS7CVKxtk3DpnmSkDsYhB7f7wr_4Tu3Vd0lLe4ioFU34fSvKUvbr-x92POLOUpeVFge016TrrnUKuhFb5NLCgpQlD-cBQoFkadtOb7oLUDGXPRkIPAl_cnKHruoMWomzuT6kGfi57ZCDaZ0gHUi2aqihjDYq2zt7Kc-HzgeBJ7yp_BaI4V9CHoa2Zjld6V2_B_zdjvjtliTe68CkSE_3lE9rhRj7-3QazD6CzvpV2HZRabvtqGsHH-BHF7byHYoVD_VgY1FoJ6yqphNRbnCMtpgdKMqgZW7A0mo_Nplcu8v7gc8RVKQB-r83djJ4t38FwG3ysYgAi8Q5xzxB4qOdHlvuXyzjrWiV0oXkvDXdZKAKq0Z9GTxrzhOHCdBru9WbwjUCc9qZ_o1iMzkfXcslwueJpplFs-585tXh6u4VpKmjTNJ6LEwelupyKjbs749o12DvclSmTp_iTsxzqBI44VB1GOPLhBA3hGRNZ9V1OzSRpH8NthxVK6VLmCtvke1zmZPniFUt0AqpFdm22vBqGH1mXPF06psVUkHRZSwcLVHJml3_aFFo9iNxiRClKawqShi3VFFwd7oBlJBeUgNSLR5Vi7jXWRujsM7nhJcSZKERjubklXROZ7fKg67ovHG0G4EQSDwCxXnh8VLQRN9PLOnr3fWsm1qPYmwWHb4FzMR1Fg49IfR4PzEz123c3-f2qTHzmgkE7xMKsMn2UylF6rRX6y8jIhmyAXsXCZLf3yzsztafuHmsq_Akq-cIUT0yXOy7RJ5zp32MXWZvHB_6M0yoJwkjJKX6VPD3EWIBbNPHroO0bxASJFmWHb4_sIoim0dRwY4LmCncV7rRR-Z8Kp0zXL4uJoAvGGEx02RHURtULSYpKwsWkDBLn6jy7EBIYf06C6NoqyvN_V8s8cId1lQkDPDcwQaisjW4YcdeO2omUg1mt_tQ6Qf22vW8e9VgYjzzYNrF67LxSSAKZOgphnvk8Z82-iiGRYd2tEKC1uxYBeZ_ggVh9epNWsofGSvPIrf6jhp6CnZxI17AA4v3y2QszPoQR7rhujq_YXKcuYYozMijeK-WROdFIERkO_StlwJY5yZn0iPWVNKP8J5AEk9oCAma3Gxlx5CHpPBtMsqqMTKhRWsHA4xmFMPvsJ3HMhaGnepdAf-a5vgX6iiJBSeGzruvyMBociYbX-lBkbMlk7mEpNtdAFGfgvdCzCN9l4pUDJbbTvZGEdwxAVrUhgnZ9wuUH-4cYoL8TD6gnCb1cCn_OuXgCnhPPeKxC40IoxfEefqwdhBS_cIgkehIOD2Qawvz8fc_-Zb_bSQWycnJwQPJTbIWG53u8XTRLak5yDNt71Ngsboc5-YAPtlXGTIDKme734AhKhwtQzGJFPjeOELfHaf7ZR9o98K1Ua5ePGrDYmw2w3lD_zMxj4tzydBVSY33qNcIpir4gNpxfF5g9tl_GU1NtmTks7Zg5UF6UKK_iMBRewsetp0XWQQ2A1ipggY5GCmTh3ZHZEp4ZELSLhrFFouWG9HCmiB5YestSmXaXfLDtJBBaqLaW1jYsjQCuitQdO6vtkUeuGmJHZ6xHiWZKZJBjw1FIV_IxbsXmT0i3pF7mLxx6SVr2xMmC4GOwST6Q_2vGSC2AZPk-9xiDBFRtqGzmcRcITKTQjkG50UqJByrHelsu9ofJhaxUycvtno3seN4_iqf5_ccplubRwiVCvq2VFUi1m8XUWL6JaQsZodht4wNuV5dPRx_RrLFSmUUzYxeOBBm437tHZQnXXbqQi5XzkqU82vKcK1rhuYdWqsdoWrpEDk4ne1wu3owhiU4VXcYb-LwcX4AhjR06QwximVwDTSlXK0HCY7L6ygUIw07jnRmiNlXORP6xMJjowtSO7KF8MFktWXjkn62n81nDyeft79bAP7LNfonLEz9eaSOx96zT7KHOpIky3jfFGc3xVROSy6yUvthZtOFYjXFUtWeafhifk0pEbzKmvgbntPLnImqmpjDREhBRBwn78gNAiUfLDjZ9-YINf0JlhqCgzX1LgpEWoitZsCt09l5rn3dCnEg7vd31JaC9BINfvgR2KH7ED521jrnjGShm9Sn2w1q-rNGdEFtTqJ18MRs6T7Hb8NhCBzYxqWtvyAbdg--mgZhbw_bosvCW3HxAu8SED1LoJ55NGGVr1inoq8_Ob2TlOBrYaDClK3m-VmgbN6hciHgW0u0ZXBdhLaAoIFXoFepXrKWFk2IYkMfFxcl7dA5VQB4I5nM1t-WsecGXkaMR6JvC5G-ZinqNPmpfy0UV75SeCJzXant2ZO0BlNF5HKJqu0lb1K2i95pheMafQUdxRQ7VekIiiJKcR6z6KtjKZErpTD_SUiWRWU-dgyFZ_yPBbshSB-wydw-4BBWRwrEyS_kNb7hz0KiW6xi7Q05QpwKjHB5F6tflD0EtV6G7ePuwSKwoGIwtFv0YFdmFR9ehQ9DaCV_x7YhZvTwNp38822B74v2Js1oJbcbJNynidRkWZR703GSPGwKqVltzppY0b86TgNP2GN_4UzyDrtMlkmpiLVXIfQpAV8FRo7OMkJ1DCEkSaynJLef1oTSPKOok6esMkBjzm9wQvmRSbFUfFTci8imTHyoLyJclIxH4a7o-Xl1jQ_3_oETuO3dFOQX8qIOgPwIhQThWeoz1I-5VbXw6s5vFdmDUFm5Wbl1QovcEDrxBkxLPk3zl4gBP0aLhEZ6CjWfWJGoAHXOr4YOOguu0bUc6LtFAcmrsEYRaaftx_1xc5Wq__J9ZCrE7nx3gNpGRqPcyUyKlytrKzc0EbZr1sT13kSg7OExnsfwLg3T50SbROKb68tvKZ7oXlxTzdrZO-qGXoyFKday2a6IdRgDP96_9hht0OYsdhKppmpb_DfMwLKxoeK_zmDOxdOfN2NAyjACqAZE0m6tlRgEXXG48E7IwRVPw_SDJ4c0V6s4M0fK7LzEzYs0M8leJ2DptU91qro4HuEdl0ZQ0K-3qAA9nYxrcnhXvFKCmsPQBvUoeMrMlzITCWjYF_iewrNXYLGe1blYy5vR1oyyNPaaNWep6c3aQfEnkGzMPOIGxSirKUeOgUWiGsxE4nhOfzdukJdSfO_vL_qgkkslkA34loMYlcwD8DAbXDOReqYZQ9a&cid=CAASJORolSQXB2ARse38S5zfm5ZInclU3UCYEQLRr8vRWGwgABCycg&rfl=1%2Chttps%253A%252F%252Fwww.mlive.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 12:01:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
14895
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2998
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 12:01:33 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B4B1 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZjch3RLLF5PuaDKuWEQQ-LfK7Qogkhfk54IoBErS2T-DkWHkGJ_mJNQR8ucZGqXEqe_lNgF8PrTbyIkBlwY-pfb6pLgM6-LDSZN-rwxDWbceX47P3mqCJxX8lfMSusdUxbmPtZ6RypL3FmpL8T8zf4LIDBs4cJnQHpJoEOZNAtdoGvuZDptqYoctiDqFi2giRM8UYJn_yoWOdUEs3jaz55TZAdMzfnJEVXeZb1y04uzPFUuILJe1y0iS7pvnJWzlkt-a280S6GAFocvTWsUv9j-yIetG0j0_JmYuq7nHcBd7sIr0erreaWD4rgW_j17JoFZhBOHh-CDqzhrWelpUIlLjsZCc31ldPbzPgf3i5lXyCvZ9DD698wCBmnFwvYcJ6NfJNw5eGCOQbxgD725SFRA8TPI5RQg6YssOYsKsmNOhba-CXdaCqI8KP_hRYlgaoCvgN5mCxw4Fi-cAlNgtHRX70uSEexs9E2cn2nQL_BEcoK-iweSv_TmXRxEGMGvDURgWCRNP3be8amnCoz3w5-D4NGrbt7sC_nPP2JZhm72V9ieed33GV6BPm4jkU1L4X1b3BR2LaZMxbcL7zLLW2sbwf07fgPI6FeK8lZvLdhsVWJ_e_m5Tv7vP6MemuPLNA0z_9j252yx1_c048VbR-HfTZxoz9m_64llRKZ1I8R-GGo5VUBPSWR_-qtsO2jQhtdA0gCmjliPzAfTA-jW1TPNk-Xm9aYWljvkDpsVlo_rDkoIVckrQYAuRk_FTHYpC1JHqCozJgcqQPBhO960atpSCM9y9k0dr0rcgJOf1bVBoIxqjs8kN6VK4_-_Rj1NDCSKclfRvLeDzz9S7580GM9fN48oy_UBp-6ncZXGm3mjTwY359CNV-ny5_Px9DjZWuub_WS4FDCgCxZH-fuGDMpGu296QFSVppIaPqtbOqsUC8ofILhP-RClMAK9VM3G624DYLD6OqL0rZx7rSdKFobM3g9y-8vWjs4unqhxtuYVx2s12Rvw9PS1iEZI--45o2QuLk6uat-8k1tbGIqqW9uAWvtmoTRFNl9TwnU-q0YmHhd0k9aSCPJ5Bw88WkK4h2TGVWx0fB9PDJQmYZy2ZRWsFDa6wjXS28yVeYXQSaWEXN6bMnZEONvpJ3h3P16sdV5C64L7Z86P1Yhv5gMiydcFcTZYAl1kxBvuiWFdCNHnygfXeVwvvI51aaQj72Tr4keRugm6yo7duvWXzHGp-J7AhbKlqauVAbtfNDmYlT6QM35DxvnPDe6ghKyKBlpaCOUjRZfvGDCz6__1_tFZwYunseMD8e&sai=AMfl-YS9L4wsRkyB2Skrwszj5dFthi5QzAD0hdkGlB7SN8N3jtto-hNGVVOf_oYk1hS5nkhSyv-FB0RACxO58p4tjT57pMlI0pfK1bUxSnlWkWjZ6gGqvh2y7vmCrITJ7m0I6AFFyHR5oRWWQMBCx3yIy4FUcutCdn2RxInlQEJLTo7sru9tB_hbnVNeg8lepCge7tmcrCe_nN5Rw1xgwZCLzYnyjzk&sig=Cg0ArKJSzA45LHeUNNerEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221020.00823&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DILg1FjbcuQ0zYSPKIyyOe5O2RWWb5uJFx0e9nHbhX999FyBgSbURLKx0PZSNJ68KOvficsj6CJeF6gYrsAuBdvIi0tAPMxRjVahBXsRvOjxHywNaihG2le25rQQWNtoC9AxhUhFpTYSaEHIUHtpi3hiDSPoBkR2-FjTV5hRkjizszM6M&dbm_d=AKAmf-B-OGfdboRKoDIqCifUn0LsSxYYDKFAAw8RfkYT2ynHx9e_ax6Vyh2tzeqBiUCRObPjy9UlSYhaxuOVD2_ukyYDzJ_66K7RbgrU0wvHRueeyEkqlR28O6oYSKS0ygI0CIM15zoSmqtfMzDIr5j0q8Og2TQCEjwdiuhKW2LZJQGWpWLR1hfL3Bv4mVYyNlJklwVfALUuf93ETJzcrJ_FRm_l0WDPi1Lmxc6Kl6CQdTbxLxPekDCEcVKI64DtaQOZoyS7CVKxtk3DpnmSkDsYhB7f7wr_4Tu3Vd0lLe4ioFU34fSvKUvbr-x92POLOUpeVFge016TrrnUKuhFb5NLCgpQlD-cBQoFkadtOb7oLUDGXPRkIPAl_cnKHruoMWomzuT6kGfi57ZCDaZ0gHUi2aqihjDYq2zt7Kc-HzgeBJ7yp_BaI4V9CHoa2Zjld6V2_B_zdjvjtliTe68CkSE_3lE9rhRj7-3QazD6CzvpV2HZRabvtqGsHH-BHF7byHYoVD_VgY1FoJ6yqphNRbnCMtpgdKMqgZW7A0mo_Nplcu8v7gc8RVKQB-r83djJ4t38FwG3ysYgAi8Q5xzxB4qOdHlvuXyzjrWiV0oXkvDXdZKAKq0Z9GTxrzhOHCdBru9WbwjUCc9qZ_o1iMzkfXcslwueJpplFs-585tXh6u4VpKmjTNJ6LEwelupyKjbs749o12DvclSmTp_iTsxzqBI44VB1GOPLhBA3hGRNZ9V1OzSRpH8NthxVK6VLmCtvke1zmZPniFUt0AqpFdm22vBqGH1mXPF06psVUkHRZSwcLVHJml3_aFFo9iNxiRClKawqShi3VFFwd7oBlJBeUgNSLR5Vi7jXWRujsM7nhJcSZKERjubklXROZ7fKg67ovHG0G4EQSDwCxXnh8VLQRN9PLOnr3fWsm1qPYmwWHb4FzMR1Fg49IfR4PzEz123c3-f2qTHzmgkE7xMKsMn2UylF6rRX6y8jIhmyAXsXCZLf3yzsztafuHmsq_Akq-cIUT0yXOy7RJ5zp32MXWZvHB_6M0yoJwkjJKX6VPD3EWIBbNPHroO0bxASJFmWHb4_sIoim0dRwY4LmCncV7rRR-Z8Kp0zXL4uJoAvGGEx02RHURtULSYpKwsWkDBLn6jy7EBIYf06C6NoqyvN_V8s8cId1lQkDPDcwQaisjW4YcdeO2omUg1mt_tQ6Qf22vW8e9VgYjzzYNrF67LxSSAKZOgphnvk8Z82-iiGRYd2tEKC1uxYBeZ_ggVh9epNWsofGSvPIrf6jhp6CnZxI17AA4v3y2QszPoQR7rhujq_YXKcuYYozMijeK-WROdFIERkO_StlwJY5yZn0iPWVNKP8J5AEk9oCAma3Gxlx5CHpPBtMsqqMTKhRWsHA4xmFMPvsJ3HMhaGnepdAf-a5vgX6iiJBSeGzruvyMBociYbX-lBkbMlk7mEpNtdAFGfgvdCzCN9l4pUDJbbTvZGEdwxAVrUhgnZ9wuUH-4cYoL8TD6gnCb1cCn_OuXgCnhPPeKxC40IoxfEefqwdhBS_cIgkehIOD2Qawvz8fc_-Zb_bSQWycnJwQPJTbIWG53u8XTRLak5yDNt71Ngsboc5-YAPtlXGTIDKme734AhKhwtQzGJFPjeOELfHaf7ZR9o98K1Ua5ePGrDYmw2w3lD_zMxj4tzydBVSY33qNcIpir4gNpxfF5g9tl_GU1NtmTks7Zg5UF6UKK_iMBRewsetp0XWQQ2A1ipggY5GCmTh3ZHZEp4ZELSLhrFFouWG9HCmiB5YestSmXaXfLDtJBBaqLaW1jYsjQCuitQdO6vtkUeuGmJHZ6xHiWZKZJBjw1FIV_IxbsXmT0i3pF7mLxx6SVr2xMmC4GOwST6Q_2vGSC2AZPk-9xiDBFRtqGzmcRcITKTQjkG50UqJByrHelsu9ofJhaxUycvtno3seN4_iqf5_ccplubRwiVCvq2VFUi1m8XUWL6JaQsZodht4wNuV5dPRx_RrLFSmUUzYxeOBBm437tHZQnXXbqQi5XzkqU82vKcK1rhuYdWqsdoWrpEDk4ne1wu3owhiU4VXcYb-LwcX4AhjR06QwximVwDTSlXK0HCY7L6ygUIw07jnRmiNlXORP6xMJjowtSO7KF8MFktWXjkn62n81nDyeft79bAP7LNfonLEz9eaSOx96zT7KHOpIky3jfFGc3xVROSy6yUvthZtOFYjXFUtWeafhifk0pEbzKmvgbntPLnImqmpjDREhBRBwn78gNAiUfLDjZ9-YINf0JlhqCgzX1LgpEWoitZsCt09l5rn3dCnEg7vd31JaC9BINfvgR2KH7ED521jrnjGShm9Sn2w1q-rNGdEFtTqJ18MRs6T7Hb8NhCBzYxqWtvyAbdg--mgZhbw_bosvCW3HxAu8SED1LoJ55NGGVr1inoq8_Ob2TlOBrYaDClK3m-VmgbN6hciHgW0u0ZXBdhLaAoIFXoFepXrKWFk2IYkMfFxcl7dA5VQB4I5nM1t-WsecGXkaMR6JvC5G-ZinqNPmpfy0UV75SeCJzXant2ZO0BlNF5HKJqu0lb1K2i95pheMafQUdxRQ7VekIiiJKcR6z6KtjKZErpTD_SUiWRWU-dgyFZ_yPBbshSB-wydw-4BBWRwrEyS_kNb7hz0KiW6xi7Q05QpwKjHB5F6tflD0EtV6G7ePuwSKwoGIwtFv0YFdmFR9ehQ9DaCV_x7YhZvTwNp38822B74v2Js1oJbcbJNynidRkWZR703GSPGwKqVltzppY0b86TgNP2GN_4UzyDrtMlkmpiLVXIfQpAV8FRo7OMkJ1DCEkSaynJLef1oTSPKOok6esMkBjzm9wQvmRSbFUfFTci8imTHyoLyJclIxH4a7o-Xl1jQ_3_oETuO3dFOQX8qIOgPwIhQThWeoz1I-5VbXw6s5vFdmDUFm5Wbl1QovcEDrxBkxLPk3zl4gBP0aLhEZ6CjWfWJGoAHXOr4YOOguu0bUc6LtFAcmrsEYRaaftx_1xc5Wq__J9ZCrE7nx3gNpGRqPcyUyKlytrKzc0EbZr1sT13kSg7OExnsfwLg3T50SbROKb68tvKZ7oXlxTzdrZO-qGXoyFKday2a6IdRgDP96_9hht0OYsdhKppmpb_DfMwLKxoeK_zmDOxdOfN2NAyjACqAZE0m6tlRgEXXG48E7IwRVPw_SDJ4c0V6s4M0fK7LzEzYs0M8leJ2DptU91qro4HuEdl0ZQ0K-3qAA9nYxrcnhXvFKCmsPQBvUoeMrMlzITCWjYF_iewrNXYLGe1blYy5vR1oyyNPaaNWep6c3aQfEnkGzMPOIGxSirKUeOgUWiGsxE4nhOfzdukJdSfO_vL_qgkkslkA34loMYlcwD8DAbXDOReqYZQ9a&cid=CAASJORolSQXB2ARse38S5zfm5ZInclU3UCYEQLRr8vRWGwgABCycg&rfl=1%2Chttps%253A%252F%252Fwww.mlive.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 26 Oct 2022 16:09:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B4B1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DILg1FjbcuQ0zYSPKIyyOe5O2RWWb5uJFx0e9nHbhX999FyBgSbURLKx0PZSNJ68KOvficsj6CJeF6gYrsAuBdvIi0tAPMxRjVahBXsRvOjxHywNaihG2le25rQQWNtoC9AxhUhFpTYSaEHIUHtpi3hiDSPoBkR2-FjTV5hRkjizszM6M&dbm_d=AKAmf-B-OGfdboRKoDIqCifUn0LsSxYYDKFAAw8RfkYT2ynHx9e_ax6Vyh2tzeqBiUCRObPjy9UlSYhaxuOVD2_ukyYDzJ_66K7RbgrU0wvHRueeyEkqlR28O6oYSKS0ygI0CIM15zoSmqtfMzDIr5j0q8Og2TQCEjwdiuhKW2LZJQGWpWLR1hfL3Bv4mVYyNlJklwVfALUuf93ETJzcrJ_FRm_l0WDPi1Lmxc6Kl6CQdTbxLxPekDCEcVKI64DtaQOZoyS7CVKxtk3DpnmSkDsYhB7f7wr_4Tu3Vd0lLe4ioFU34fSvKUvbr-x92POLOUpeVFge016TrrnUKuhFb5NLCgpQlD-cBQoFkadtOb7oLUDGXPRkIPAl_cnKHruoMWomzuT6kGfi57ZCDaZ0gHUi2aqihjDYq2zt7Kc-HzgeBJ7yp_BaI4V9CHoa2Zjld6V2_B_zdjvjtliTe68CkSE_3lE9rhRj7-3QazD6CzvpV2HZRabvtqGsHH-BHF7byHYoVD_VgY1FoJ6yqphNRbnCMtpgdKMqgZW7A0mo_Nplcu8v7gc8RVKQB-r83djJ4t38FwG3ysYgAi8Q5xzxB4qOdHlvuXyzjrWiV0oXkvDXdZKAKq0Z9GTxrzhOHCdBru9WbwjUCc9qZ_o1iMzkfXcslwueJpplFs-585tXh6u4VpKmjTNJ6LEwelupyKjbs749o12DvclSmTp_iTsxzqBI44VB1GOPLhBA3hGRNZ9V1OzSRpH8NthxVK6VLmCtvke1zmZPniFUt0AqpFdm22vBqGH1mXPF06psVUkHRZSwcLVHJml3_aFFo9iNxiRClKawqShi3VFFwd7oBlJBeUgNSLR5Vi7jXWRujsM7nhJcSZKERjubklXROZ7fKg67ovHG0G4EQSDwCxXnh8VLQRN9PLOnr3fWsm1qPYmwWHb4FzMR1Fg49IfR4PzEz123c3-f2qTHzmgkE7xMKsMn2UylF6rRX6y8jIhmyAXsXCZLf3yzsztafuHmsq_Akq-cIUT0yXOy7RJ5zp32MXWZvHB_6M0yoJwkjJKX6VPD3EWIBbNPHroO0bxASJFmWHb4_sIoim0dRwY4LmCncV7rRR-Z8Kp0zXL4uJoAvGGEx02RHURtULSYpKwsWkDBLn6jy7EBIYf06C6NoqyvN_V8s8cId1lQkDPDcwQaisjW4YcdeO2omUg1mt_tQ6Qf22vW8e9VgYjzzYNrF67LxSSAKZOgphnvk8Z82-iiGRYd2tEKC1uxYBeZ_ggVh9epNWsofGSvPIrf6jhp6CnZxI17AA4v3y2QszPoQR7rhujq_YXKcuYYozMijeK-WROdFIERkO_StlwJY5yZn0iPWVNKP8J5AEk9oCAma3Gxlx5CHpPBtMsqqMTKhRWsHA4xmFMPvsJ3HMhaGnepdAf-a5vgX6iiJBSeGzruvyMBociYbX-lBkbMlk7mEpNtdAFGfgvdCzCN9l4pUDJbbTvZGEdwxAVrUhgnZ9wuUH-4cYoL8TD6gnCb1cCn_OuXgCnhPPeKxC40IoxfEefqwdhBS_cIgkehIOD2Qawvz8fc_-Zb_bSQWycnJwQPJTbIWG53u8XTRLak5yDNt71Ngsboc5-YAPtlXGTIDKme734AhKhwtQzGJFPjeOELfHaf7ZR9o98K1Ua5ePGrDYmw2w3lD_zMxj4tzydBVSY33qNcIpir4gNpxfF5g9tl_GU1NtmTks7Zg5UF6UKK_iMBRewsetp0XWQQ2A1ipggY5GCmTh3ZHZEp4ZELSLhrFFouWG9HCmiB5YestSmXaXfLDtJBBaqLaW1jYsjQCuitQdO6vtkUeuGmJHZ6xHiWZKZJBjw1FIV_IxbsXmT0i3pF7mLxx6SVr2xMmC4GOwST6Q_2vGSC2AZPk-9xiDBFRtqGzmcRcITKTQjkG50UqJByrHelsu9ofJhaxUycvtno3seN4_iqf5_ccplubRwiVCvq2VFUi1m8XUWL6JaQsZodht4wNuV5dPRx_RrLFSmUUzYxeOBBm437tHZQnXXbqQi5XzkqU82vKcK1rhuYdWqsdoWrpEDk4ne1wu3owhiU4VXcYb-LwcX4AhjR06QwximVwDTSlXK0HCY7L6ygUIw07jnRmiNlXORP6xMJjowtSO7KF8MFktWXjkn62n81nDyeft79bAP7LNfonLEz9eaSOx96zT7KHOpIky3jfFGc3xVROSy6yUvthZtOFYjXFUtWeafhifk0pEbzKmvgbntPLnImqmpjDREhBRBwn78gNAiUfLDjZ9-YINf0JlhqCgzX1LgpEWoitZsCt09l5rn3dCnEg7vd31JaC9BINfvgR2KH7ED521jrnjGShm9Sn2w1q-rNGdEFtTqJ18MRs6T7Hb8NhCBzYxqWtvyAbdg--mgZhbw_bosvCW3HxAu8SED1LoJ55NGGVr1inoq8_Ob2TlOBrYaDClK3m-VmgbN6hciHgW0u0ZXBdhLaAoIFXoFepXrKWFk2IYkMfFxcl7dA5VQB4I5nM1t-WsecGXkaMR6JvC5G-ZinqNPmpfy0UV75SeCJzXant2ZO0BlNF5HKJqu0lb1K2i95pheMafQUdxRQ7VekIiiJKcR6z6KtjKZErpTD_SUiWRWU-dgyFZ_yPBbshSB-wydw-4BBWRwrEyS_kNb7hz0KiW6xi7Q05QpwKjHB5F6tflD0EtV6G7ePuwSKwoGIwtFv0YFdmFR9ehQ9DaCV_x7YhZvTwNp38822B74v2Js1oJbcbJNynidRkWZR703GSPGwKqVltzppY0b86TgNP2GN_4UzyDrtMlkmpiLVXIfQpAV8FRo7OMkJ1DCEkSaynJLef1oTSPKOok6esMkBjzm9wQvmRSbFUfFTci8imTHyoLyJclIxH4a7o-Xl1jQ_3_oETuO3dFOQX8qIOgPwIhQThWeoz1I-5VbXw6s5vFdmDUFm5Wbl1QovcEDrxBkxLPk3zl4gBP0aLhEZ6CjWfWJGoAHXOr4YOOguu0bUc6LtFAcmrsEYRaaftx_1xc5Wq__J9ZCrE7nx3gNpGRqPcyUyKlytrKzc0EbZr1sT13kSg7OExnsfwLg3T50SbROKb68tvKZ7oXlxTzdrZO-qGXoyFKday2a6IdRgDP96_9hht0OYsdhKppmpb_DfMwLKxoeK_zmDOxdOfN2NAyjACqAZE0m6tlRgEXXG48E7IwRVPw_SDJ4c0V6s4M0fK7LzEzYs0M8leJ2DptU91qro4HuEdl0ZQ0K-3qAA9nYxrcnhXvFKCmsPQBvUoeMrMlzITCWjYF_iewrNXYLGe1blYy5vR1oyyNPaaNWep6c3aQfEnkGzMPOIGxSirKUeOgUWiGsxE4nhOfzdukJdSfO_vL_qgkkslkA34loMYlcwD8DAbXDOReqYZQ9a&cid=CAASJORolSQXB2ARse38S5zfm5ZInclU3UCYEQLRr8vRWGwgABCycg&rfl=1%2Chttps%253A%252F%252Fwww.mlive.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 22:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61810
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 22:59:38 GMT
16135056543295618162
s0.2mdn.net/simgad/ Frame B4B1 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/16135056543295618162
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4be6ea16b8699f933d761b913cb9b2658c87f51a0c54503387e52657b3751f68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:18:31 GMT
x-content-type-options
nosniff
age
183077
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28761
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 08:55:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 24 Oct 2023 13:18:31 GMT
sid
mug.criteo.com/ Frame FF32
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=mlive.com&sn=ChromeSyncframe&so=0&topUrl=www.mlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=5zEVx3xpZHc4a1ZRRmlpTTB0cnFVVU43TFk4SGcyTElSNEJlLzhCcFhTSTZFaWtEeXpIaVU2bjJJbXMwbzlQaGNQeXJXU0E2VGpiMWY4WUlzWGZKQy95SlFIT3huVG45QktUTTJ6U0pVTUJ4ZnIybGFER252QldvalJtUH...
422 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=5zEVx3xpZHc4a1ZRRmlpTTB0cnFVVU43TFk4SGcyTElSNEJlLzhCcFhTSTZFaWtEeXpIaVU2bjJJbXMwbzlQaGNQeXJXU0E2VGpiMWY4WUlzWGZKQy95SlFIT3huVG45QktUTTJ6U0pVTUJ4ZnIybGFER252QldvalJtUHNwWVhvLzF0MlN3bzRlY2I1YkdkeCtMMDBKWmxnTTVqMVRwZ0tsR2hXdUVIRWNtek5TUGtUeG9nVFkzQzdKZE0vZmN6NzNBZ0ZBWG12S085U2dyZFJBSXhiR2d0SDZ1VEFrMGV6cSs4UFRNZHZvZ2VOTlVRMHZJb3c1aDZNMDRpUmxlUThoeWp3S0xqck53UkZhemVhajlSVkF4dWdvUT09fA&cppv=2
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0f9fbc6b366749404cce21450dc8bbffbaf75641884f2f252cadf3b34b13e48c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:48 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
12886963
expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:47 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=5zEVx3xpZHc4a1ZRRmlpTTB0cnFVVU43TFk4SGcyTElSNEJlLzhCcFhTSTZFaWtEeXpIaVU2bjJJbXMwbzlQaGNQeXJXU0E2VGpiMWY4WUlzWGZKQy95SlFIT3huVG45QktUTTJ6U0pVTUJ4ZnIybGFER252QldvalJtUHNwWVhvLzF0MlN3bzRlY2I1YkdkeCtMMDBKWmxnTTVqMVRwZ0tsR2hXdUVIRWNtek5TUGtUeG9nVFkzQzdKZE0vZmN6NzNBZ0ZBWG12S085U2dyZFJBSXhiR2d0SDZ1VEFrMGV6cSs4UFRNZHZvZ2VOTlVRMHZJb3c1aDZNMDRpUmxlUThoeWp3S0xqck53UkZhemVhajlSVkF4dWdvUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
604773
content-length
0
expires
0
596
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/596?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=3b4b2f9a-cfcd-4e48-a5b3-5843459e43a6&bctempid=&overruleReferrer=&time=2022-10-26T16%3A09%3A48%2B00%3A00&ts=1666800588541
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-59.prg50.r.cloudfront.net
Software
- /
Resource Hash
f1c2ed75dfb9bc4a14aab2475f1dd50bf867030fae38b5082b9130daf07970f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4244
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
6xa_5XTgMaHocwFjTsy8Zgwq6T9pjy6ZuHQGxZ5UMkApaAk2rRAOBw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
container.html
29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C38E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 16:09:47 GMT
expires
Thu, 26 Oct 2023 16:09:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
event
prebid-a.rubiconproject.com/ 		61 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.159.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-159-87.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 26 Oct 2022 16:09:48 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_DFP1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=5&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1666800586484&de=479536118281&rx=632691032251&m=0&ar=e27dbc83ae5-clean&iw=bebc529&q=1&cb=0&cu=1666800586484&ll=2&lm=0&ln=0&em=0&en=0&d=1491967615%3A571433575%3A1731144295%3A138224669406&bo=343101415&bp=387186655&bd=undefined&zMoatAU=%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&zMoatProduct=homepage-beta&zMoatPS=-&zMoatSlot=InFeed_Right_Tall&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=1&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387186655&zMoatJS=-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&dfp=0%2C1&la=387186655&gw=advanceddigitalheader640552616592&fd=1&it=500&pe=1%3A1759%3A1759%3A0%3A1811&fs=200656&na=1716849811&cs=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 26 Oct 2022 16:09:48 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 55C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEOkZrjie_FeVdyPDCYgQDWmOXGjEK3IpD8BuA-KWCnY1wRqWCreKNBmT2t4BSVMUqDCXPJIIAjv6FIF7cbzIlCgfJpHk5tFz3o_jG_dxFTQtdsWKrojU75_JIon85nUdLbCOoxcNwj8zvhfosYebPE_Bga97YOe4TqdCznIwDc_59PnavU666xBR00PZt1psU8AAMCLPsD8mUoW8QpXziwfzIAnpO6PUEvsCn1Oh_nRBFYHHUPs6WXX39I7q6SVJs4czm-sCSs5VbD6IiqkaNP9OQQQXJP8qIdP2BtRBa3SM2R9ClRzNyBrQOubkjBG4jny5ZVqiRYP22yHw&sai=AMfl-YTWiV8Ygs6CMcKVfEleVFEVmH-vcUNgGClJNZXdw9eYiQfzpA08zrfcf7i3ffNxZd9p7IC_3gWDa8CpsLhQsI1-RfZdkyNe8rCGaIlT1K-UlVWD1HM47hEHFDV6J4XE&sig=Cg0ArKJSzJrpYMHSkqvmEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
/
realestate.mlive.com/ Frame 55C9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://realestate.mlive.com/?classification=real+estate&temp_type=browse&tl=41&showcase=on&tp=RE_mlive&click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv9_zIquUE-_iP6JN5xuC3W7fjuNLxo2TYsU2I47II6K55vGNPfWO9OK1m3_vB_WlpmU4sRnEvGDBr7EEEBk_DiBv_nIQgCy_qrBbcqKgd258KhBsq9o0mZQ7XRJ1_fliEvJ9v7zdowR6gXFcwXdQ9Ir_JkNuFmAMQWN3eNebj_PIMtOaRu7SkHqJkfsiKZScjiIlPIRwymw8rcp4iyuZQNm9qAB_p7e-J-9E6nFGLonHrNtdnrqgS5jn9JJbyfrFjwjLgLnbXF-8pV3bSA7J2xpZ3IVbebYrBWZK6hZLXpRSOR0vj_aPVLt9G4C17M4IPSGvOyX52rVxw&sai=AMfl-YTs6MouNoC-FtRm_OBupJxf7dYv_MS5Y1wK0xJtz76QraBhXuH5_3oGm_YveDuRj3HTp4UsWjCVTe1CGPcfwt0siQkJiF5_Ph8sQX9Hx-DBNoaxHKMODK2AhI2l3-Au&sig=Cg0ArKJSzLL4s3bcR0VfEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=&v=4
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7ea049c6bc5adf945840be4031437bb95482e16a0691be4f11f9762080b28caf
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Wed, 26 Oct 2022 17:09:00 GMT
strict-transport-security
max-age=315360000
content-encoding
gzip
date
Wed, 26 Oct 2022 16:09:48 GMT
last-modified
Wed, 26 Oct 2022 16:04:00 GMT
x-shield-cache-expires
10
age
0
x-timer
S1666800589.719733,VS0,VE155
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/html; charset=ISO-8859-1
cache-control
stale-if-error=3600, public, max-age=300
content-length
1818
x-served-by
cache-iad-kjyo7100111-IAD, cache-hhn4061-HHN
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.mlive.com%2FIFRAME&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKm3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oCAEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-epp8RG4580cdYQ%3D%3D&sc=1&os=1-YQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1135&gp=155&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&pl=0&f=0&j=&t=1666800586484&de=479536118281&rx=632691032251&cu=1666800586484&m=2085&ar=e27dbc83ae5-clean&iw=bebc529&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=155&lb=11764&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1759%3A1759%3A0%3A1811&as=0&ag=20&an=0&gf=20&gg=0&ix=20&ic=20&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=20&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=39&cd=0&ah=39&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1491967615%3A571433575%3A1731144295%3A138224669406&bo=343101415&bp=387186655&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387186655&dfp=0%2C1&la=387186655&zMoatAU=%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&zMoatProduct=homepage-beta&zMoatPS=-&zMoatSlot=InFeed_Right_Tall&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&tc=0&fs=200656&na=1649357360&cs=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 26 Oct 2022 16:09:48 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 6843 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 26 Oct 2022 16:09:48 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.159.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-159-87.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 26 Oct 2022 16:09:48 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 18B0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
125289
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 05:21:39 GMT
expires
Wed, 25 Oct 2023 05:21:39 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 73B5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
14895
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 12:01:33 GMT
etag
48472445140208031
expires
Thu, 27 Oct 2022 12:01:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B4B1 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14a1b93f7974087a1ddcc730555305e250824429401bacf293157cd28c009a3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
event
prebid-a.rubiconproject.com/ 		61 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.159.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-159-87.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 26 Oct 2022 16:09:48 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.159.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-159-87.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 26 Oct 2022 16:09:48 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 216F 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiCsOjSATAB&v=APEucNV6Y9eagMH6-isC6dLK-Dgy1FXAjmVjeoEOQYteFqap_WzHjb17jlXMZG4D9bh7jVZAxZXbmBkEPB4eIuDh_r3mDCL870EZFLWLFbT1vvJyfo9nBTWAhg5hUPeOSm23egObZ3NwSUAPCpg79XVnLwym4hdqyOe233Rv2Y4qP9fBFgGHCCzj_7JzjpDgdC_7YYkv7KE_
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 16:09:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame C38E 		85 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D10F-lV0ND_2d483iCjEJabvhyXxyUn-16C0xBCrBUW-z-cokM2uwDQsjFMpoj0rhg6RzmCRUR-x-ulhYRB271fzKfsrvTS7CVXRiImANHG_tULDmCJcG-QB2KA_KIuQeop2WFWU8cYvD64oFB0ZFyjXcpcTVUkTJsu6wFGrxdeBhFSaE&dbm_d=AKAmf-DknzaPZRv-TOP22AIuMcSZF5XcBcii6Y1BmO3L5e-oAcNqHnPE2JGUssKblmEYvdwBwHk_nLdmZ9cZ0ibdlN1FDgbQERCP-ubpNr95avHtbgdwq3rI2t5kbrk7FVf2BNg1_y7UzLiGutK90f57rJ9QPL1Aw_b5RE4aOfVY7Ua7Evela4XgtfnoHvkPaXxK8D_Y1HJm4LiZQedkZpj-jG8P7yFNmG0vz70XdLjSXM-bnNBIfsJP9xVzyvb1x2lSASPzLhWDolZEeWuDCbaRmK68ctlhQGHSvC7QYKtaBG8Sy0uteCQy0oV6PMoMrqDc5EybIJP9SlEsbp8ItHQMjYVvSfVFYskYb-rr1kR3-U3c9nwkRdgmmrHiTeqTz2Sxy-onIEOuG_uJXvUBjt77LMXDUKIadN81nZ9asgxfo3KUJDQBDNTQij8nysbD22CHrDDjHNj10P78WCudpQxwSfALv7s6xURFMC3sGaZWUUeFqajW6xlEObRg44cDyYIWx4fFFd_6E0AImhVctST9Pb10NyYEWdBBT9rVI1_ozwX5C7ysu467poBHig7aYIg8yITWU0jfOp3g8s7HhWte4vvMlps5YIFSLu2LLI7xCawnrySe7sV0qtISPBxC7V-vAompXUtVBghbhonAbn0887PicJuXcdoTTPOe_7IGV8BA1GfPvEy7bnxo6_49N_KDOjQaFWGE_xKEE23w3MFH4Bjs4xW3n6SPie2485nT3bxa9cJ6wQJ4wj-nxK0faALvlSiIOcvcOWjS1G2x85o5SQfLS_M1d1fcI0xb0w3EihHhJrmJRoTnn0WntwwsKLharsuj1skhCH8A4apqY--290dxjZ4cumpZjxC3dBhEzvdcPTR8OIBlAkZGbQMpH2Qq6Nx67QWor-0_328612Enz9WLGXTGXIygdsOlpXL0n1GexHS_gJ4I15mAFzZ_F6hrxL9wffgi4Qo9ZWwsSr205VjUp8HFMdmpqrpeZuc87aWpfEDcCqipwlCJ3OwWCqdEaoLho3pRTqIPQjR1mvpS20VyQWBTMJr3S9Q5U-mpENkwU4TqV7JSWg-jg_u9Jlv3O-hGgDqPs_ZZgBXPaDxmxD_3NebZPu4EX9qN_Wg2sIlfH8z4JNM7fKqloX8gi1T1El1IBLYrj_ruwEL23E43CIuJlUAe8d4aee-i2tHRKR2jWUtex4nw93rxT2pB3CEjY3wsWfq-SeDjZ_c4yCG5Zzgmh1Ixb3voZ4JQg_KuyPm_j6rnHgF1zN94vw7cnf2-RWGFgf688HPcWgtS9RClzZtV2LsCmBRznAriWFrrt_Wgvce9AkY7VGp9FnhbTE3nhyxNPmpxGiXrwAsX8Gzycpi1BK2Oq81gt0BJO-ZE027Q-f6vBIh5EqfHXFOMVjIxjmRQXZAT1enXhaWYf8pHgZRvM4myjkiQxtQj7nYPQiFNWe5erieIJBp_bAbMeq-GEDIo25KhuoHR5uIWtRtQz_0vieiwWilTCcGhdBu9jpNoUXTqpTBpcbnYK51kksGnkOEdQQaC5g6ffnzI-7pHLVO8FZfpKY9lTL_oGFGkqyoiJMgoyBrxvmpV_-KyWtLGYIRQPSosDn0Qb8i2aCT6utRol8l4p0m0-b6Ai5teWrNsCnxvNz2mIINvKn6JlIf8g04bWe58boS7hnb1Ee37XW5tfnSEzaoJu5uZgYXYHDr26B0tb7Y-itOlB4QLZ_W5KCdNGjJta1cnKlAClIOcKpl_mP-rkyu3z3xSlKzb8GVCkuif3QLVaUM9HDvWJV_ILDZ2bJogdiQJC8P9kw9F7i1CKZRUxdh3B98-o7TnuQBh0UC4IH7G9tCA_5oVqNPuhakOvDdhXxsIrwWi9G9OtXZYitD3WMl8OIuQsfZKjOijlA9L3svnj-w3M9SIFirDDdszKlKtp5_LgO_Qe82tk0F33JJA_XzkaQzekXq5S-8e_x7LSL0Wz3zSSlvlWLX0zKMaSKNx_IKbvvQpG8NP6qnAzgVFsOOAmQyStnvTs9NGhFVRZ4NmZGfxgZ5O1Rr-NN2tl2EWdckVzMmHsq48FDCWuLlcg9n2jGgdTkuOtbJiG7Pf3xRVpqmVbCl3rVzCgvvEjI-O8fEtc_Lq-8BQPXX2Bg083aA7mQpDhtcmaAI9u1fR5RV3hHXIIVUUrrJIZjjc3lTu4niNobsqMT1CaR9MLhG3Mc7DF3d9xzE9_PUNvb4jboCkBMhILMmWQDani9P1C7c3yta_hQO0iQl_Ae_N7VIDRHRwnKupItlEqboYosh97UOLkgP_xwNNvcTy6J8HPUHTMvQVm_X2m8F-zNjmXs1QYfBLslcDLtHW3NXzJXgMZpUii4zebTkOMQoX-SELTDyx9ObT7UGRFHLFmBXAMHrHi_Ruzpdfqbox21_g3O999W5RLZ3JIJ5j5ryOOG95mxEc_DrL_g9qXkp2RFY6-wn3PB7CpSxLeOVxQ3SZh0gSYayfoMudu5l5wEQhXrDinqa9-xbIcFf95MhDNe-B5-hgqhpNb3YTk1JzMA6dq7BIuBo3kjy0pJ4s6oxY_MLd_GiHuiO9AdCWq9DobpBPAyZqI43vYrteg37ISXxCevwfbp9I2x3lAcSJgxj-pWSNeZPzS4cuOA5aN2C0miO_8ph67PCsOofmiGn0X__PSx51hj4TFOHh5u5-fou-2kGbCRjobPb4MthTjgIXl214tcQZY043zxV6KqNAEJ2n_EefEC7yCeX9d4tgMleNuG0ipOf7_NVBlm-FIk7Ked1PBixNoViNhw_9uKIMMHEcppkXyNsUC9Ts-kqOzeGhETEx9wzyD0mzvko8VQ4ezApXJyABtVh6Pcn8yBbhmfl_TdMDMotvGA6TkU_sRt5HK18znoD6Zerx9b96k-04tokcNDm2_xZDa7YjdxM0FTfpUoseqVNBkEl32yTqxL7X6CW5yoKktAQGoqziNVS9TBfuLJR4T1_tLhCkCGwCNdGNfsqVyj8z2nWsuBSHbeMvbjV-CoU6q4SkrqA3-__Otth_KuC-2YAqKqQX30CewjKv1A-9qY_5Gbn6vtBUpAIVDwWfdLJ0uN7sd1L9QvebPLm_pTGnciN8RQtqCVmBifQgean8OBaKwbyZ6Hrw0kfiMYsN80KBeOcEXsEPPItD9bXUCvGVSrN31G2cGzSebDjLGk9_Gyg_rSpY_dSUr-BWmh8MBC0HZGgOinvaVd-ZNUtZKzCDSsFjLYOijSPmTtbHZ6a66YSfj0jHKyjoEYbwn9anrIXx57ilkmFItNJmeBHRDArn3Y11Kuv27zYeYqEhsNRBY6GlKNxkLSiBNNHGXld3aLJo&cid=CAASJORoXk9S_7alKaT0bg9m-w3nyTDpmVI-NMrkmRsPJRLU-cnbRw&rfl=1%2Chttps%253A%252F%252Fwww.mlive.com%252F%240
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2aa3fa2fa89bd01086f72bb600b582a12c381e895b74bc058a1faff6483ab355
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35402
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C38E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0iSbomXyPAj0A4Nb-ymI7Xsr2wcKKK1_xUtUBfsapTQU3Gca7Q9Eb8_Eqvm9H4DVTQ7XDo9pv4-Wo9E5p-dQTrwlxmfgJ4uhd5EJSCZHqvom0GFs
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame C38E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 10:14:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
21346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 10:14:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame C38E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 14:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6427
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 14:22:41 GMT
l
www.google.com/ads/measurement/ Frame C38E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTDvxd7879GzZ1voXjOZMwvVMy85LxpSYymPHhUciCeRPrr5ljGS9Rz1OpPLQHydP-XEAo3zSon_Xm8e3s7rOyxHAu1NQ
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C38E 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 16:09:48 GMT
vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
pagead2.googlesyndication.com/bg/ Frame 18B0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:08:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16061
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Oct 2023 13:08:13 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B4B1 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZjch3RLLF5PuaDKuWEQQ-LfK7Qogkhfk54IoBErS2T-DkWHkGJ_mJNQR8ucZGqXEqe_lNgF8PrTbyIkBlwY-pfb6pLgM6-LDSZN-rwxDWbceX47P3mqCJxX8lfMSusdUxbmPtZ6RypL3FmpL8T8zf4LIDBs4cJnQHpJoEOZNAtdoGvuZDptqYoctiDqFi2giRM8UYJn_yoWOdUEs3jaz55TZAdMzfnJEVXeZb1y04uzPFUuILJe1y0iS7pvnJWzlkt-a280S6GAFocvTWsUv9j-yIetG0j0_JmYuq7nHcBd7sIr0erreaWD4rgW_j17JoFZhBOHh-CDqzhrWelpUIlLjsZCc31ldPbzPgf3i5lXyCvZ9DD698wCBmnFwvYcJ6NfJNw5eGCOQbxgD725SFRA8TPI5RQg6YssOYsKsmNOhba-CXdaCqI8KP_hRYlgaoCvgN5mCxw4Fi-cAlNgtHRX70uSEexs9E2cn2nQL_BEcoK-iweSv_TmXRxEGMGvDURgWCRNP3be8amnCoz3w5-D4NGrbt7sC_nPP2JZhm72V9ieed33GV6BPm4jkU1L4X1b3BR2LaZMxbcL7zLLW2sbwf07fgPI6FeK8lZvLdhsVWJ_e_m5Tv7vP6MemuPLNA0z_9j252yx1_c048VbR-HfTZxoz9m_64llRKZ1I8R-GGo5VUBPSWR_-qtsO2jQhtdA0gCmjliPzAfTA-jW1TPNk-Xm9aYWljvkDpsVlo_rDkoIVckrQYAuRk_FTHYpC1JHqCozJgcqQPBhO960atpSCM9y9k0dr0rcgJOf1bVBoIxqjs8kN6VK4_-_Rj1NDCSKclfRvLeDzz9S7580GM9fN48oy_UBp-6ncZXGm3mjTwY359CNV-ny5_Px9DjZWuub_WS4FDCgCxZH-fuGDMpGu296QFSVppIaPqtbOqsUC8ofILhP-RClMAK9VM3G624DYLD6OqL0rZx7rSdKFobM3g9y-8vWjs4unqhxtuYVx2s12Rvw9PS1iEZI--45o2QuLk6uat-8k1tbGIqqW9uAWvtmoTRFNl9TwnU-q0YmHhd0k9aSCPJ5Bw88WkK4h2TGVWx0fB9PDJQmYZy2ZRWsFDa6wjXS28yVeYXQSaWEXN6bMnZEONvpJ3h3P16sdV5C64L7Z86P1Yhv5gMiydcFcTZYAl1kxBvuiWFdCNHnygfXeVwvvI51aaQj72Tr4keRugm6yo7duvWXzHGp-J7AhbKlqauVAbtfNDmYlT6QM35DxvnPDe6ghKyKBlpaCOUjRZfvGDCz6__1_tFZwYunseMD8e&sai=AMfl-YS9L4wsRkyB2Skrwszj5dFthi5QzAD0hdkGlB7SN8N3jtto-hNGVVOf_oYk1hS5nkhSyv-FB0RACxO58p4tjT57pMlI0pfK1bUxSnlWkWjZ6gGqvh2y7vmCrITJ7m0I6AFFyHR5oRWWQMBCx3yIy4FUcutCdn2RxInlQEJLTo7sru9tB_hbnVNeg8lepCge7tmcrCe_nN5Rw1xgwZCLzYnyjzk&sig=Cg0ArKJSzA45LHeUNNerEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=270&vt=11&dtpt=269&dett=2&cstd=0&cisv=r20221020.00823&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DILg1FjbcuQ0zYSPKIyyOe5O2RWWb5uJFx0e9nHbhX999FyBgSbURLKx0PZSNJ68KOvficsj6CJeF6gYrsAuBdvIi0tAPMxRjVahBXsRvOjxHywNaihG2le25rQQWNtoC9AxhUhFpTYSaEHIUHtpi3hiDSPoBkR2-FjTV5hRkjizszM6M&dbm_d=AKAmf-B-OGfdboRKoDIqCifUn0LsSxYYDKFAAw8RfkYT2ynHx9e_ax6Vyh2tzeqBiUCRObPjy9UlSYhaxuOVD2_ukyYDzJ_66K7RbgrU0wvHRueeyEkqlR28O6oYSKS0ygI0CIM15zoSmqtfMzDIr5j0q8Og2TQCEjwdiuhKW2LZJQGWpWLR1hfL3Bv4mVYyNlJklwVfALUuf93ETJzcrJ_FRm_l0WDPi1Lmxc6Kl6CQdTbxLxPekDCEcVKI64DtaQOZoyS7CVKxtk3DpnmSkDsYhB7f7wr_4Tu3Vd0lLe4ioFU34fSvKUvbr-x92POLOUpeVFge016TrrnUKuhFb5NLCgpQlD-cBQoFkadtOb7oLUDGXPRkIPAl_cnKHruoMWomzuT6kGfi57ZCDaZ0gHUi2aqihjDYq2zt7Kc-HzgeBJ7yp_BaI4V9CHoa2Zjld6V2_B_zdjvjtliTe68CkSE_3lE9rhRj7-3QazD6CzvpV2HZRabvtqGsHH-BHF7byHYoVD_VgY1FoJ6yqphNRbnCMtpgdKMqgZW7A0mo_Nplcu8v7gc8RVKQB-r83djJ4t38FwG3ysYgAi8Q5xzxB4qOdHlvuXyzjrWiV0oXkvDXdZKAKq0Z9GTxrzhOHCdBru9WbwjUCc9qZ_o1iMzkfXcslwueJpplFs-585tXh6u4VpKmjTNJ6LEwelupyKjbs749o12DvclSmTp_iTsxzqBI44VB1GOPLhBA3hGRNZ9V1OzSRpH8NthxVK6VLmCtvke1zmZPniFUt0AqpFdm22vBqGH1mXPF06psVUkHRZSwcLVHJml3_aFFo9iNxiRClKawqShi3VFFwd7oBlJBeUgNSLR5Vi7jXWRujsM7nhJcSZKERjubklXROZ7fKg67ovHG0G4EQSDwCxXnh8VLQRN9PLOnr3fWsm1qPYmwWHb4FzMR1Fg49IfR4PzEz123c3-f2qTHzmgkE7xMKsMn2UylF6rRX6y8jIhmyAXsXCZLf3yzsztafuHmsq_Akq-cIUT0yXOy7RJ5zp32MXWZvHB_6M0yoJwkjJKX6VPD3EWIBbNPHroO0bxASJFmWHb4_sIoim0dRwY4LmCncV7rRR-Z8Kp0zXL4uJoAvGGEx02RHURtULSYpKwsWkDBLn6jy7EBIYf06C6NoqyvN_V8s8cId1lQkDPDcwQaisjW4YcdeO2omUg1mt_tQ6Qf22vW8e9VgYjzzYNrF67LxSSAKZOgphnvk8Z82-iiGRYd2tEKC1uxYBeZ_ggVh9epNWsofGSvPIrf6jhp6CnZxI17AA4v3y2QszPoQR7rhujq_YXKcuYYozMijeK-WROdFIERkO_StlwJY5yZn0iPWVNKP8J5AEk9oCAma3Gxlx5CHpPBtMsqqMTKhRWsHA4xmFMPvsJ3HMhaGnepdAf-a5vgX6iiJBSeGzruvyMBociYbX-lBkbMlk7mEpNtdAFGfgvdCzCN9l4pUDJbbTvZGEdwxAVrUhgnZ9wuUH-4cYoL8TD6gnCb1cCn_OuXgCnhPPeKxC40IoxfEefqwdhBS_cIgkehIOD2Qawvz8fc_-Zb_bSQWycnJwQPJTbIWG53u8XTRLak5yDNt71Ngsboc5-YAPtlXGTIDKme734AhKhwtQzGJFPjeOELfHaf7ZR9o98K1Ua5ePGrDYmw2w3lD_zMxj4tzydBVSY33qNcIpir4gNpxfF5g9tl_GU1NtmTks7Zg5UF6UKK_iMBRewsetp0XWQQ2A1ipggY5GCmTh3ZHZEp4ZELSLhrFFouWG9HCmiB5YestSmXaXfLDtJBBaqLaW1jYsjQCuitQdO6vtkUeuGmJHZ6xHiWZKZJBjw1FIV_IxbsXmT0i3pF7mLxx6SVr2xMmC4GOwST6Q_2vGSC2AZPk-9xiDBFRtqGzmcRcITKTQjkG50UqJByrHelsu9ofJhaxUycvtno3seN4_iqf5_ccplubRwiVCvq2VFUi1m8XUWL6JaQsZodht4wNuV5dPRx_RrLFSmUUzYxeOBBm437tHZQnXXbqQi5XzkqU82vKcK1rhuYdWqsdoWrpEDk4ne1wu3owhiU4VXcYb-LwcX4AhjR06QwximVwDTSlXK0HCY7L6ygUIw07jnRmiNlXORP6xMJjowtSO7KF8MFktWXjkn62n81nDyeft79bAP7LNfonLEz9eaSOx96zT7KHOpIky3jfFGc3xVROSy6yUvthZtOFYjXFUtWeafhifk0pEbzKmvgbntPLnImqmpjDREhBRBwn78gNAiUfLDjZ9-YINf0JlhqCgzX1LgpEWoitZsCt09l5rn3dCnEg7vd31JaC9BINfvgR2KH7ED521jrnjGShm9Sn2w1q-rNGdEFtTqJ18MRs6T7Hb8NhCBzYxqWtvyAbdg--mgZhbw_bosvCW3HxAu8SED1LoJ55NGGVr1inoq8_Ob2TlOBrYaDClK3m-VmgbN6hciHgW0u0ZXBdhLaAoIFXoFepXrKWFk2IYkMfFxcl7dA5VQB4I5nM1t-WsecGXkaMR6JvC5G-ZinqNPmpfy0UV75SeCJzXant2ZO0BlNF5HKJqu0lb1K2i95pheMafQUdxRQ7VekIiiJKcR6z6KtjKZErpTD_SUiWRWU-dgyFZ_yPBbshSB-wydw-4BBWRwrEyS_kNb7hz0KiW6xi7Q05QpwKjHB5F6tflD0EtV6G7ePuwSKwoGIwtFv0YFdmFR9ehQ9DaCV_x7YhZvTwNp38822B74v2Js1oJbcbJNynidRkWZR703GSPGwKqVltzppY0b86TgNP2GN_4UzyDrtMlkmpiLVXIfQpAV8FRo7OMkJ1DCEkSaynJLef1oTSPKOok6esMkBjzm9wQvmRSbFUfFTci8imTHyoLyJclIxH4a7o-Xl1jQ_3_oETuO3dFOQX8qIOgPwIhQThWeoz1I-5VbXw6s5vFdmDUFm5Wbl1QovcEDrxBkxLPk3zl4gBP0aLhEZ6CjWfWJGoAHXOr4YOOguu0bUc6LtFAcmrsEYRaaftx_1xc5Wq__J9ZCrE7nx3gNpGRqPcyUyKlytrKzc0EbZr1sT13kSg7OExnsfwLg3T50SbROKb68tvKZ7oXlxTzdrZO-qGXoyFKday2a6IdRgDP96_9hht0OYsdhKppmpb_DfMwLKxoeK_zmDOxdOfN2NAyjACqAZE0m6tlRgEXXG48E7IwRVPw_SDJ4c0V6s4M0fK7LzEzYs0M8leJ2DptU91qro4HuEdl0ZQ0K-3qAA9nYxrcnhXvFKCmsPQBvUoeMrMlzITCWjYF_iewrNXYLGe1blYy5vR1oyyNPaaNWep6c3aQfEnkGzMPOIGxSirKUeOgUWiGsxE4nhOfzdukJdSfO_vL_qgkkslkA34loMYlcwD8DAbXDOReqYZQ9a&cid=CAASJORolSQXB2ARse38S5zfm5ZInclU3UCYEQLRr8vRWGwgABCycg&rfl=1%2Chttps%253A%252F%252Fwww.mlive.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
596
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/596?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=3b4b2f9a-cfcd-4e48-a5b3-5843459e43a6&bctempid=&overruleReferrer=&time=2022-10-26T16%3A09%3A48%2B00%3A00&ts=1666800588829
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-59.prg50.r.cloudfront.net
Software
- /
Resource Hash
38d6a12cc103ed0a924a042383d0c8257452f39ea5af90d832d117909fbb1b41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4238
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
8GmAojh2a4gS0yMvpioZ2GtI_Y_QSZiV9h0-mq8aWof-aB1sG222fA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
4.js
static.adsafeprotected.com/ Frame B4B1
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1211306/66366053/4.js?ias_dspID=3&ias_campId=1009359348&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=18640445752&bidurl=https://www.mlive.com/&i...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:224a:2600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 15:25:11 GMT
x-amz-version-id
34.L7jYeiQbYBP5N5FblsvMttZfnsaBa
content-encoding
gzip
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
2678
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Wed, 26 Oct 2022 15:25:04 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
m373ydvefNtfwTpBR_vLQyIk3d8yK4gV2GQ6MbDfyFJipvOj74NeXQ==

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:48 GMT
server
nginx
x-server-name
app16.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 18F7 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
3026012
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
5VMaftlmcRf1Hhg-sSW-u0zZZehjHT9Y0Mb0mylBYX0F5XkOp0yUJg==
dt
dt.adsafeprotected.com/ Frame B4B1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1211306&asId=db2a79c1-7682-aec6-3b07-20cec73b70cc&tv=%7Bc:saoMuN,pingTime:-3,time:65,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:33%7D,%7Bpiv:0,vs:o,r:l,t:64%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:65,n:64,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:33,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B53~1,0~0%5D,as:%5B53~300.250%5D%7D%7D,%7Bsl:o,t:64,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tlo1pfS+11%7C12%7C13%7C14%7C15*.1211306-66366053%7C151%7C1521%7C153%7C16%7C17%7C181%7C19,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:38%7D&br=c
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:b95e:67d4:aaa7:d102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
server
nginx
x-server-name
dt26.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B4B1 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1211306&asId=db2a79c1-7682-aec6-3b07-20cec73b70cc&tv=%7Bc:saoMuR,pingTime:-6,time:69,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:69,n:64,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:33,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B53~1,0~0%5D,as:%5B53~300.250%5D%7D%7D,%7Bsl:o,t:64,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tlo1pfS+11%7C12%7C13%7C14%7C15*.1211306-66366053%7C151%7C1521%7C153%7C16%7C17%7C181%7C19,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:38%7D&tpiLookup=ao:www.mlive.com*&br=c
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:b95e:67d4:aaa7:d102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
server
nginx
x-server-name
dt27.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
jquery-1.8.2.min.js
static.advance.net/static/common/js/libs/ Frame 55C9 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.advance.net/static/common/js/libs/jquery-1.8.2.min.js
Requested by
Host: realestate.mlive.com
URL: https://realestate.mlive.com/?classification=real+estate&temp_type=browse&tl=41&showcase=on&tp=RE_mlive&click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv9_zIquUE-_iP6JN5xuC3W7fjuNLxo2TYsU2I47II6K55vGNPfWO9OK1m3_vB_WlpmU4sRnEvGDBr7EEEBk_DiBv_nIQgCy_qrBbcqKgd258KhBsq9o0mZQ7XRJ1_fliEvJ9v7zdowR6gXFcwXdQ9Ir_JkNuFmAMQWN3eNebj_PIMtOaRu7SkHqJkfsiKZScjiIlPIRwymw8rcp4iyuZQNm9qAB_p7e-J-9E6nFGLonHrNtdnrqgS5jn9JJbyfrFjwjLgLnbXF-8pV3bSA7J2xpZ3IVbebYrBWZK6hZLXpRSOR0vj_aPVLt9G4C17M4IPSGvOyX52rVxw&sai=AMfl-YTs6MouNoC-FtRm_OBupJxf7dYv_MS5Y1wK0xJtz76QraBhXuH5_3oGm_YveDuRj3HTp4UsWjCVTe1CGPcfwt0siQkJiF5_Ph8sQX9Hx-DBNoaxHKMODK2AhI2l3-Au&sig=Cg0ArKJSzLL4s3bcR0VfEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=&v=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 26 Oct 2022 16:09:49 GMT
x-shield-cache-expires
10
x-amz-request-id
1167TPB8Q9A6T6KK
age
183
x-cache
HIT, HIT
content-length
33434
x-served-by
cache-iad-kcgs7200153-IAD, cache-hhn4061-HHN
last-modified
Mon, 07 Aug 2017 19:26:12 GMT
x-timer
S1666800589.072084,VS0,VE0
etag
"cfa9051cc0b05eb519f1e16b2a6645d7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=300
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
modernizr-2.6.2.min.js
static.advance.net/static/common/js/libs/ Frame 55C9 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.advance.net/static/common/js/libs/modernizr-2.6.2.min.js
Requested by
Host: realestate.mlive.com
URL: https://realestate.mlive.com/?classification=real+estate&temp_type=browse&tl=41&showcase=on&tp=RE_mlive&click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv9_zIquUE-_iP6JN5xuC3W7fjuNLxo2TYsU2I47II6K55vGNPfWO9OK1m3_vB_WlpmU4sRnEvGDBr7EEEBk_DiBv_nIQgCy_qrBbcqKgd258KhBsq9o0mZQ7XRJ1_fliEvJ9v7zdowR6gXFcwXdQ9Ir_JkNuFmAMQWN3eNebj_PIMtOaRu7SkHqJkfsiKZScjiIlPIRwymw8rcp4iyuZQNm9qAB_p7e-J-9E6nFGLonHrNtdnrqgS5jn9JJbyfrFjwjLgLnbXF-8pV3bSA7J2xpZ3IVbebYrBWZK6hZLXpRSOR0vj_aPVLt9G4C17M4IPSGvOyX52rVxw&sai=AMfl-YTs6MouNoC-FtRm_OBupJxf7dYv_MS5Y1wK0xJtz76QraBhXuH5_3oGm_YveDuRj3HTp4UsWjCVTe1CGPcfwt0siQkJiF5_Ph8sQX9Hx-DBNoaxHKMODK2AhI2l3-Au&sig=Cg0ArKJSzLL4s3bcR0VfEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=&v=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
64099d5dc2b3db16074ee223048cefc171144ac08bac35abab300c1f6e2a4ca7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 26 Oct 2022 16:09:49 GMT
x-shield-cache-expires
10
x-amz-request-id
XYZ8G5JHJJJQXZ0G
age
194
x-cache
HIT, HIT
content-length
5846
x-served-by
cache-iad-kcgs7200097-IAD, cache-hhn4061-HHN
last-modified
Mon, 07 Aug 2017 19:26:12 GMT
x-timer
S1666800589.072133,VS0,VE0
etag
"f4ca648ec6fcabeeab7bad26492a11bd"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=300
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
showcase-rectangle.css
static.advance.net/static/classifieds/realestate/css/ Frame 55C9 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.advance.net/static/classifieds/realestate/css/showcase-rectangle.css
Requested by
Host: realestate.mlive.com
URL: https://realestate.mlive.com/?classification=real+estate&temp_type=browse&tl=41&showcase=on&tp=RE_mlive&click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv9_zIquUE-_iP6JN5xuC3W7fjuNLxo2TYsU2I47II6K55vGNPfWO9OK1m3_vB_WlpmU4sRnEvGDBr7EEEBk_DiBv_nIQgCy_qrBbcqKgd258KhBsq9o0mZQ7XRJ1_fliEvJ9v7zdowR6gXFcwXdQ9Ir_JkNuFmAMQWN3eNebj_PIMtOaRu7SkHqJkfsiKZScjiIlPIRwymw8rcp4iyuZQNm9qAB_p7e-J-9E6nFGLonHrNtdnrqgS5jn9JJbyfrFjwjLgLnbXF-8pV3bSA7J2xpZ3IVbebYrBWZK6hZLXpRSOR0vj_aPVLt9G4C17M4IPSGvOyX52rVxw&sai=AMfl-YTs6MouNoC-FtRm_OBupJxf7dYv_MS5Y1wK0xJtz76QraBhXuH5_3oGm_YveDuRj3HTp4UsWjCVTe1CGPcfwt0siQkJiF5_Ph8sQX9Hx-DBNoaxHKMODK2AhI2l3-Au&sig=Cg0ArKJSzLL4s3bcR0VfEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=&v=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40093933237cb4fb5b077344618f6d2ded4ee7c7346b4da9222a76d094f2d7ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 26 Oct 2022 16:09:49 GMT
x-shield-cache-expires
10
x-amz-request-id
YAC6E2CB3HRT61HM
age
97
x-cache
HIT, HIT
content-length
998
x-served-by
cache-iad-kcgs7200105-IAD, cache-hhn4061-HHN
last-modified
Fri, 25 Aug 2017 17:48:42 GMT
x-timer
S1666800589.071995,VS0,VE1
etag
"5975610883850755d7ae5c6337798cde"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=300
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
logo-tiny.png
static.advance.net/static/classifieds/shared/mlive/img/ Frame 55C9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/classifieds/shared/mlive/img/logo-tiny.png
Requested by
Host: realestate.mlive.com
URL: https://realestate.mlive.com/?classification=real+estate&temp_type=browse&tl=41&showcase=on&tp=RE_mlive&click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv9_zIquUE-_iP6JN5xuC3W7fjuNLxo2TYsU2I47II6K55vGNPfWO9OK1m3_vB_WlpmU4sRnEvGDBr7EEEBk_DiBv_nIQgCy_qrBbcqKgd258KhBsq9o0mZQ7XRJ1_fliEvJ9v7zdowR6gXFcwXdQ9Ir_JkNuFmAMQWN3eNebj_PIMtOaRu7SkHqJkfsiKZScjiIlPIRwymw8rcp4iyuZQNm9qAB_p7e-J-9E6nFGLonHrNtdnrqgS5jn9JJbyfrFjwjLgLnbXF-8pV3bSA7J2xpZ3IVbebYrBWZK6hZLXpRSOR0vj_aPVLt9G4C17M4IPSGvOyX52rVxw&sai=AMfl-YTs6MouNoC-FtRm_OBupJxf7dYv_MS5Y1wK0xJtz76QraBhXuH5_3oGm_YveDuRj3HTp4UsWjCVTe1CGPcfwt0siQkJiF5_Ph8sQX9Hx-DBNoaxHKMODK2AhI2l3-Au&sig=Cg0ArKJSzLL4s3bcR0VfEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=&v=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e11422a258a42f3107b6d82ee95fe0e0d49fabb78cf9f4d394543abacfd4f9af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 26 Oct 2022 16:09:49 GMT
x-shield-cache-expires
10
x-amz-request-id
QE2SCAWS84DZNRHY
age
15269
x-cache
HIT, HIT
content-length
1645
x-served-by
cache-iad-kiad7000109-IAD, cache-hhn4061-HHN
last-modified
Wed, 23 Aug 2017 17:55:55 GMT
x-timer
S1666800589.072187,VS0,VE1
etag
"bd603e3de4877379ad11dda014b4f643"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
1056774238.jpg
images-re.mlive.com/images/mlive/mi_realone/mdControlled/ Frame 55C9 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-re.mlive.com/images/mlive/mi_realone/mdControlled/1056774238.jpg
Requested by
Host: realestate.mlive.com
URL: https://realestate.mlive.com/?classification=real+estate&temp_type=browse&tl=41&showcase=on&tp=RE_mlive&click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv9_zIquUE-_iP6JN5xuC3W7fjuNLxo2TYsU2I47II6K55vGNPfWO9OK1m3_vB_WlpmU4sRnEvGDBr7EEEBk_DiBv_nIQgCy_qrBbcqKgd258KhBsq9o0mZQ7XRJ1_fliEvJ9v7zdowR6gXFcwXdQ9Ir_JkNuFmAMQWN3eNebj_PIMtOaRu7SkHqJkfsiKZScjiIlPIRwymw8rcp4iyuZQNm9qAB_p7e-J-9E6nFGLonHrNtdnrqgS5jn9JJbyfrFjwjLgLnbXF-8pV3bSA7J2xpZ3IVbebYrBWZK6hZLXpRSOR0vj_aPVLt9G4C17M4IPSGvOyX52rVxw&sai=AMfl-YTs6MouNoC-FtRm_OBupJxf7dYv_MS5Y1wK0xJtz76QraBhXuH5_3oGm_YveDuRj3HTp4UsWjCVTe1CGPcfwt0siQkJiF5_Ph8sQX9Hx-DBNoaxHKMODK2AhI2l3-Au&sig=Cg0ArKJSzLL4s3bcR0VfEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=&v=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9969c81de9dd10986307af580c092f5e9b03310df53fe3d85dea5e1d982eaef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
x-shield-cache-expires
10
last-modified
Tue, 04 Jun 2019 13:14:07 GMT
age
2794
x-timer
S1666800589.082214,VS0,VE1
etag
"97b2-58a7f4176d17c"
x-cache
HIT, HIT
content-type
image/jpeg
cache-control
content-length
38834
x-served-by
cache-iad-kcgs7200106-IAD, cache-hhn4061-HHN
65052095.gif
report-re.mlive.com/images/mdwtc/MDRE_SITE/ Frame 55C9 		43 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report-re.mlive.com/images/mdwtc/MDRE_SITE/65052095.gif?aid=17697161;bid=2071895;lid=1251023300;pc=482;
Requested by
Host: realestate.mlive.com
URL: https://realestate.mlive.com/?classification=real+estate&temp_type=browse&tl=41&showcase=on&tp=RE_mlive&click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv9_zIquUE-_iP6JN5xuC3W7fjuNLxo2TYsU2I47II6K55vGNPfWO9OK1m3_vB_WlpmU4sRnEvGDBr7EEEBk_DiBv_nIQgCy_qrBbcqKgd258KhBsq9o0mZQ7XRJ1_fliEvJ9v7zdowR6gXFcwXdQ9Ir_JkNuFmAMQWN3eNebj_PIMtOaRu7SkHqJkfsiKZScjiIlPIRwymw8rcp4iyuZQNm9qAB_p7e-J-9E6nFGLonHrNtdnrqgS5jn9JJbyfrFjwjLgLnbXF-8pV3bSA7J2xpZ3IVbebYrBWZK6hZLXpRSOR0vj_aPVLt9G4C17M4IPSGvOyX52rVxw&sai=AMfl-YTs6MouNoC-FtRm_OBupJxf7dYv_MS5Y1wK0xJtz76QraBhXuH5_3oGm_YveDuRj3HTp4UsWjCVTe1CGPcfwt0siQkJiF5_Ph8sQX9Hx-DBNoaxHKMODK2AhI2l3-Au&sig=Cg0ArKJSzLL4s3bcR0VfEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=&v=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
cache-iad-kiad7000044-IAD, cache-hhn4061-HHN
date
Wed, 26 Oct 2022 16:09:49 GMT
x-shield-cache-expires
0
last-modified
Mon, 02 Jun 2014 14:34:24 GMT
x-timer
S1666800589.077499,VS0,VE115
etag
"61ba3-2b-4fadb4aadbca6;4fadb4aae87eb"
x-cache
MISS, MISS
content-type
image/gif
cache-control
max-age=0, private
content-length
43
expires
Wed, 26 Oct 2022 16:11:33 GMT
dt
dt.adsafeprotected.com/ Frame B4B1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1211306&asId=db2a79c1-7682-aec6-3b07-20cec73b70cc&tv=%7Bc:saoMvV,pingTime:-2,time:135,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:932,beZ:934,mfA:936,cmA:942,inA:943,inZ:947,prA:947,prZ:961,si:971,poA:972,poZ:994,cmZ:994,mfZ:994,loA:1001,loZ:1005,ltA:1068,ltZ:1068%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:33%7D,%7Bpiv:0,vs:o,r:l,t:64%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:135,n:64,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:33,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B53~1,0~0%5D,as:%5B53~300.250%5D%7D%7D,%7Bsl:o,t:64,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B70~0%5D,as:%5B70~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tlo1pfS+11%7C12%7C13%7C14%7C15*.1211306-66366053%7C151%7C1521%7C153%7C16%7C17%7C181%7C19,idMap:15*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:38,sinceFw:96,readyFired:true%7D&br=c
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:b95e:67d4:aaa7:d102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
server
nginx
x-server-name
dt28.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel
cm.g.doubleclick.net/ Frame 73B5
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEORduiFVFHCVHHX2sPe7Wi4&google_cver=1&google_push=AZmPxg-QhYv2HI6gYQa5MzjHBz8SRbx_9c2w-Q0DsrAZSs4Fl5NSYQ094OtGlbbR4J061ESkeni0gf3iUNHdAMZG7Cmar4o5LWoXQw
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0E463376ABA24F1684CEE61B363D9950&google_push=AZmPxg-QhYv2HI6gYQa5MzjHBz8SRbx_9c2w-Q0DsrAZSs4Fl5NSYQ094OtGlbbR4J061ESkeni0gf3iUNHdAMZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0E463376ABA24F1684CEE61B363D9950&google_push=AZmPxg-QhYv2HI6gYQa5MzjHBz8SRbx_9c2w-Q0DsrAZSs4Fl5NSYQ094OtGlbbR4J061ESkeni0gf3iUNHdAMZG7Cmar4o5LWoXQw
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 26 Oct 2022 16:09:49 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0E463376ABA24F1684CEE61B363D9950&google_push=AZmPxg-QhYv2HI6gYQa5MzjHBz8SRbx_9c2w-Q0DsrAZSs4Fl5NSYQ094OtGlbbR4J061ESkeni0gf3iUNHdAMZG7Cmar4o5LWoXQw
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 25 Oct 2022 16:09:49 GMT
google
match.adsrvr.org/track/cmf/ Frame 73B5 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEC5MRcb6OHURLjz-ALPYeNU&google_cver=1&google_push=AZmPxg99fQWa15l-AMbnAhpe0PQEVLXCWFusiFZhoWheyrzXm26tqXSGnnAF5ZsLBIrcOB7NfhKnfIe8dEVPsTfR7WwlCM3ovDPk
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 73B5
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8ZVoHvReQzWuKG2K0e9qIA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8ZVoHvReQzWuKG2K0e9qIA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_oRpE4wI9i8BuRYBn47tEJ_BA_C5De8J7BmezTfsuUumzYpZeZmsr74JLRblHVmJnRah6ZG7VBXW3qa1LfkGkkiyGrCGALKA
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8ZVoHvReQzWuKG2K0e9qIA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_oRpE4wI9i8BuRYBn47tEJ_BA_C5De8J7BmezTfsuUumzYpZeZmsr74JLRblHVmJnRah6ZG7VBXW3qa1LfkGkkiyGrCGALKA
date
Wed, 26 Oct 2022 16:09:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pub
cs.chocolateplatform.com/ Frame 73B5 		0
0
gob
sync.inmobi.com/ Frame 73B5 		0
0
um
cs.emxdgt.com/ Frame 73B5 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEKbbB8_5cltLUcvGD8KVcGA&google_cver=1&google_push=AZmPxg-FkrIRkpa-9N-D1qLrVu_jIdWN30JRc7iLYfa5Qq4W45SBTgMhdjHTZ4mzXrPkRbUQDckYWeD_9LeY6sgKHSXflG0esD1rxxM
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.71.169.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
content-length
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 73B5
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEGnSCin-yjXgI_UiJyMEqv4&google_cver=1&google_push=AZmPxg_JDdRj03Eum...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzM3NTQwNDk5NDYwMzExOTMxMw%3D%3D&google_gid=CAESEGnSCin-yjXgI_UiJyMEqv4&google_cver=1&google_push=AZmPxg_JDdRj03Eum2FtQjHaUnldTKmIZ8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzM3NTQwNDk5NDYwMzExOTMxMw%3D%3D&google_gid=CAESEGnSCin-yjXgI_UiJyMEqv4&google_cver=1&google_push=AZmPxg_JDdRj03Eum2FtQjHaUnldTKmIZ8oaONOtDcN0aak5Sj_uaTSu5x7AsQBmnVsIRr2ZGfrHI6fSok1Efpz-wY5xr8qqCj1Q-CI
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:49 GMT
AN-X-Request-Uuid
16ea1635-af1e-4dad-bcc4-ffc888b4f5c0
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzM3NTQwNDk5NDYwMzExOTMxMw%3D%3D&google_gid=CAESEGnSCin-yjXgI_UiJyMEqv4&google_cver=1&google_push=AZmPxg_JDdRj03Eum2FtQjHaUnldTKmIZ8oaONOtDcN0aak5Sj_uaTSu5x7AsQBmnVsIRr2ZGfrHI6fSok1Efpz-wY5xr8qqCj1Q-CI
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 73B5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LlitK04oTVg-lrIr3KdthIqCHM57RxB37QuQs-3hCQ9i5b5ThxM6NelSxGPNgX1iVsYL7rGH4u
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
rum
dsum-sec.casalemedia.com/ Frame 216F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnX0yibR3UvJO7hObWDbo4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnX0yibR3UvJO7hObWDbo4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiCsOjSATAB&v=APEucNV6Y9eagMH6-isC6dLK-Dgy1FXAjmVjeoEOQYteFqap_WzHjb17jlXMZG4D9bh7jVZAxZXbmBkEPB4eIuDh_r3mDCL870EZFLWLFbT1vvJyfo9nBTWAhg5hUPeOSm23egObZ3NwSUAPCpg79XVnLwym4hdqyOe233Rv2Y4qP9fBFgGHCCzj_7JzjpDgdC_7YYkv7KE_
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnX0yibR3UvJO7hObWDbo4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 216F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1lbzD33GGWRZ-tmoa801QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnX0yibR3UvJO7hObWDbo4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnX0yibR3UvJO7hObWDbo4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiCsOjSATAB&v=APEucNV6Y9eagMH6-isC6dLK-Dgy1FXAjmVjeoEOQYteFqap_WzHjb17jlXMZG4D9bh7jVZAxZXbmBkEPB4eIuDh_r3mDCL870EZFLWLFbT1vvJyfo9nBTWAhg5hUPeOSm23egObZ3NwSUAPCpg79XVnLwym4hdqyOe233Rv2Y4qP9fBFgGHCCzj_7JzjpDgdC_7YYkv7KE_
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnX0yibR3UvJO7hObWDbo4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 216F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEVQD10W5rOQnU0x1TJUNas&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEEVQD10W5rOQnU0x1TJUNas&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiCsOjSATAB&v=APEucNV6Y9eagMH6-isC6dLK-Dgy1FXAjmVjeoEOQYteFqap_WzHjb17jlXMZG4D9bh7jVZAxZXbmBkEPB4eIuDh_r3mDCL870EZFLWLFbT1vvJyfo9nBTWAhg5hUPeOSm23egObZ3NwSUAPCpg79XVnLwym4hdqyOe233Rv2Y4qP9fBFgGHCCzj_7JzjpDgdC_7YYkv7KE_
Protocol
HTTP/1.1
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:49 GMT
AN-X-Request-Uuid
5d405fe9-d3e1-41fa-b9bd-189e42c78017
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEEVQD10W5rOQnU0x1TJUNas&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 216F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM3NTQwNDk5NDYwMzExOTMxMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM3NTQwNDk5NDYwMzExOTMxMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiCsOjSATAB&v=APEucNV6Y9eagMH6-isC6dLK-Dgy1FXAjmVjeoEOQYteFqap_WzHjb17jlXMZG4D9bh7jVZAxZXbmBkEPB4eIuDh_r3mDCL870EZFLWLFbT1vvJyfo9nBTWAhg5hUPeOSm23egObZ3NwSUAPCpg79XVnLwym4hdqyOe233Rv2Y4qP9fBFgGHCCzj_7JzjpDgdC_7YYkv7KE_
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:49 GMT
AN-X-Request-Uuid
c849ebd9-e49b-43da-b321-6a1bb73477f4
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM3NTQwNDk5NDYwMzExOTMxMw%3D%3D
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C38E 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
Origin
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 16:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84152
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Oct 2022 16:47:17 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame C38E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D10F-lV0ND_2d483iCjEJabvhyXxyUn-16C0xBCrBUW-z-cokM2uwDQsjFMpoj0rhg6RzmCRUR-x-ulhYRB271fzKfsrvTS7CVXRiImANHG_tULDmCJcG-QB2KA_KIuQeop2WFWU8cYvD64oFB0ZFyjXcpcTVUkTJsu6wFGrxdeBhFSaE&dbm_d=AKAmf-DknzaPZRv-TOP22AIuMcSZF5XcBcii6Y1BmO3L5e-oAcNqHnPE2JGUssKblmEYvdwBwHk_nLdmZ9cZ0ibdlN1FDgbQERCP-ubpNr95avHtbgdwq3rI2t5kbrk7FVf2BNg1_y7UzLiGutK90f57rJ9QPL1Aw_b5RE4aOfVY7Ua7Evela4XgtfnoHvkPaXxK8D_Y1HJm4LiZQedkZpj-jG8P7yFNmG0vz70XdLjSXM-bnNBIfsJP9xVzyvb1x2lSASPzLhWDolZEeWuDCbaRmK68ctlhQGHSvC7QYKtaBG8Sy0uteCQy0oV6PMoMrqDc5EybIJP9SlEsbp8ItHQMjYVvSfVFYskYb-rr1kR3-U3c9nwkRdgmmrHiTeqTz2Sxy-onIEOuG_uJXvUBjt77LMXDUKIadN81nZ9asgxfo3KUJDQBDNTQij8nysbD22CHrDDjHNj10P78WCudpQxwSfALv7s6xURFMC3sGaZWUUeFqajW6xlEObRg44cDyYIWx4fFFd_6E0AImhVctST9Pb10NyYEWdBBT9rVI1_ozwX5C7ysu467poBHig7aYIg8yITWU0jfOp3g8s7HhWte4vvMlps5YIFSLu2LLI7xCawnrySe7sV0qtISPBxC7V-vAompXUtVBghbhonAbn0887PicJuXcdoTTPOe_7IGV8BA1GfPvEy7bnxo6_49N_KDOjQaFWGE_xKEE23w3MFH4Bjs4xW3n6SPie2485nT3bxa9cJ6wQJ4wj-nxK0faALvlSiIOcvcOWjS1G2x85o5SQfLS_M1d1fcI0xb0w3EihHhJrmJRoTnn0WntwwsKLharsuj1skhCH8A4apqY--290dxjZ4cumpZjxC3dBhEzvdcPTR8OIBlAkZGbQMpH2Qq6Nx67QWor-0_328612Enz9WLGXTGXIygdsOlpXL0n1GexHS_gJ4I15mAFzZ_F6hrxL9wffgi4Qo9ZWwsSr205VjUp8HFMdmpqrpeZuc87aWpfEDcCqipwlCJ3OwWCqdEaoLho3pRTqIPQjR1mvpS20VyQWBTMJr3S9Q5U-mpENkwU4TqV7JSWg-jg_u9Jlv3O-hGgDqPs_ZZgBXPaDxmxD_3NebZPu4EX9qN_Wg2sIlfH8z4JNM7fKqloX8gi1T1El1IBLYrj_ruwEL23E43CIuJlUAe8d4aee-i2tHRKR2jWUtex4nw93rxT2pB3CEjY3wsWfq-SeDjZ_c4yCG5Zzgmh1Ixb3voZ4JQg_KuyPm_j6rnHgF1zN94vw7cnf2-RWGFgf688HPcWgtS9RClzZtV2LsCmBRznAriWFrrt_Wgvce9AkY7VGp9FnhbTE3nhyxNPmpxGiXrwAsX8Gzycpi1BK2Oq81gt0BJO-ZE027Q-f6vBIh5EqfHXFOMVjIxjmRQXZAT1enXhaWYf8pHgZRvM4myjkiQxtQj7nYPQiFNWe5erieIJBp_bAbMeq-GEDIo25KhuoHR5uIWtRtQz_0vieiwWilTCcGhdBu9jpNoUXTqpTBpcbnYK51kksGnkOEdQQaC5g6ffnzI-7pHLVO8FZfpKY9lTL_oGFGkqyoiJMgoyBrxvmpV_-KyWtLGYIRQPSosDn0Qb8i2aCT6utRol8l4p0m0-b6Ai5teWrNsCnxvNz2mIINvKn6JlIf8g04bWe58boS7hnb1Ee37XW5tfnSEzaoJu5uZgYXYHDr26B0tb7Y-itOlB4QLZ_W5KCdNGjJta1cnKlAClIOcKpl_mP-rkyu3z3xSlKzb8GVCkuif3QLVaUM9HDvWJV_ILDZ2bJogdiQJC8P9kw9F7i1CKZRUxdh3B98-o7TnuQBh0UC4IH7G9tCA_5oVqNPuhakOvDdhXxsIrwWi9G9OtXZYitD3WMl8OIuQsfZKjOijlA9L3svnj-w3M9SIFirDDdszKlKtp5_LgO_Qe82tk0F33JJA_XzkaQzekXq5S-8e_x7LSL0Wz3zSSlvlWLX0zKMaSKNx_IKbvvQpG8NP6qnAzgVFsOOAmQyStnvTs9NGhFVRZ4NmZGfxgZ5O1Rr-NN2tl2EWdckVzMmHsq48FDCWuLlcg9n2jGgdTkuOtbJiG7Pf3xRVpqmVbCl3rVzCgvvEjI-O8fEtc_Lq-8BQPXX2Bg083aA7mQpDhtcmaAI9u1fR5RV3hHXIIVUUrrJIZjjc3lTu4niNobsqMT1CaR9MLhG3Mc7DF3d9xzE9_PUNvb4jboCkBMhILMmWQDani9P1C7c3yta_hQO0iQl_Ae_N7VIDRHRwnKupItlEqboYosh97UOLkgP_xwNNvcTy6J8HPUHTMvQVm_X2m8F-zNjmXs1QYfBLslcDLtHW3NXzJXgMZpUii4zebTkOMQoX-SELTDyx9ObT7UGRFHLFmBXAMHrHi_Ruzpdfqbox21_g3O999W5RLZ3JIJ5j5ryOOG95mxEc_DrL_g9qXkp2RFY6-wn3PB7CpSxLeOVxQ3SZh0gSYayfoMudu5l5wEQhXrDinqa9-xbIcFf95MhDNe-B5-hgqhpNb3YTk1JzMA6dq7BIuBo3kjy0pJ4s6oxY_MLd_GiHuiO9AdCWq9DobpBPAyZqI43vYrteg37ISXxCevwfbp9I2x3lAcSJgxj-pWSNeZPzS4cuOA5aN2C0miO_8ph67PCsOofmiGn0X__PSx51hj4TFOHh5u5-fou-2kGbCRjobPb4MthTjgIXl214tcQZY043zxV6KqNAEJ2n_EefEC7yCeX9d4tgMleNuG0ipOf7_NVBlm-FIk7Ked1PBixNoViNhw_9uKIMMHEcppkXyNsUC9Ts-kqOzeGhETEx9wzyD0mzvko8VQ4ezApXJyABtVh6Pcn8yBbhmfl_TdMDMotvGA6TkU_sRt5HK18znoD6Zerx9b96k-04tokcNDm2_xZDa7YjdxM0FTfpUoseqVNBkEl32yTqxL7X6CW5yoKktAQGoqziNVS9TBfuLJR4T1_tLhCkCGwCNdGNfsqVyj8z2nWsuBSHbeMvbjV-CoU6q4SkrqA3-__Otth_KuC-2YAqKqQX30CewjKv1A-9qY_5Gbn6vtBUpAIVDwWfdLJ0uN7sd1L9QvebPLm_pTGnciN8RQtqCVmBifQgean8OBaKwbyZ6Hrw0kfiMYsN80KBeOcEXsEPPItD9bXUCvGVSrN31G2cGzSebDjLGk9_Gyg_rSpY_dSUr-BWmh8MBC0HZGgOinvaVd-ZNUtZKzCDSsFjLYOijSPmTtbHZ6a66YSfj0jHKyjoEYbwn9anrIXx57ilkmFItNJmeBHRDArn3Y11Kuv27zYeYqEhsNRBY6GlKNxkLSiBNNHGXld3aLJo&cid=CAASJORoXk9S_7alKaT0bg9m-w3nyTDpmVI-NMrkmRsPJRLU-cnbRw&rfl=1%2Chttps%253A%252F%252Fwww.mlive.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 12:01:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
14896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2998
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 12:01:33 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame C38E 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D10F-lV0ND_2d483iCjEJabvhyXxyUn-16C0xBCrBUW-z-cokM2uwDQsjFMpoj0rhg6RzmCRUR-x-ulhYRB271fzKfsrvTS7CVXRiImANHG_tULDmCJcG-QB2KA_KIuQeop2WFWU8cYvD64oFB0ZFyjXcpcTVUkTJsu6wFGrxdeBhFSaE&dbm_d=AKAmf-DknzaPZRv-TOP22AIuMcSZF5XcBcii6Y1BmO3L5e-oAcNqHnPE2JGUssKblmEYvdwBwHk_nLdmZ9cZ0ibdlN1FDgbQERCP-ubpNr95avHtbgdwq3rI2t5kbrk7FVf2BNg1_y7UzLiGutK90f57rJ9QPL1Aw_b5RE4aOfVY7Ua7Evela4XgtfnoHvkPaXxK8D_Y1HJm4LiZQedkZpj-jG8P7yFNmG0vz70XdLjSXM-bnNBIfsJP9xVzyvb1x2lSASPzLhWDolZEeWuDCbaRmK68ctlhQGHSvC7QYKtaBG8Sy0uteCQy0oV6PMoMrqDc5EybIJP9SlEsbp8ItHQMjYVvSfVFYskYb-rr1kR3-U3c9nwkRdgmmrHiTeqTz2Sxy-onIEOuG_uJXvUBjt77LMXDUKIadN81nZ9asgxfo3KUJDQBDNTQij8nysbD22CHrDDjHNj10P78WCudpQxwSfALv7s6xURFMC3sGaZWUUeFqajW6xlEObRg44cDyYIWx4fFFd_6E0AImhVctST9Pb10NyYEWdBBT9rVI1_ozwX5C7ysu467poBHig7aYIg8yITWU0jfOp3g8s7HhWte4vvMlps5YIFSLu2LLI7xCawnrySe7sV0qtISPBxC7V-vAompXUtVBghbhonAbn0887PicJuXcdoTTPOe_7IGV8BA1GfPvEy7bnxo6_49N_KDOjQaFWGE_xKEE23w3MFH4Bjs4xW3n6SPie2485nT3bxa9cJ6wQJ4wj-nxK0faALvlSiIOcvcOWjS1G2x85o5SQfLS_M1d1fcI0xb0w3EihHhJrmJRoTnn0WntwwsKLharsuj1skhCH8A4apqY--290dxjZ4cumpZjxC3dBhEzvdcPTR8OIBlAkZGbQMpH2Qq6Nx67QWor-0_328612Enz9WLGXTGXIygdsOlpXL0n1GexHS_gJ4I15mAFzZ_F6hrxL9wffgi4Qo9ZWwsSr205VjUp8HFMdmpqrpeZuc87aWpfEDcCqipwlCJ3OwWCqdEaoLho3pRTqIPQjR1mvpS20VyQWBTMJr3S9Q5U-mpENkwU4TqV7JSWg-jg_u9Jlv3O-hGgDqPs_ZZgBXPaDxmxD_3NebZPu4EX9qN_Wg2sIlfH8z4JNM7fKqloX8gi1T1El1IBLYrj_ruwEL23E43CIuJlUAe8d4aee-i2tHRKR2jWUtex4nw93rxT2pB3CEjY3wsWfq-SeDjZ_c4yCG5Zzgmh1Ixb3voZ4JQg_KuyPm_j6rnHgF1zN94vw7cnf2-RWGFgf688HPcWgtS9RClzZtV2LsCmBRznAriWFrrt_Wgvce9AkY7VGp9FnhbTE3nhyxNPmpxGiXrwAsX8Gzycpi1BK2Oq81gt0BJO-ZE027Q-f6vBIh5EqfHXFOMVjIxjmRQXZAT1enXhaWYf8pHgZRvM4myjkiQxtQj7nYPQiFNWe5erieIJBp_bAbMeq-GEDIo25KhuoHR5uIWtRtQz_0vieiwWilTCcGhdBu9jpNoUXTqpTBpcbnYK51kksGnkOEdQQaC5g6ffnzI-7pHLVO8FZfpKY9lTL_oGFGkqyoiJMgoyBrxvmpV_-KyWtLGYIRQPSosDn0Qb8i2aCT6utRol8l4p0m0-b6Ai5teWrNsCnxvNz2mIINvKn6JlIf8g04bWe58boS7hnb1Ee37XW5tfnSEzaoJu5uZgYXYHDr26B0tb7Y-itOlB4QLZ_W5KCdNGjJta1cnKlAClIOcKpl_mP-rkyu3z3xSlKzb8GVCkuif3QLVaUM9HDvWJV_ILDZ2bJogdiQJC8P9kw9F7i1CKZRUxdh3B98-o7TnuQBh0UC4IH7G9tCA_5oVqNPuhakOvDdhXxsIrwWi9G9OtXZYitD3WMl8OIuQsfZKjOijlA9L3svnj-w3M9SIFirDDdszKlKtp5_LgO_Qe82tk0F33JJA_XzkaQzekXq5S-8e_x7LSL0Wz3zSSlvlWLX0zKMaSKNx_IKbvvQpG8NP6qnAzgVFsOOAmQyStnvTs9NGhFVRZ4NmZGfxgZ5O1Rr-NN2tl2EWdckVzMmHsq48FDCWuLlcg9n2jGgdTkuOtbJiG7Pf3xRVpqmVbCl3rVzCgvvEjI-O8fEtc_Lq-8BQPXX2Bg083aA7mQpDhtcmaAI9u1fR5RV3hHXIIVUUrrJIZjjc3lTu4niNobsqMT1CaR9MLhG3Mc7DF3d9xzE9_PUNvb4jboCkBMhILMmWQDani9P1C7c3yta_hQO0iQl_Ae_N7VIDRHRwnKupItlEqboYosh97UOLkgP_xwNNvcTy6J8HPUHTMvQVm_X2m8F-zNjmXs1QYfBLslcDLtHW3NXzJXgMZpUii4zebTkOMQoX-SELTDyx9ObT7UGRFHLFmBXAMHrHi_Ruzpdfqbox21_g3O999W5RLZ3JIJ5j5ryOOG95mxEc_DrL_g9qXkp2RFY6-wn3PB7CpSxLeOVxQ3SZh0gSYayfoMudu5l5wEQhXrDinqa9-xbIcFf95MhDNe-B5-hgqhpNb3YTk1JzMA6dq7BIuBo3kjy0pJ4s6oxY_MLd_GiHuiO9AdCWq9DobpBPAyZqI43vYrteg37ISXxCevwfbp9I2x3lAcSJgxj-pWSNeZPzS4cuOA5aN2C0miO_8ph67PCsOofmiGn0X__PSx51hj4TFOHh5u5-fou-2kGbCRjobPb4MthTjgIXl214tcQZY043zxV6KqNAEJ2n_EefEC7yCeX9d4tgMleNuG0ipOf7_NVBlm-FIk7Ked1PBixNoViNhw_9uKIMMHEcppkXyNsUC9Ts-kqOzeGhETEx9wzyD0mzvko8VQ4ezApXJyABtVh6Pcn8yBbhmfl_TdMDMotvGA6TkU_sRt5HK18znoD6Zerx9b96k-04tokcNDm2_xZDa7YjdxM0FTfpUoseqVNBkEl32yTqxL7X6CW5yoKktAQGoqziNVS9TBfuLJR4T1_tLhCkCGwCNdGNfsqVyj8z2nWsuBSHbeMvbjV-CoU6q4SkrqA3-__Otth_KuC-2YAqKqQX30CewjKv1A-9qY_5Gbn6vtBUpAIVDwWfdLJ0uN7sd1L9QvebPLm_pTGnciN8RQtqCVmBifQgean8OBaKwbyZ6Hrw0kfiMYsN80KBeOcEXsEPPItD9bXUCvGVSrN31G2cGzSebDjLGk9_Gyg_rSpY_dSUr-BWmh8MBC0HZGgOinvaVd-ZNUtZKzCDSsFjLYOijSPmTtbHZ6a66YSfj0jHKyjoEYbwn9anrIXx57ilkmFItNJmeBHRDArn3Y11Kuv27zYeYqEhsNRBY6GlKNxkLSiBNNHGXld3aLJo&cid=CAASJORoXk9S_7alKaT0bg9m-w3nyTDpmVI-NMrkmRsPJRLU-cnbRw&rfl=1%2Chttps%253A%252F%252Fwww.mlive.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 12:01:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
14896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11429
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 09 Nov 2022 12:01:33 GMT
event
prebid-a.rubiconproject.com/ 		61 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.159.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-159-87.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 26 Oct 2022 16:09:49 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.159.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-159-87.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 26 Oct 2022 16:09:49 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
execute
c2.piano.io/xbuilder/experience/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3082f1320e0c7a5649d40d540001457051ce5127ca859ecaba6f22f4b0446646
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
6epe3b1dnh
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
76047562bfc39c0d-FRA
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C38E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 22:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61811
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 22:59:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5033 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
14896
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 12:01:33 GMT
etag
48472445140208031
expires
Thu, 27 Oct 2022 12:01:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C38E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1fd7a17b1f627a080310606d33155a489ee50a751fe026cde918fa1b334f8456

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
3288192_1.jpg
classimage.advance.net/classifieds/classre/width245/img/images/mlive/mi_realone/mdControlled/ad_image/ Frame 55C9 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://classimage.advance.net/classifieds/classre/width245/img/images/mlive/mi_realone/mdControlled/ad_image/3288192_1.jpg
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2e37a913e8361567d474dfdbaad6e43d12e6c6e75154bda87ffcc0c3a6af553c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires
Thu, 27 Oct 2022 15:40:30 GMT
date
Wed, 26 Oct 2022 16:09:49 GMT
x-shield-cache-expires
10
last-modified
Wed, 26 Oct 2022 11:48:26 GMT
age
1759
x-imginx-cache
EXPIRED
etag
W/"19d9d-5ebee9a45f31b"
x-timer
S1666800589.253594,VS0,VE1
x-cache
HIT, HIT
content-type
image/jpeg
cache-control
max-age=86400
content-length
16164
x-served-by
cache-iad-kjyo7100060-IAD, cache-hhn4061-HHN
opacitor.png
static.advance.net/static/classifieds/realestate/img/ Frame 55C9 		997 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/classifieds/realestate/img/opacitor.png
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/classifieds/realestate/css/showcase-rectangle.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
256b42d63146c599e22aa9f3da750cca15a444db46b7207d49fa58e1d1869a76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.advance.net/static/classifieds/realestate/css/showcase-rectangle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 26 Oct 2022 16:09:49 GMT
x-shield-cache-expires
10
x-amz-request-id
NT9REZ8DK32H2K0N
age
22552
x-cache
HIT, HIT
content-length
997
x-served-by
cache-iad-kjyo7100078-IAD, cache-hhn4061-HHN
last-modified
Fri, 25 Aug 2017 17:52:25 GMT
x-timer
S1666800589.238080,VS0,VE0
etag
"df0c44b81005f11b3043d296f4a2a488"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
view
securepubads.g.doubleclick.net/pcs/ Frame 55C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4FchU3Iz5pKAiiFPxtj7hqFh6PstogdKXgxSDitRT_Xhdj7yv_ca5tzHIedHJtVPXs6j_fn0SSOWy0oIKwJbQudS3QL-kpzUm7beebR3snbG73evo_-D7aaTnkCX0tc3OUSjrBukgCr7wMEkGwplaA1EUqvWki2O6KTSWYbXs23asGr-PLn63GsvqQ62xlKJ2yBU0upWGTxhE3SpCy8S6TNzW27v_ghmk3a8kxyAKqfcjAHgoNRkBOX39toRXHvRx6cHziMwDzKl18L-zYiPbBf-Jhhln_sn8t3BkhqqkBuKN-Hso58uXHJxPdQkqU2KVnZa-HW8KiPDx-b9-JA&sai=AMfl-YQZ-kQMBN_uYGpip3u_VcJnyoTUe9dViRsVdNLn3FxPxOlC5tazoC18mpaanJwg7yI6bzIeErGXlH3RpwYTpZTyYATMuK1XGFGZWLwxfuuJzKQT_ossTHah9joQvI2S&sig=Cg0ArKJSzCRog-WRShklEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 26 Oct 2022 16:09:49 GMT
truncated
/ Frame 55C9 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5c6d8a7bead832557350a76203217f6df6e1fc203bee8687a48c6109ba0eaea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
i.match
s.tribalfusion.com/z/ Frame 5033
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOxvXvPygOQrv-6HgU5HftY&google_cver=1&google_push=AZmPxg-4xQyYX2c1vYY8FxCK2Hjt7oxaFBtYKufhp-DPTX24kazYq9Zfc_-bt0ysGKFjR0ODdjBkvFNCOCoYVfdd02pHFzV_1EAjv...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOxvXvPygOQrv-6HgU5HftY&google_cver=1&google_push=AZmPxg-4xQyYX2c1vYY8FxCK2Hjt7oxaFBtYKufhp-DPTX24kazYq9Zfc_-bt0ysGKFjR0ODdjBkvFNCOCoYVfdd02pHFzV_1EA...
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOxvXvPygOQrv-6HgU5HftY&google_cver=1&google_push=AZmPxg-4xQyYX2c1vYY8FxCK2Hjt7oxaFBtYKufhp-DPTX24kazYq9Zfc_-bt0ysGKFjR0ODdjBkvFNCOCoYVfdd02pHFzV_1EAjvnPz16MI_RzXwR7JUNahbu0DI5vSCAyj4sLnqEryzg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-4xQyYX2c1vYY8FxCK2Hjt7oxaFBtYKufhp-DPTX24kazYq9Zfc_-bt0ysGKFjR0ODdjBkvFNCOCoYVfdd02pHFzV_1EAjvnPz16MI_RzXwR7JUNahbu0DI5vSCAyj4sLnqEryzg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
76047565ab059bb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
87
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOxvXvPygOQrv-6HgU5HftY&google_cver=1&google_push=AZmPxg-4xQyYX2c1vYY8FxCK2Hjt7oxaFBtYKufhp-DPTX24kazYq9Zfc_-bt0ysGKFjR0ODdjBkvFNCOCoYVfdd02pHFzV_1EAjvnPz16MI_RzXwR7JUNahbu0DI5vSCAyj4sLnqEryzg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-4xQyYX2c1vYY8FxCK2Hjt7oxaFBtYKufhp-DPTX24kazYq9Zfc_-bt0ysGKFjR0ODdjBkvFNCOCoYVfdd02pHFzV_1EAjvnPz16MI_RzXwR7JUNahbu0DI5vSCAyj4sLnqEryzg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
76047563ee799bb6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5033
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEHBfYr3QMP_sqNzg8-ouwx4&google_cver=1&google_push=AZmPxg-kQpFbG20iUZ7t7mG6x_EvvE2j-JgLwEFKEuDM4uk7syJyqrC4zjSPzm5Wzfj4D2fJ1hY0MkCiWRbqCTmY...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=D6qk0n2lTky-DifQlrepDQ2&google_push=AZmPxg-kQpFbG20iUZ7t7mG6x_EvvE2j-JgLwEFKEuDM4uk7syJyqrC4zjSPzm5Wzfj4D2fJ1hY0MkCiWRbqCTmYz1NA25VnCCZqxp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=D6qk0n2lTky-DifQlrepDQ2&google_push=AZmPxg-kQpFbG20iUZ7t7mG6x_EvvE2j-JgLwEFKEuDM4uk7syJyqrC4zjSPzm5Wzfj4D2fJ1hY0MkCiWRbqCTmYz1NA25VnCCZqxp5fKNkQArWSmpsB8j-M6UlmSAAqwfHykk_Ff3vFymM
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 26 Oct 2022 16:09:49 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=D6qk0n2lTky-DifQlrepDQ2&google_push=AZmPxg-kQpFbG20iUZ7t7mG6x_EvvE2j-JgLwEFKEuDM4uk7syJyqrC4zjSPzm5Wzfj4D2fJ1hY0MkCiWRbqCTmYz1NA25VnCCZqxp5fKNkQArWSmpsB8j-M6UlmSAAqwfHykk_Ff3vFymM
x-host
tde-deliveryengine-production-86c7985dcd-w6ndr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5033
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHc2ttvty1DLvoojo003HnI&google_cver=1&google_push=AZmPxg_SrzinhPD2BWcl8-F1JhvDMPWVFRh7Up8Iy5ikwyZhIenV1BAeLrBkCOsHaE1RPyuAHBs8EYHc9deNWOj8jrMa...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHc2ttvty1DLvoojo003HnI&google_cver=1&google_push=AZmPxg_SrzinhPD2BWcl8-F1JhvDMPWVFRh7Up8Iy5ikwyZhIenV1BAeLrBkCOsHaE1RPyuAHBs8EYHc9deNWO...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_SrzinhPD2BWcl8-F1JhvDMPWVFRh7Up8Iy5ikwyZhIenV1BAeLrBkCOsHaE1RPyuAHBs8EYHc9deNWOj8jrMas22-RFg8Q9wnJzeeiFYkAjeZGqJqTqy3NVtwVLGVZI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_SrzinhPD2BWcl8-F1JhvDMPWVFRh7Up8Iy5ikwyZhIenV1BAeLrBkCOsHaE1RPyuAHBs8EYHc9deNWOj8jrMas22-RFg8Q9wnJzeeiFYkAjeZGqJqTqy3NVtwVLGVZIDw8FXD2s4&google_hm=EieYcLRwQvWIcC0pB0A0Tw==
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_SrzinhPD2BWcl8-F1JhvDMPWVFRh7Up8Iy5ikwyZhIenV1BAeLrBkCOsHaE1RPyuAHBs8EYHc9deNWOj8jrMas22-RFg8Q9wnJzeeiFYkAjeZGqJqTqy3NVtwVLGVZIDw8FXD2s4&google_hm=EieYcLRwQvWIcC0pB0A0Tw==
Date
Wed, 26 Oct 2022 16:09:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 5033
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=noTWukQ9QJu5y68WkWOuEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=noTWukQ9QJu5y68WkWOuEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_QctcpCuh1joS0FKY7P5TfeUs4WTqDgxXVp0V9xxEW65SmtUIQzTgk--gvkh1XLMLgC8M0V6SsF1rP8ousk20xLP2PupsDbc1r6CYd6zl4jlThOg7zp_eDNeEYYn_wRe4cK5VBeYc
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=noTWukQ9QJu5y68WkWOuEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_QctcpCuh1joS0FKY7P5TfeUs4WTqDgxXVp0V9xxEW65SmtUIQzTgk--gvkh1XLMLgC8M0V6SsF1rP8ousk20xLP2PupsDbc1r6CYd6zl4jlThOg7zp_eDNeEYYn_wRe4cK5VBeYc
date
Wed, 26 Oct 2022 16:09:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 5033
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKCdioWjVldhc854q6cutWU&google_cver=1&google_push=AZmPxg8GwUncxRT16XIfMIXDPB9h3u3-dxtFnNQUWliQ-_RObN7ypHYUBRDKuJNOgEzGltoimVV0Hzf_grm0PgbzL...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKCdioWjVldhc854q6cutWU&google_cver=1&google_push=AZmPxg8GwUncxRT16XIfMIXDPB9h3u3-dxtFnNQUWliQ-_RObN7ypHYUBRDKuJNOgEzGltoimVV0Hzf_grm0PgbzL...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8GwUncxRT16XIfMIXDPB9h3u3-dxtFnNQUWliQ-_RObN7ypHYUBRDKuJNOgEzGltoimVV0Hzf_grm0PgbzLas0tKLwFinzp4vN2jfAptOv8L6Vxtb0CEOQLjvlRC1Kn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8GwUncxRT16XIfMIXDPB9h3u3-dxtFnNQUWliQ-_RObN7ypHYUBRDKuJNOgEzGltoimVV0Hzf_grm0PgbzLas0tKLwFinzp4vN2jfAptOv8L6Vxtb0CEOQLjvlRC1KnfeEvcc1ACY&google_hm=Fi9psGZH7LxdFaeSTzKS2wf_
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 26 Oct 2022 16:09:49 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg8GwUncxRT16XIfMIXDPB9h3u3-dxtFnNQUWliQ-_RObN7ypHYUBRDKuJNOgEzGltoimVV0Hzf_grm0PgbzLas0tKLwFinzp4vN2jfAptOv8L6Vxtb0CEOQLjvlRC1KnfeEvcc1ACY&google_hm=Fi9psGZH7LxdFaeSTzKS2wf_
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 5033
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEF1w56M4KNQu_ux48WLM2Fs&google_cver=1&google_push=AZmPxg-twF3YasVlAq2lwZYp1Cynh4rhikIS-8kVkqZRrcFLollNJ0dKOjshS0-bWl_9XQ6Hg54F2jpbgol47G17...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-twF3YasVlAq2lwZYp1Cynh4rhikIS-8kVkqZRrcFLollNJ0dKOjshS0-bWl_9XQ6Hg54F2jpbgol47G17qvqvailnhWzfNN0KHpgFdm_NSfhBAtEjKC5R6-969d-x...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-twF3YasVlAq2lwZYp1Cynh4rhikIS-8kVkqZRrcFLollNJ0dKOjshS0-bWl_9XQ6Hg54F2jpbgol47G17qvqvailnhWzfNN0KHpgFdm_NSfhBAtEjKC5R6-969d-xHwk1B0tJ8Fc
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 26 Oct 2022 16:09:49 GMT
via
1.1 7cfba11baf6016eafce83142b99c8ff8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PRG50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-twF3YasVlAq2lwZYp1Cynh4rhikIS-8kVkqZRrcFLollNJ0dKOjshS0-bWl_9XQ6Hg54F2jpbgol47G17qvqvailnhWzfNN0KHpgFdm_NSfhBAtEjKC5R6-969d-xHwk1B0tJ8Fc
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
baXzbJZ60UCIAogNcHeTWOxzDUPXKHYD4rfX3_SmxjZMkJkgzQXVbw==
pixel
cm.g.doubleclick.net/ Frame 5033
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEC2xGgQlEvoy0J25aTNC054&google_cver=1&google_push=AZmPxg-29Qgh5Jkp2TKUyrstXIaeW3Di8SndDAmPdLEnLFSkRMz8Ym0VWgIASS4f6KXnS2eSS1Z_aAJQtKfxeSh01vvR7y4vBzu...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg-29Qgh5Jkp2TKUyrstXIaeW3Di8SndDAmPdLEnLFSkRMz8Ym0VWgIASS4f6KXnS2eSS1Z_aAJQtKfxeSh01vvR7y4vBzuomE3_lg87rQZEWtqzKelm7plJcEBzbsE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg-29Qgh5Jkp2TKUyrstXIaeW3Di8SndDAmPdLEnLFSkRMz8Ym0VWgIASS4f6KXnS2eSS1Z_aAJQtKfxeSh01vvR7y4vBzuomE3_lg87rQZEWtqzKelm7plJcEBzbsEgnkfl9nZFWZw&google_hm=Z2JjNTcyNTRiMWY2NzM2NGJkZDU=
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg-29Qgh5Jkp2TKUyrstXIaeW3Di8SndDAmPdLEnLFSkRMz8Ym0VWgIASS4f6KXnS2eSS1Z_aAJQtKfxeSh01vvR7y4vBzuomE3_lg87rQZEWtqzKelm7plJcEBzbsEgnkfl9nZFWZw&google_hm=Z2JjNTcyNTRiMWY2NzM2NGJkZDU=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 5033 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K3VDQ0qUp4upg7p9qUbz9DEsWDwuhKG1MMLeWlQMRaoAt6Q6QhwEIM1jf7OCN91_d3itc1
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1366 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
125290
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 05:21:39 GMT
expires
Wed, 25 Oct 2023 05:21:39 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
300x250.html
s0.2mdn.net/sadbundle/7880356414873403392/ Frame 1EA9 		45 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=zNlfRLLAn6&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55468abd6c7a0abe7622605b79ebe6258bf47a4ebf0a19077a0fff6f904e47cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 16:09:49 GMT
expires
Thu, 26 Oct 2023 16:09:49 GMT
last-modified
Wed, 14 Sep 2022 11:46:50 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C38E 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjygPYdnoA6pneWwn_61ztnrC2oEe9NZLZE84x4S6HyxsJ84GiF-QjeTK8ZEsIj-9TCxBr_wwcUvxGrnvKbMtgaJn9Ml6BUHOzk8QhFtuYEyOMHAtSR2jV-8fXusHwd36UEYXs-fxTl8rHPvB1Fa0rfkGnrPHZ5Ok6pPZBxYOu19oGGmNFiK14V4WW32Ccvr-bVdl0CUWa7r48AfNIkyDFIehW_21i71RXpmkvU-A5R6_VohGpnkcwqdgaHO0atw_dJFF1f9F7xJDzi6PcjF7RC9xQJbXiC9P1qjTC6QwMnv3FNIebzCM4AFXvDXeKRHr5wgvrTBlHuez9StcwpgbJb8d5oxEhV1gOGZRdB69TQTvmBEHg41uR9JCx-YhzoXq7Oq6bX9jRRvM0d_RYpWxykSuZHTtYoCxWxZtbKrCfHYpjHw29I_-DYyJ3bgnAx40hytyxorunBG8XuJiBM0Uqr-UXA3tUKW-ZBuGq-U5C67envYYrkZjjPRfrBBkw4APZVDxDso4rFYUBIEyfhSR4K3tiSle3QcDtrlxL-2P86BI0R93AL1WGjGRvlrWntv9dFUGPHIR-30sdePvLP-Yfa6nJ0tdHHyu8kfrnkPqQk5nx_9kjjnfnGDpmownYrvwDYnQdFMs_hPsnWJyYbQ6Hxw0QQ6LzJy4S2zs_1rsmY8krPRYsgeRzthM6TDmdF9xknPh1qlbbSGhj0lkB71qbIiYaQV6OouoaDb3NzFddv-cmYiN_YQL6ZEO5N9w9xgvT0gFQ3PsBphIywPZSq3lS6i3cEWfx7GwJS09iMLvyND1EBstrJAbPtZ28ivGZPLAkdvuxweVzGmrJFFEhE_DtwifvfqLE9idJlXb-nGlq9IHvvkASB3mzqjRiJTsKGPkam_8ZGWp5wMRb8Vj4vq-oF0t0Z96gHIvXwTx9MxhLHVdqOPcq4z7TCzI6KiX4Nov_jDloOjfk8vN-RUeUCJFSWbapYBAWqxnp8HHV6yqP4jDvFxMt-E99ocdt6JTjGH2jHSZURrt3yeK1Bi0AO6IK3HnbE0j4ZEMKXyTLN9mh1Vy3cFHYZzd3FXUnU1HqxBxwmkxxIWFHFLraEJGXUZM8mcVlzwxXdiqK5o8pb9CtjHXrZyNk7L930agPhb-I4yW8-vPN8BNrSGP4oZ0aLh603cBg37Gk96DmSOZqp5hAvRI66dH39xEl01ZrtCYYUZUSPhB4yWQwb2o4j_evn-mfSZANjnYmZRMd9JGOe6R7-M05AiY4JklRrST6oHeWbdZVX85lEhmirXQ3Q47I8TNRh1vfsIOAZG7GI6KdHOFMbQ&sai=AMfl-YQ3YVA2kIc7NOZK6Gd6dyn-2WtNPpajaLuNl7ia6K3wloLC86CJFXa5noRIJ8FeAejbk8-pwoXqljBUgcYYa-vOmob1fQ6ldD29tNq8-KIerHYRA4qTtLPvnxkKXP68wPMnd3d_XqucFc6Zc_P_KwNAEQJIDmYVhTQ639AGyiP7nCXDgsgV24V7OEaN8oiFxtbapyLFSyRHrgiwlUbsBi9ZUGU&sig=Cg0ArKJSzK61OSR4I1W_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=248&cbvp=1&cstd=241&cisv=r20221020.69775&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 26 Oct 2022 16:09:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame B4B1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1211306&asId=db2a79c1-7682-aec6-3b07-20cec73b70cc&tv=%7Bc:saoMAP,time:439,type:e,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:297,o:142,n:64,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:33,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B53~1,0~0%5D,as:%5B53~300.250%5D%7D%7D,%7Bsl:o,t:64,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~300.250%5D%7D%7D,%7Bsl:i,t:142,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B297~100%5D,as:%5B297~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tlo1pfS+11%7C12%7C13%7C14%7C15*.1211306-66366053%7C151%7C1521%7C153%7C16%7C17%7C181%7C19,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:38,sis:241%7D&br=c
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:b95e:67d4:aaa7:d102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
server
nginx
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 18B0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3RxbzFtZY927DpCY-gbCk574BwAAAAA4AeAEAg&bg=!ISKlImbNAAZPh4lnb4c7ACkAdvg8WjOd6Fm2rQ-X33cjo9JrC_HzKNVr3P4YEOUKmjptlkPAoqVmlQIAAAGgUgAAAANoAQcKAB79tfs2Cug-KCmFfeLw1NXjinIQf0QQGeV671ldOqiZAuWTUTeHS-P0QZJKalSbt9KqGKUjEmTTDf6g41ce5C9f_lKmR8t1ybH09495Zp7TF4n5mNSQVyiQQS9cg3Ct3FduUqjddbRC7vtnPo7bJj5FpmweqZaLXVlVSTiCnssoGgouy3qL8e4eJBd9k-LqNBWYAWD3TWhok940_alqVSfQj_EBl4KwAHigA2433PwoLbXiQwibbHWyqJZyB4qewqa3tHI3kzvztCko5bfdl1AJ7eKNU1KPG7qZpfpNo0nxJMT8iqBCwf3zLCcj08KvU598KGsLPorXH3Vf0XRdTWa9ChjCm94ShTHkvmr8WQlh2cCyK8vJaLxNC1NnlgW_lxybZderNLHgoAiJ50J1J6hpMNzvABtx21N_wHk4JKQ_22DEQpJmoa_rnA71t0aOZwF7CN5565Exkl-E_9Ft-jioxr83_iVUMR9Qrj-ep1hQa9HNCJ4fJmqRFTRgiPZS_a5M4Dt78DouGKJflLrMc62p076Qw6VJUenG4r3Vb2Eapg7TYKFYmnjTykYtHWpes-NosSHpoMczfZCh9h6wRI0NaicfkTa5WRRPiCeOYvpmF4qs25cWJ8PNB8GLVSsVSS4CSIS_FRyR-_2u6yufnEajoEQSGSyaV-vcn1IIDAou0WriNHZHO1DazqAQmNOvftQ2L4PEBmGYOjGSf8jConCMM14V1w-BdU5G7vzsDH3teGXrwjnwVqY6uC6UCq-2UcoCLR2Jq2GPZADFg01Qp2CcfFcjxONeJ0x6UUlBN-NyAzRaKXuLXLn4hBo7KePlvgUlNQsF_BvFQc2QLFHh8_tBzE_wLmaI5DvKaadt-Fp1VQLgNYubAxTG05_dBNhKT5ibY7gLkQb5paWVF0PuwwxJQNHmLHhBgUu4E9F0p1UPlZanptLF1jCtmvPWIjnCYn0wnGxQB8u55yt8JbUo43qjHlsfetu1MiW4G2xfOkPLrUs2j6hNR1PQHzJGM5ZtZhaH2FpQobk
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame B4B1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1211306&asId=db2a79c1-7682-aec6-3b07-20cec73b70cc&tv=%7Bc:saoMBn,pingTime:-10,time:473,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1666800589356%7C%7C7757ae1993a0d39dc01f4182f3701939%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C9a7401347e61675e5905db43c263ae29%7C%7C51d63cc1052f46488f47a48309d5b368%7C%7Cf9d6dfd60721b56b5e2c1d5e670d67c2%7C%7C1efbfe79c42e940d813c255b42ac304b%7C%7C321d6f9879490638c1d9fffee040104e%7C%7C1663701684%7D
Requested by
Host: 29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
URL: https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:b95e:67d4:aaa7:d102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
pagead2.googlesyndication.com/bg/ Frame 1366 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 13:08:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16061
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Oct 2023 13:08:13 GMT
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		585 B
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c847abe121f568072909e19c981ae10e46552dee3d2a0bf9916ad09bb52d958e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
MdkbdkruTOH
pragma
no-cache
wn
prod-dash-10-0-122-234
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.002
cache-control
no-cache, no-store, must-revalidate
cf-ray
76047564b99f6958-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame E679 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
754bdeaea4d0fbb5b826f2c3247097dfb034fa33418c3e993fd16dc6db60c229
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
760475642dac9bfb-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Wed, 26 Oct 2022 16:09:49 GMT
expires
Wed, 26 Oct 2022 16:24:49 GMT
last-modified
Wed, 26 Oct 2022 16:09:49 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.002
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-120-119
x-forwarded-https
on
x-request-id
Mdkbdkr0PH7
x-xss-protection
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metered=1%7C7&metername=Support%20Meter&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=5736a1e0-b923-4592-b509-8451552c0b12&pid=143b5a1e-517e-4020-b6ba-d5b5fb90666e&dtm=1666800589438&qnm=_matherq&visible=1&tabid=6321cb26-8562-41cd-9477-0d004cc6c6c7&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x11764&tofa=1666800587&vid=1&lvidt=1666800587&duid=b6f6841523aafdab&fp=1496457183&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoidGVtcGxhdGUiLCJkYXRhIjp7IjAiOnsidGVtcGxhdGVJZCI6Ik9UQzE3WDMyQkpDSSIsImRpc3BsYXlNb2RlIjoiaW5saW5lIiwiZXhwZXJpZW5jZUFjdGlvbklkIjoic2hvd1RlbXBsYXRlMU9EU0xBR1pYN1dYNzEiLCJleHBlcmllbmNlSWQiOiJFWEtFVTdZWDNaQUwiLCJvZmZlcklkIjoiZmFrZU9mZmVySWQiLCJzaG93Q2xvc2VCdXR0b24iOiIwIn19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTcyOTk2NjEzNCIsInJlZlRpbWUiOiIxNjY2ODAwNTg5NDM4In1dfQ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.38.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-38-131.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Wed, 26 Oct 2022 16:09:49 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
115
check.analytics.rlcdn.com/check/ 		25 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-37.dus51.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
via
1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amzn-trace-id
Root=1-63595bcd-6605dbf5119022db7d6aa066
x-amzn-requestid
70ff43c1-c2f9-4035-91a1-f6293357a29d
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
antILGD9joEF-GA=
content-length
25
x-amz-cf-id
ahZl_ihNAlSRDDAXJhblNUVhboy0PMIO8tPNl2NZH-UYLtAIpMeCPA==
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 1EA9 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=zNlfRLLAn6&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=zNlfRLLAn6&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 11:10:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Oct 2022 11:10:17 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 1EA9 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=zNlfRLLAn6&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=zNlfRLLAn6&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Oct 2022 16:09:49 GMT
115
check.analytics.rlcdn.com/check/ 		25 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-37.dus51.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
via
1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amzn-trace-id
Root=1-63595bcd-09c3b3ab4e8578386fd6d4f1
x-amzn-requestid
98c89fca-2735-4999-bbb4-306d8b020a8f
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
antILEGsjoEFicA=
content-length
25
x-amz-cf-id
5wicHc6i8JkZQdlh7LqrcjQtj956Nh5jUO1f9A4jeTzoCPdf9teH-Q==
115
check.analytics.rlcdn.com/check/ 		25 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.153.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-153-37.dus51.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
via
1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amzn-trace-id
Root=1-63595bcd-60eee0b622be8b183548bd11
x-amzn-requestid
8eef49f5-fd68-40d2-8673-a0eb77ea0600
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
antILEu3joEFiyg=
content-length
25
x-amz-cf-id
SR6A7a4kyCV5RAM5yNDhQt9SQ-dXOF07fw4RcncLQb_1PV6oH_OXDg==
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame E679 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
3590
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 24 Oct 2022 01:55:56 GMT
wn
prod-dash-10-0-92-23
server
cloudflare
etag
W/"27358-1666576556000"
vary
accept-encoding
content-type
text/css
server-time
0.000
cache-control
public, max-age=7200
cf-ray
76047565aebe9c12-FRA
expires
Wed, 26 Oct 2022 18:09:49 GMT
piano-frame.css
static.advance.net/static/common/css/ Frame E679 		126 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.advance.net/static/common/css/piano-frame.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
09d4fe489c30fcce3a40ac4d14eba5d03f0dcb105cfb273e55e07da075a6a6ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 26 Oct 2022 16:09:49 GMT
x-shield-cache-expires
10
x-amz-request-id
5G5EB7D5PK23TZ9N
age
366
x-cache
HIT, HIT
content-length
20446
x-served-by
cache-iad-kiad7000169-IAD, cache-hhn4061-HHN
last-modified
Wed, 05 Oct 2022 14:34:43 GMT
x-timer
S1666800590.688396,VS0,VE1
etag
"2659b80ba7cdbe4c9dfd6f21d0a9de08"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame E679 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15780000
age
1859901
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
760475660d8f9960-FRA
expires
Mon, 16 Oct 2023 16:09:49 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame E679 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15780000
age
3811624
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
760475660d949960-FRA
expires
Mon, 16 Oct 2023 16:09:49 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E679 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15780000
age
4364708
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
760475660d969960-FRA
expires
Mon, 16 Oct 2023 16:09:49 GMT
angular-animate.min.js
ajax.googleapis.com/ajax/libs/angularjs/1.2.22/ Frame E679 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/angularjs/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 21:03:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4430
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 21:03:58 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E679 		825 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15780000
age
5516584
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
760475660d999960-FRA
expires
Mon, 16 Oct 2023 16:09:49 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E679 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15780000
age
3184823
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
760475660d9a9960-FRA
expires
Mon, 16 Oct 2023 16:09:49 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame E679 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15780000
age
4140240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
760475660d9d9960-FRA
expires
Mon, 16 Oct 2023 16:09:49 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame E679 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15780000
age
3811637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
760475664dff9960-FRA
expires
Mon, 16 Oct 2023 16:09:49 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame E679 		2 KB
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15780000
age
13293479
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
760475660da09960-FRA
expires
Mon, 16 Oct 2023 16:09:49 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame E679 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15780000
age
3183148
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
760475660d9e9960-FRA
expires
Mon, 16 Oct 2023 16:09:49 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame E679 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.33.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f82310a945181d0cefbf77a7499c87d47ad7698f948655f617c9a5eb0a4b931e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
3586
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 25 Oct 2022 13:26:50 GMT
wn
prod-dash-10-0-83-120
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=601214
x-optimized-by
_sam
cf-ray
76047565aec39c12-FRA
expires
Wed, 02 Nov 2022 15:10:03 GMT
logo-mlive-inverse.svg
static.advance.net/static/common/img/paywall/lmg/ Frame E679 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/paywall/lmg/logo-mlive-inverse.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 26 Oct 2022 16:09:49 GMT
x-shield-cache-expires
10
x-amz-request-id
2PJYCS4R6SHJNSFS
age
4297
x-cache
HIT, HIT
content-length
879
x-served-by
cache-iad-kcgs7200032-IAD, cache-hhn4061-HHN
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1666800590.878322,VS0,VE1
etag
"eddae84ef46240dace31d24e6e3f4dae"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
logo-mlive.svg
static.advance.net/static/common/img/paywall/lmg/ Frame E679 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/paywall/lmg/logo-mlive.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 26 Oct 2022 16:09:49 GMT
x-shield-cache-expires
10
x-amz-request-id
KV88HHBTPHBMHV2J
age
2263
x-cache
HIT, HIT
content-length
879
x-served-by
cache-iad-kcgs7200092-IAD, cache-hhn4061-HHN
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1666800590.916333,VS0,VE1
etag
"eddae84ef46240dace31d24e6e3f4dae"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cannabisinsider-nj.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame E679 		19 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/cannabisinsider-nj.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6066054d8669e8ca3c9a1ca53af6b3e80dba9361b59f023c82d7b55542b36fb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 26 Oct 2022 16:09:49 GMT
x-shield-cache-expires
10
x-amz-request-id
9X2M36FPTRW0M0Q0
age
1026
x-cache
HIT, HIT
content-length
14248
x-served-by
cache-iad-kiad7000030-IAD, cache-hhn4061-HHN
last-modified
Thu, 03 Mar 2022 17:31:43 GMT
x-timer
S1666800590.925964,VS0,VE1
etag
"aefa848511ed2323f5f7292cad413d91"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cannabisinsider-newyorkupstate.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame E679 		16 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/cannabisinsider-newyorkupstate.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3b2ce9e63a7f14001e6af32ad0d3b19b045b916cf8073180d25688e4b3f49e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 26 Oct 2022 16:09:49 GMT
x-shield-cache-expires
10
x-amz-request-id
XJBDSPFMTZAZDKBQ
age
2692
x-cache
HIT, HIT
content-length
3492
x-served-by
cache-iad-kcgs7200121-IAD, cache-hhn4061-HHN
last-modified
Mon, 07 Mar 2022 18:18:54 GMT
x-timer
S1666800590.926735,VS0,VE1
etag
"67c5456929bc3d85c2333fc91a450c71"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
syracuse-cny.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame E679 		64 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/syracuse-cny.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
924e4b297681729162fa238a756db89acf5a1dc0cd23c1204c9a4e4407493822

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 26 Oct 2022 16:09:49 GMT
x-shield-cache-expires
10
x-amz-request-id
A3SV5Q058K2QFDDZ
age
26760
x-cache
HIT, HIT
content-length
48413
x-served-by
cache-iad-kiad7000094-IAD, cache-hhn4061-HHN
last-modified
Tue, 04 Jan 2022 20:10:53 GMT
x-timer
S1666800590.926702,VS0,VE2
etag
"30947d9aefcf59c3095181bf0123a29f"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
al-thelede.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame E679 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/al-thelede.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
30e382a9546c4b436b0568f463e7c3274696c3c59f7aa871af91a33a967f05c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 26 Oct 2022 16:09:49 GMT
x-shield-cache-expires
10
x-amz-request-id
KYXVF8F0X7HWFEWT
age
22103
x-cache
HIT, HIT
content-length
2079
x-served-by
cache-iad-kjyo7100029-IAD, cache-hhn4061-HHN
last-modified
Tue, 24 May 2022 18:14:31 GMT
x-timer
S1666800590.926674,VS0,VE1
etag
"1527b5427a70175541ef142224302fa8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
logo-lede_bhm-al.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame E679 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/logo-lede_bhm-al.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70c0b487552a9a2ea102ed22ae505177c567320390f5136bcef5dd56d48d4f02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 26 Oct 2022 16:09:49 GMT
x-shield-cache-expires
10
x-amz-request-id
HG42WN36TPVV0K7W
age
29796
x-cache
HIT, HIT
content-length
44631
x-served-by
cache-iad-kiad7000053-IAD, cache-hhn4061-HHN
last-modified
Fri, 20 May 2022 13:44:08 GMT
x-timer
S1666800590.926653,VS0,VE1
etag
"a683a2407cd20aa2076aed1087f11b61"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
logo-lede_hsv-al.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame E679 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/logo-lede_hsv-al.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c1a3cf6c5fae33a0a2b627a9785b585148970346adbbcc204a4519d05f9a089

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 26 Oct 2022 16:09:49 GMT
x-shield-cache-expires
10
x-amz-request-id
M4ERCMWAGEJEKBW0
age
28061
x-cache
HIT, HIT
content-length
42755
x-served-by
cache-iad-kjyo7100080-IAD, cache-hhn4061-HHN
last-modified
Fri, 20 May 2022 13:44:08 GMT
x-timer
S1666800590.959737,VS0,VE1
etag
"1dc34579a74c449327a76697d00bb180"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
logo-lede_mob-al.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame E679 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/logo-lede_mob-al.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d2b28582d25b3aa38daf12c501c7abc9297ae74d035ee343941f0938adec0524

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 26 Oct 2022 16:09:50 GMT
x-shield-cache-expires
10
x-amz-request-id
DSWWFJ2F30SCZKE3
age
4770
x-cache
HIT, HIT
content-length
42953
x-served-by
cache-iad-kiad7000082-IAD, cache-hhn4061-HHN
last-modified
Fri, 20 May 2022 13:44:08 GMT
x-timer
S1666800590.000703,VS0,VE1
etag
"563af4d5a587fe270e3c6e43be6f32ec"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
penn-truecrime.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame E679 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/penn-truecrime.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d86ce55edee7f570d7fc315f84814e3b1171edef20e3778e10066727092638b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 26 Oct 2022 16:09:50 GMT
x-shield-cache-expires
10
x-amz-request-id
XYW1GWC993KKDBBA
age
20757
x-cache
HIT, HIT
content-length
7289
x-served-by
cache-iad-kcgs7200065-IAD, cache-hhn4061-HHN
last-modified
Tue, 05 Jul 2022 18:14:11 GMT
x-timer
S1666800590.001345,VS0,VE1
etag
"b3623ac64851022e99375a518b7bb87c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
close-icon-black.svg
static.advance.net/static/common/img/piano/ Frame E679 		1 KB
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/close-icon-black.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eef57151e6646e4f59ca6a1d749631ee2f89bf4d1b736fb4620b784cedbe0de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 26 Oct 2022 16:09:50 GMT
x-shield-cache-expires
10
x-amz-request-id
1B8RX2JT4YS6GXY3
age
652
x-cache
HIT, HIT
content-length
610
x-served-by
cache-iad-kjyo7100168-IAD, cache-hhn4061-HHN
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1666800590.001319,VS0,VE90
etag
"35ec888ec074218ee36fea53d51653a8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
view
googleads4.g.doubleclick.net/pcs/ Frame C38E 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjygPYdnoA6pneWwn_61ztnrC2oEe9NZLZE84x4S6HyxsJ84GiF-QjeTK8ZEsIj-9TCxBr_wwcUvxGrnvKbMtgaJn9Ml6BUHOzk8QhFtuYEyOMHAtSR2jV-8fXusHwd36UEYXs-fxTl8rHPvB1Fa0rfkGnrPHZ5Ok6pPZBxYOu19oGGmNFiK14V4WW32Ccvr-bVdl0CUWa7r48AfNIkyDFIehW_21i71RXpmkvU-A5R6_VohGpnkcwqdgaHO0atw_dJFF1f9F7xJDzi6PcjF7RC9xQJbXiC9P1qjTC6QwMnv3FNIebzCM4AFXvDXeKRHr5wgvrTBlHuez9StcwpgbJb8d5oxEhV1gOGZRdB69TQTvmBEHg41uR9JCx-YhzoXq7Oq6bX9jRRvM0d_RYpWxykSuZHTtYoCxWxZtbKrCfHYpjHw29I_-DYyJ3bgnAx40hytyxorunBG8XuJiBM0Uqr-UXA3tUKW-ZBuGq-U5C67envYYrkZjjPRfrBBkw4APZVDxDso4rFYUBIEyfhSR4K3tiSle3QcDtrlxL-2P86BI0R93AL1WGjGRvlrWntv9dFUGPHIR-30sdePvLP-Yfa6nJ0tdHHyu8kfrnkPqQk5nx_9kjjnfnGDpmownYrvwDYnQdFMs_hPsnWJyYbQ6Hxw0QQ6LzJy4S2zs_1rsmY8krPRYsgeRzthM6TDmdF9xknPh1qlbbSGhj0lkB71qbIiYaQV6OouoaDb3NzFddv-cmYiN_YQL6ZEO5N9w9xgvT0gFQ3PsBphIywPZSq3lS6i3cEWfx7GwJS09iMLvyND1EBstrJAbPtZ28ivGZPLAkdvuxweVzGmrJFFEhE_DtwifvfqLE9idJlXb-nGlq9IHvvkASB3mzqjRiJTsKGPkam_8ZGWp5wMRb8Vj4vq-oF0t0Z96gHIvXwTx9MxhLHVdqOPcq4z7TCzI6KiX4Nov_jDloOjfk8vN-RUeUCJFSWbapYBAWqxnp8HHV6yqP4jDvFxMt-E99ocdt6JTjGH2jHSZURrt3yeK1Bi0AO6IK3HnbE0j4ZEMKXyTLN9mh1Vy3cFHYZzd3FXUnU1HqxBxwmkxxIWFHFLraEJGXUZM8mcVlzwxXdiqK5o8pb9CtjHXrZyNk7L930agPhb-I4yW8-vPN8BNrSGP4oZ0aLh603cBg37Gk96DmSOZqp5hAvRI66dH39xEl01ZrtCYYUZUSPhB4yWQwb2o4j_evn-mfSZANjnYmZRMd9JGOe6R7-M05AiY4JklRrST6oHeWbdZVX85lEhmirXQ3Q47I8TNRh1vfsIOAZG7GI6KdHOFMbQ&sai=AMfl-YQ3YVA2kIc7NOZK6Gd6dyn-2WtNPpajaLuNl7ia6K3wloLC86CJFXa5noRIJ8FeAejbk8-pwoXqljBUgcYYa-vOmob1fQ6ldD29tNq8-KIerHYRA4qTtLPvnxkKXP68wPMnd3d_XqucFc6Zc_P_KwNAEQJIDmYVhTQ639AGyiP7nCXDgsgV24V7OEaN8oiFxtbapyLFSyRHrgiwlUbsBi9ZUGU&sig=Cg0ArKJSzK61OSR4I1W_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=612&vt=11&dtpt=364&dett=3&cstd=241&cisv=r20221020.69775&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKm3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oCAEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-epp8RG4580cdYQ%3D%3D&sc=1&os=1-YQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1135&gp=155&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&pl=0&f=0&j=&t=1666800586484&de=479536118281&rx=632691032251&cu=1666800586484&m=3224&ar=e27dbc83ae5-clean&iw=bebc529&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=155&lb=11764&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1759%3A1759%3A0%3A1811&as=1&ag=1163&an=20&gi=1&gf=1163&gg=20&ix=1163&ic=1163&ez=1&ck=1163&kw=974&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1163&bx=20&ci=1163&jz=974&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=974&cd=39&ah=974&am=39&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1491967615%3A571433575%3A1731144295%3A138224669406&bo=343101415&bp=387186655&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387186655&dfp=0%2C1&la=387186655&zMoatAU=%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&zMoatProduct=homepage-beta&zMoatPS=-&zMoatSlot=InFeed_Right_Tall&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&tc=0&fs=200656&na=1398973383&cs=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 26 Oct 2022 16:09:49 GMT
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 1EA9 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=zNlfRLLAn6&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 15:59:16 GMT
x-content-type-options
nosniff
age
633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Oct 2022 16:14:16 GMT
OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 1EA9 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=zNlfRLLAn6&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:03:58 GMT
x-content-type-options
nosniff
age
351
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46936
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Oct 2022 16:18:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1EA9 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba550adff34a8be10f712180fc2b25c886fbc8992361fad703d0730e5f9320ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5696
x-xss-protection
0
60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 1EA9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=zNlfRLLAn6&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 08:08:22 GMT
x-content-type-options
nosniff
age
28887
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2040
x-xss-protection
0
last-modified
Fri, 07 May 2021 13:08:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Oct 2022 08:08:22 GMT
60005582_20220908245045701_Siegel.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 1EA9 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220908245045701_Siegel.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c41fa2cdafe9c7021105c32feb68705ba4e7fa1f7f86465a154e958d8330cdd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=zNlfRLLAn6&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 07:14:26 GMT
x-content-type-options
nosniff
age
32123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17716
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 07:50:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Oct 2022 07:14:26 GMT
60005582_20220908244709534_300x250_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 1EA9 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220908244709534_300x250_LOOK-01.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69aeb5d2ad469592eaaaa3378816e4269fd9f94e6ee73cef2487bbafdc573f3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=zNlfRLLAn6&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 00:26:50 GMT
x-content-type-options
nosniff
age
56579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40341
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 07:47:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Oct 2022 00:26:50 GMT
60005582_20220825085147454_300x250_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 1EA9 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085147454_300x250_BG.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=zNlfRLLAn6&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 08:01:29 GMT
x-content-type-options
nosniff
age
29300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28198
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 15:51:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Oct 2022 08:01:29 GMT
60005582_20220908244706131_300x250_INTRO.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 1EA9 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220908244706131_300x250_INTRO.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c1972edd197114c7f9580a4299deb5ca08e7bbdd1c9d0b20c294ab1e3f2e405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=zNlfRLLAn6&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 07:14:30 GMT
x-content-type-options
nosniff
age
32119
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42691
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 07:47:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 27 Oct 2022 07:14:30 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 1EA9 		43 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=28467061_4307561_345597451_170181290_SOHO0301A20220909&ref=28467061_4307561_345597451_170181290_SOHO0301A20220909
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 , Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 16:09:49 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
43
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 1EA9 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7880356414873403392/300x250.html?e=69&leftOffset=0&topOffset=0&c=zNlfRLLAn6&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:49 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Oct 2022 16:24:49 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKm3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oCAEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-epp8RG4580cdYQ%3D%3D&sc=1&os=1-YQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1135&gp=155&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&pl=0&f=0&j=&t=1666800586484&de=479536118281&rx=632691032251&cu=1666800586484&m=3225&ar=e27dbc83ae5-clean&iw=bebc529&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=155&lb=11764&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1759%3A1759%3A0%3A1811&as=1&ag=1163&an=1163&gi=1&gf=1163&gg=1163&ix=1163&ic=1163&ez=1&ck=1163&kw=974&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1163&bx=1163&ci=1163&jz=974&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=974&cd=974&ah=974&am=974&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1491967615%3A571433575%3A1731144295%3A138224669406&bo=343101415&bp=387186655&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387186655&dfp=0%2C1&la=387186655&zMoatAU=%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&zMoatProduct=homepage-beta&zMoatPS=-&zMoatSlot=InFeed_Right_Tall&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&tc=0&fs=200656&na=743738959&cs=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 26 Oct 2022 16:09:49 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B4B1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstgh-Rq-AFWZ5rE7F8u0a7KarhNlNxKZa6HDBxWh8h9KTIntDk4m491hvxkhN_m-kheYdTCNrpxfkXz08CTuSKMUXbB_POyk1fZYxXHYJjJvThmEvE2uEoxWMKBjb8tXZ4UtFMNw&sai=AMfl-YSafWWEjnrvOcfzOkyakhKbsCo31gwMlhNdA0-mE-ahhuHWR6SQJ7oDtg28TzXl5d8bCo7pCvM1n48eCKBMASQXtE6UTD-f84T1bVMJL801K1bDQzUODQq2Mxjy0Q&sig=Cg0ArKJSzOV6cQZdQ8dYEAE&cid=CAASJORolSQXB2ARse38S5zfm5ZInclU3UCYEQLRr8vRWGwgABCycg&id=lidar2&mcvt=1016&p=847,165,1097,465&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=197823415&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666800587951&rpt=853&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1366 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFfTczFtZY_LZNuqwx_AP8ZWtoAMAAAAAOAHgBAI&bg=!09Cl0JTNAAZPh4lnb4c7ACkAdvg8WgkuEhfTAZsbkcEOgW_cANsgub5_BtcOm4n812MZmNTxRreskgIAAAEiUgAAAANoAQcKAGlYIIApXyMcDITyJmm3SmYmljIGBst2Mx4iHyeQZLrVpPQKLR20bid7V63P0YQBDcPUvZeRwjQ5SQWSIvp6Le20PGTaEZtY-l20Xak0HGOVwyuWQHQPNa1pyXOZf4MEMUq566XlluvlqCmZAuQVkbeXd8TFUSJK9bhcs8f8j36Vcg_rxtJeb727qmtw7tfvZwY6XHVFFV6FPcfoJwof4GKRiHLTUHnuDrxYGGyX9TmOWBizcFLcRaGiXEq4qad9s7uceLvWyswIH29-C8C2ucmDCTnZTTVWAS2V6_gOsEBnwLAjr0WxfnT56xmttJiW0YzMPQzrwfxw59IAzFsk1LP2KMAfCg_fqt7Y_A1U-cCsFECJ97SAoK_kV-h4VaoZWGaxKofAzsua7CHgo9SVrq_iLP9-Ee9vlqF21AlnZqQTxGYYsYT-cwiS8BFy64asZh7-8tz76cFerO0F5O4dbr0PcrtG-gERTP8R9bDsgedcvHmYORNsplJQjXz34pbE-kg5hUZRKoBe6ja4r7fok04LjRcK1Ln_GJdDV34zdP6zrYftjxs-i2dL7FLLixsf4p61QJWXVBllm1uMsXGJrqELNZixX1FCm-JsCo-d2U_z7GHlirMOkhLYTIHsx42LE2E8aN9VNk3llpXMjvzcZzpIXiH_Vv-_-xHwRrjicH0osWJf0FcQeV3yBikBzMknuJOuWPINxs8Cf96UJsVb9ENDp7UM-PmHv32bva8g_CL-n3BEcT457qey2PS-ieZ6oPfQGDgoI3bTpBBGlnFZcsoZIX1UfnwxEUIt7QwOAV3iDy_yp1jK5WhBUH20TTeha3FpFGpS1eIzo5oZqbGoFbb3k0sPilZKBc4KItdlqoo5Y3b2hY1uWeGHq22hEHWYoViqdQQMXY_88b9f9imqfAjTXIe7YJ7Em8ko58dWqz_T7yNdJVITexSPbUq-XQKWycYp_eklggdE61sTGOlZCvHfmGgh_ItEVSV-j72nCa1mM6ZIvYF92lXbMw4imruk5z5_YM5iCEHHIuIcnBcJo2ERyFLs9awd_LYmeUXJ-7WqlfZKQMncRgCqvZMLlJI_gKBxnpXDfaCR6IXEx9wZpDlF6iDNnUGbDDUvMHB_mRPgOA
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
piano-frame.js
static.advance.net/static/common/js/ Frame E679 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.advance.net/static/common/js/piano-frame.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2b968d910bbef836f267a12299e32649d9f2ed87f59ecefceb3d9a4900ec590f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 26 Oct 2022 16:09:50 GMT
x-shield-cache-expires
10
x-amz-request-id
ES9DN9ZW46DMXTJK
age
379
x-cache
HIT, HIT
content-length
10969
x-served-by
cache-iad-kcgs7200148-IAD, cache-hhn4061-HHN
last-modified
Mon, 11 Jul 2022 14:51:02 GMT
x-timer
S1666800590.008419,VS0,VE1
etag
"6b72a322454afa161f35111151436495"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKm3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oCAEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-epp8RG4580cdYQ%3D%3D&sc=1&os=1-YQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1135&gp=155&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&pl=0&f=0&j=&t=1666800586484&de=479536118281&rx=632691032251&cu=1666800586484&m=3226&ar=e27dbc83ae5-clean&iw=bebc529&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=155&lb=11764&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1759%3A1759%3A0%3A1811&as=1&ag=1163&an=1163&gi=1&gf=1163&gg=1163&ix=1163&ic=1163&ez=1&ck=1163&kw=974&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1163&bx=1163&ci=1163&jz=974&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=974&cd=974&ah=974&am=974&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=1491967615%3A571433575%3A1731144295%3A138224669406&bo=343101415&bp=387186655&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387186655&dfp=0%2C1&la=387186655&zMoatAU=%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&zMoatProduct=homepage-beta&zMoatPS=-&zMoatSlot=InFeed_Right_Tall&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&tc=0&fs=200656&na=2104359153&cs=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 26 Oct 2022 16:09:50 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1EA9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 16:09:50 GMT
dt
dt.adsafeprotected.com/ Frame B4B1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1211306&asId=db2a79c1-7682-aec6-3b07-20cec73b70cc&tv=%7Bc:saoMMk,pingTime:1,time:1152,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:33%7D,%7Bpiv:0,vs:o,r:l,t:64%7D,%7Bpiv:100,vs:i,r:,t:142%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1010,o:142,n:64,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:33,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B53~1,0~0%5D,as:%5B53~300.250%5D%7D%7D,%7Bsl:o,t:64,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~300.250%5D%7D%7D,%7Bsl:i,t:142,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1010~100%5D,as:%5B1010~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:196,fm:tlo1pfS+11%7C12%7C13%7C14%7C15*.1211306-66366053%7C151%7C1521%7C153%7C16%7C17%7C181%7C19,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:38,sis:241%7D&br=c
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:b95e:67d4:aaa7:d102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:50 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B4B1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1211306&asId=db2a79c1-7682-aec6-3b07-20cec73b70cc&tv=%7Bc:saoMMk,pingTime:1,time:1152,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:33%7D,%7Bpiv:0,vs:o,r:l,t:64%7D,%7Bpiv:100,vs:i,r:,t:142%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1010,o:142,n:64,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:33,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B53~1,0~0%5D,as:%5B53~300.250%5D%7D%7D,%7Bsl:o,t:64,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~300.250%5D%7D%7D,%7Bsl:i,t:142,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1010~100%5D,as:%5B1010~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:196,fm:tlo1pfS+11%7C12%7C13%7C14%7C15*.1211306-66366053%7C151%7C1521%7C153%7C16%7C17%7C181%7C19,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:38,sis:241%7D&br=c
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:b95e:67d4:aaa7:d102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:50 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
logAutoMicroConversion
api-v3.tinypass.com/api/v3/conversion/ 		49 B
499 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-v3.tinypass.com/api/v3/conversion/logAutoMicroConversion?tracking_id=%7Bkpdx%7DAAABAEE8hYfw8QoKOEd1Mlo4UkN2WhIQbDlwdTE4M3U5MzZmZ214cxoMRVhLRVU3WVgzWkFMIiUxODA4dDBnMGJvLTAwMDAzMTBsMXFkMGhwOWhyajZrdTc0OGlnKhpzaG93VGVtcGxhdGUxT0RTTEFHWlg3V1g3MTABOgxPVEMxN1gzMkJKQ0lCDU9UVlY2UkNPWlJSOTZSS3YtMjAyMi0xMC0yNi0xNi0wOS00Ny0wOTQtZEVsZTZRT2M0M21BUWRmQS1jOTQxYTU4MmMxMTRiYmE0MTIzZjVmOGRkM2Q1MTkyZloUMmEwMTo0YTA6MTMzODo5Mjo6MTJiA2R3Y2jN2uqaBnAMeAQ&event_type=EXTERNAL_EVENT&event_group_id=config&custom_params=%7B%22config%22%3A%22%7B%5C%22type%5C%22%3A%5C%22bottomfixed%5C%22%2C%5C%22version%5C%22%3A%5C%22subscribe%5C%22%2C%5C%22placement%5C%22%3A%5C%22bottom-fixed%5C%22%2C%5C%22newsletterId%5C%22%3A%5C%22%5C%22%2C%5C%22closable%5C%22%3A%5C%22true%5C%22%7D%22%7D&callback=jsonp1988
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c054eb126bfe79dff2854aeb9c86220bd4233b450ff26442abf61bbe2922c8e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:50 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
760475681ebe9bfb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
c06e9d61efea4f6dc85a751c4cdd05d6
expires
0
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
600
content-length
0
date
Wed, 26 Oct 2022 16:09:50 GMT
server
nginx
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 26 Oct 2022 16:09:50 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1892687978&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=onboarding&ea=bottomfixed_shown&el=type%3A%20%22bottomfixed%22%7C%7Cvariant%3A%20%22OTVV6RCOZRR96%22%7C%7Cexperience%3A%20%22EXKEU7YX3ZAL%22%7C%7Cclosable%3A%20%22true%22%7C%7Cversion%3A%20%22subscribe%22%7C%7CmeterName%3A%20%22Support%20Meter%22%7C%7CtotalViews%3A%201%7C%7CmaxViews%3A%207&ev=0&_u=aDDAAEABAAQCACgFK~&jid=&gjid=&cid=1729966134.1666800586&tid=UA-16643585-16&_gid=592516121.1666800587&gtm=2wgaj0TLXFLCR&cd1=undefined&cd2=1---&cd3=undefined&cd6=&cd11=&cd16=undefined&cd18=undefined&cd19=undefined&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd44=undefined&cd46=homepage-beta&cd47=desktop&cd50=GA%20-%20event%20call&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=&cd62=undefined&cd63=&cd64=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-b&cd61=1729966134.1666800586&cd98=meterName%3A%20%22Support%20Meter%22%7C%7CtotalViews%3A%201%7C%7CmaxViews%3A%207&z=1515285325
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 19:23:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74765
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metered=1%7C7&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=67de8d8f-366e-48e7-9ffb-70319b6c13bd&pid=143b5a1e-517e-4020-b6ba-d5b5fb90666e&dtm=1666800590088&qnm=_matherq&visible=1&tabid=6321cb26-8562-41cd-9477-0d004cc6c6c7&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x1200&tofa=1666800587&vid=1&lvidt=1666800587&duid=b6f6841523aafdab&fp=1496457183&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJjdXN0b21fZXZlbnQiLCJhY3Rpb24iOiJjb25maWciLCJkYXRhIjp7ImV2ZW50TmFtZSI6ImNvbmZpZyIsInBhcmFtcyI6eyJjb25maWciOiJ7XCJ0eXBlXCI6XCJib3R0b21maXhlZFwiLFwidmVyc2lvblwiOlwic3Vic2NyaWJlXCIsXCJwbGFjZW1lbnRcIjpcImJvdHRvbS1maXhlZFwiLFwibmV3c2xldHRlcklkXCI6XCJcIixcImNsb3NhYmxlXCI6XCJ0cnVlXCJ9In19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTcyOTk2NjEzNCIsInJlZlRpbWUiOiIxNjY2ODAwNTkwMDg3In1dfQ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.38.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-38-131.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Wed, 26 Oct 2022 16:09:50 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
farnhamheadline-semi-bold.woff
fonts.advance.net/fonts/v1/farnham-headline-semi-bold/ Frame E679 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/v1/farnham-headline-semi-bold/farnhamheadline-semi-bold.woff
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 26 Oct 2022 16:09:50 GMT
x-shield-cache-expires
10
x-amz-request-id
2CY16Z2VHD1AR3X8
age
33763
x-cache
HIT, HIT
content-length
37160
x-served-by
cache-iad-kiad7000038-IAD, cache-hhn4068-HHN
last-modified
Wed, 19 Sep 2018 19:27:30 GMT
x-timer
S1666800590.210734,VS0,VE0
etag
"c9a8222fbabe6b700baacd21dd7a1f61"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
s-maxage-ignore=86400, no-store
448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
fonts.advance.net/fonts/v1/benton-sans-medium/ Frame E679 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/v1/benton-sans-medium/448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 26 Oct 2022 16:09:50 GMT
x-shield-cache-expires
10
x-amz-request-id
TWA9Q4BE9WCW2D61
age
829675
x-cache
HIT, HIT
content-length
54040
x-served-by
cache-iad-kiad7000054-IAD, cache-hhn4068-HHN
last-modified
Mon, 10 Jun 2019 14:09:26 GMT
x-timer
S1666800590.210706,VS0,VE0
etag
"00b8650c0e6992c5c9ced8f621e43ffd"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
s-maxage-ignore=2629800, no-store
166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
fonts.advance.net/fonts/v1/benton-sans-regular/ Frame E679 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/v1/benton-sans-regular/166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 26 Oct 2022 16:09:50 GMT
x-shield-cache-expires
10
x-amz-request-id
1R8RGFNGXS397STC
age
11
x-cache
HIT, HIT
content-length
55125
x-served-by
cache-iad-kjyo7100118-IAD, cache-hhn4068-HHN
last-modified
Tue, 16 Jul 2019 16:35:54 GMT
x-timer
S1666800590.210862,VS0,VE1
etag
"63c3700153fd19bac6ac63c816251c03"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
maxage=600
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame 1353 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 11:21:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 11:21:19 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C38E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfM9OzDI-LwiFwKn1JccrinYFFnOGjnBuPmFp7IzvcRPDlsZNpsj6oo3DEquENsd5_KLbMqv3VrKrrgVt-zpCUGs4-kvJ9iunA5dF8vigb2_Iz7ilD0UStuNU7wjo89qEsEXpjVg&sai=AMfl-YRD6rxkXUnzkwVidMszspGbIiy9NaFnH5F9z8UFzTgOn9rz4g0uneR0rw7sntrIooaJg21alsKTC8C_FKlh54QnErhUbVzg9B9U-9MmQVgzR6PazX_Lb-5dTqfD2g&sig=Cg0ArKJSzDrQw42-zf4JEAE&cid=CAASJORoXk9S_7alKaT0bg9m-w3nyTDpmVI-NMrkmRsPJRLU-cnbRw&id=lidar2&mcvt=1000&p=865,1135,1115,1435&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=455907384&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666800588550&rpt=607&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 55C9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCH9GG10Syv427xtbVCe7RHDzY_O2hzbRGNvotrYgo7Sq8oGHS03AwpG6TX8gfRqLJaTKr6V58py8mBzwiqKXjUxtQX9yXoHPXQyGr4a6uAPddzHA_&sig=Cg0ArKJSzA6UFC5kNmodEAE&id=lidar2&mcvt=1002&p=155,1135,405,1435&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=197823414&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666800588221&rpt=969&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_HEADER1&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&t=1666800586484&de=15465629910&rx=632691032251&m=0&ar=e27dbc83ae5-clean&iw=bebc529&q=2&cb=0&cu=1666800586484&ll=2&lm=0&ln=0&em=0&en=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=advanceddigitalheader640552616592&fd=1&it=500&pe=1%3A1759%3A1759%3A0%3A1811&fs=200656&na=1487226292&cs=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 26 Oct 2022 16:09:50 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5054153ee83d67f42fccafa405a1bd67be7b57de457ec16e7c60ff0306055a20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
up
insight.adsrvr.org/track/ Frame ACA6 		0
181 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=4pdxx2d&ref=https%3A%2F%2Fwww.mlive.com%2F&upid=p5qqvcp&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html
date
Wed, 26 Oct 2022 16:09:50 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.mlive.com%2F-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKm3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oCAEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-epp8RG4580cdYQ%3D%3D&sc=1&os=1-YQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1666800586484&de=15465629910&rx=632691032251&cu=1666800586484&m=3840&ar=e27dbc83ae5-clean&iw=bebc529&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11764&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1759%3A1759%3A0%3A1811&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=200656&na=2081487186&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 26 Oct 2022 16:09:50 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 16:09:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D999 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
321
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 16:04:29 GMT
expires
Thu, 26 Oct 2023 16:04:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame ED52 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0aa56288ff8401a35cc92c51cd7a36439b0d7fce009b7f92a3606f017c4c8692
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xn4dCmtuskEj_9EXmkaN8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-xn4dCmtuskEj_9EXmkaN8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 16:09:50 GMT
expires
Wed, 26 Oct 2022 16:09:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame ED52 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102001&jk=4487996302750641&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
pagead2.googlesyndication.com/bg/ Frame D999 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 11:21:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15900
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 11:21:19 GMT
generate_204
tpc.googlesyndication.com/ Frame D999 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?kmcjDA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102001&jk=4487996302750641&bg=!OzilOHzNAAaaxvStusY7ACkAdvg8WiFKKyoaOml1IkJSjiVOy8vz08D7x7j-0kRdEHpZusit1-6GDQIAAACHUgAAAANoAQcKANfNRY0fIBWgQe_P6UE_c4dObl-d2aXzzHVbbdHDXIrx6n-5sHTynfAMRPA5kOtlaqQZ6bGWD7VgqoNVcEBpz1VbGjy6YpLbzcz2IxxkFvLDoE0eSm5Xn6MEb3iCHTLLvxdQk3pmrgmIlc21fGrencxT4zpSp2S7FdzDnwx96cvdmdDHcRX3ssfreuu0_St6hrIfO1HIggvSgPKT6hAs02LUXxfkMExdcKAarLC9XM_43CbQxi_MPcnDMI6jiin3I4WBjK_9HGq5JkAwD9NqbYcn3jioqEjZRZkCo_3FkIEeTIoaVLOd9NTtg7ZW2g9G0u2xIs5hCez7pU5m04WMYARkPwUizwFgu3WQ2HsKT54U7W2XXpanAN7VHekFKDQNs8MUjICDsfq8hlOGEkNFkGKyOdqrHvd1H4J2_3XCCzXQ18lrlpj473gX_u2EgqIXPdxe6OliStHbSR9dkCg7tunzjr3xaXpHCOFd5liwbeTWOcz5Pvx2YydHMf_2zsIjEfwETZqBhAI2dv2eprxJcjeSJePaSd7HcSefwwOtb1A203n834PLzbFPVD36Rg45WKM_4gG8Aqga51cjiDBnZnCet_EKUSv5ot8u7hoqeUDf6cX9xTcRAQ1ECz5gHLQVq3kcQXLTJ8vkvUuclsLHoijAqYiOKR63NA2P70cXvUNB6X41yqnxGw2J_YR5t3YLUoHT1ZgI7jVjhM6zZ0lZVk7C_8FQBiaBImtcrmhE5WhFPNMHPzCvFT2toY9cXn3XTZaTaVlG3xE8IhTVznus6Fz1bByRJMBSFoYNjECbG_02R06h_ZIpl1JCpp1wzhqjKYP5_v1J6Hhsa3LEvNWj_a3Rs1hV-idIuaQu0fzYnRUSqdeZmb-PYdT2Rg54n9fhZNJCchoMpnDWUqEI71M3a2Q9D-J2jMh20916yOYKqrJJdcaO5WaupQpzGdJKMzYGgIbeKtcQvGRI_hYBE1FRn9h-7sk1SUNCRh3W9bVN4fpBZG0wYgaZHjD18OlmSf5WZCL1O1fh_4JDvyltQdabDxgRyAf3n0OEqn6Qkno2JDrfBnxwPtYADZD2sc7ojrl70ypGwbKeg8-WE0B9ydwh7kFc5mJWYTIiNEftayM1csq51FmHKRTwkFecJTYEtT0bCd8hGkWU5jNKzyt2ugu5DihTrfUVJ2D6l5ENRwViFQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
envelope
lexicon.33across.com/v1/ 		49 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000001PAW0LAAX&gdpr=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 16:09:52 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
expires
Sat, 26 Jul 1997 05:00:00 GMT
392.json
id5-sync.com/g/v2/ 		216 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/392.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
21bbfedcec4640f0edcff084e7ab04675083c782f76fe7bb738500e96c6b57ca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 26 Oct 2022 16:09:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		63 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.152.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-152-32.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
882901c9ada6d566c74eab9d86cfb991b1a0331c8378a5afedebb00938d444c0

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:52 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.13.54
access-control-allow-credentials
true
content-length
63
expires
0
envelope
api.rlcdn.com/api/identity/ 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 26 Oct 2022 16:09:52 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
checksync.php
contextual.media.net/ Frame 39BF 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d102eb430b617e0d7dc8111a0d096944f8a6e762fa52d9efa494365df29bd0ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7829
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 16:09:52 GMT
expires
Fri, 28 Oct 2022 16:09:52 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame AE34 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
443
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
760475777d28bb89-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 16:09:52 GMT
expires
Wed, 26 Oct 2022 20:09:52 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A6F6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=75608
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 16:09:52 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 27 Oct 2022 13:10:00 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame CDF4 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d102eb430b617e0d7dc8111a0d096944f8a6e762fa52d9efa494365df29bd0ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7829
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 16:09:52 GMT
expires
Fri, 28 Oct 2022 16:09:52 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C811 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=75608
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 16:09:52 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 27 Oct 2022 13:10:00 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 837C 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
443
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
760475777d2abb89-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 16:09:52 GMT
expires
Wed, 26 Oct 2022 20:09:52 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 4BCC 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d102eb430b617e0d7dc8111a0d096944f8a6e762fa52d9efa494365df29bd0ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7829
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 16:09:52 GMT
expires
Fri, 28 Oct 2022 16:09:52 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 91B0 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 26 Oct 2022 16:09:52 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 1A68 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
443
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
760475777d2cbb89-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 16:09:52 GMT
expires
Wed, 26 Oct 2022 20:09:52 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A6C9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=75608
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 26 Oct 2022 16:09:52 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 27 Oct 2022 13:10:00 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 91B0 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 16:09:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=22375
Connection
keep-alive
Content-Length
9454
Expires
Wed, 26 Oct 2022 22:22:47 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame A6C9 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=48169198&p=159879&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:52 GMT
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame 56A7 		2 KB
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8273c0bbb750377f9173e09b8209260eac7e57b7d6b0cdcf7d64af3598ab5c

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
760475791f0cbbb5-FRA
content-encoding
br
content-type
text/html
date
Wed, 26 Oct 2022 16:09:52 GMT
expires
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 0C23 		1 KB
690 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08360507d2f8ef20045c2581e210bbac4f39a8e50986ea4bfd3ef66b94faaa36

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
760475791f0fbbb5-FRA
content-encoding
br
content-type
text/html
date
Wed, 26 Oct 2022 16:09:52 GMT
expires
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 6DCE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
447c490f7e223d0222226a5e903068defbbea9c9433e9e5b315746e9edf0f255

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
760475791f14bbb5-FRA
content-encoding
br
content-type
text/html
date
Wed, 26 Oct 2022 16:09:52 GMT
expires
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 91B0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=awaGARF_SZOet7LH9CCEzg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=awaGARF_SZOet7LH9CCEzg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=awaGARF_SZOet7LH9CCEzg
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ACYG1K1H0J61C6MBAYJ9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=awaGARF_SZOet7LH9CCEzg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 91B0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2E3ZmU5YTNkMjlkNGY1MjgxMjFiOWEwNTFiMjQxNTdmYmFlOTVlYQ&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2E3ZmU5YTNkMjlkNGY1MjgxMjFiOWEwNTFiMjQxNTdmYmFlOTVlYQ&us_privacy=1---
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2E3ZmU5YTNkMjlkNGY1MjgxMjFiOWEwNTFiMjQxNTdmYmFlOTVlYQ&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 91B0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9PU189Y-1R-11BC&us_privacy=1---
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9PU189Y-1R-11BC&us_privacy=1---
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:52 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B27CA385AD2E47738CDCA6725ABB405B Ref B: FRAEDGE1707 Ref C: 2022-10-26T16:09:53Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXr8kFCv2VXNvLz+y5mYA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9PU189Y-1R-11BC&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 91B0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Oct 2022 16:09:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 91B0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Ew23hQK33QkgJlz7Hqa7Ecn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=620454464160705921
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=620454464160705921
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 26 Oct 2022 16:09:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=620454464160705921
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 91B0
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uRG4O-QmSdiFDQynHYiVCA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uRG4O-QmSdiFDQynHYiVCA
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uRG4O-QmSdiFDQynHYiVCA
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N7SBRD1R5RTBABEEHRPK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uRG4O-QmSdiFDQynHYiVCA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 91B0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFIbtpzC1SAjYte47DLqE8s&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFIbtpzC1SAjYte47DLqE8s&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFIbtpzC1SAjYte47DLqE8s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 91B0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlQVTE4OVktMVItMTFCQw==&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlQVTE4OVktMVItMTFCQw==&us_privacy=1---
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlQVTE4OVktMVItMTFCQw==&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usermatchredir
ssum-sec.casalemedia.com/ Frame 6DCE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPycI9nl_XMlweoJikBhlPY&google_cver=1
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPycI9nl_XMlweoJikBhlPY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7604757a2b465c3e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPycI9nl_XMlweoJikBhlPY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6DCE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F81VRFEGFJPTSQJZ495C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HE70452WRQVHJWS58NQ0
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6DCE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Oct 2022 16:09:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6DCE 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:a0c6:b0ce:b43:b1c0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 6DCE
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=vM0vAL-cfginzi5du8s3AenILFunmyNfv5q2EHE2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=vM0vAL-cfginzi5du8s3AenILFunmyNfv5q2EHE2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=vM0vAL-cfginzi5du8s3AenILFunmyNfv5q2EHE2
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6DCE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3798927038721358070
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3798927038721358070
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3798927038721358070
pragma
no-cache
date
Wed, 26 Oct 2022 16:09:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 6DCE
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0E463376ABA24F1684CEE61B363D9950
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0E463376ABA24F1684CEE61B363D9950
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Wed, 26 Oct 2022 16:09:52 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0E463376ABA24F1684CEE61B363D9950
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 25 Oct 2022 16:09:52 GMT
crum
dsum-sec.casalemedia.com/ Frame 6DCE
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
date
Wed, 26 Oct 2022 16:09:53 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 6DCE 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y1lbzD33GGWRZ-tmoa801QAA%262167
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:53 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
63516
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7604757a6c96bba3-FRA
content-length
43
expires
Thu, 27 Oct 2022 16:09:53 GMT
casale
match.adsrvr.org/track/cmf/ Frame 56A7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 26 Oct 2022 16:09:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 56A7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7FZ6E952GJGSQG57W1W4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SA7B5XEK64CW4XW2ESG6
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 56A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPycI9nl_XMlweoJikBhlPY&google_cver=1
43 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPycI9nl_XMlweoJikBhlPY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7604757a2b485c3e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPycI9nl_XMlweoJikBhlPY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 56A7
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3375404994603119313
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3375404994603119313
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:52 GMT
AN-X-Request-Uuid
5f057f04-e417-4f98-bf86-547f4e5c709e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3375404994603119313
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 56A7
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0E463376ABA24F1684CEE61B363D9950
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0E463376ABA24F1684CEE61B363D9950
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Wed, 26 Oct 2022 16:09:52 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0E463376ABA24F1684CEE61B363D9950
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 25 Oct 2022 16:09:52 GMT
rum
dsum-sec.casalemedia.com/ Frame 56A7
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FAcEGRn1Q_5jOyLGzbmWUFD_B2w
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FAcEGRn1Q_5jOyLGzbmWUFD_B2w
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FAcEGRn1Q_5jOyLGzbmWUFD_B2w
Date
Wed, 26 Oct 2022 16:09:53 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
rum
dsum.casalemedia.com/ Frame 56A7
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1666886993
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1666886993
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1666886993
pragma
no-cache
date
Wed, 26 Oct 2022 16:09:53 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 56A7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y1lb0QAC7A_GLQAW
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1lb0QAC7A_GLQAW&_test=Y1lb0QAC7A_GLQAW
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1lb0QAC7A_GLQAW&_test=Y1lb0QAC7A_GLQAW
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn4038-HHN
pragma
no-cache
date
Wed, 26 Oct 2022 16:09:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1666800593.154481,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1lb0QAC7A_GLQAW&_test=Y1lb0QAC7A_GLQAW
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 56A7 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y1lbzD33GGWRZ-tmoa801QAA%262167
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:53 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
63516
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7604757a6c9bbba3-FRA
content-length
43
expires
Thu, 27 Oct 2022 16:09:53 GMT
crum
dsum-sec.casalemedia.com/ Frame 0C23
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3d126359-5bd2-4300-8bac-5823ac5816c1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3d126359-5bd2-4300-8bac-5823ac5816c1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 26 Oct 2022 16:09:54 GMT
Server
MT3 4539 98cc2da master hkg-pixel-x21 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3d126359-5bd2-4300-8bac-5823ac5816c1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 26 Oct 2022 16:09:53 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 0C23 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.88.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-88-182.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:53 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0C23
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3601:a0c6:b0ce:b43:b1c0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y1lbzD33GGWRZ_tmoa801QAACHcAAAIB
date
Wed, 26 Oct 2022 16:09:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0C23 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Wed, 26 Oct 2022 16:09:52 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame 0C23
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210822122564305
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210822122564305
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210822122564305
Date
Wed, 26 Oct 2022 16:09:53 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame 0C23
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=GG7AmRs_kZEDbcHEGjnYkE1skJgDP8LFGjwabLPN
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=GG7AmRs_kZEDbcHEGjnYkE1skJgDP8LFGjwabLPN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=GG7AmRs_kZEDbcHEGjnYkE1skJgDP8LFGjwabLPN
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum.casalemedia.com/ Frame 0C23
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3375404994603119313
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3375404994603119313
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 16:09:52 GMT
AN-X-Request-Uuid
28991240-e5c7-40aa-a6e0-ee3a745d9261
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3375404994603119313
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 0C23 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.159.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-159-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:53 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
htw-pixel.gif
cdn.indexww.com/ht/ Frame 0C23 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y1lbzD33GGWRZ-tmoa801QAA%262167
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:53 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
63516
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7604757a6c99bba3-FRA
content-length
43
expires
Thu, 27 Oct 2022 16:09:53 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=2oeaj0&_p=1892687978&cid=1729966134.1666800586&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1666800586&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&en=blueconic&ep.headline=undefined&ep.author=undefined&ep.entry_id=undefined&ep.page_type=homepage&ep.product=homepage-beta&ep.platform=desktop&ep.page_path=%2F&ep.user_subscription_status=undefined&ep.ab_test_group_user=sub-group-b&ep.search_term=undefined&ep.targeting_codes=undefined&ep.targeting_codes2=undefined&ep.targeting_codes3=undefined&ep.targeting_codes4=undefined&ep.targeting_codes5=undefined&ep.targeting_codes6=undefined&ep.entry_tags=undefined&ep.referring_subdomain=undefined&ep.browser_cookie_region=undefined&epn.monthly_visit_number=1&ep.content_region=undefined&ep.content_topics=undefined&ep.blog_category=undefined&ep.word_count=undefined&ep.section=Home%20Page&ep.article_date_original=undefined&ep.article_date_updated=undefined&ep.entity_type=undefined&ep.entity_value=undefined&ep.auxiliaries=undefined&ep.gigya_user_id=undefined&ep.usprivacy_cookie=undefined&ep.ga_bc_1=a0002%2Ca0016%2Ca0022%2Ca0037&ep.ga_bc_2=undefined&ep.ga_bc_3=undefined&ep.ga_bc_4=undefined&ep.ga_bc_5=undefined&ep.clavis_interest_topics=undefined&ep.site_cdp_segments=undefined&ep.bc_visit_number=1&ep.behavioral_momentum=undefined&ep.frequency=undefined&ep.recency=undefined&ep.intensity=undefined&_et=2032
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKm3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oCAEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-epp8RG4580cdYQ%3D%3D&sc=1&os=1-YQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1135&gp=155&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&pl=0&f=0&j=&t=1666800586484&de=479536118281&rx=632691032251&cu=1666800586484&m=7199&ar=e27dbc83ae5-clean&iw=bebc529&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=155&lb=11764&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1759%3A1759%3A6467%3A1811&as=1&ag=5140&an=1163&gi=1&gf=5140&gg=1163&ix=5140&ic=5140&ez=1&ck=1163&kw=974&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5140&bx=1163&ci=1163&jz=974&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4958&cd=974&ah=4958&am=974&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=1491967615%3A571433575%3A1731144295%3A138224669406&bo=343101415&bp=387186655&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387186655&dfp=0%2C1&la=387186655&zMoatAU=%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&zMoatProduct=homepage-beta&zMoatPS=-&zMoatSlot=InFeed_Right_Tall&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&tc=0&fs=200656&na=1249390358&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:53 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 26 Oct 2022 16:09:53 GMT
dt
dt.adsafeprotected.com/ Frame B4B1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1211306&asId=db2a79c1-7682-aec6-3b07-20cec73b70cc&tv=%7Bc:saoNOH,pingTime:5,time:5143,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:33%7D,%7Bpiv:0,vs:o,r:l,t:64%7D,%7Bpiv:100,vs:i,r:,t:142%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:142,n:64,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:33,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B53~1,0~0%5D,as:%5B53~300.250%5D%7D%7D,%7Bsl:o,t:64,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~300.250%5D%7D%7D,%7Bsl:i,t:142,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:135,fm:tlo1pfS+11%7C12%7C13%7C14%7C15*.1211306-66366053%7C151%7C1521%7C153%7C16%7C17%7C181%7C19,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:38,sis:241%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:b95e:67d4:aaa7:d102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:54 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B4B1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1211306&asId=db2a79c1-7682-aec6-3b07-20cec73b70cc&tv=%7Bc:saoNOI,pingTime:5,time:5144,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:33%7D,%7Bpiv:0,vs:o,r:l,t:64%7D,%7Bpiv:100,vs:i,r:,t:142%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5002,o:142,n:64,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:33,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B53~1,0~0%5D,as:%5B53~300.250%5D%7D%7D,%7Bsl:o,t:64,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~300.250%5D%7D%7D,%7Bsl:i,t:142,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:135,fm:tlo1pfS+11%7C12%7C13%7C14%7C15*.1211306-66366053%7C151%7C1521%7C153%7C16%7C17%7C181%7C19,idMap:15*,rmeas:1,rend:1,renddet:IMG.qs,siq:38,sis:241%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:b95e:67d4:aaa7:d102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:54 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKm3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oCAEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-epp8RG4580cdYQ%3D%3D&sc=1&os=1-YQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=11764&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=11764&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1666800586484&de=15465629910&rx=632691032251&cu=1666800586484&m=9006&ar=e27dbc83ae5-clean&iw=bebc529&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1759%3A1759%3A6467%3A1811&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5070&cd=0&ah=5070&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=200656&na=1356657647&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-143.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 16:09:55 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 26 Oct 2022 16:09:55 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame A6F6 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65082858&p=159879&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:54 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame C811 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81867756&p=159879&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:09:54 GMT
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEJAJDIQZxWRaI2F6zv5OOqg&google_cver=1&google_push=AZmPxg-P9AsGpyIxEK6ortTbk48oDl8Fm3GZ8WA3pmyXbnBLu_Hw_0V3Hjvvzx_OPYfwUTMMd2DtCUf5ZtJ5RslqN4k0KKyKIh21mg
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/gob?google_gid=CAESEEwUgC5HVgdYw2O1m0bn9nM&google_cver=1&google_push=AZmPxg_czchxevRzamZhT8bVKlBhQH_A3uFir0ZlWmnzcn5wOEDrHqpjEyQFaxBXNIvvveuEbc5B2MjOXQBeia8BAFs2L_-5gGtcsw0

Verdicts & Comments Add Verdict or Comment

632 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| admiral object| googletag object| sophi object| sophiSegments object| BOOMR_mq string| BOOMR_API_key object| BOOMR string| environment object| adiData object| dataLayer object| Fusion object| OneTrustStub object| react object| React object| ReactDOM object| PropTypes object| StyledComponents object| regeneratorRuntime object| webpackChunksnowplow_tracker_javascript_new object| $OPHI_GN function| sophiTag string| sophiGlobalVariable object| Snowplow function| 4dm1r11545242527 function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| setImmediate function| clearImmediate object| adiTrackPromise object| adiTrack function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| otCcpaOptOut function| dnsfeed object| CDP object| PQ object| apstag object| pbjs boolean| bcDFPCallbackCalled function| bcDFPCallback object| lotame_963 object| burtApi object| AdManager object| idl object| teads_analytics string| bcHostname object| pArray function| adiGetLotameValue object| lotameSegments object| atsScript boolean| isOriginalIDL undefined| revgenDebug string| bcAffiliateProp string| logStyle function| handleProfileProperties function| debouncedHandleProfileProperties function| loadValuesFromBlueConic function| debounce function| storeIDLInfo function| setOriginalIDL function| retry function| retryGetProfileProps function| emitIDLInfo function| retryEmitIDLInfo function| setLiveRampsIDL function| waitForBcPageView function| waitForATS function| waitForAuth0 function| waitForWall function| waitForBC function| pathValue object| IDLExists object| isIDLReportingPending object| isProfileUpdatePending object| atsPromise object| profilePromise object| loginAuth0Promise object| emailWallPromise object| pianoScript function| adhesionInit object| Advance object| tp number| a string| GoogleAnalyticsObject function| ga object| PARSELY object| _comscore function| fbq function| _fbq string| meterContentType object| _linkedin_data_partner_ids boolean| _already_called_lintrk function| twq number| BOOMR_configt object| __otccpaooLocation object| blueConicPreListeners function| BCClass object| blueConicClient function| onYouTubeIframeAPIReady object| gaGlobal boolean| dv-data-transparency-tag-active function| dv-data-transparency-top-level-monitoring string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData function| lotameIsCompatible function| lt963_ba function| lt963_b undefined| lt963_c undefined| lt963_ca undefined| lt963_da function| lt963_ea object| lt963_e function| lt963_fa function| lt963_ga object| lt963_ object| lt963_ka object| lt963_la object| lt963_Pa object| lt963_Qa object| lt963_7 function| lt963_aa function| lt963_a function| lt963_d function| lt963_f function| lt963_g function| lt963_h function| lt963_i function| lt963_j function| lt963_k function| lt963_ia function| lt963_ha function| lt963_l function| lt963_m function| lt963_ja function| lt963_n function| lt963_o function| lt963_p function| lt963_q function| lt963_r function| lt963_pa function| lt963_ma function| lt963_na function| lt963_t function| lt963_oa function| lt963_u function| lt963_v function| lt963_w function| lt963_x function| lt963_s function| lt963_y function| lt963_z function| lt963_A function| lt963_B function| lt963_qa function| lt963_C function| lt963_D function| lt963_ra function| lt963_E function| lt963_F function| lt963_G function| lt963_sa function| lt963_I function| lt963_J function| lt963_H function| lt963_ta function| lt963_K function| lt963_L function| lt963_ua function| lt963_va function| lt963_M function| lt963_wa function| lt963_xa function| lt963_ya function| lt963_Ca function| lt963_za function| lt963_Aa function| lt963_Ba function| lt963_Da function| lt963_Fa function| lt963_Ea function| lt963_N function| lt963_Ga function| lt963_Ha function| lt963_Ia function| lt963_Ja function| lt963_Ka function| lt963_La function| lt963_Ma function| lt963_Na function| lt963_Oa function| lt963_O function| lt963_Ra function| lt963_P function| lt963_Q function| lt963_R function| lt963_S function| lt963_Sa function| lt963_T function| lt963_U function| lt963_Ta function| lt963_Ua function| lt963_V function| lt963_W function| lt963_X function| lt963_Y function| lt963_Va function| lt963_Wa function| lt963_Z function| lt963__ function| lt963_0 function| lt963_1 function| lt963_4 function| lt963_Ya function| lt963__a function| lt963_Za function| lt963_1a function| lt963_0a function| lt963_2 function| lt963_2a function| lt963_3a function| lt963_3 function| lt963_Xa function| lt963_4a function| lt963_5a function| lt963_6a function| lt963_7a function| lt963_5 function| lt963_6 function| lt963_8a function| lt963_9a function| lt963_$a function| lt963_ab function| lt963_bb function| lt963_cb function| lt963_db function| lt963_eb function| lt963_fb function| lt963_gb function| lt963_8 function| lt963_jb function| lt963_kb function| lt963_ib function| lt963_hb function| lt963_mb function| lt963_lb function| lt963_ob function| lt963_nb function| lt963_pb function| lt963_qb function| lt963_rb function| lt963_sb function| lt963_tb function| lt963_ub function| lt963_wb function| lt963_zb function| lt963_yb function| lt963_vb function| lt963_Cb function| lt963_xb function| lt963_Ab function| lt963_Eb function| lt963_Db function| lt963_Fb function| lt963_Bb function| lt963_Gb function| lt963_Hb function| lt963_Ib function| lt963_9 function| lt963_Jb function| lt963_Kb function| lt963_Lb function| lt963_Mb function| lt963_Nb function| lt963_$ function| lt963_Ob function| lt963_Pb function| lt963_Qb function| lt963_Rb function| lt963_Sb function| lt963_Tb function| lt963_Ub function| lt963_Vb function| lt963_Xb function| lt963_Yb function| lt963_Zb function| lt963_Wb object| ats object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| pbjsChunk object| _pbjsGlobals object| mnet object| __li__evt_bus object| liQ undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadedadvanceddigitalheader640552616592 object| lotame_sync_16576 object| gaplugins object| COMSCORE function| udm_ object| ns_p object| default_gsi object| google object| closure_lm_306327 object| __G_ID_CLIENT__ undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| ttd_dom_ready function| TTDUniversalPixelApi object| twttr undefined| google_measure_js_timing function| sync16576_ba function| sync16576_b undefined| sync16576_c undefined| sync16576_ca undefined| sync16576_d function| sync16576_e object| sync16576_g function| sync16576_da function| sync16576_ea object| sync16576_ object| sync16576_ha object| sync16576_o object| sync16576_ta object| sync16576_K function| sync16576_aa function| sync16576_a function| sync16576_f function| sync16576_h function| sync16576_i function| sync16576_j function| sync16576_k function| sync16576_ga function| sync16576_fa function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_p function| sync16576_ia function| sync16576_ja function| sync16576_r function| sync16576_ka function| sync16576_s function| sync16576_t function| sync16576_q function| sync16576_u function| sync16576_la function| sync16576_v function| sync16576_w function| sync16576_x function| sync16576_y function| sync16576_z function| sync16576_A function| sync16576_B function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_C function| sync16576_ma function| sync16576_G function| sync16576_H function| sync16576_na function| sync16576_oa function| sync16576_I function| sync16576_J function| sync16576_pa function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_L function| sync16576_M function| sync16576_N function| sync16576_O function| sync16576_P function| sync16576_Q function| sync16576_R function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_Z function| sync16576_X function| sync16576_Y function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_6 function| sync16576_ua function| sync16576_4 function| sync16576_8 function| sync16576_va function| sync16576_7 function| sync16576_5 function| sync16576_3 function| sync16576_wa function| sync16576_9 function| sync16576_xa function| sync16576_ya function| sync16576_$ function| sync16576_za function| sync16576_Aa function| sync16576_Ba function| sync16576_Ca function| processGoogleToken object| googleToken object| googleIMState number| google_unique_id function| lintrk object| _mather number| _zid object| _matherq object| tid object| Optanon object| OneTrust object| bc_json597 function| _typeof string| url string| ptitle object| PublisherCommonId object| ID5 function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp object| gaData object| filteredSegments object| filteredAudGov object| filteredAudIndividual object| filteredAudVoter object| filteredAudMidterm2022 function| sync16589_ba function| sync16589_b undefined| sync16589_c undefined| sync16589_ca undefined| sync16589_d function| sync16589_e object| sync16589_g function| sync16589_da function| sync16589_ea object| sync16589_ object| sync16589_ha object| sync16589_o object| sync16589_ta object| sync16589_K function| sync16589_aa function| sync16589_a function| sync16589_f function| sync16589_h function| sync16589_i function| sync16589_j function| sync16589_k function| sync16589_ga function| sync16589_fa function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_p function| sync16589_ia function| sync16589_ja function| sync16589_r function| sync16589_ka function| sync16589_s function| sync16589_t function| sync16589_q function| sync16589_u function| sync16589_la function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_C function| sync16589_ma function| sync16589_G function| sync16589_H function| sync16589_na function| sync16589_oa function| sync16589_I function| sync16589_J function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_L function| sync16589_M function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_Z function| sync16589_X function| sync16589_Y function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_6 function| sync16589_ua function| sync16589_4 function| sync16589_8 function| sync16589_va function| sync16589_7 function| sync16589_5 function| sync16589_3 function| sync16589_wa function| sync16589_9 function| sync16589_xa function| sync16589_ya function| sync16589_$ function| sync16589_za function| sync16589_Aa function| sync16589_Ba function| sync16589_Ca object| lotame_sync_16589 object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_132 object| Criteo object| Criteo_identitytag_132 function| $ function| RuleService function| BlueConicEngagement object| _bcp object| justDetectAdblock object| bcConnectionUtil function| md5 function| BlueConicDataLayerUtil object| JSONPath string| _contentURL string| _title object| bcSegmentsArray number| bcchunkSize number| num string| chunkString object| bcGASegment string| bcGASegmentName undefined| dcrSegmentsMI object| bc_json598 function| __esp_getUID2Async object| __uid2 object| PianoESPConfig number| BOOMR_onload object| GoogleGcLKhOms object| google_image_requests

112 Cookies

Domain/Path Name / Value
h312.mlive.com/DG/DEFAULT Name: BCSessionID
Value: 3b4b2f9a-cfcd-4e48-a5b3-5843459e43a6
advancelocal.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 3b4b2f9a-cfcd-4e48-a5b3-5843459e43a6
tester.serveblog.net/ Name: PHPSESSID
Value: bb44e45c5e280929aac18e5a5abc6245
.mlive.com/ Name: sophiTagses.073a
Value: *
.mlive.com/ Name: _sp_duid
Value: a1c63759-1247-45ed-9c03-163b8fc205e5
.mlive.com/ Name: _gcl_au
Value: 1.1.423929340.1666800586
.mlive.com/ Name: utag_vnum
Value: 1669392586167&vn=1
.mlive.com/ Name: utag_invisit
Value: true
.mlive.com/ Name: utag_dslv_s
Value: Less than 1 day
www.mlive.com/ Name: last_visit_bc
Value: 1666800586329
.mlive.com/ Name: lotame_domain_check
Value: mlive.com
www.mlive.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.mlive.com/ Name: _li_dcdm_c
Value: .mlive.com
.mlive.com/ Name: _lc2_fpi
Value: 94c49eadf2ac--01ggagx3q71n38rp8qej376wns
.mlive.com/ Name: pbjs_pubcommonID
Value: 25b84b59-b6be-4a62-8951-caf4f2f208b9
www.mlive.com/ Name: authsource_origin
Value: false
.mlive.com/ Name: _awl
Value: 2.1666800586.0.5-aab3949be9f4dfaeeb936f64e0cfee90-6763652d6575726f70652d7765737431-0
.mlive.com/ Name: _ml_ses
Value: *
.postrelease.com/ Name: opt_out
Value: 1
www.mlive.com/ Name: usprivacy
Value: 1---
.twitter.com/ Name: guest_id_marketing
Value: v1%3A166680058688876711
.twitter.com/ Name: guest_id_ads
Value: v1%3A166680058688876711
.twitter.com/ Name: personalization_id
Value: "v1_QbHuDsZB+9vUIvOl9gDIfA=="
.twitter.com/ Name: guest_id
Value: v1%3A166680058688876711
.mlive.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.mlive.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1666800586974%2C%22slts%22:0}
.t.co/ Name: muc_ads
Value: b2fa316d-997b-40cc-bd7d-e12af9a75816
.mlive.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=7c319e1c6ac0b888872c95d2deeee006%22%2C%22session_count%22:1%2C%22last_session_ts%22:1666800586974}
.mlive.com/ Name: __gpi
Value: UID=00000b16ed60ec72:T=1666800586:RT=1666800586:S=ALNI_MY5byTkVFT2N0HR4EMGovgD6CljwA
.liadm.com/ Name: lidid
Value: 672b5d6b-8776-43a5-92e3-081ee222d5e0
.mlive.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.mlive.com/ Name: _ga
Value: GA1.2.1729966134.1666800586
.mlive.com/ Name: _gid
Value: GA1.2.592516121.1666800587
.mlive.com/ Name: _gat_UA-16643585-16
Value: 1
www.mlive.com/ Name: ntvSession
Value: {"id":7042976,"placementID":773533,"lastInteraction":1666800587208,"sessionStart":1666800587208,"sessionEndDate":1666828800000,"experiment":""}
www.mlive.com/ Name: _lr_geo_location
Value: DE
.mlive.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Wed+Oct+26+2022+16%3A09%3A47+GMT%2B0000+(GMT)&version=202208.1.0&hosts=&consentId=723c305b-7cb2-49aa-962c-1de2b8a2d9dc&interactionCount=0&landingPath=https%3A%2F%2Fwww.mlive.com%2F&groups=1912%3A1%2CC0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
.linkedin.com/ Name: UserMatchHistory
Value: AQKqtKtepN8U4AAAAYQVDpGxzs4bmZTyGKJfEWCcjdIg_ctNCdm7ZwQRQ50khP2GHPkjGov63FFuBg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIP_rdUOZMQ0gAAAYQVDpGxm9U-yMWuZRWArrzGyKJJJ0YexuZdorjR88iQdhyY6xqkGOxFvp2o5gXOGiVaCA
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&d4158a5f-88d2-40bf-84a8-39798931b195"
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2719:u=1:x=1:i=1666800587:t=1666886987:v=2:sig=AQEYKG17NBPbKjHl4RjQlP8dyOn-qPv0"
.mlive.com/ Name: _fbp
Value: fb.1.1666800587288.1542894621
.rubiconproject.com/ Name: khaos
Value: L9PU189Y-1R-11BC
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB1oz+qEZrlOUwNb0fGVcfL/XWaA1sYWTLHCRi4Lg8bJK1pY/NRGMXwodMjVyH5gNUsiPnBiMlBpvz/8MtLNt/YeX33aSv+dBZc=
.postrelease.com/ Name: visitor
Value: ""
.postrelease.com/ Name: status
Value: 0
.postrelease.com/ Name: ver
Value: 1
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20221026160947e3bcd311-8589-4fce-8257-ef16215fd685AQHTy9p6YKwqWG8-JV_gEr7s5Io-SSTc"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjY4MDA1ODc7MjswMjEhxXgF/NiUsD0f5pqyHccqNKoX5COGgTjEAe9VmpJyGw==
.mlive.com/ Name: __gads
Value: ID=5560e9f85cd424c7:T=1666800586:S=ALNI_MY8kBwQOq4Tf35cNP9qhlNc-CN66A
.mlive.com/ Name: __li_idex_cache
Value: %7B%7D
www.mlive.com/ Name: BCSessionID
Value: 3b4b2f9a-cfcd-4e48-a5b3-5843459e43a6
.criteo.com/ Name: uid
Value: 667dc6a1-a3f6-4fa5-b460-7cce07dcefa9
advancelocal.blueconic.net/ Name: AWSALBCORS
Value: 5PR4Nb7y0sp7W7B1EJ4wsQOOetTeRGSNmm2JU6lqInACsDBSq7cCxyVgPLqDafmbRcmBnmtzJmBezGn3Qno+j9PnBT1bperrRsFSlmqBzSDN2xUSZDHmQ2yPW0X2
.openx.net/ Name: i
Value: 7396b7b6-0788-4c3a-8c18-1910626187ba|1666800588
.mlive.com/ Name: _ga_GG8B674XK4
Value: GS1.1.1666800586.1.0.1666800588.0.0.0
.adnxs.com/ Name: uuid2
Value: 3375404994603119313
.casalemedia.com/ Name: CMID
Value: Y1lbzD33GGWRZ-tmoa801QAA
.casalemedia.com/ Name: CMPS
Value: 2167
.casalemedia.com/ Name: CMPRO
Value: 2167
.doubleclick.net/ Name: IDE
Value: AHWqTUkx52K7cfxUc1D-00HTFIPXxaeuAthyXNqpBAPMJgXBcyKiespZXDWWNh_JhDo
.mlive.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22l9pu183uu43gx67l%22%7D
.simpli.fi/ Name: suid
Value: 0E463376ABA24F1684CEE61B363D9950
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%uwQhsb!]tcN8i_iqf!oN/@E'zz<*Z0Qk@DPZ9aFD//9/Lp>pO.r(CjuJe.#?*lVqh$TD._*PlZ[C[-kX-6^eHD
.mlive.com/ Name: cto_bundle
Value: KJjQmF94TnI0bXFBcCUyRmZHNDkwZE51YWFwWm9IU0pGcWwycHk0Q2Y5VUtiUXJaZWRhRnNLN1M3RUNRbHBEblVhR09XRkclMkYzcUxYdFE4ZlhWeGpPaXVISVZaeEt1NkpkU0g2ZUJFR1pacTJjNkNDVGpUSjdEVjlhWGFrSUVLJTJGcnlVUHJ2c05YaFl3N0tqVUoyVmlDTFVGN2xRZ1ElM0QlM0Q
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 9E84D6BA-443D-409B-B9CB-AF169163AE10
h312.mlive.com/ Name: AWSALB
Value: vXfvW7wsH54EeZUYIL4FMcOyzwZQhFjX0Ln7+2zrxzfDKbdrHFlSS9b4pbSzkvEOf6ded3PFs+4DMyRq0HyQQl/Z//YT0bqBNMtJVLfsdvUexEAKWGChnjXnuH0H
h312.mlive.com/ Name: AWSALBCORS
Value: vXfvW7wsH54EeZUYIL4FMcOyzwZQhFjX0Ln7+2zrxzfDKbdrHFlSS9b4pbSzkvEOf6ded3PFs+4DMyRq0HyQQl/Z//YT0bqBNMtJVLfsdvUexEAKWGChnjXnuH0H
.piano.io/ Name: __cf_bm
Value: Mgl1Rv7mG.NYeLY2tUrDBQyj2zpdLZF7QREIol1L4wM-1666800589-0-AdjjIgbMnRO52DR8LBlZPT+1VIkxzqeIhWvWCQA3WMNYtUz1HQaJzTfwHaPmoJ1kIpWa6LAvN4OI8a8254szbDI=
.mlive.com/ Name: __tbc
Value: %7Bkpex%7D3-w2WWGlL8lyfxZIa6xMWVg8C7biJQs9nHevPW-HSfLPHfKQI14EOM7Jk2Vg3Faz
.mlive.com/ Name: __pat
Value: -14400000
.mlive.com/ Name: __pvi
Value: eyJpZCI6InYtMjAyMi0xMC0yNi0xNi0wOS00Ny0wOTQtZEVsZTZRT2M0M21BUWRmQS1jOTQxYTU4MmMxMTRiYmE0MTIzZjVmOGRkM2Q1MTkyZiIsImRvbWFpbiI6Ii5tbGl2ZS5jb20iLCJ0aW1lIjoxNjY2ODAwNTg5NDA2fQ%3D%3D
.mlive.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXQF8g
.mlive.com/ Name: xbc
Value: %7Bkpex%7Dm9lGN6Ef-gDohBUiK930f8ezgJzTv0Ur5egnXmgKlOvbp0MwlltA_Vhjnofef9ylT6eSICcEVVYRXeGZK3NwzyvguojlGhxyzL_HgGB6IfGDsyUb0cW93K-kkoF9zNP4NeKQYakx1a6Hy9fhG5zEnXCpnpBZyITmNau3md88wubiqxl1AQFHQtTMh7AcD54rqSR6ImpnwLzLsemfW_b_tKbaOuMc45ss_zak0yiVgNTD6qExxRI_NxNgSxx0l3GCw5gSjB8rkdwxP4qSUXXk9OufQZ73rXMXtCOxwnufMimWHkSvOXhYYWTXA1b80XHD_8eivIv31WljAuE09Z-j0gYN6WK5CwPYy--TcNahA_CvuHq9McBUfeG2srzdU0WugvfSe-uRCFFOdjq3zzWAnlvvjnmu0_sEyVaJjTcqnIjqBpF3V1s88iE27Ej998vL4UYuz0cbJ3CHo6s0nX1WaTKdA136JzOpOmVy1f2UU57i_JDmKnzipjOD-vLi8tF-nDEX1WDIU8lceZVNcQFjHl3a4_qTG8G55gas18r_cDnyKxwjLtmjkUz7fsr5d4md3e2i7SKA3Krm_L5BHZFGAlKXbI6WE1Iom-Pfl6ig4c5J-ljnKJDcJtQ7uNSeCmyph8q492Lx6NtNdJH46cqTRTHDH5fQ-yTVLd4tlOA0Qh9dceXpmd8y9vmWrRXPvKZH-jTDk7nPcjAcj1ZvLFVF6z0tksV_DMcT9Xvhwc47vg2kssMkmm05rHIG8QhZF35YB4DsNYU-wl6hXr-NOcpmcgK4KDGH4B2Z-i0mchHJ8aZQMg1F-Ga7Cm1QPB1XSJwHzDBREg1WUjZmvW-wwIKsM2e348lO9R3HRyItoehywV4RfKSh64h2PMdppNJK8ZcIkfzk7pvMWRTaoLxvck2tTA
.www.mlive.com/ Name: _pc_sup_support_acq-sup2
Value: 10
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%220FAAA4D2-7DA5-4E4C-BE0E-27D096B7A90D%22%7D
.lijit.com/ Name: ljt_reader
Value: Fi9psGZH7LxdFaeSTzKS2wf_
.yieldmo.com/ Name: yieldmo_id
Value: gbc57254b1f67364bdd5%7C1666800589496%7C0%7C
.bidswitch.net/ Name: tuuid
Value: 12279870-b470-42f5-8870-2d290740344f
.bidswitch.net/ Name: c
Value: 1666800589
.bidswitch.net/ Name: tuuid_lu
Value: 1666800589
.bidswitch.net/ Name: google_push
Value: AZmPxg_SrzinhPD2BWcl8-F1JhvDMPWVFRh7Up8Iy5ikwyZhIenV1BAeLrBkCOsHaE1RPyuAHBs8EYHc9deNWOj8jrMas22-RFg8Q9wnJzeeiFYkAjeZGqJqTqy3NVtwVLGVZIDw8FXD2s4
www.mlive.com/ Name: _lr_sampling_rate
Value: 100
.tribalfusion.com/ Name: ANON_ID
Value: aRnseFPME7fQmKvCiHheg2fgjpstqPleCCDUW8jc9jkXJTPwk3SoqhOKBKkRerlvZbHn8sY0n21RpQkNJZahBu
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=28467061_4307561_345597451_170181290_SOHO0301A20220909&ref=28467061_4307561_345597451_170181290_SOHO0301A20220909
.mlive.com/ Name: utag_vs
Value: 4
.mlive.com/ Name: utag_dslv
Value: 1666800590065
.mlive.com/ Name: sophiTagid.073a
Value: a1c63759-1247-45ed-9c03-163b8fc205e5.1666800586.1.1666800590.1666800586.e840083f-c1ee-4cf8-89f4-811a28ad90d4
www.mlive.com/ Name: offer_config
Value: %257B%2522type%2522%253A%2522bottomfixed%2522%252C%2522version%2522%253A%2522subscribe%2522%252C%2522placement%2522%253A%2522bottom-fixed%2522%252C%2522newsletterId%2522%253A%2522%2522%252C%2522closable%2522%253A%2522true%2522%257D
.mlive.com/ Name: _ml_id
Value: b6f6841523aafdab.1666800587.1.1666800590.1666800587
.www.mlive.com/ Name: RT
Value: "z=1&dm=www.mlive.com&si=8488af8f-e237-4db7-8e5d-e91914c7af7f&ss=l9pu15mf&sl=1&tt=4zn&rl=1&ld=4zt"
www.mlive.com/ Name: pbjs_li_nonid
Value: %7B%7D
www.mlive.com/ Name: _lr_retry_request
Value: true
www.mlive.com/ Name: _lr_env_src_ats
Value: false
.mlive.com/ Name: panoramaId_expiry
Value: 1666886992516
.ads.pubmatic.com/ Name: KCCH
Value: YES
.quantserve.com/ Name: d
Value: EGoBDQG2J7jvsQA
.quantserve.com/ Name: mc
Value: 63595bd1-04d4d-0c1e8-b7e4a
.turn.com/ Name: uid
Value: 3798927038721358070
.analytics.yahoo.com/ Name: IDSYNC
Value: 175w~27xs
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZmZmYWBgamlsaGAKAH0iWB8QAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjI0MjI1MzE2MBXiM9QtcvY0CQjI9HSpKo8EAIXiWywlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjI0MjI1MzE2MBXiM9QtcvY0CQjI9HSpKo8EAIXiWywlAAAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y1lb0QAC7A_GLQAW
.casalemedia.com/ Name: CMTS
Value: 5239
.yahoo.com/ Name: A3
Value: d=AQABBNFbWWMCEE21rvDb__OQEr-wNhUWNiQFEgEBAQGtWmNjYwAAAAAA_eMAAA&S=AQAAAtbSQ6KI99f7GXmiz4EVLKk
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-14070419-19f5-43fe-633b-22c6cdb99650.vsP4e9GbImq7xtJ9qGphBWfZR4UEwjFEUXEMD5KNEOM
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AFAcEGRn1Q_5jOyLGzbmWUFD_B2w.QhlrQ2jieICKfL60Gk9c3qRWFoJJ5m61Y%2BKj9bOlyOw
.amazon-adsystem.com/ Name: ad-id
Value: Axq6l7RsuES0pPY-zD4Mxws
.mathtag.com/ Name: uuid
Value: 3d126359-5bd2-4300-8bac-5823ac5816c1

5 Console Messages

Source Level URL
Text
network error URL: https://pub.doubleverify.com/signals/pub.json?ctx=20823471&cmp=DV460143&signals=ids,bsc&url=https%3A%2F%2Fwww.mlive.com%2F
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ead.mlive.com/baker?dtstmp=1666800587756
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network error URL: https://sync.inmobi.com/gob?google_gid=CAESEEwUgC5HVgdYw2O1m0bn9nM&google_cver=1&google_push=AZmPxg_czchxevRzamZhT8bVKlBhQH_A3uFir0ZlWmnzcn5wOEDrHqpjEyQFaxBXNIvvveuEbc5B2MjOXQBeia8BAFs2L_-5gGtcsw0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEJAJDIQZxWRaI2F6zv5OOqg&google_cver=1&google_push=AZmPxg-P9AsGpyIxEK6ortTbk48oDl8Fm3GZ8WA3pmyXbnBLu_Hw_0V3Hjvvzx_OPYfwUTMMd2DtCUf5ZtJ5RslqN4k0KKyKIh21mg
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=115
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

29548b147166cb14b33b8c8d450517fd.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
accounts.google.com
ad.turn.com
ads.pubmatic.com
ads.rubiconproject.com
ads.travelaudience.com
ads.yieldmo.com
adservice.google.com
advancelocal.blueconic.net
ajax.googleapis.com
ampcid.google.com
ampcid.google.de
analytics.twitter.com
ap.lijit.com
api-v3.tinypass.com
api.rlcdn.com
apps.sophi.io
at.teads.tv
ats.rlcdn.com
bcp.crwdcntrl.net
buy.tinypass.com
c.amazon-adsystem.com
c.go-mpulse.net
c2.piano.io
casale-match.dotomi.com
cdn.cookielaw.org
cdn.id5-sync.com
cdn.indexww.com
cdn.parsely.com
cdn.sophi.io
cdn.tinypass.com
cdnjs.cloudflare.com
check.analytics.rlcdn.com
classimage.advance.net
cm.g.doubleclick.net
cms.quantserve.com
collector2.sophi.io
connect.facebook.net
contextual.media.net
cs.chocolateplatform.com
cs.emxdgt.com
d.adroll.com
d1z2jf7jlzjs58.cloudfront.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
ead.mlive.com
eus.rubiconproject.com
exchange.postrelease.com
experience.tinypass.com
fastlane.rubiconproject.com
fonts.advance.net
fw.adsafeprotected.com
geo.privacymanager.io
geolocation.onetrust.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
h312.mlive.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.sharedid.org
id5-sync.com
idx.liadm.com
image6.pubmatic.com
images-re.mlive.com
insight.adsrvr.org
jadserve.postrelease.com
js-sec.indexww.com
js.adsrvr.org
js.matheranalytics.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.prod.bidr.io
micro.rubiconproject.com
mlive.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.media.net
privacy.crwdcntrl.net
prod.uidapi.com
pub.doubleverify.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
realestate.mlive.com
region1.google-analytics.com
report-re.mlive.com
rp.liadm.com
rp4.liadm.com
s.ad.smaato.net
s.amazon-adsystem.com
s.go-mpulse.net
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
satisfycork.com
sb.scorecardresearch.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
snap.licdn.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.advance.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adotmob.com
sync.inmobi.com
sync.mathtag.com
sync.srv.stackadapt.com
t.co
tags.crwdcntrl.net
tester.serveblog.net
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
vtrk.doubleverify.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.linkedin.com
www.mlive.com
x.bidswitch.net
z.moatads.com
cs.chocolateplatform.com
sync.inmobi.com
103.229.206.240
104.18.12.76
104.18.18.126
104.18.19.126
104.244.42.195
104.244.42.197
107.178.250.234
108.138.15.119
108.157.4.80
13.107.42.14
13.226.153.37
142.250.185.130
142.250.186.130
15.197.193.217
151.101.130.49
151.101.194.133
151.101.66.133
162.19.138.118
162.19.138.119
162.19.138.82
178.250.0.157
18.155.153.59
18.156.0.31
18.225.3.171
18.65.33.229
18.66.248.86
184.24.1.216
185.183.112.148
185.64.189.112
185.64.190.78
185.80.39.216
185.89.210.122
185.89.211.116
193.0.160.128
199.232.136.157
2.18.232.7
2.18.235.93
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
216.52.2.19
23.203.77.3
23.205.235.133
23.206.210.112
23.35.236.201
23.35.237.56
23.35.237.64
2600:1901:0:328a::1
2600:1901:0:8344::
2600:1f18:1aca:4281:b95e:67d4:aaa7:d102
2600:1f18:730:b130:9041:297a:f663:9c51
2600:9000:2127:3a00:1b:5138:8a40:93a1
2600:9000:224a:2600:8:48e:53c0:93a1
2602:803:c004:200::143
2606:4700:10::6816:3456
2606:4700:4400::ac40:929e
2606:4700::6810:9540
2606:4700::6810:f015
2606:4700::6811:180e
2606:4700::6811:bab1
2606:4700::6812:18ad
2606:4700::6812:a6e0
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:801::2004
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:803::200e
2a00:1450:4001:806::200d
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2008
2a00:1450:4001:831::2006
2a00:1450:400c:c1b::9b
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:1700:38c::11a6
2a02:26f0:3400::1702:d59
2a02:26f0:3500:991::11a6
2a02:26f0:780::5f65:36db
2a02:fa8:8806:13::1400
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3601:a0c6:b0ce:b43:b1c0
3.125.151.135
3.211.35.247
3.219.38.131
3.66.159.87
3.71.169.66
34.102.146.192
34.107.148.139
34.120.133.55
34.120.135.53
34.199.56.222
34.251.33.168
34.254.133.1
34.255.132.76
35.164.244.115
35.190.0.66
35.204.74.118
35.244.159.8
44.206.223.61
52.16.152.32
52.17.99.225
52.209.195.35
52.210.161.152
52.214.0.144
52.223.1.76
52.46.143.56
52.48.159.197
52.94.222.140
54.146.133.189
54.156.207.182
54.170.88.182
65.9.94.183
65.9.95.100
65.9.95.37
65.9.95.59
65.9.95.88
65.9.97.61
65.9.99.209
66.155.71.150
69.173.144.138
69.173.144.165
78.111.89.4
82.113.101.132
88.221.169.143
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
024f4d26c6e410562f6206ea9b5eb3bccef42acc54e840e38216c568fc971276
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
043cb184846466217196d2f035683628db71e02bf5db4c18e0c3244ce8e646b0
04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
08360507d2f8ef20045c2581e210bbac4f39a8e50986ea4bfd3ef66b94faaa36
096a0419a3787b284e7105edeebc7cf4915cb9549f3b433258f65483acc24510
096b00bf402906f87d0f1460a17c08f336525961c8fc5a04ec31f2963d43ed13
09d4fe489c30fcce3a40ac4d14eba5d03f0dcb105cfb273e55e07da075a6a6ff
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0aa56288ff8401a35cc92c51cd7a36439b0d7fce009b7f92a3606f017c4c8692
0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0f9fbc6b366749404cce21450dc8bbffbaf75641884f2f252cadf3b34b13e48c
0ff7aaa3f926fbc17afbc505f88e9892ef1b3a250b1388f807aed72137c4193c
1159500ec113a58c8e68c1889b0d7a4bf551f10c01173442dc90b72c562ccfe6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14a1b93f7974087a1ddcc730555305e250824429401bacf293157cd28c009a3c
14e4901ee2e5c2b93c887cca0a2e3f188379d5ce25edca56836564e10014db76
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
156544cd13b925123ef0a1b00a86d757161c0352c181070c26ffd2988316db74
1a4d51920d99cd8e9abe29524536f77b14f1da36341418e6982b42354f90b3a5
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1cb614c81c491878e5b6256098b31fb4f68b7bbde5e60b21334d085db7e37549
1fd7a17b1f627a080310606d33155a489ee50a751fe026cde918fa1b334f8456
21bbfedcec4640f0edcff084e7ab04675083c782f76fe7bb738500e96c6b57ca
22cb3e9ea757df9ff3c90cc0d1525eba1f0e06cd1cc766e9d49ab69c6e544199
23aef003c4242cb0ae5f2718af07508a5b5c9421e5319bb7073d8f949611faf6
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
256b42d63146c599e22aa9f3da750cca15a444db46b7207d49fa58e1d1869a76
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5
25c3fb46576f9c03a7aa53f9e84261623a1a1d7aef5cc0024641d040a89c02ea
26462b222954f5b5e059f11449f8c038da1b57569ffae0a3ab3825c8bb7f92da
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
28445ab5a58bac3609ddba4d1200c1797a766b538fd6b0bdb0926fbe386f327c
299ac897bf054963b26158ce4b4ac1fc890f2bb4ff4391df89496584c42598fb
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2a9a69292f2943c5deae441aec5bea4934f95fffe301ea2ebb119bcd5f69f5d8
2aa3fa2fa89bd01086f72bb600b582a12c381e895b74bc058a1faff6483ab355
2b968d910bbef836f267a12299e32649d9f2ed87f59ecefceb3d9a4900ec590f
2c054eb126bfe79dff2854aeb9c86220bd4233b450ff26442abf61bbe2922c8e
2e37a913e8361567d474dfdbaad6e43d12e6c6e75154bda87ffcc0c3a6af553c
3082f1320e0c7a5649d40d540001457051ce5127ca859ecaba6f22f4b0446646
30e382a9546c4b436b0568f463e7c3274696c3c59f7aa871af91a33a967f05c4
33d59b5d2877871655406cee46ec086a6759cd5ffc951cb9a28bd551c235621b
3499c2bfdc525e4672c8a2d78d7fb89e7cadd4b4c84a58daf8c30f3a2c7cee59
36b72120fc731ea29b1d2cabe92dc59386f9a1d95b25c965d38e63656ba237f8
36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90
38cc296c174d243dc99f1b97c56241f41b7cfe6ad1dffd77720ec666f3ba1184
38d6a12cc103ed0a924a042383d0c8257452f39ea5af90d832d117909fbb1b41
3b2b8b2a38c693a6bbd0c1cb0f47fe2bd9e9aa2a8811cd27a21b3f7caad3d995
3b2ce9e63a7f14001e6af32ad0d3b19b045b916cf8073180d25688e4b3f49e40
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3d12c8aa6d760257d326777000294e215316c01f31fdf27ba33f3e1ab8cd6e49
3fc70270a527227c6493bc5a1c703f4bef2373f857cb7606b711b4d2fa14684a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40093933237cb4fb5b077344618f6d2ded4ee7c7346b4da9222a76d094f2d7ca
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
447c490f7e223d0222226a5e903068defbbea9c9433e9e5b315746e9edf0f255
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be6ea16b8699f933d761b913cb9b2658c87f51a0c54503387e52657b3751f68
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
5054153ee83d67f42fccafa405a1bd67be7b57de457ec16e7c60ff0306055a20
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b99267d16165d9c297bc7695007762b5f88c03759bf809c5fbc4835693db17
53481b579a70cf026061caa67a89e99a1240b511b7177ec70e5095b9747bdb63
542c02c33feb7e472d8c5c18468ef1015c3b67aa2c9c638f67cda9fed37c13c5
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55468abd6c7a0abe7622605b79ebe6258bf47a4ebf0a19077a0fff6f904e47cd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
570a0988755ed679ee57c73669c72ce35925d151760b3da59adee3b57430defd
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628
5d9a539735b859bdea8d2964cdd6660a5f3c7ae457eb52d4f12a301c43293fae
5ead9dc81443e198243fe698e77682d4de171a7b1d163201510c314663a95e2f
5ec4f813ce8f006e01f0888e4c5871b4064b64585face027d84aee807f059907
5f24a54baabab817d87c367e6186b8fca6657732088d348019818795dcc711f1
5f26dfc3f5d603822dd5eb17c772720fd8d984f3fa596f757973dabe24ebda6e
6066054d8669e8ca3c9a1ca53af6b3e80dba9361b59f023c82d7b55542b36fb0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
64099d5dc2b3db16074ee223048cefc171144ac08bac35abab300c1f6e2a4ca7
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68b5df8a16ee7bbfd4789f8533b7f9882f9095625a8be1f56e352bc10710484d
69aeb5d2ad469592eaaaa3378816e4269fd9f94e6ee73cef2487bbafdc573f3b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c787056c9c77b51c896bb424b9c07d8fa7ce99d3fb523656cef820513eb5547
6d998d111b9bfc44f3a4b44c8e54ec1f0373edd223facb779329c26ade0db6a9
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21
7018ef6516685c3cd9061b79c3dc69e428a52e851f2a7d8a2779d3be1d1cb3e3
70405700397f978e042aa1c5e1c876e837edf6c4e71ca745e6090a519c130608
70c0b487552a9a2ea102ed22ae505177c567320390f5136bcef5dd56d48d4f02
71cd626d596d50654b4bcd5717428749cc3680041dd390a5328e9263f77e7578
7539a3d41fbfd4690e92f7f821153f408f7b304afe55d337f583817a32da9dc3
754bdeaea4d0fbb5b826f2c3247097dfb034fa33418c3e993fd16dc6db60c229
770aad911af818964b7aeede1374fb97d2d0d9d1c28864d2c8bb4ae01b9bb59a
7a023adfd550395882ad5f709709df8f21bfeb2b04ced99e3942222d8f81724c
7df5140aba6469907d6618318b0f15614e5d6bb5c365df41502ac49375500be5
7ea049c6bc5adf945840be4031437bb95482e16a0691be4f11f9762080b28caf
7fc868b33340c1a971c4b08735f1f578c733509875b2deb6ba188dbce9ce762f
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
882901c9ada6d566c74eab9d86cfb991b1a0331c8378a5afedebb00938d444c0
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c1972edd197114c7f9580a4299deb5ca08e7bbdd1c9d0b20c294ab1e3f2e405
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8e0a6387f968f1dfe4b5cbed92f4f94ffffb595727a224919dcbe96e16d12cb0
904145ca10805d387ac4c822d1971970a12183763e0cf13a8d98a4f4d0c6a79e
924e4b297681729162fa238a756db89acf5a1dc0cd23c1204c9a4e4407493822
9347c1d8c30a6dab610953c8568d20ddff10e1e41021fb6cc3aea9098c842065
939dc6ba8600c880d01216456efe6532fae0312d85bc20942bd2b8ac1783ffb7
94900eef3169da435997d7ba8f6aa6373a12fb9f23efdd4fedcca2ee193f14bf
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9969c81de9dd10986307af580c092f5e9b03310df53fe3d85dea5e1d982eaef5
996fa0685c2bfb1e85fb1856d3e833ad4a644d9d7ebbb4f916c7c9d7a39eb3f6
99ecf504385478183fd796325c3b9f0e89a9f46d8ec0a0cbb469d3546ee277d2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c1a3cf6c5fae33a0a2b627a9785b585148970346adbbcc204a4519d05f9a089
9db8cefbffa1d13f2f34b9ec6d90b41bc17d3387e46e053cbd8ff1d0fd2e8493
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303
9f40461c8c607d5bdb6c485325b66b30d3d3a431b9d0c0d1be47fb4fcd1b072b
9f8bba3185dc65a7168148a020df7fea04e09e96a393a00bc159a002c56637ab
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e243e9b5013996c5ab54dd8838f270d8f39f8b2249e5de7a391f12814ae8c6
a1473e602563a7b2363f83910a720b774df3075d0c06135b97240b882278d067
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a752ea20296d4beeb826b29be8e0bc967422defba3b1fb18ef910422270830c7
a7e702f15b65f58d32945e27b8416dac2811afad1a828a9a617d5c0c1cc85b21
a931a595224623594f03d1f067ea040da1239dcefb3a411cbe57912774d81f2a
a9fad541e10caeebefedf8a2e64eb955f2168545c2368b38e42e79ce1f04025b
ab1934d32603a6d634bc028083a38737653dabfb9e5733b42f136ad8bf504042
ab265cf023b5ccdf901e5c0e1d31a3e72e23496b023e7da4a7059a11c28eb3bb
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad32abe55deedaf3b7f65a361b9771b327f9259b8b22fb67b56e69f7cff6d2ad
af7c79793cb8a573f8bf749d78ae3a6ef88ab80c31c4a4f836634c9384b30867
b0766007565870c9a9ce93e31236bc0119fd01fff87ed569848a2a486e931c0c
b1314651e952f8e5a322bc40218003a488225b1a53a78321a94fdff2cd08478d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20559e97825eff33a87ed98c58331e393570f3208bfdf78212720ac12286562
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b57468dd279b82b88e7f922ddc76d2cb14b7745d8d4b78d17094f6d7cabc8fe9
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b72875eb9318e5b1b2728107ad2bcff1edcdbb3d2a157ba92adccb36ee4f0ea7
ba550adff34a8be10f712180fc2b25c886fbc8992361fad703d0730e5f9320ad
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bca5ada6a55eb6c600092520e0e4d9b24b526fb821e8b6c33cabb76575c61b3d
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
bd66cc65e11c33a4be1fc8c94f459f60c37eb4d3e8bd8cf6cddc3acae0d0c7bf
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c41fa2cdafe9c7021105c32feb68705ba4e7fa1f7f86465a154e958d8330cdd9
c847abe121f568072909e19c981ae10e46552dee3d2a0bf9916ad09bb52d958e
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca5805535039702aa3de76d2173996b709dc597e5668949f650b833cdd4569a3
ca8dadef9ebae06187186d125d1fd52c4d40b4ff60b7f2102074dec4442f5d9c
cb15fa1668f0b0f4d0f28ae4876ae14ac464d61b749230ec40aca8319f72bbb7
ccf12e17b53c357fc5b31306123426cefbf4bc9580a58b6028e84e6f6cf58f6b
ce8273c0bbb750377f9173e09b8209260eac7e57b7d6b0cdcf7d64af3598ab5c
cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d102eb430b617e0d7dc8111a0d096944f8a6e762fa52d9efa494365df29bd0ea
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d28e6b8b87b449ddfe1ac483bcbffbb124ed03eb6b385c39165dcde2dfaaf9fd
d2b28582d25b3aa38daf12c501c7abc9297ae74d035ee343941f0938adec0524
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d5c6d8a7bead832557350a76203217f6df6e1fc203bee8687a48c6109ba0eaea
d668f82f398ea679cc5913c2eebc7cf9db9be07bf086e55fd30b2799fb43aa08
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7253e9e79c4b14ef221c963a8c2a1aa952f0f3c510e3f1bfdbfe830b16feb93
d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef
d86ce55edee7f570d7fc315f84814e3b1171edef20e3778e10066727092638b9
d8def9352b359d9621219e56cc36f020b5c375e5b7c23c3c264c144531acd8b2
d9608ec4ea86f70691860daf1b477654e08357662b2fdc33568a376b0fcbdf5c
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deab221f3dc3691db43d0cb0f7f9011722788534d270364d1d45d8ac5ac91d5f
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e11422a258a42f3107b6d82ee95fe0e0d49fabb78cf9f4d394543abacfd4f9af
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e432523f77f554cf143883486329c1e97472bed166a3efd6c2a8ec8299caafca
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
e7261fe5ce66c71ad531ce6da47cd76b7b875cea04c6fe7cfe616b0cad05cd3b
e80c968cfa1c6ed1a490aea83dd984e2aafd2e29e1e71ac4a8e2df3b7535b6d4
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd5a2193701d7d27d8805f7d65c715a0078d48debfee9c3f8bbee498362484a
ed2778e59caa59e3850bf37a92c58e223e0f15fdb23ed94b40dac7e7958ff9ab
edc5af2135a0a8234cac71cea28282ff98840341e86070b1176ee049badcc797
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eef57151e6646e4f59ca6a1d749631ee2f89bf4d1b736fb4620b784cedbe0de6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc62d27b08f0a359af4af35f2668118fbcd0740ba0f111262c8432c70be5210
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
f1c2ed75dfb9bc4a14aab2475f1dd50bf867030fae38b5082b9130daf07970f4
f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc
f242f280a342b863b71dc67408bcdde0ce2dcf2d02e9dfa8500605dc26a06ed9
f2c8df2e07886836ef7c7313b8039fba5aa61b94776ccd7720c671cd10cbd8c7
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
f535a51459b52869c655d036a26642811651265429aecc1ce589733146bbd757
f82310a945181d0cefbf77a7499c87d47ad7698f948655f617c9a5eb0a4b931e
f85c6264fa47fb0d6254524ba826136250eacca8cef1eb770c3d49059eabb38a
fa012296221e3ae07465cf29142aa04e99dd794c222a5d32884dcbdd216a326f
fa3878b3d80419076891b1eaffed0457d80acb2f1be1e5c2e2cd222f49f80874
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fbaacd40862bf1ea965f26571bf04a2609f80f3ba82af73ccd0d840bb19db1c2