www.mlive.com Open in urlscan Pro
2a02:26f0:480:f::213:7ec5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xfinity.userlogin-paymentupdate.service.auigebjhfbas.net/
Effective URL:
https://www.mlive.com/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On November 18 via api (November 18th 2023, 5:18:38 am UTC) from IT — Scanned from GB

Summary HTTP 351 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 103 IPs in 9 countries across 63 domains to perform 351 HTTP transactions. The main IP is 2a02:26f0:480:f::213:7ec5, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.mlive.com. The Cisco Umbrella rank of the primary domain is 56801.
TLS certificate: Issued by R3 on November 3rd 2023. Valid for: 3 months.

This is the only time www.mlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.208.17.140 172.208.17.140	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	75.2.53.215 75.2.53.215	16509 (AMAZON-02) (AMAZON-02)
35	2a02:26f0:480... 2a02:26f0:480:f::213:7ec5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1901:0:3... 2600:1901:0:328a::1	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.32.121.108 13.32.121.108	16509 (AMAZON-02) (AMAZON-02)
1	18.245.86.83 18.245.86.83	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:9a4::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
3	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
4	52.223.1.76 52.223.1.76	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80e::200d	15169 (GOOGLE) (GOOGLE)
5	2600:9000:249... 2600:9000:2491:7000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
15	18.66.147.6 18.66.147.6	16509 (AMAZON-02) (AMAZON-02)
19	23.32.185.123 23.32.185.123	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.204.98.99 143.204.98.99	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:dff8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	52.222.250.165 52.222.250.165	16509 (AMAZON-02) (AMAZON-02)
1	104.102.36.95 104.102.36.95	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.245.60.53 18.245.60.53	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	107.178.250.234 107.178.250.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.250.99.225 34.250.99.225	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.30 99.86.4.30	16509 (AMAZON-02) (AMAZON-02)
3	52.19.8.73 52.19.8.73	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:710... 2a02:26f0:7100:59a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	35.244.193.51 35.244.193.51	15169 (GOOGLE) (GOOGLE)
3	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.48.43.143 52.48.43.143	16509 (AMAZON-02) (AMAZON-02)
1	23.215.22.18 23.215.22.18	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
2	44.213.18.121 44.213.18.121	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.99.59 13.32.99.59	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	13.32.119.77 13.32.119.77	16509 (AMAZON-02) (AMAZON-02)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:225... 2600:9000:2250:2200:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	65.9.61.60 65.9.61.60	16509 (AMAZON-02) (AMAZON-02)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	2602:803:c003... 2602:803:c003:200::44	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.229.10.156 3.229.10.156	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
7	52.36.216.155 52.36.216.155	16509 (AMAZON-02) (AMAZON-02)
2	52.54.8.105 52.54.8.105	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.155.18.159 54.155.18.159	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2602:803:c003... 2602:803:c003:200::77	26667 (RUBICONPR...) (RUBICONPROJECT)
1	65.9.65.116 65.9.65.116	16509 (AMAZON-02) (AMAZON-02)
4	18.198.226.18 18.198.226.18	16509 (AMAZON-02) (AMAZON-02)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
7 11	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3 3	52.29.13.21 52.29.13.21	16509 (AMAZON-02) (AMAZON-02)
3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:b000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	15.197.133.55 15.197.133.55	16509 (AMAZON-02) (AMAZON-02)
2	23.32.185.192 23.32.185.192	16625 (AKAMAI-AS) (AKAMAI-AS)
2	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1	35.186.255.72 35.186.255.72	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:c376	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	52.214.69.158 52.214.69.158	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
6	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
18	2600:1f13:800... 2600:1f13:800:7782:14df:363:a706:6a6f	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.119 143.204.98.119	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:907e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
2	172.64.149.180 172.64.149.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	52.2.255.127 52.2.255.127	() ()
1 2	52.46.128.147 52.46.128.147	() ()
1 1	34.95.81.168 34.95.81.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:ae80:192... 2607:ae80:192:1::173	26558 (FREEWHEEL) (FREEWHEEL)
351	103

1 172.208.17.140 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

xfinity.userlogin-paymentupdate.service.auigebjhfbas.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.53.215 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a135022da78f12244.awsglobalaccelerator.com

mlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a02:26f0:480:f::213:7ec5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.mlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:328a::1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

satisfycork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-108.fra60.r.cloudfront.net

cdn.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-83.fra60.r.cloudfront.net

apps.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:9a4::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

micro.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.1.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8fd921d2017b5f79.awsglobalaccelerator.com

ecollector-us-east.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2491:7000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 18.66.147.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-6.fra60.r.cloudfront.net

h312.mlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 23.32.185.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-123.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-99.fra50.r.cloudfront.net

ats-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:dff8 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.250.165 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-165.fra60.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.36.95 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-36-95.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.60.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-53.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-99-225.eu-west-1.compute.amazonaws.com

privacy.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.19.8.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-8-73.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:59a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.43.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-43-143.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.22.18 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-18.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.213.18.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-18-121.compute-1.amazonaws.com

advancelocal.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-59.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:2200:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

display.bidder.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::44 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.10.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-10-156.compute-1.amazonaws.com

exchange.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.36.216.155 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-216-155.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.8.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-8-105.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::77 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net

ad.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.198.226.18 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-226-18.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.16.194 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.13.21 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-13-21.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:b000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.133.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4b61a47cf5978487.awsglobalaccelerator.com

de2-bid.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-192.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.255.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.255.186.35.bc.googleusercontent.com

app.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c376 (United States)

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.214.69.158 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-69-158.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:1f13:800:7782:14df:363:a706:6a6f (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-119.fra50.r.cloudfront.net

check.analytics.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:907e (United States)

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.2.255.127 (None, ) 2 redirects

ASN- ()

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.128.147 (None, ) 1 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:192:1::173 (United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	mlive.com 1 redirects mlive.com — Cisco Umbrella Rank: 52734 www.mlive.com — Cisco Umbrella Rank: 56801 h312.mlive.com — Cisco Umbrella Rank: 83670	2 MB
48	googlesyndication.com 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 pagead2.googlesyndication.com — Cisco Umbrella Rank: 97	280 KB
33	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	285 KB
27	adsafeprotected.com 2 redirects static.adsafeprotected.com — Cisco Umbrella Rank: 587 fw.adsafeprotected.com — Cisco Umbrella Rank: 898 dt.adsafeprotected.com — Cisco Umbrella Rank: 570	206 KB
20	rubiconproject.com micro.rubiconproject.com — Cisco Umbrella Rank: 3362 ads.rubiconproject.com — Cisco Umbrella Rank: 2300 fastlane.rubiconproject.com — Cisco Umbrella Rank: 513 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10151 prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3172 eus.rubiconproject.com — Cisco Umbrella Rank: 602 token.rubiconproject.com — Cisco Umbrella Rank: 458	209 KB
19	moatads.com z.moatads.com — Cisco Umbrella Rank: 647 px.moatads.com — Cisco Umbrella Rank: 593	98 KB
18	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	240 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 342	257 KB
9	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 511 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	6 KB
9	google.com 1 redirects accounts.google.com — Cisco Umbrella Rank: 24 news.google.com — Cisco Umbrella Rank: 6231 ampcid.google.com — Cisco Umbrella Rank: 2931 www.google.com — Cisco Umbrella Rank: 2	147 KB
8	postrelease.com exchange.postrelease.com — Cisco Umbrella Rank: 4810 jadserve.postrelease.com — Cisco Umbrella Rank: 1122	5 KB
8	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 privacy.crwdcntrl.net — Cisco Umbrella Rank: 17052 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887 id.crwdcntrl.net — Cisco Umbrella Rank: 2498	44 KB
7	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394 s.amazon-adsystem.com	73 KB
6	sophi.io cdn.sophi.io — Cisco Umbrella Rank: 20346 apps.sophi.io — Cisco Umbrella Rank: 33300 ecollector-us-east.sophi.io — Cisco Umbrella Rank: 29644	38 KB
5	adsrvr.org ad.adsrvr.org — Cisco Umbrella Rank: 2305 match.adsrvr.org — Cisco Umbrella Rank: 353 de2-bid.adsrvr.org — Cisco Umbrella Rank: 13793	309 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	319 KB
5	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 11441 www.i.matheranalytics.com — Cisco Umbrella Rank: 11241 app.matheranalytics.com — Cisco Umbrella Rank: 16997	44 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	278 B
4	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1656 google-bidout-d.openx.net — Cisco Umbrella Rank: 1665 rtb.openx.net — Cisco Umbrella Rank: 695	905 B
4	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 440 cdn.id5-sync.com — Cisco Umbrella Rank: 863	35 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 912	2 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926	7 KB
3	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502 ads.pubmatic.com — Cisco Umbrella Rank: 534 image6.pubmatic.com — Cisco Umbrella Rank: 823	6 KB
3	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1497 cdn-ima.33across.com — Cisco Umbrella Rank: 1383	5 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	125 KB
3	tinypass.com experience.tinypass.com — Cisco Umbrella Rank: 8527 cdn.tinypass.com — Cisco Umbrella Rank: 6082 buy.tinypass.com — Cisco Umbrella Rank: 6577	115 KB
2	liadm.com 2 redirects i.liadm.com	1 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 674 cdn.indexww.com — Cisco Umbrella Rank: 1531	2 KB
2	adform.net cm.adform.net — Cisco Umbrella Rank: 1267	325 B
2	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4925	470 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 567	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 851 r.turn.com — Cisco Umbrella Rank: 4121	869 B
2	taboola.com display.bidder.taboola.com — Cisco Umbrella Rank: 10365 trc.taboola.com — Cisco Umbrella Rank: 705	625 B
2	media.net prebid.media.net — Cisco Umbrella Rank: 1335 contextual.media.net — Cisco Umbrella Rank: 691	9 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3071 p1.parsely.com — Cisco Umbrella Rank: 2363	21 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928	545 B
2	blueconic.net advancelocal.blueconic.net — Cisco Umbrella Rank: 29379	2 KB
2	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 957 check.analytics.rlcdn.com — Cisco Umbrella Rank: 4188	634 B
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 778	7 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
2	privacymanager.io ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 2655 geo.privacymanager.io — Cisco Umbrella Rank: 1825	51 KB
2	teads.tv a.teads.tv — Cisco Umbrella Rank: 1462 at.teads.tv — Cisco Umbrella Rank: 4843	4 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 590	539 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	219 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1444 c.go-mpulse.net — Cisco Umbrella Rank: 654	50 KB
2	satisfycork.com satisfycork.com — Cisco Umbrella Rank: 30676	24 KB
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 566	654 B
1	digitaleast.mobi 1 redirects euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 17718	245 B
1	piano.io c2.piano.io — Cisco Umbrella Rank: 5472	3 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268	574 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 716	239 B
1	google.de ampcid.google.de — Cisco Umbrella Rank: 86280	367 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 747	726 B
1	t.co t.co — Cisco Umbrella Rank: 607	377 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1762	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491	3 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	13 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155	17 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 713	15 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3638	164 KB
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	1 KB
1	auigebjhfbas.net 1 redirects xfinity.userlogin-paymentupdate.service.auigebjhfbas.net	462 B
351	63

	Domain	Requested by
35	www.mlive.com	www.mlive.com
30	pagead2.googlesyndication.com	www.mlive.com 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
18	dt.adsafeprotected.com	715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
18	s0.2mdn.net	www.mlive.com s0.2mdn.net 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
15	px.moatads.com	www.mlive.com
15	h312.mlive.com	www.mlive.com h312.mlive.com
14	tpc.googlesyndication.com	715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com www.mlive.com tpc.googlesyndication.com securepubads.g.doubleclick.net
11	cm.g.doubleclick.net	7 redirects www.mlive.com 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
11	securepubads.g.doubleclick.net	www.mlive.com securepubads.g.doubleclick.net 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com www.googletagservices.com
11	cdn.cookielaw.org	www.mlive.com cdn.cookielaw.org
7	jadserve.postrelease.com	s.ntv.io www.mlive.com
6	eus.rubiconproject.com	715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com eus.rubiconproject.com micro.rubiconproject.com
6	googleads.g.doubleclick.net	www.mlive.com 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com pagead2.googlesyndication.com
5	www.googletagservices.com	715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com s0.2mdn.net
5	static.adsafeprotected.com	www.mlive.com 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	googleads4.g.doubleclick.net	www.mlive.com
4	fw.adsafeprotected.com	2 redirects www.mlive.com
4	ssum-sec.casalemedia.com	2 redirects js-sec.indexww.com ssum-sec.casalemedia.com
4	prebid-a.rubiconproject.com	micro.rubiconproject.com
4	www.facebook.com	www.mlive.com
4	715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	z.moatads.com	www.mlive.com z.moatads.com 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
4	ecollector-us-east.sophi.io	cdn.sophi.io
3	token.rubiconproject.com	eus.rubiconproject.com
3	match.adsrvr.org	715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com ssum-sec.casalemedia.com
3	pm.w55c.net	3 redirects
3	www.google.com	1 redirects 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com tpc.googlesyndication.com
3	id5-sync.com	micro.rubiconproject.com cdn.id5-sync.com
3	ads.rubiconproject.com	micro.rubiconproject.com 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
3	bcp.crwdcntrl.net	tags.crwdcntrl.net
3	connect.facebook.net	www.mlive.com connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.mlive.com
3	accounts.google.com	www.mlive.com accounts.google.com
3	tags.crwdcntrl.net	www.mlive.com securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	www.mlive.com c.amazon-adsystem.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	i.liadm.com	2 redirects
2	cm.adform.net	googleads.g.doubleclick.net
2	ad.yieldlab.net	googleads.g.doubleclick.net
2	sync.1rx.io	2 redirects
2	beacon-ams3.rubiconproject.com	www.mlive.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects www.mlive.com
2	www.i.matheranalytics.com	www.mlive.com
2	lb.eu-1-id5-sync.com	micro.rubiconproject.com cdn.id5-sync.com
2	advancelocal.blueconic.net	h312.mlive.com
2	region1.google-analytics.com	www.googletagmanager.com
2	lexicon.33across.com	micro.rubiconproject.com cdn-ima.33across.com
2	js.matheranalytics.com	1 redirects www.mlive.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	sb.scorecardresearch.com	www.mlive.com
2	news.google.com	www.googletagmanager.com news.google.com
2	geolocation.onetrust.com	cdn.cookielaw.org
2	www.googletagmanager.com	www.mlive.com www.googletagmanager.com
2	satisfycork.com	www.mlive.com satisfycork.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	ads.stickyadstv.com	ssum-sec.casalemedia.com
1	euexchangesync.digitaleast.mobi	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	trc.taboola.com
1	contextual.media.net	micro.rubiconproject.com
1	js-sec.indexww.com	micro.rubiconproject.com
1	ads.pubmatic.com	micro.rubiconproject.com
1	buy.tinypass.com	cdn.tinypass.com
1	check.analytics.rlcdn.com	micro.rubiconproject.com
1	c2.piano.io	cdn.tinypass.com
1	app.matheranalytics.com	js.matheranalytics.com
1	de2-bid.adsrvr.org	715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	s.ad.smaato.net	715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
1	rtb.openx.net	715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
1	r.turn.com	www.mlive.com
1	ad.turn.com	1 redirects
1	ad.adsrvr.org	715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	www.mlive.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	p1.parsely.com	www.mlive.com
1	ampcid.google.de	www.google-analytics.com
1	analytics.twitter.com	www.mlive.com
1	t.co	www.mlive.com
1	exchange.postrelease.com	micro.rubiconproject.com
1	fastlane.rubiconproject.com	micro.rubiconproject.com
1	display.bidder.taboola.com	micro.rubiconproject.com
1	hbopenbid.pubmatic.com	micro.rubiconproject.com
1	prebid.media.net	micro.rubiconproject.com
1	htlb.casalemedia.com	micro.rubiconproject.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	ampcid.google.com	www.google-analytics.com
1	geo.privacymanager.io	ats-wrapper.privacymanager.io
1	at.teads.tv	a.teads.tv
1	cdn.tinypass.com	experience.tinypass.com
1	cdn.id5-sync.com	www.mlive.com
1	secure.cdn.fastclick.net	www.mlive.com
1	id.crwdcntrl.net	micro.rubiconproject.com
1	api.rlcdn.com	micro.rubiconproject.com
1	c.go-mpulse.net	s.go-mpulse.net
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	privacy.crwdcntrl.net	tags.crwdcntrl.net
1	static.ads-twitter.com	www.googletagmanager.com
1	s.ntv.io	www.mlive.com
1	d1z2jf7jlzjs58.cloudfront.net	www.mlive.com
1	experience.tinypass.com	www.mlive.com
1	ats-wrapper.privacymanager.io	www.mlive.com
1	a.teads.tv	www.googletagmanager.com
1	micro.rubiconproject.com	www.mlive.com
1	s.go-mpulse.net	www.mlive.com
1	apps.sophi.io	www.mlive.com
1	cdn.sophi.io	www.mlive.com
1	mlive.com	1 redirects
1	xfinity.userlogin-paymentupdate.service.auigebjhfbas.net	1 redirects
351	117

This site contains links to these domains. Also see Links.

Domain
ezads.mlive.com
autos.mlive.com
classifieds.mlive.com
link.mlive.com
podcasts.apple.com
www.mlivemediagroup.com
www.facebook.com
twitter.com
www.youtube.com
subscription.mlive.com
mlivemediagroup.com
subscribe.mlive.com
myaccount.mlive.com
hiring.mlive.com
www.advancelocal.com
www.onetrust.com

Subject Issuer	Validity	Valid
advancelocal.web.arc-cdn.net R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
satisfycork.com R3	`2023-09-08` - `2023-12-07`	3 months	crt.sh
cdn.sophi.io Amazon RSA 2048 M01	`2023-09-17` - `2024-10-15`	a year	crt.sh
apps.sophi.io Amazon RSA 2048 M01	`2023-03-18` - `2024-04-15`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.sophi.io Amazon RSA 2048 M01	`2023-04-11` - `2024-05-10`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
w723.lonestarlive.com Amazon RSA 2048 M01	`2023-07-07` - `2024-08-04`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
*.news.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-13` - `2024-08-12`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2023-08-28` - `2024-08-28`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-27` - `2023-11-25`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-10-01` - `2023-12-30`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.blueconic.net Amazon RSA 2048 M01	`2023-06-08` - `2024-07-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.parsely.com Amazon RSA 2048 M02	`2023-05-06` - `2024-06-03`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.bidder.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-12` - `2024-12-12`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-16` - `2024-10-14`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.i.matheranalytics.com Amazon RSA 2048 M03	`2023-11-15` - `2024-12-14`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
app.matheranalytics.com GTS CA 1D4	`2023-10-07` - `2024-01-06`	3 months	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2023-03-27` - `2024-03-26`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
analytics.rlcdn.com Amazon RSA 2048 M02	`2023-06-27` - `2024-07-24`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://www.mlive.com/
Frame ID: 423C0F0ABEFE460ACB9E66D57F28BDD1
Requests: 190 HTTP requests in this frame

Frame: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FEE46EE70BAEC301918284BE7EE31F21
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: E4BE2BC6AC9DC2508814604404E2D4E6
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mlive.com&us_privacy=1---
Frame ID: D2B2F37985748DECE72BAE435A551806
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 5D7F5169F76C05CD3D51199E662EB724
Requests: 1 HTTP requests in this frame

Frame: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DF81CF39FEB0C8E3A584C8E1AFA682A7
Requests: 15 HTTP requests in this frame

Frame: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6F05B3424CADB44E6505169B5FC4F316
Requests: 9 HTTP requests in this frame

Frame: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A48127ED008F6FAAA89FEEAD015F00E3
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYoIv9xAEwAQ&v=APEucNVPmAFN1keWWX9BUyI3OaxjYdOx7aOwhFew_3jp6jx9rcxg7CcUrl4xP2Be2gdQDRF03gmUweFUN80SrN-f1tCGyBwJtj74WcZzosf9C1321ywBprBC1IKswOK9-g4_a1JK52oJlFlXVRHK8ejmfZQArtJT8wixgwGgiQRxCbJe0wKh1xk
Frame ID: 595DBA25C31CC55D79D31E0FCDEF998F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: A631A3E39AE9BD280151C2E036E72A41
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYoIv9xAEwAQ&v=APEucNUbi12RIOfp4xuVQ_HfUVzfFMD8yk---4lqD5UPyxQk3SA58ETMGaJOPxS4wbA8rN_yEB7MBNJimdGPg1M9boRadhv0F2ukcFJ0oeu0HWKdutrapvrXt4zDySBbaWOCh14wXkvZKgEYxqhtBQNdv52NWZwF6R5c3SnpfoT3mzQiCimlJvQ
Frame ID: A0DBEE396E9A7F5197BE016C961D8373
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 43243FD9229FAFD5F507ED80D7AAA0DD
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B3A9EB3377218D73B627436D51DDA4B5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3C8166F122701F9D2EFD8997BB4AA036
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: BA96870AA6980489DC4135254529740A
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 7A5B6DCB97F09CC5D8FEDE3E4AD936E2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 20FF9A5F2BD7F627418F839627A79483
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3154644BD33D02B73A88F899AA47B1FA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250
Frame ID: AE46017DA1C747C726859E77DF3927F1
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250
Frame ID: 253B964A6431A9B50639FE4753141C57
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D5652EFEB14567E7A2FEC801BD98CA2A
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2D4C5F067ECE6EF4FE6446BA2BEF13C8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 956F120E6CC14816DA32C3B663B185A0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 60D83AA76C6ECD0274D1CB8D81A9437B
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Frame ID: 9661C729BE64173005B0F5CF3C98094C
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A803A016215A07A988AB0CED2F662D73
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 53A617712B7E3035AD301E6CF0436FEE
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: AA43CAD06C542AD9E557A19E9BA83D31
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 29634DECA0E040B1DD59147FAC02AC33
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Michigan Local News, Breaking News, Sports & WeatherLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://xfinity.userlogin-paymentupdate.service.auigebjhfbas.net/ HTTP 307
https://mlive.com/ HTTP 301
https://www.mlive.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

351
Requests

95 %
HTTPS

35 %
IPv6

63
Domains

117
Subdomains

103
IPs

9
Countries

5221 kB
Transfer

15103 kB
Size

83
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://ezads.mlive.com/michigan-adportal/obits/index.html
Title: Place obituary

Search URL Search Domain Scan URL

URL: https://autos.mlive.com/
Title: Autos

Search URL Search Domain Scan URL

URL: https://classifieds.mlive.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://classifieds.mlive.com/mlive/category/real-estate
Title: Homes for Sale

Search URL Search Domain Scan URL

URL: https://classifieds.mlive.com/mlive/category/rentals
Title: For Rent

Search URL Search Domain Scan URL

URL: https://classifieds.mlive.com/mlive/category/pets
Title: Pets

Search URL Search Domain Scan URL

URL: https://classifieds.mlive.com/mlive/category/for-sale
Title: For Sale

Search URL Search Domain Scan URL

URL: https://classifieds.mlive.com/mlive/category/garage-sale/estate-sale/auctions
Title: Garage Sales

Search URL Search Domain Scan URL

URL: https://classifieds.mlive.com/mlive/category/celebrations
Title: Celebrations

Search URL Search Domain Scan URL

URL: https://classifieds.mlive.com/mlive/category/public-notices/public-notice
Title: Public Notices

Search URL Search Domain Scan URL

URL: https://link.mlive.com/join/6fh/signup
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://podcasts.apple.com/us/podcast/michigan-news-from-mlive/id1436032120
Title: Daily Audio Briefing

Search URL Search Domain Scan URL

URL: https://www.mlivemediagroup.com/contact/?utm_source=mlive.com&utm_medium=hamburger&utm_campaign=advertise
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mlive/
Title: Visit our Facebook Page

Search URL Search Domain Scan URL

URL: https://twitter.com/mlive/
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/MLiveVideo
Title: Visit us on YouTube

Search URL Search Domain Scan URL

URL: http://subscription.mlive.com/newsletters/
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://mlivemediagroup.com/careers?utm_source=mlive.com&utm_medium=footer&utm_campaign=careers
Title: Jobs at MLive

Search URL Search Domain Scan URL

URL: https://www.mlivemediagroup.com/?utm_source=mlive.com&utm_medium=footer
Title: MLive Media Group

Search URL Search Domain Scan URL

URL: https://www.mlivemediagroup.com/our-team/?utm_source=mlive.com&utm_medium=footer
Title: Our Team

Search URL Search Domain Scan URL

URL: https://www.mlivemediagroup.com/contact/?utm_source=mlive.com&utm_medium=footer&utm_campaign=advertise
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=aa
Title: The Ann Arbor News

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=bc
Title: The Bay City Times

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=fj
Title: The Flint Journal

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=gr
Title: The Grand Rapids Press

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=jp
Title: Jackson Citizen Patriot

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=kg
Title: Kalamazoo Gazette

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=mc
Title: Muskegon Chronicle

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=sn
Title: The Saginaw News

Search URL Search Domain Scan URL

URL: https://myaccount.mlive.com/
Title: Manage your Subscription

Search URL Search Domain Scan URL

URL: https://classifieds.mlive.com/mlive
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://hiring.mlive.com/purchase/post-now/
Title: Post a job

Search URL Search Domain Scan URL

URL: https://www.advancelocal.com/

Search URL Search Domain Scan URL

URL: https://www.mlivemediagroup.com/about/?utm_source=mlive.com&utm_medium=footer-article
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.youtube.com/intl/en-US/about/policies/
Title: here

Search URL Search Domain Scan URL

URL: https://www.youtube.com/t/terms
Title: here

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xfinity.userlogin-paymentupdate.service.auigebjhfbas.net/ HTTP 307
https://mlive.com/ HTTP 301
https://www.mlive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1640 HTTP 301
https://js.matheranalytics.com/static/ltm/ma63527/all/17/ml.br.js

Request Chain 128

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1

Request Chain 141

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mlive.com&sn=ChromeSyncframe&so=0&topUrl=www.mlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=F7Zd_Hw4YktDWVR0SC83MkJsdkZIVW14ZmN6ZXJtaTZkendIVGNBbFZwcVNMeHVaajBzcW1Cd2JPTUVtbzRUS2hpdzZzdVIyREZxaU1OeVR6aWd5Y0htWERmTmxSSlFVK2tYeW5MbkNZamxyYzNHYjBKS3dvM3ZSOVY2ZzUwZ0JZSXVETlp0ZHN0VUNxOVBlTG4vMzZXMWNjd240L1l3eFhNR1NrSEZ6R1J1YUduSjdSM2ZoS3AveG91R0ROZ3hJU0ozUXJUKzRTcDNiR0tsUlhKSFYwSlQ4SG5ZTjczcUNrRFh2MUF2RnBIMkdKY05UMy82WGZPSlU4aWhnREoyMkJoYkRyV24xeGQzUkpNMU9DcU1VVkY0NzNKQT09fA&cppv=2

Request Chain 209

https://ad.turn.com/r/cs?pid=3&google_gid=CAESECRNGWGcG9y7WVtoN3OMdT8&google_cver=1&google_push=AXcoOmQUxhbBQ1-6Z8nPl_VZ-H_y-7CEZewpBm4-n7qdamceWCbVOud8CjI9_tD21VLgGkhG3S8ZzrytGkhS9EB-LmU01UFnvUeq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg5MjQ4Mzc0NzY1Nzg2OTA4MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBBknfojYpKxF03Qq4Z3l8s&google_cver=1

Request Chain 210

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJci1hjLQK9r4wCLKJYP3is&google_cver=1&google_push=AXcoOmQ5UCDULX7p2I0M7iUG4aha3mkmjSfeGcUxZaNobSVFnC88XIpOcp2nBZ4OyIX-iG0ErKF-ThT6Y-5ozegm3Ed2YeXQCT0 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJci1hjLQK9r4wCLKJYP3is&google_cver=1&google_push=AXcoOmQ5UCDULX7p2I0M7iUG4aha3mkmjSfeGcUxZaNobSVFnC88XIpOcp2nBZ4OyIX-iG0ErKF-ThT6Y-5ozegm3Ed2YeXQCT0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bjZYRHVJMlQxUjRkSVk1&google_gid=CAESEJci1hjLQK9r4wCLKJYP3is&google_cver=1&google_push=AXcoOmQ5UCDULX7p2I0M7iUG4aha3mkmjSfeGcUxZaNobSVFnC88XIpOcp2nBZ4OyIX-iG0ErKF-ThT6Y-5ozegm3Ed2YeXQCT0

Request Chain 213

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK4zNbxyrq8eCRaqnWJ0V5k&google_cver=1&google_push=AXcoOmSoNPWeom9EYIRMpYqrMUuveNe5IbplCC8rws1jYW5GBBVeLd_uKAAixvM7-9G0ylf3TMLNHiDz-QF3YQlHrshmV6ixCZUP HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEK4zNbxyrq8eCRaqnWJ0V5k&google_push=AXcoOmSoNPWeom9EYIRMpYqrMUuveNe5IbplCC8rws1jYW5GBBVeLd_uKAAixvM7-9G0ylf3TMLNHiDz-QF3YQlHrshmV6ixCZUP&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK4zNbxyrq8eCRaqnWJ0V5k&google_hm=ZVhJKFje4TimJRqHhCYZ6AAACJUAAAAB&google_nid=index&google_push=AXcoOmSoNPWeom9EYIRMpYqrMUuveNe5IbplCC8rws1jYW5GBBVeLd_uKAAixvM7-9G0ylf3TMLNHiDz-QF3YQlHrshmV6ixCZUP

Request Chain 215

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESENBkTap-27ksXgvjq_ZkqIM&google_cver=1&google_push=AXcoOmR1lUGezyqDrMhZ7ftEcAWtmwjwBKIe5r1c4ieXlzEg_HouxscfLxu0tBczELs2HOqDxvf3oOWsn0Dl8dfsd8lBeixsfz1x HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmR1lUGezyqDrMhZ7ftEcAWtmwjwBKIe5r1c4ieXlzEg_HouxscfLxu0tBczELs2HOqDxvf3oOWsn0Dl8dfsd8lBeixsfz1x&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1700284712782 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1e0bf489-eb02-478b-9b67-78c3bc676aa3-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmR1lUGezyqDrMhZ7ftEcAWtmwjwBKIe5r1c4ieXlzEg_HouxscfLxu0tBczELs2HOqDxvf3oOWsn0Dl8dfsd8lBeixsfz1x%26google_hm%3DAx4L9InrAkeLm2d4w7xnaqM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmR1lUGezyqDrMhZ7ftEcAWtmwjwBKIe5r1c4ieXlzEg_HouxscfLxu0tBczELs2HOqDxvf3oOWsn0Dl8dfsd8lBeixsfz1x&google_hm=Ax4L9InrAkeLm2d4w7xnaqM

Request Chain 217

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEGbeWDi5sx1j_7dUGs7AngY&google_cver=1

Request Chain 222

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEPCPgzQt2LsvLGViruWNsTo&google_cver=1&adform_v=1

Request Chain 223

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEGbeWDi5sx1j_7dUGs7AngY&google_cver=1

Request Chain 224

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEPCPgzQt2LsvLGViruWNsTo&google_cver=1&adform_v=1

Request Chain 267

https://fw.adsafeprotected.com/rfw/st/987057/61527013/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=10071&ias_chanId=8&ias_placementId=20343401411&bidurl=https://www.mlive.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0glgzR6HpDVgVCUsMPfZFxC&adContainerId=brand_safety_KElYZZDmLauk9u8PxIiSwAE&cbFunctionName=goog_wrapCb_KElYZZDmLauk9u8PxIiSwAE&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.mlive.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.mlive.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:cdbdd157-1f48-a9ed-eec4-f19d3e170e80,c:uieUDi,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7bc8d8d488-njrtj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tVW5nCk+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181*.987057-61527013%7C1811%7C1812%7C1813%7C1814%7C1911%7C1912%7C19131%7C1914,idMap:181*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:25,oid:eae8d2e6-85d1-11ee-8810-bed73713caa8,v:19.8.460,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_KElYZZDmLauk9u8PxIiSwAE&cbFunctionName=goog_wrapCb_KElYZZDmLauk9u8PxIiSwAE&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js

Request Chain 272

https://fw.adsafeprotected.com/rfw/st/987057/61527013/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=10071&ias_chanId=8&ias_placementId=20343401411&bidurl=https://www.mlive.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g-ceEX1XhNxNm6Bx1pHWO5&adContainerId=brand_safety_KElYZY65LuGv7_UP3KiW4Aw&cbFunctionName=goog_wrapCb_KElYZY65LuGv7_UP3KiW4Aw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.mlive.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.mlive.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:d3b4d2ca-6033-4133-98bc-56e45427a9e9,c:uieUE8,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7bc8d8d488-d9nzk,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tVW5nDh+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C1811%7C1812%7C1813%7C1814%7C1815%7C191*.987057-61527013%7C1911%7C1912%7C1913%7C1914,idMap:191*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:17,oid:eae8fa6f-85d1-11ee-acab-5686454d51fd,v:19.8.460,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_KElYZY65LuGv7_UP3KiW4Aw&cbFunctionName=goog_wrapCb_KElYZY65LuGv7_UP3KiW4Aw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js

Request Chain 341

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVhJKFje4TimJRqHhCYZ6AAA%262197&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVhJKFje4TimJRqHhCYZ6AAA%262197&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=0a0bf32a37c84c90a0a0a84eadb968e6 HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0

Request Chain 342

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVhJKFje4TimJRqHhCYZ6AAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOlh5dYOsl365KrwRj5bp1I&google_cver=1

Request Chain 344

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVhJKFje4TimJRqHhCYZ6AAACJUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENfN-IkfOAk7YG90RFWlG94&google_cver=1

Request Chain 345

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVhJKFje4TimJRqHhCYZ6AAACJUAAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVhJKFje4TimJRqHhCYZ6AAACJUAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 346

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=

Request Chain 348

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=n6XDuI2T1R4dIY5

351 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.mlive.com/
Redirect Chain

http://xfinity.userlogin-paymentupdate.service.auigebjhfbas.net/
https://mlive.com/
https://www.mlive.com/

459 KB
85 KB

300ms
75ms

Document
text/html

2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

20968f90541ca3c75bba68253aa18ba3bbe677624e86dc48e14bf3ded2bd1e7b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

akamai-true-ttl: -1
cache-control: private, max-age=60
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Sat, 18 Nov 2023 05:18:29 GMT
etag: W/"71854-B268lQknSVs5B2RBmxlEUV4fYks"
expires: Sat, 18 Nov 2023 05:19:29 GMT
last-modified: Sat, 18 Nov 2023 05:17:50 GMT
link: <https://www.mlive.com/pf/resources/fonts/Inter/Inter-Bold.woff2?d=1169>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.mlive.com/pf/resources/fonts/farnhamheadline-semi-bold.woff?d=1169>;rel="preload";as="font";type="font/woff";crossorigin,<https://www.mlive.com/pf/resources/fonts/Inter/Inter-Italic.woff2?d=1169>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.mlive.com/pf/resources/fonts/farnhamheadline-medium.woff?d=1169>;rel="preload";as="font";type="font/woff";crossorigin,<https://www.mlive.com/pf/resources/fonts/Inter/Inter-SemiBold.woff2?d=1169>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.mlive.com/pf/resources/fonts/Inter/Inter-Regular.woff2?d=1169>;rel="preload";as="font";type="font/woff2";crossorigin <https://cdn.sophi.io>;rel="preconnect",<https://apps.sophi.io>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://securepubads.g.doubleclick.net>;rel="preconnect",<https://micro.rubiconproject.com>;rel="preconnect",<https://c.amazon-adsystem.com>;rel="preconnect",<https://a.teads.tv>;rel="preconnect",<https://h312.mlive.com>;rel="preconnect",<https://s.ntv.io>;rel="preconnect" <https://cdn.cookielaw.org>;rel="preconnect",<https://tags.crwdcntrl.net>;rel="preconnect"
prerender-cache-tag: prerender-advancelocal-mlive-prod-b308edcd
referrer-policy: no-referrer-when-downgrade
server: openresty
server-timing: cdn-cache; desc=HIT edge; dur=16 origin; dur=0 ak_p; desc="1700284709626_34831749_1331146584_1554_5566_51_106_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 83292 0 pmb=mRUM,2
x-amz-cf-id: H6b_FhCEPW2JtxYc5i9rMedL-ff5H5qa57dgtwzS5ec6uSJ28-Zbhw==
x-amz-cf-pop: FRA60-P6
x-arc-pb-request-id: 3e8d3dc7-0ef7-4643-8b27-5b8b9c56a4a7 e758f38f-4d72-44c1-8696-4490a050cdca
x-arc-request-id: 0.857d1302.1700284709.4f57af58

Redirect headers

content-length: 134
content-type: text/html
date: Sat, 18 Nov 2023 05:18:29 GMT
location: https://www.mlive.com:443/
server: awselb/2.0

GET
H2 200 Inter-Bold.woff2
www.mlive.com/pf/resources/fonts/Inter/ 104 KB
104 KB 120ms
119ms Font
font/woff2 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/resources/fonts/Inter/Inter-Bold.woff2?d=1169

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.mlive.com/
Origin: https://www.mlive.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sat, 18 Nov 2023 05:18:29 GMT
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284709.4f57af9a
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284709847_34831749_1331146650_727_6362_52_0_219";dur=1
content-length: 106140
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:43 GMT
server: openresty
etag: "444a7284663a3bc886683eb81450b294"
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: font/woff2
access-control-allow-origin: *, *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: TStHT2azraaRY_k9O_n8HYmzhwFhKToBcJFFTCNRFD4ckKd3nd7IPQ==
expires: Sun, 17 Nov 2024 05:18:29 GMT

GET
H2 200 farnhamheadline-semi-bold.woff
www.mlive.com/pf/resources/fonts/ 36 KB
37 KB 153ms
151ms Font
font/woff 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/resources/fonts/farnhamheadline-semi-bold.woff?d=1169

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.mlive.com/
Origin: https://www.mlive.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sat, 18 Nov 2023 05:18:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: ORD58-P4
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284709.4f57af9e
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284709847_34831749_1331146654_707_6233_52_0_219";dur=1
content-length: 37066
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:43 GMT
server: openresty
etag: W/"c9a8222fbabe6b700baacd21dd7a1f61"
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: lguooQ14bsC9Sq4XUdK90Rtss-0yAmRFoq3NJSJHSf0I8KDRm2gj0g==
expires: Sun, 17 Nov 2024 05:18:29 GMT

GET
H2 200 Inter-Italic.woff2
www.mlive.com/pf/resources/fonts/Inter/ 104 KB
105 KB 164ms
162ms Font
font/woff2 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/resources/fonts/Inter/Inter-Italic.woff2?d=1169

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

900058dffaf216c9a853e2d7e4109bfa2a58994237b2d4e5793734e4c2ecb4ac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.mlive.com/
Origin: https://www.mlive.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sat, 18 Nov 2023 05:18:29 GMT
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: IAD55-P2
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284709.4f57af9f
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284709847_34831749_1331146655_705_6244_52_0_219";dur=1
content-length: 106876
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:43 GMT
server: openresty
etag: "fd26ff23f831db9ae85a805386529385"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 6Qs87_JUlJ8NG7XTXKKbX5u0gCf1mpkH8zObSxg6zOnozfCWJO9oZA==
expires: Sun, 17 Nov 2024 05:18:29 GMT

GET
H2 200 farnhamheadline-medium.woff
www.mlive.com/pf/resources/fonts/ 37 KB
37 KB 187ms
185ms Font
font/woff 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/resources/fonts/farnhamheadline-medium.woff?d=1169

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.mlive.com/
Origin: https://www.mlive.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sat, 18 Nov 2023 05:18:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: IAD55-P2
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284709.4f57afa0
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284709847_34831749_1331146656_709_6200_52_0_219";dur=1
content-length: 36831
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:43 GMT
server: openresty
etag: W/"05b85684cbf3bc11490297c50cfd67c3"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: DCRJP85Z7Nj_LWRQPl-jNkfnA0nBhlt7iuvdmPYujZV47KXZPEkJpg==
expires: Sun, 17 Nov 2024 05:18:29 GMT

GET
H2 200 Inter-SemiBold.woff2
www.mlive.com/pf/resources/fonts/Inter/ 103 KB
104 KB 196ms
194ms Font
font/woff2 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/resources/fonts/Inter/Inter-SemiBold.woff2?d=1169

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.mlive.com/
Origin: https://www.mlive.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sat, 18 Nov 2023 05:18:29 GMT
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: ATL58-P2
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284709.4f57afa1
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284709847_34831749_1331146657_708_6205_52_0_219";dur=1
content-length: 105804
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:43 GMT
server: openresty
etag: "007ad31a53f4ab3f58ee74f2308482ce"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: wo-Q9X_F3V02ACZYSlhI-ktriI1iH59panZWRIKk9jkBMEfp0wabCA==
expires: Sun, 17 Nov 2024 05:18:29 GMT

GET
H2 200 Inter-Regular.woff2
www.mlive.com/pf/resources/fonts/Inter/ 97 KB
97 KB 208ms
206ms Font
font/woff2 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/resources/fonts/Inter/Inter-Regular.woff2?d=1169

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.mlive.com/
Origin: https://www.mlive.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sat, 18 Nov 2023 05:18:29 GMT
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: IAD55-P2
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284709.4f57afa2
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284709847_34831749_1331146658_704_6024_52_0_219";dur=1
content-length: 98868
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:43 GMT
server: openresty
etag: "dc131113894217b5031000575d9de002"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Z4KuIjPxuyRrO-29U8XkBLYvZjYq8YGHrC_vfwHsAoQ_8Ze1HuG-Cw==
expires: Sun, 17 Nov 2024 05:18:29 GMT

GET
H2 200 default.css
www.mlive.com/pf/dist/components/output-types/ 45 B
610 B 90ms
88ms Stylesheet
text/css 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/dist/components/output-types/default.css?d=1169

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sat, 18 Nov 2023 05:18:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284709.4f57af9b
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284709847_34831749_1331146651_703_6230_52_0_255";dur=1
content-length: 57
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:44 GMT
server: openresty
etag: "534bb0614e61e484cae7d5dc8ecc424c"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: pWIAh5At2eN5eLV9wOP57Iv5Sp3hfG6ATxszkI5UXOV2yZ8YBOjfPg==
expires: Sun, 17 Nov 2024 05:18:29 GMT

GET
H2 200 default.css
www.mlive.com/pf/dist/components/combinations/ 426 KB
64 KB 90ms
89ms Stylesheet
text/css 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/dist/components/combinations/default.css?d=1169

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

119fed91dd6c9d67ebd586f19666d8f8b3ea231a64366f0e174424d2629cadda

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sat, 18 Nov 2023 05:18:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: ORD58-P4
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284709.4f57af9c
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284709847_34831749_1331146652_704_6212_52_0_255";dur=1
content-length: 65314
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:44 GMT
server: openresty
etag: W/"18457bcb436581cc4335fbfd78b67d2d"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
x-amz-cf-id: 21X2BSIoJlr0Qradvg95i0aw-l9vympYqscMP-NcSmy9_WI2i3BxlQ==
expires: Sun, 17 Nov 2024 05:18:29 GMT

GET
H2 200 style.css
www.mlive.com/pf/resources/dist/mlive/css/ 2 KB
1 KB 110ms
109ms Stylesheet
text/css 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1169

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

020d2ea87fc79904e40de0e3766ba94a822a77aa2851380f283b51accd47869f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sat, 18 Nov 2023 05:18:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284709.4f57af9d
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284709847_34831749_1331146653_705_6197_52_0_255";dur=1
content-length: 522
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:42 GMT
server: openresty
etag: W/"72d7596665f90c0650ebccd3ad548643"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: J4XtoE3GFMsKaj1qvBBj8KKmD2yQf89iiE9ty4tWbYvr3WDDGSKQ6A==
expires: Sun, 17 Nov 2024 05:18:29 GMT

GET
H2 200 react.js Show response
www.mlive.com/pf/dist/engine/ 343 KB
104 KB 106ms
102ms Script
application/javascript 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/dist/engine/react.js?d=1169

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

5ccea5b60dae78fabaa67647f61c87078ded6180392aa92621f083c3cf586458

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sat, 18 Nov 2023 05:18:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: IAD55-P2
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284709.4f57b012
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284709953_34831749_1331146770_23_5485_52_0_146";dur=1
content-length: 106014
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:44 GMT
server: openresty
etag: W/"819cb34bd51bf273ed84b4f610d3fa81"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-cf-id: jXaa3p_9gpV8B_xskFDyu3L75kOV3mQapPde2IB97RNBH0Q7B3LExA==
expires: Sun, 17 Nov 2024 05:18:29 GMT

GET
H2 200 default.js Show response
www.mlive.com/pf/dist/components/combinations/ 2 MB
503 KB 111ms
108ms Script
application/javascript 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/dist/components/combinations/default.js?d=1169

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

913488a6a0b7109e191bcc076f45bd244dec61412808e9aef582560edc3077dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sat, 18 Nov 2023 05:18:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284709.4f57b013
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284709953_34831749_1331146771_21_6132_52_0_146";dur=1
content-length: 514599
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:44 GMT
server: openresty
etag: W/"69eae6fbec54ea721fad5ff3857a1532"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-cf-id: QlkdCicu4DuODVIJvq-vYqsV4I9G_mx7kqWoRsHzHEVqCYhwVjSfew==
expires: Sun, 17 Nov 2024 05:18:29 GMT

GET
H2 200 UY7XOSFRDJB3XMXWRZ7QMHNJPA.JPG
www.mlive.com/resizer/41jkoBsuJ4Y_FPQWadkdIDJOxtY=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 43 KB
43 KB 104ms
100ms Image
image/avif 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/41jkoBsuJ4Y_FPQWadkdIDJOxtY=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/UY7XOSFRDJB3XMXWRZ7QMHNJPA.JPG

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3747bb73cc9a3c008943a9c2c470edba183bfca97f9798695ae57b2f5be5c44a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Sat, 18 Nov 2023 05:18:29 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 17 Nov 2023 17:55:20 GMT
server: Akamai Image Manager
etag: "1d159e35697f129de6a19e0129c231b88cc6bb4f"
x-arc-request-id: 0.857d1302.1700284709.4f57b00f
content-type: image/avif
cache-control: private, no-transform, max-age=31494975
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284709953_34831749_1331146767_33_6014_52_0_182";dur=1
content-length: 43789
expires: Sat, 16 Nov 2024 17:54:44 GMT

GET
H2 200 iabCcpaIntegrationScript-noGAM.js Show response
cdn.cookielaw.org/opt-out/ 19 KB
5 KB 168ms
61ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 18 Nov 2023 05:18:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: ZkLmnzyu8aoAQNwZHm6Yqw==
age: 83934
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fa68c390-601e-0029-357c-eb07f7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 827dc0cdde54640a-LHR

GET
H2 200 logo_main.svg
www.mlive.com/pf/resources/images/mlive/logos/ 1 KB
1 KB 219ms
218ms Image
image/svg+xml 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/mlive/logos/logo_main.svg?d=1169

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sat, 18 Nov 2023 05:18:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: IAD55-P2
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284709.4f57afa3
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284709847_34831749_1331146659_366_5982_52_0_182";dur=1
content-length: 660
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:43 GMT
server: openresty
etag: W/"351c57e1a77c618772f5966a7f2094ee"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 6p6lZ1tVZpJ6rua7dJCavN5TBSIwDbdDRGL_MYbwZTSJFiz_tDj4MA==
expires: Sun, 17 Nov 2024 05:18:29 GMT

GET
H2 200 logo_main_sm.svg
www.mlive.com/pf/resources/images/mlive/logos/ 2 KB
1 KB 225ms
224ms Image
image/svg+xml 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/mlive/logos/logo_main_sm.svg?d=1169

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sat, 18 Nov 2023 05:18:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: IAD55-P2
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284709.4f57afa4
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284709847_34831749_1331146660_365_4788_52_0_182";dur=1
content-length: 902
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:43 GMT
server: openresty
etag: W/"cb98cda61d359616349bbc2a92540ddb"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: deBewC02_3xwFEfxx4uI1hMXEdyehHFdUS0Q14aQWenDzXk4ItMZjg==
expires: Sun, 17 Nov 2024 05:18:29 GMT

GET
H2 200 social-monochrome.svg
www.mlive.com/pf/resources/images/mlive/logos/ 1 KB
1 KB 105ms
101ms Image
image/svg+xml 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/mlive/logos/social-monochrome.svg?d=1169

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sat, 18 Nov 2023 05:18:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: IAD55-P2
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284709.4f57b010
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284709953_34831749_1331146768_20_5532_52_0_182";dur=1
content-length: 603
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:43 GMT
server: openresty
etag: W/"7819fa78e2e7770bb40587187d83cb87"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: wKRAzF3QxlpdkRkHB39sWRNn_-Eb99STnlKZ4CKdpjTPwW3C9Jcw_A==
expires: Sun, 17 Nov 2024 05:18:29 GMT

GET
H2 200 logo_footer.png
www.mlive.com/pf/resources/images/mlive/logos/ 1 KB
2 KB 121ms
118ms Image
image/avif 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/mlive/logos/logo_footer.png?d=1169

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

0c1194491324f0e5b99036c8ae0ad83d12f0f21d841cc31eae81caf10c05d76b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Sat, 18 Nov 2023 05:18:29 GMT
x-check-cacheable: YES
x-arc-request-id: 0.857d1302.1700284709.4f57b014
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284709953_34831749_1331146772_26_6792_52_0_146";dur=1
content-length: 1398
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 20:07:58 GMT
server: Akamai Image Manager
x-serial: 1582
etag: W/"be8042e858f0c6b5cd87834c8aafe76d"
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31330101
expires: Thu, 14 Nov 2024 20:06:50 GMT

GET
H2 200 AdvanceLocal_horizontal.svg
www.mlive.com/pf/resources/images/common/logos/ 9 KB
4 KB 106ms
102ms Image
image/svg+xml 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/logos/AdvanceLocal_horizontal.svg?d=1169

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

702c805fec65a8cc8c6c40aed34123b021e5ed6107cc6dfdebc4b0fc2e229887

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sat, 18 Nov 2023 05:18:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: MIA3-C4
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284709.4f57b011
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284709953_34831749_1331146769_23_5492_52_0_182";dur=1
content-length: 3554
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:43 GMT
server: openresty
etag: W/"3770993da506fb6d4bbccfcdcc3a4800"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: TxFfrC5cvc14bOEmXcvkGIA1J18gBB_7B8J8AV9CyZVQfV9aqYAwWQ==
expires: Sun, 17 Nov 2024 05:18:29 GMT

GET
H2 200 privacyoptions29x14.png
www.mlive.com/pf/resources/images/common/icons/ 572 B
1 KB 122ms
119ms Image
image/webp 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/icons/privacyoptions29x14.png?d=1169

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

2a70c011ae2744e9d6486d31e25e621e6d7c5334224c69f04409012afba00c2b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Sat, 18 Nov 2023 05:18:29 GMT
x-check-cacheable: YES
x-arc-request-id: 0.857d1302.1700284709.4f57b023
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284709961_34831749_1331146787_25_7071_52_0_146";dur=1
content-length: 572
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 20:08:54 GMT
server: Akamai Image Manager
x-serial: 1169
etag: W/"3becc0b0069622544a1ffb2da90eebe3"
x-edgeconnect-cache-status: 1
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31330293
expires: Thu, 14 Nov 2024 20:10:02 GMT

GET
H2 200 ad-choices-arrow.png
www.mlive.com/pf/resources/images/common/logos/ 184 B
729 B 122ms
120ms Image
image/webp 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/logos/ad-choices-arrow.png?d=1169

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

000875f535d3c8342137670778185a66af35c904fd6d5e5f19fb57438eea12db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Sat, 18 Nov 2023 05:18:29 GMT
x-check-cacheable: YES
x-arc-request-id: 0.857d1302.1700284709.4f57b024
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284709961_34831749_1331146788_25_5139_52_0_146";dur=1
content-length: 184
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 20:07:59 GMT
server: Akamai Image Manager
x-serial: 1706
etag: W/"c6e75cc6be8dcb2f2d1ab36209f3c3b7"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31330088
expires: Thu, 14 Nov 2024 20:06:37 GMT

GET
H2 200 v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA Show response
satisfycork.com/ 68 KB
24 KB 235ms
66ms Script
text/javascript 2600:1901:0:328a::1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:328a::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

22ed960a5947aa61df4e9e38677c904e2ad4757de3d0d7ca8a55d1b01f1e4b26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Sat, 18 Nov 2023 05:18:30 GMT
x-datacenter: gce-europe-west1
etag: "9679e6d82e9d39a3b8d64eb653f653dab8cf51b30186f195bd30e4d3ecc0aa2a"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-z5cq
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 1072352451
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sophi.min.js Show response
cdn.sophi.io/advancelocal/ 102 KB
35 KB 198ms
59ms Script
application/javascript 13.32.121.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sophi.io/advancelocal/sophi.min.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-108.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9afeb90db17ffa772a8bbc38f8ae37524ac4c0660dfc228f528cfe36a38d53d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 03:04:28 GMT
x-amz-version-id: .qZXsiAWjTa0yWFLcXE5U.grm2eEgIL7
content-encoding: br
last-modified: Mon, 27 Feb 2023 17:38:35 GMT
server: AmazonS3
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
etag: W/"0915af152c652f927c398faa26e9904b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 8043
x-amz-cf-id: Bq6zwTetkWKi_ByrLtSQx6LaUQujoWJdNzbeMHV3JU7uCaL7KLG4tA==

GET
H2 200 al-mlive.segments.min.js Show response
apps.sophi.io/latest/ 4 KB
2 KB 195ms
55ms Script
application/javascript 18.245.86.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sophi.io/latest/al-mlive.segments.min.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-83.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0709e11f34bb1e47193a170bc8baf94732a32a867443b29be840c550cc03981d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 5x.gfjtiZoE7IFt5eELjKuStLmrI5ZXL
content-encoding: gzip
via: 1.1 cba0902b20d884568adf673bab9438e6.cloudfront.net (CloudFront)
date: Sat, 18 Nov 2023 05:15:11 GMT
last-modified: Thu, 09 Feb 2023 19:54:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 200
x-amz-server-side-encryption: AES256
etag: W/"25a09f4745cf7bc62917c4a8bea2a575"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=0
x-amz-cf-id: adn89vvTxPMFPjkCDRbAwtwEYokOcnOby9tNoPu-4G5KwoorYjhpbg==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 165ms
60ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 18 Nov 2023 05:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: R1P6TtSHAQZyvOSI/KawHw==
age: 85527
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6821
x-ms-lease-status: unlocked
last-modified: Thu, 16 Nov 2023 13:00:35 GMT
server: cloudflare
etag: 0x8DBE6A4063D2682
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 10118c61-601e-0090-50fa-1803ed000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827dc0cdde52640a-LHR

GET
H2 200 SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 197ms
60ms Script
application/javascript 2a02:26f0:480:9a4::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:9a4::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:30 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Sun, 05 Nov 2023 22:16:02 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 474 KB
131 KB 209ms
94ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a7a1edadd59a6e84d556ca5682679f252331deebd680ac3c7aec02cd371920d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 134067
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 18 Nov 2023 05:18:30 GMT

GET
H2 200 chevron-white.svg
www.mlive.com/pf/resources/images/common/arrows/ 864 B
1 KB 107ms
107ms Image
image/svg+xml 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/arrows/chevron-white.svg?d=1169

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1169

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sat, 18 Nov 2023 05:18:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: IAD55-P2
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284709.4f57b034
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1700284709967_34831749_1331146804_364_3846_52_0_146";dur=1
content-length: 486
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:43 GMT
server: openresty
etag: W/"691552a6377a1dfc9eeae87d6aeb8931"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: ivFy_zio-7B1fYoMH40V_DmuTW7c4XB1fN3AdbxYZU4yLqF-SZ7aOw==
expires: Sun, 17 Nov 2024 05:18:29 GMT

GET
H2 200 newsletter.svg
www.mlive.com/pf/resources/images/mlive/promo/ 3 KB
2 KB 123ms
123ms Image
image/svg+xml 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/mlive/promo/newsletter.svg?d=1169

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1169

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a7e702f15b65f58d32945e27b8416dac2811afad1a828a9a617d5c0c1cc85b21

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sat, 18 Nov 2023 05:18:29 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: ORD58-P4
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284709.4f57b038
server-timing: cdn-cache; desc=HIT, edge; dur=22, origin; dur=0, ak_p; desc="1700284709971_34831749_1331146808_2244_3099_51_0_146";dur=1
content-length: 1059
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:43 GMT
server: openresty
etag: W/"22c89d844df3fcb416b9291f7e668863"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: W3HU--2S9QsTmY0wWGyHuFRoRnPB4ZiVXj5f_65H8ka97d6hKpLMPg==
expires: Sun, 17 Nov 2024 05:18:29 GMT

GET
H2 200 chevron-black-right.svg
www.mlive.com/pf/resources/images/common/arrows/ 2 KB
1 KB 126ms
125ms Image
image/svg+xml 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/arrows/chevron-black-right.svg?d=1169

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1169

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sat, 18 Nov 2023 05:18:30 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: ORD58-P4
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284710.4f57b049
server-timing: cdn-cache; desc=HIT, edge; dur=23, origin; dur=0, ak_p; desc="1700284710007_34831749_1331146825_2345_5680_52_0_219";dur=1
content-length: 746
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:43 GMT
server: openresty
etag: W/"4347be806f2c6a630a5407afb75ab920"
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 4OcykERkJkOzSXJb8obVjNYVN-IO85gkVVvFPfPxzYuPqbqmtkJRJg==
expires: Sun, 17 Nov 2024 05:18:30 GMT

GET
H2 200 5BFI7VWYDVGWLJLWK6FMCGJWQM.jpg
www.mlive.com/resizer/OA7j3d35fE5ZYlZMx4tfW1eA4Yw=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 32 KB
32 KB 299ms
284ms Image
image/avif 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/OA7j3d35fE5ZYlZMx4tfW1eA4Yw=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/5BFI7VWYDVGWLJLWK6FMCGJWQM.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

22e71eb21b25151227e895938df2d792d7d8d1218f464ef90aced02b790bc84c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Sat, 18 Nov 2023 05:18:30 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 18 Nov 2023 01:55:21 GMT
server: Akamai Image Manager
etag: "8b1ca5314ed119a5773fa4b133e5814d87c1fce1"
x-arc-request-id: 0.857d1302.1700284710.4f57b058
content-type: image/avif
cache-control: private, no-transform, max-age=31523781
server-timing: cdn-cache; desc=HIT, edge; dur=215, origin; dur=0, ak_p; desc="1700284710033_34831749_1331146840_21464_6984_58_0_219";dur=1
content-length: 32670
expires: Sun, 17 Nov 2024 01:54:51 GMT

GET
H2 200 RYFXJEXHKJA6NK2AQEGGBAMWXU.jpg
www.mlive.com/resizer/q9_2G-ABz0PKG3dqzb6pD7QXt0Q=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 22 KB
22 KB 138ms
125ms Image
image/avif 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/q9_2G-ABz0PKG3dqzb6pD7QXt0Q=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/RYFXJEXHKJA6NK2AQEGGBAMWXU.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

0c8bf567531efae7de0018febd1d15200cec6c97eaa7d629afd2a0509485b875

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Sat, 18 Nov 2023 05:18:30 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 18 Nov 2023 03:11:00 GMT
server: Akamai Image Manager
etag: "54215a37ad56a0ae62338616407ec8c10a154b90"
x-edgeconnect-cache-status: 1
x-arc-request-id: 0.857d1302.1700284710.4f57b059
content-type: image/avif
cache-control: private, no-transform, max-age=31528352
server-timing: cdn-cache; desc=HIT, edge; dur=52, origin; dur=0, ak_p; desc="1700284710033_34831749_1331146841_5193_6943_51_0_146";dur=1
content-length: 22279
expires: Sun, 17 Nov 2024 03:11:02 GMT

GET
H2 200 GDQJF7NTPRHCVNHG6ZQBFSSXI4.JPG
www.mlive.com/resizer/cER3vb6m9NuXLHwZi_LQFL20mSM=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 34 KB
34 KB 348ms
336ms Image
image/avif 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/cER3vb6m9NuXLHwZi_LQFL20mSM=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/GDQJF7NTPRHCVNHG6ZQBFSSXI4.JPG

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

8b98ee4e69f00f9157ff104ebd587e0d097ba13114434be0601c52dc39522a6c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Sat, 18 Nov 2023 05:18:30 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 18 Nov 2023 04:06:46 GMT
server: Akamai Image Manager
etag: "18f525aa2097a43a28b697ff8b3e7b922e7262b7"
x-arc-request-id: 0.857d1302.1700284710.4f57b05a
content-type: image/avif
cache-control: private, no-transform, max-age=31531758
server-timing: cdn-cache; desc=HIT, edge; dur=266, origin; dur=0, ak_p; desc="1700284710033_34831749_1331146842_26602_6930_51_0_146";dur=1
content-length: 34771
expires: Sun, 17 Nov 2024 04:07:48 GMT

GET
H2 200 DVAKM5RE55BTXLVUYMWK24RUMM.jpg
www.mlive.com/resizer/W3OHtIK_quOMoEqPcmgRAhIqbHA=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 30 KB
30 KB 295ms
282ms Image
image/avif 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/W3OHtIK_quOMoEqPcmgRAhIqbHA=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/DVAKM5RE55BTXLVUYMWK24RUMM.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

5287c26bcda2e326b21549876412bf038c0203b3882bb677b3e2e6c41a3f52ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Sat, 18 Nov 2023 05:18:30 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 17 Nov 2023 20:25:39 GMT
server: Akamai Image Manager
x-serial: 18
x-check-cacheable: YES
etag: "85e51b2f570bc9e36e0c00b2044e3770f065f381"
x-arc-request-id: 0.857d1302.1700284710.4f57b05b
content-type: image/avif
cache-control: private, no-transform, max-age=31504105
server-timing: cdn-cache; desc=HIT, edge; dur=213, origin; dur=0, ak_p; desc="1700284710033_34831749_1331146843_21260_6944_58_0_146";dur=1
content-length: 30440
expires: Sat, 16 Nov 2024 20:26:55 GMT

GET
H2 200 FYXM3EYUFRE6JGQHR2E622527A.jpg
www.mlive.com/resizer/x2IrlVeBaIdRVYyMc-Ui5FlqjFk=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 21 KB
22 KB 293ms
281ms Image
image/avif 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/x2IrlVeBaIdRVYyMc-Ui5FlqjFk=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/FYXM3EYUFRE6JGQHR2E622527A.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

dcca1d9eef3e1dbf5b40ed4ec26695da6f9fdecef0819f1a699e5c0bd1e8f6c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Sat, 18 Nov 2023 05:18:30 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 17 Nov 2023 23:15:27 GMT
server: Akamai Image Manager
x-serial: 1974
x-check-cacheable: YES
etag: "8ed76657e6f1c765babf0be1057a1382b2b8defc"
x-arc-request-id: 0.857d1302.1700284710.4f57b05c
content-type: image/avif
cache-control: private, no-transform, max-age=31514302
server-timing: cdn-cache; desc=HIT, edge; dur=211, origin; dur=0, ak_p; desc="1700284710033_34831749_1331146844_21094_7306_58_0_146";dur=1
content-length: 21622
expires: Sat, 16 Nov 2024 23:16:52 GMT

GET
H2 200 AVO57TZHFBE3XJB73LYWTCPC6Q.jpeg
www.mlive.com/resizer/30SIb2_hdCWCASxyUuhRZQZHhDg=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 34 KB
34 KB 111ms
100ms Image
image/avif 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/30SIb2_hdCWCASxyUuhRZQZHhDg=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/AVO57TZHFBE3XJB73LYWTCPC6Q.jpeg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

54e4fb0fdbc12d37c2c985f00ab56c96ae13d9f2ed2e8b7f51c0c59040ceba04

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Sat, 18 Nov 2023 05:18:30 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 17 Nov 2023 20:38:57 GMT
server: Akamai Image Manager
x-serial: 1253
x-check-cacheable: YES
etag: "7318907701315a30023d6a5ee67c3148ca94ef6c"
x-arc-request-id: 0.857d1302.1700284710.4f57b05d
content-type: image/avif
cache-control: private, no-transform, max-age=31504827
server-timing: cdn-cache; desc=HIT, edge; dur=28, origin; dur=0, ak_p; desc="1700284710033_34831749_1331146845_2824_7306_52_0_146";dur=1
content-length: 34501
expires: Sat, 16 Nov 2024 20:38:57 GMT

GET
H2 200 F463MR4P65A3FMZEEUBUU5VE6A.jpg
www.mlive.com/resizer/86FWoRHfT4ywAJxQ-rc-ea3F_Yw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 13 KB
13 KB 115ms
105ms Image
image/avif 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/86FWoRHfT4ywAJxQ-rc-ea3F_Yw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/F463MR4P65A3FMZEEUBUU5VE6A.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

278c594fb1e8381410e079777ccd31fa020a6c6c602e4679409935b70ad0706d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Sat, 18 Nov 2023 05:18:30 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Nov 2023 21:28:07 GMT
server: Akamai Image Manager
x-serial: 1993
x-check-cacheable: YES
etag: "19175296a3f72581b5259861233d9779d8aa9ceb"
x-arc-request-id: 0.857d1302.1700284710.4f57b05e
content-type: image/avif
cache-control: private, no-transform, max-age=30730238
server-timing: cdn-cache; desc=HIT, edge; dur=35, origin; dur=0, ak_p; desc="1700284710033_34831749_1331146846_3477_7283_52_0_146";dur=1
content-length: 13064
expires: Thu, 07 Nov 2024 21:29:08 GMT

GET
H2 200 6PWAWGTKTFHOZF4VJALHFHE3VU.png
www.mlive.com/resizer/E_SBdBwDTPmFzW1W9Ys3p6soZmc=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 7 KB
8 KB 131ms
125ms Image
image/avif 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/E_SBdBwDTPmFzW1W9Ys3p6soZmc=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/6PWAWGTKTFHOZF4VJALHFHE3VU.png

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

61c6d55944664ea05fc63a29cba6ef737c7a961f22e616cd2b7e9dc6139aa5fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Sat, 18 Nov 2023 05:18:30 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Nov 2023 21:33:21 GMT
server: Akamai Image Manager
x-serial: 332
x-check-cacheable: YES
etag: "b063eca7a2bb6a72c86a58e25b50ed32efb5ddaa"
x-arc-request-id: 0.857d1302.1700284710.4f57b05f
content-type: image/avif
cache-control: private, no-transform, max-age=30730635
server-timing: cdn-cache; desc=HIT, edge; dur=49, origin; dur=0, ak_p; desc="1700284710033_34831749_1331146847_4893_7268_51_0_146";dur=1
content-length: 7619
expires: Thu, 07 Nov 2024 21:35:45 GMT

GET
H2 200 OWXVYSX3BNAP7PJ5QPK4YBU34U.jpg
www.mlive.com/resizer/UzCrrTva1vIt6DGcBo7IaTR7Bkw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 9 KB
9 KB 99ms
97ms Image
image/avif 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/UzCrrTva1vIt6DGcBo7IaTR7Bkw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/OWXVYSX3BNAP7PJ5QPK4YBU34U.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

b4aab23f2abdbef0e01780c8e11567a9a7c7a5e425d57540e5b24115ff38508f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
date: Sat, 18 Nov 2023 05:18:30 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Nov 2023 21:33:23 GMT
server: Akamai Image Manager
etag: "85691b3a4c2549295453557168234b02a88b5525"
x-arc-request-id: 0.857d1302.1700284710.4f57b060
content-type: image/avif
cache-control: private, no-transform, max-age=30730457
server-timing: cdn-cache; desc=HIT, edge; dur=27, origin; dur=0, ak_p; desc="1700284710033_34831749_1331146848_2722_7067_52_0_146";dur=1
content-length: 8888
expires: Thu, 07 Nov 2024 21:32:47 GMT

GET
H2 200 92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json Show response
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ 6 KB
2 KB 144ms
56ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68d0af84061ff848e39aca212cc7466cc4944e4ec16906c6392adf9dd18bad38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 18 Nov 2023 05:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10053
content-md5: Ze7EWoLKu/V//QHUE7oFIw==
content-length: 1882
x-ms-lease-status: unlocked
last-modified: Wed, 08 Nov 2023 16:39:37 GMT
server: cloudflare
etag: 0x8DBE0794C05DC2C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c61ea750-301e-009d-2c7d-13cb39000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827dc0cf1e1a06c9-LHR
expires: Sun, 19 Nov 2023 05:18:30 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 68 B
244 B 163ms
61ms Script
text/javascript 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 827dc0cf9baf3859-LHR
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 pennant-api Show response
www.mlive.com/pf/api/v3/content/fetch/ 544 B
911 B 150ms
150ms Fetch
application/json 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/api/v3/content/fetch/pennant-api?query=undefined&d=1169&_website=mlive

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/engine/react.js?d=1169

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

8c3b9ccc12a0c47b90f9a1d0e88c96c70299533cde7db8f673d7d6f99f46cde5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.mlive.com/
If-Modified-Since: 1700284559035
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 120
x-arc-pb-request-id: ed27d4d1-4ec3-4696-bbe9-b576fa87c888, ed27d4d1-4ec3-4696-bbe9-b576fa87c888
content-encoding: gzip
date: Sat, 18 Nov 2023 05:18:30 GMT
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: JFK50-P5
x-arc-request-id: 0.857d1302.1700284710.4f57b11a
server-timing: cdn-cache; desc=HIT, edge; dur=89, origin; dur=0, ak_p; desc="1700284710262_34831749_1331147034_8928_5653_51_0_219";dur=1
content-length: 288
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 18 Nov 2023 05:15:59 GMT
server: openresty
etag: W/"220-5/jc7/psxE7XHXkSQ+F6+Cgc95c"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=58
x-amz-cf-id: xO9WXrNB_OmnP_ZHrCiO5rlIkFr96W25TMS6cZZt9hlCDec0Zf_NGA==
expires: Sat, 18 Nov 2023 05:19:28 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
31 KB 204ms
85ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7140c865b7b91aa50093c42daaa5dfab8125619aabbfae00b5e3dd45069a7766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31593
x-xss-protection: 0
server: cafe
etag: 718 / 19679 / m202311090101 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 05:18:30 GMT

GET
H2 200 10071.js Show response
micro.rubiconproject.com/prebid/dynamic/ 471 KB
132 KB 215ms
59ms Script
text/javascript 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1169
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash: bc81a36f49ee5477359a07befbf558311c2693d4cc6f6a0eec697099335cfc9f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:30 GMT
content-encoding: gzip
server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary: accept-encoding, referer
edge-cache-tag: prod-prebid-10071_MI_Desktop_Mobile.js
content-type: text/javascript;charset=UTF-8
cache-control: public, must-revalidate, max-age=14400
content-length: 134624
expires: Sun, 19 Nov 2023 03:20:01 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 267 KB
65 KB 189ms
60ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1169
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 04:43:24 GMT
content-encoding: gzip
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront), 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2107
x-amz-server-side-encryption: AES256
etag: W/"2d08dd94de483579c1dc3f3783c06f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: lcBChERL3RjmtcDJSI0GdAI9_DoxHqHh2adoFoNQmrdeDtU2SVujyw==

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/963/ 57 KB
18 KB 190ms
67ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1169
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fb1d13154b4b396d3ce77eb8294a859bef473d7d991624d266b0247c419a9ef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 15:32:29 GMT
content-encoding: gzip
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
last-modified: Fri, 27 Oct 2023 11:15:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 49680
x-amz-server-side-encryption: AES256
etag: W/"acf40b9beb60ff814c409d1a2b654497"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: K1sn3Rovp8bcsv1PIJRp750syZvxpeHL9JQwbiqQ26s_DqoWXzHYFg==

GET
H2 200 icon-menu-outline.svg
www.mlive.com/pf/resources/images/common/icons/ 523 B
868 B 60ms
60ms Image
image/svg+xml 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/icons/icon-menu-outline.svg?d=1169

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1169

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

3f5684bf5aa4a6eb5c9015394c8739dff39377a73adf72c30ba511d0ab5b50f3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1169
Origin: https://www.mlive.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sat, 18 Nov 2023 05:18:30 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: ORD58-P4
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284710.4f57b17d
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284710404_34831749_1331147133_36_5654_51_0_219";dur=1
content-length: 278
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:43 GMT
server: openresty
etag: W/"ef41b0e325b0902f9a8781e21cc20457"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: image/svg+xml
access-control-allow-origin: *, *
cache-control: public, max-age=31536000
x-amz-cf-id: J4wBDwnZxeztKtCqufB0Tat3Q0Z2YOV2VSI1knWiUQmE6BYijNV5Ug==
expires: Sun, 17 Nov 2024 05:18:30 GMT

OPTIONS
H2 200 tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 354ms
117ms Preflight 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.mlive.com
access-control-max-age: 600
content-length: 0
date: Sat, 18 Nov 2023 05:18:30 GMT
server: nginx

POST
H2 200 tp2 Show response
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ 2 B
222 B 310ms
117ms XHR
text/plain 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/advancelocal/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.mlive.com
date: Sat, 18 Nov 2023 05:18:31 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 147ms
54ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 827dc0d0cdca4885-LHR
access-control-allow-headers: Content-Type

GET
H2 200 client Show response
accounts.google.com/gsi/ 199 KB
79 KB 2460ms
2334ms Script
application/javascript 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4fb731738e143f7dcecc1db22ae8b99c0804b76d173b9f76a618f89ee8d1d171

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-YJ3AOCM6nlavwAoGYOyvsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-YJ3AOCM6nlavwAoGYOyvsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sat, 18 Nov 2023 05:18:32 GMT

GET
H2 200 user-white.svg
www.mlive.com/pf/resources/images/common/icons/ 5 KB
3 KB 59ms
59ms Image
image/svg+xml 2a02:26f0:480:f::213:7ec5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/icons/user-white.svg?d=1169

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1169

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sat, 18 Nov 2023 05:18:30 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: IAD55-P2
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.857d1302.1700284710.4f57b1d4
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700284710501_34831749_1331147220_35_6170_52_0_146";dur=1
content-length: 2508
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 19:17:43 GMT
server: openresty
etag: W/"fdc13d9553130cf8463df06e8ba5682d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 1nxrycTEKGfG-SS6Q3D4lRTBoOV9UnOn16RwXHRcZ5utPZqTPAOipg==
expires: Sun, 17 Nov 2024 05:18:30 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 207ms
52ms Image
image/gif 2600:9000:2491:7000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_8380478
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:7000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:45:23 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 5571188
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 1xCHdaemGKNVGAbbAogt4tFS6P0JMchXAGIxeCFwtSe416gI3zzDAQ==

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 230ms
54ms Script
text/javascript 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: q9b9clsZLLfdBtwdmheOfdbmJj61AqqK
date: Sat, 18 Nov 2023 05:18:30 GMT
content-encoding: br
last-modified: Wed, 16 Aug 2023 09:22:55 GMT
x-amz-request-id: NQXE11X5K8H8AYEK
etag: "ee3af1e29ac1607ef3d41c515d1e05ad"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3418
x-amz-id-2: jdtuVk7eGo46a+WmTzRlvYujzFiLhXywO2mCBLWv/7FJbfBJdKJ1pUw5yufRYL5B6NXXMm6UeC4=

GET
H2 200 script.js Show response
h312.mlive.com/ 139 KB
42 KB 194ms
61ms Script
text/javascript 18.66.147.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/script.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-6.fra60.r.cloudfront.net

Software

- /

Resource Hash

ee9d11c373870aee4391c291c71c32919add23f19e67b5da86421d8d067c60a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
age: 77
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 42761
x-xss-protection: 1; mode=block
last-modified: Sat, 18 Nov 2023 05:16:13 GMT
server: -
etag: 5c45f35780f8bb4bd55c5b3f4f0e65a0
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: RCatNP7kdkjScNVfm_P8-YePrUsOS28b6VgYTKndvleIEKYTzs-NKA==
expires: Sat, 18 Nov 2023 05:27:13 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/advanceddigitalheader640552616592/ 242 KB
85 KB 188ms
55ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2667e7493e46594bafe160a7fe784c1ba5614075f69057a1790cbd1f4ce9e718

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:30 GMT
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 08:18:00 GMT
server: AmazonS3
x-amz-request-id: 109GZ7N7RJ2TPTWG
etag: "df83cb48a094eb6c767c18f28b52728d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=14438
accept-ranges: bytes
content-length: 86283
x-amz-id-2: ywerLWq9IJZ//z3YejTFiKJjLtaMDC/QeUlP7Yiy97uLC+u5yhWbISAyPYfkSqlAMFAhvt3WWLiZWnFvdzrg33o0FcmgMEi9bbcIbfDzGp0=

GET
H2 200 ats.js Show response
ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ 156 KB
50 KB 196ms
61ms Script
application/javascript 143.204.98.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-99.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb5e59be9d91ab09c743760da7054e15b0651ff22256c268c6b715a2d5f3ccf9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: vARkeOieo2JNVDzbKxyldiy10m_tXtgu
content-encoding: gzip
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
date: Sat, 18 Nov 2023 04:42:38 GMT
last-modified: Wed, 04 Oct 2023 09:51:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 2153
x-amz-server-side-encryption: AES256
etag: W/"8396faf5122b62492a4e34f0e9dfe637"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: feNs1nmcAug0PWVOzYn46_sM02i3xJCx25yQEFfwmOaYSoopf3egIg==

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 206 KB
60 KB 187ms
57ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2522f37c245031a0e03659c3cc53b31b7d0f180c29bafb15888b5e012e122c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:10:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60528
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 22:22:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 06:00:21 GMT

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 338 B
491 B 152ms
53ms Script
application/javascript 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
date: Sat, 18 Nov 2023 05:18:30 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Nov 2023 05:07:06 GMT
server: cloudflare
age: 684
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 827dc0d1bf344599-LHR
alt-svc: h3=":443"; ma=86400
x-request-id: l9993laokc
expires: Sat, 18 Nov 2023 05:48:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 166ms
52ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Nov 2023 03:49:39 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5331
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 18 Nov 2023 05:49:39 GMT

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 182ms
57ms Script
application/javascript 52.222.250.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-165.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 07:58:19 GMT
Via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P3
Age: 76819
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: YBkhslwFZQThbaOPy4Mv4ksu-UBxSjM5QSYZPul3_DRj-iT9-xPcIg==
Expires: Sat, 18 Nov 2023 07:58:11 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 619 KB
164 KB 220ms
66ms Script
application/x-javascript 104.102.36.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.36.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-36-95.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7310e401efd5214d7c4baf2a6df94becd6d945da0682fbc3a93274eadc68e8c2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 05:18:30 GMT
Content-Encoding: gzip
x-amz-request-id: 6QHBXJWJZY0B8K3W
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: H5UzsiGEXD7zaK46Q8yGot/zREqTYXHlK0gKKE7ezUeMXR9EiybA2P+47iU4Gv974XX0dSx1Q/s=
Last-Modified: Wed, 15 Nov 2023 00:44:41 GMT
Server: AmazonS3
ETag: "4fbba8ffe8ed5e2e12f43893b989ffc1"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 194ms
57ms Script
application/javascript 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-53.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:28:32 GMT
content-encoding: gzip
via: 1.1 a51af242bb87a51c6b17ed13ee788db8.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 71399
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: FNaXLZZFZauBSblzj6f6fKfW0HMUJyqNxMnruDU1pdp-53Agqe4hvg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 165ms
54ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Nov 2023 05:18:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: CS3gDZz3+ZDdOK/6ZMNUQbd7oid/wTkdf89X+E8RmnpqHo3Xfhy2x4uWyT54vMdAGmAxhfIavUS8GhGGBkZ/Wg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 172ms
52ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:30 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230065-FRA

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 200ms
53ms Script
application/javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f88f89a0cead9c36ddbe19508f32f64bd91e94e92b6006dd575e8d0deb317d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 15 Nov 2023 09:07:27 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=74342
accept-ranges: bytes
content-length: 3840

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma63527/all/17/
Redirect Chain

https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1640
https://js.matheranalytics.com/static/ltm/ma63527/all/17/ml.br.js

149 KB
43 KB

55ms
54ms

Script
application/x-javascript

107.178.250.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma63527/all/17/ml.br.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Server: 107.178.250.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6bfe280c501d01dc9b39511ab8b8f9346efdf243c3db60a935f108c8e36b56d9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 13:33:17 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 13 Oct 2023 19:41:13 GMT
server: nginx
age: 56714
etag: "d57e309468cdb5833b84963f20429014"
vary: Accept-Encoding
x-cache: HIT Fri, 13 Oct 2023 19:49:11 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44099

Redirect headers

date: Sat, 18 Nov 2023 05:18:30 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma63527/all/17/ml.br.js
cache-control: public, max-age=269200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by: 9-gc-europe-west6-8j341039

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 258 KB
87 KB 66ms
65ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-GG8B674XK4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99e1423386be6f10f36748465dc7c2aca22f9973c160e3833c1f3f28d7326373

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89304
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 18 Nov 2023 05:18:30 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/ 426 KB
103 KB 53ms
52ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feeb83e3a11fb74465e062a5081f1f6f573ef66197f218a3a86447fefe3166f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 18 Nov 2023 05:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 1/fYiRcAkidM+2Rc1fEXtg==
age: 6476
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 104832
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:14 GMT
server: cloudflare
etag: 0x8DBD5D490C850BD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e7356784-101e-0051-37a0-0ba40f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827dc0d168d8640a-LHR

GET
H2 200 set Show response
privacy.crwdcntrl.net/consent/ 61 B
335 B 178ms
53ms XHR
application/json 34.250.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy.crwdcntrl.net/consent/set?ct=skip&ca=1&ccd=1&cds=1&cta=1&c=963&src=LTJS
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-99-225.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 5f26dfc3f5d603822dd5eb17c772720fd8d984f3fa596f757973dabe24ebda6e

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:30 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache
x-server: 10.45.24.231
access-control-allow-credentials: true
content-length: 61
expires: 0

GET
H2 200 3178 Show response
config.aps.amazon-adsystem.com/configs/ 505 B
781 B 185ms
54ms Script
application/javascript 99.86.4.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3178
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-30.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: c8164ab49ff3d32ffbe7e6ad17e8b16e8765b94ab42088494bfad6ce09be8893

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 04:54:23 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1447
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 505
x-amz-cf-id: RXE5Dd6GnG6w3cFcZncXNSURLidOJeBQfSEMtKO08yXs_LwvAwYENQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 53ms
53ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3178&u=https%3A%2F%2Fwww.mlive.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e5696a4c04cb9236e69390a6a84619091cfe6ce887e5747c74f3214a69419484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 02:27:12 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 10278
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.mlive.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1692
x-amz-cf-id: 2ZgUJANNVCMTOIfgvcfg33bIbpP0C9jsIHjhxOvGTgFTTN5PrfMP-w==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 159ms
53ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
date: Fri, 17 Nov 2023 07:24:00 GMT
x-amz-cf-pop: FRA56-P6
age: 78871
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: x3brSflMpnkjuAa60bGPa1CyCnqqAJaLYFqEX8eIme3MDg9sjGNU3A==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 429 KB
135 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:09:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43737
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 16 Nov 2024 17:09:33 GMT

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 192ms
63ms XHR
application/json 52.19.8.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.8.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 648afc9fc01390c553bb882e68a452b45f47ffef036a7e9d68d40fcb68a8f192

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:30 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache
x-server: 10.45.14.130
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 51 B
323 B 210ms
95ms XHR
application/json 2a02:26f0:7100:59a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ&d=www.mlive.com&t=5667616&v=1.720.0&sl=0&si=1949a85b-a6a7-409a-ba72-755c2dd29ac3-s4b02s&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=468260
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:59a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 28445ab5a58bac3609ddba4d1200c1797a766b538fd6b0bdb0926fbe386f327c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 18 Nov 2023 05:18:30 GMT
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 51
Content-Type: application/json

GET
H2 200 10071-pbjs-floors.json Show response
ads.rubiconproject.com/floors/ 47 KB
5 KB 224ms
62ms XHR
application/json 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/floors/10071-pbjs-floors.json
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash: 574c2ba7ab3c822802fabafe74221d17a2b124667e375a48328b448c799344a5

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 18 Nov 2023 05:18:30 GMT
content-encoding: gzip
last-modified: Sat, 18 Nov 2023 04:40:38 GMT
server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1500
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 5211

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
249 B 303ms
156ms XHR
application/json 35.244.193.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0014000001PAW0LAAX&gdpr=0&src=pbjs&ver=7.54.4
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 18 Nov 2023 05:18:29 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.mlive.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
414 B 210ms
64ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Sat, 18 Nov 2023 05:18:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
252 B 211ms
65ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=115
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 18 Nov 2023 05:18:30 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.mlive.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
317 B 205ms
60ms XHR
application/json 52.48.43.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:30 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache
x-server: 10.45.27.112
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 187ms
56ms Script
application/javascript 23.215.22.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-22-18.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:30 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Sat, 18 Nov 2023 05:33:30 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 64ms
61ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:08:51 GMT
content-encoding: gzip
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 83380
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: Nf0oNxmQCHB6kgyybn31WgB0eERDFJaW0rcAj3HZdkaMVzxPtZvYjg==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 154 KB
34 KB 149ms
52ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec554103bf5e0b4462dffc405d746abdce3f805c081725f17b068c21dd1d1a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Nov 2023 09:30:02 GMT
server: cloudflare
x-amz-request-id: RXHH9BCV7D3F95QF
age: 1664
etag: W/"391026e5958781dc657c57860854abcb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 827dc0d39ef26419-LHR
x-amz-id-2: oYJiz/+6+DVQGb4ABjJyRU3tB8oa35dT9ya6nPz0Tp5CYWQ5jO3sq175p8Gm0wJT5t4EHRSUoWtvjYc2Kp5edA==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 172ms
60ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=45je3b81v875661087z878133989&_p=1700284709923&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=460703877.1700284711&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1700284710&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&en=page_view&_fv=1&_nsi=1&_ss=1&ep.headline=undefined&ep.author=undefined&ep.entry_id=undefined&ep.page_type=homepage&ep.product=homepage-beta&ep.platform=desktop&ep.user_subscription_status=undefined&ep.ab_test_group_user=sub-group-b&ep.search_term=undefined&ep.targeting_codes=undefined&ep.targeting_codes2=undefined&ep.targeting_codes3=undefined&ep.targeting_codes4=undefined&ep.targeting_codes5=undefined&ep.targeting_codes6=undefined&ep.entry_tags=undefined&ep.referring_subdomain=undefined&ep.browser_cookie_region=undefined&ep.monthly_visit_number=1&ep.content_region=undefined&ep.content_topics=undefined&ep.blog_category=undefined&ep.section=Home%20Page&ep.article_date_original=undefined&ep.article_date_updated=undefined&ep.entity_type=undefined&ep.entity_value=undefined&ep.auxiliaries=undefined&ep.gigya_user_id=undefined&ep.usprivacy_cookie=undefined&ep.userid_flag=false&ep.targeting_codes7=undefined&ep.targeting_codes8=undefined&ep.targeting_codes9=undefined&tfd=2435
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 384 KB
114 KB 84ms
66ms Script
application/javascript 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59eb2597946aa8c95434f9ae866a18d834a05d0a1ee096c5a649f59ab1de81e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:30 GMT
x-amz-version-id: jRhpqAjZ2BKUi9F7LTJyATq_CqsxsMsH
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400; includeSubDomains
x-amz-request-id: 5TCC03HQXR9MRGYF
age: 2318
x-amz-server-side-encryption: AES256
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: NrBPrdcNPewey7kv75IceMvjOdGVBuqzphLSGyjyO7+TxXQHLNoFTORb8KJJnlNP3fW8YXGLOys=
last-modified: Tue, 14 Nov 2023 13:20:55 GMT
server: cloudflare
etag: W/"3c0a6dad9bd872cfbcb3ae9ea15f01b4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 827dc0d3682c4599-LHR
expires: Sat, 18 Nov 2023 09:18:30 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/50ead41f-14d1-4ce6-b57d-45d624d37b7e/ 160 KB
28 KB 55ms
54ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/50ead41f-14d1-4ce6-b57d-45d624d37b7e/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c79555f44291106c6cc3c46aae1bd82645b4b658929ff6190a82840d1108624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 18 Nov 2023 05:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3701
content-md5: HOtXFznJPlNlK/3ZEEUGsw==
content-length: 28785
x-ms-lease-status: unlocked
last-modified: Wed, 08 Nov 2023 16:39:46 GMT
server: cloudflare
etag: 0x8DBE079517B5A33
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bad552f0-f01e-0059-0c1b-15be00000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827dc0d24ee806c9-LHR
expires: Sun, 19 Nov 2023 05:18:30 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 57ms
57ms XHR
application/json 52.19.8.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.8.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: df55fe88e3f2f45584110b0f4bb0cb758e7afc0d1cffba678828e31af6a2feb2

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:30 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache
x-server: 10.45.24.231
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
336 B 247ms
83ms Fetch
text/plain 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_11014&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=471b531&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 05:18:30 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://www.mlive.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Sat, 18 Nov 2023 05:18:30 GMT

GET
H2 200 cs Show response
advancelocal.blueconic.net/DG/DEFAULT/ 16 B
705 B 369ms
118ms Script
text/javascript 44.213.18.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://advancelocal.blueconic.net/DG/DEFAULT/cs?&callback=bc_json154

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.213.18.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-213-18-121.compute-1.amazonaws.com

Software

- /

Resource Hash

42308388615b5db6864e14b07c14f3d330a44aa3916a6b4ec212f32c4cfb59d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
607 B 177ms
52ms Fetch
application/json 13.32.99.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-59.fra60.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 02:00:19 GMT
via: 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront), 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 11892
x-amzn-requestid: bd7bba0d-f475-4a87-9c81-375afad87aad
x-amzn-trace-id: Root=1-65581ab3-72be8c327d61dbcf471bed1e;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: OkkcEG00DoEEbaQ=
content-length: 28
x-amz-cf-id: Ti5NruUQRc-odXnX5EwJ8lkh6bxdexeUXLhrihEF6g1Ig-meZQkqng==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
438 B 193ms
60ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 18 Nov 2023 05:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.mlive.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 56ms
55ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:14:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6456
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 06:04:12 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
503 B 250ms
98ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.mlive.com%2F&pid=JGn5PLeTY1vqT&cb=0&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22ad-small-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22desktop-InFeed_Right%22%7D%2C%7B%22sd%22%3A%22ad-small-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22desktop-InFeed_Left%22%7D%2C%7B%22sd%22%3A%22ad-large-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22desktop-InFeed_Right%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:31 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: EDXT2GJ684EFRM73Q2XA
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.mlive.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: d4V1R1-y5dCVRP-z3eWlVQ1ixYsO0UrGmVxg8Udu-Iv1_ueYq9-EXg==

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 147ms
48ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 20:31:13 GMT
server: cloudflare
age: 183566
etag: W/"65401291-2b7d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 827dc0d47bb4368f-LHR
expires: Tue, 21 Nov 2023 05:18:31 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 63ms
60ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 07:38:20 GMT
content-encoding: gzip
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 78011
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: evjDK-8q_HdwtTv3aB1qMl2mN9zGO_uXS5a3Ye4rqjS0O4B6arQQ2w==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 212ms
103ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 19 Nov 2023 05:18:31 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 180ms
56ms Script
text/javascript 2600:9000:2250:2200:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2200:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Fri, 17 Nov 2023 10:05:37 GMT
Via: 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 69175
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: Dfo26pW-xtWFhrL3B0ngQdzu-9Oz8HaXMIfD65oIfoL73KDyE2r68Q==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 179ms
52ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 18:17:52 GMT
content-encoding: gzip
age: 2113239
x-guploader-uploadid: ADPycdsxLlKLCVb5W3Djj1V0MEZiayMLPqEhV9H3fgXZaELS3ccW0PQo2-GKz1rWI_UNhL9w3-cScigVqDHesSZuOcxycA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 23 Oct 2024 18:17:52 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 688 B
368 B 94ms
93ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

097d8f818d81ed5f76b3229a13550aeb9cfe556957fa496e0661a38b40688305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 338
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FEE4 6 KB
3 KB 202ms
59ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 05:18:31 GMT
expires: Sun, 17 Nov 2024 05:18:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/assets/ 13 KB
3 KB 53ms
52ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 18 Nov 2023 05:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: gA7tJXNyGFicHKODkM9Iaw==
age: 84879
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3017
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:07 GMT
server: cloudflare
etag: 0x8DBD5D48CFC97D7
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 7b08e71e-901e-0012-155f-144253000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827dc0d3cf4206c9-LHR

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/assets/v2/ 62 KB
13 KB 55ms
55ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 18 Nov 2023 05:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: D6052jlcz/0opqTP4tUV1A==
age: 45544
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12708
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:10 GMT
server: cloudflare
etag: 0x8DBD5D48E5675E0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a60f0c01-a01e-0036-2b62-12b4f3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827dc0d3cf4306c9-LHR

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202310.1.0/assets/ 21 KB
4 KB 56ms
55ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 18 Nov 2023 05:18:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 74720
x-ms-lease-status: unlocked
last-modified: Thu, 26 Oct 2023 03:35:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: b2415e71-f01e-003b-3977-147c27000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 827dc0d3cf4406c9-LHR

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
273 B 187ms
59ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

8ff58a68496bb37cfa68712116e7050a4dad72e15215407e27b5aa487bd7a1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Sat, 18 Nov 2023 05:18:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 p.js Show response
cdn.parsely.com/keys/mlive.com/ 56 KB
21 KB 193ms
63ms Script
application/javascript 65.9.61.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/mlive.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Fri, 17 Nov 2023 09:11:26 GMT
content-encoding: gzip
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified: Wed, 29 Jun 2022 14:34:05 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 72425
etag: W/"62bc62dd-df3e"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: mVTOXLd2Zam-s4Mypw7ekOGUK2HGNyeL9Qg9b_484BRUQ4SYYKWKcg==
expires: Sat, 18 Nov 2023 09:11:26 GMT

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame E4BE 1 KB
2 KB 53ms
52ms Document
text/html 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=858
content-length: 1374
content-type: text/html
date: Sat, 18 Nov 2023 05:18:31 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
server: AmazonS3
x-akamai-ew-subworker: 8096267
x-amz-id-2: bLl72GtpcxM8rSKIodQlKgK0BRPdEbxIV8PPGYh9PcLqpR363i0Z1TjhY7+mRyWYYTxnhPRiG5Y=
x-amz-request-id: A3423FE5772816F0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
546 B 348ms
241ms XHR
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=488240
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d5303f4bbac88e65f4aca15141860f164d54f5565d1d61455653ca2ecc8cd85

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p52e7TLpXZPCnR6aMriwfB%2Fk5cv1cdX25uikGIr5l0QaUXHjji0KikLm6ZFo2r%2B1H1xuTQSIG6xlH%2FI7w7dRhRCSyutXiihDcRy26VWGgX6IExpRkHrKc%2BC4%2BF7oaIMfiFZDfH35"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 827dc0d4fdcf6402-LHR
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
735 B 195ms
63ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 8deec7b21dcc5e2bb48bf813af2372f1c7c4299c82920d09af522191ba5cd2ed

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:30 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 18 Nov 2023 05:18:31 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
112 B 250ms
104ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Sat, 18 Nov 2023 05:18:30 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 1494809 Show response
display.bidder.taboola.com/OpenRTB/TaboolaHB/auction/ 0
216 B 411ms
289ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://display.bidder.taboola.com/OpenRTB/TaboolaHB/auction/1494809
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

x-served-by: cache-fra-etou8220085-FRA
date: Sat, 18 Nov 2023 05:18:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1700284711.225058,VS0,VE238
x-cache: MISS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.mlive.com
x-envoy-upstream-service-time: 229
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 25 KB
10 KB 361ms
197ms XHR
application/json 2602:803:c003:200::44
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311380&zone_id=1580874%3B1580870%3B1580874&size_id=15&eid_pubcid.org=1084ce7e-6f94-4f22-98b1-bbfb586c23c5%5E1&rf=https%3A%2F%2Fwww.mlive.com%2F&tg_i.domain=mlive.com&tg_i.page=https%3A%2F%2Fwww.mlive.com%2F&tg_i.aupname=344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right%2Crg_platform%3Ddesktop%3B344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Left%2Crg_platform%3Ddesktop%3B344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right%2Crg_platform%3Ddesktop&tg_i.pbadslot=desktop-InFeed_Right%3Bdesktop-InFeed_Left%3Bdesktop-InFeed_Right&tk_flint=dmpbjs_v7.54.4&x_source.tid=205b22a3-465e-4b14-84e4-0582040306e2%3B834184e0-132c-42f3-93ef-de5723951541%3B17e15c9d-df69-4777-b119-0e8609692d1d&l_pb_bid_id=189cf89616543f4%3B194c3da4c9d35e7%3B2043ec7526525f1&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=205b22a3-465e-4b14-84e4-0582040306e2%3B834184e0-132c-42f3-93ef-de5723951541%3B17e15c9d-df69-4777-b119-0e8609692d1d&rp_hard_floor=0.52%3B0.54%3B0.55&rp_maxbids=1&p_gpid=desktop-InFeed_Right%3Bdesktop-InFeed_Left%3Bdesktop-InFeed_Right&slots=3&rand=0.07770299141247339
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: edc1df875d326efe2c8c41612f570394d23a3503c9680f5fa20a5184fe9d3125

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:31 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
392 B 390ms
119ms XHR
application/json 3.229.10.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_pb_eid=W3sic291cmNlIjoicHViY2lkLm9yZyIsInVpZHMiOlt7ImlkIjoiMTA4NGNlN2UtNmY5NC00ZjIyLTk4YjEtYmJmYjU4NmMyM2M1IiwiYXR5cGUiOjF9XX1d&ntv_ptd=1134022,1134019&ntv_pas=eyIxMTM0MDE5IjpbWzMwMCwyNTBdXSwiMTEzNDAyMiI6W1szMDAsMjUwXV0sImxlbmd0aCI6Mn0=&ntv_ppf=eyJhZC1zbWFsbC0yIjp7ImJhbm5lciI6eyIzMDB4MjUwIjowLjUyLCIqIjowLjUyfSwiKiI6eyIqIjowLjM3LCIzMDB4MjUwIjowLjM3fX0sImFkLXNtYWxsLTEiOnsiYmFubmVyIjp7IjMwMHgyNTAiOjAuNTQsIioiOjAuNTR9LCIqIjp7IioiOjAuMzcsIjMwMHgyNTAiOjAuMzd9fSwiYWQtbGFyZ2UtMSI6eyJiYW5uZXIiOnsiMzAweDI1MCI6MC41NSwiKiI6MC41NX0sIioiOnsiKiI6MC4zNywiMzAweDI1MCI6MC4zN319fQ==&ntv_pbv=v7.54.4&ntv_pb_rid=21feee5de27f17e&ntv_ppc=W3siYWRVbml0Q29kZSI6ImFkLXNtYWxsLTIiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX0seyJhZFVuaXRDb2RlIjoiYWQtc21hbGwtMSIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fSx7ImFkVW5pdENvZGUiOiJhZC1sYXJnZS0xIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19XQ==&ntv_dbr=eyJhZC1zbWFsbC0yIjowLCJhZC1zbWFsbC0xIjowLCJhZC1sYXJnZS0xIjowfQ==&ntv_url=https%3A%2F%2Fwww.mlive.com%2F
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.10.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-10-156.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:31 GMT
content-encoding: gzip
server: nginx/1.12.2
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.mlive.com
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 56ms
55ms Image
text/plain 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6034988&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1700284711084&ns_c=UTF-8&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&c7=https%3A%2F%2Fwww.mlive.com%2F&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&c9=
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-53.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:31 GMT
via: 1.1 a51af242bb87a51c6b17ed13ee788db8.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-amz-cf-id: HGkolxpXEYUpOWWkbVaxHGBoGKlE1mwnq41UH-eWn118ncQAqJaeXg==
x-cache: Miss from cloudfront

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 239ms
145ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=94e96aa8-3a0c-4bfd-910f-1b9659b85992&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=16b4b1a8-1427-4b5a-a1da-0b5f84f9f58b&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.29

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 103
date: Sat, 18 Nov 2023 05:18:31 GMT
strict-transport-security: max-age=0
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 17ee558d9cf81604
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 427f1913c272c5d2a61247cf6bef2176375ecdffb570d5e0191c7a03208becd4
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
726 B 259ms
146ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=94e96aa8-3a0c-4bfd-910f-1b9659b85992&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=16b4b1a8-1427-4b5a-a1da-0b5f84f9f58b&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.29

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 103
date: Sat, 18 Nov 2023 05:18:30 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: d6210387b2defd24
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 2a14d7dccacfcd4ae29df049f79b39a13084f9a39d03148917d9cf2ef26128f3
content-length: 43

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 54ms
54ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=38601
accept-ranges: bytes
content-length: 3272

POST
H3 200 74cd3235ae8f701e54b15cd18aaa7fd1f8cee7df7b2caefa7da4 Show response
satisfycork.com/ 303 B
330 B 143ms
78ms Fetch
application/json 2600:1901:0:328a::1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://satisfycork.com/74cd3235ae8f701e54b15cd18aaa7fd1f8cee7df7b2caefa7da4

Requested by

Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:328a::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

7b7c04a30ceb7953f56d91e59bd11923135f153ab9019d8cfb33bc4b2b681004

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Sat, 18 Nov 2023 05:18:31 GMT
via: 1.1 google
x-buildnumber: 1072352451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 303
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
x-hostname: fen-hoothoot-europe-west1-z5cq
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Sat, 18 Nov 2023 05:18:30 GMT

OPTIONS
H2 200 tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 117ms
117ms Preflight 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.mlive.com
access-control-max-age: 600
content-length: 0
date: Sat, 18 Nov 2023 05:18:31 GMT
server: nginx

POST
H2 200 tp2 Show response
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ 2 B
221 B 118ms
118ms XHR
text/plain 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/advancelocal/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.mlive.com
date: Sat, 18 Nov 2023 05:18:31 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 120978121945017 Show response
connect.facebook.net/signals/config/ 140 KB
36 KB 59ms
56ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/120978121945017?v=2.9.138&r=stable&domain=www.mlive.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2954b823b72cadfae4cbb2365451dbb36b295a343cec1242b3444c41ee361028

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Nov 2023 05:18:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37147
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: vu4AIed5CwyGnn6Q7VjSVK0YdeGvop+KeWE7iwagN5cIj0YL3hv0ToHu+PW5kRVvKm12LyY594Q9HPq810oBJA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
367 B 197ms
62ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 18 Nov 2023 05:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.mlive.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 51ms
51ms Fetch
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 18 Nov 2023 05:18:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 77129
x-ms-lease-status: unlocked
last-modified: Thu, 16 Nov 2023 13:00:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 689e31e3-c01e-0099-232b-19463e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 827dc0d51f9306c9-LHR

GET
H2 200 FormLogo.jpg
cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/0820a53f-bf37-4e26-90be-016196d39852/63d4f326-4506-4914-9e18-8751853c7769/ 89 KB
89 KB 52ms
52ms Image
image/jpeg 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/0820a53f-bf37-4e26-90be-016196d39852/63d4f326-4506-4914-9e18-8751853c7769/FormLogo.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 18 Nov 2023 05:18:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /VgjLzERih8MeSo4vme4Lw==
age: 8279
content-length: 90639
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Mon, 15 May 2023 15:10:31 GMT
server: cloudflare
etag: 0x8DB555686483EB7
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 75321e30-301e-0079-0c0a-15c5a7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827dc0d52b6d640a-LHR

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 51ms
51ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 18 Nov 2023 05:18:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 78877
x-ms-lease-status: unlocked
last-modified: Thu, 16 Nov 2023 13:00:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 620de62c-701e-009c-6f09-1994e5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 827dc0d52b6e640a-LHR

GET
H2 200 t Show response
jadserve.postrelease.com/ 5 KB
2 KB 649ms
225ms Script
text/javascript 52.36.216.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.mlive.com%2F&ntv_mvi&us_privacy=1---
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.216.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-216-155.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 4ecd9991564fb3cd2c59f47d46f4facf8f70ec4dfbe4df42f6a84951b240bedf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:31 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 1514
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 54ms
54ms XHR
application/json 52.19.8.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.8.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: d0a685a5a025e94bec5d54afec196ddee808a5310ba507057d8b50f656d8360e

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:31 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache
x-server: 10.45.14.59
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 392.json Show response
id5-sync.com/g/v2/ 251 B
530 B 179ms
61ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/392.json

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

1d2fe099cdabb07612ca67384bc13ab2ffb96c91ef822a42282a4f8802bcd2f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Sat, 18 Nov 2023 05:18:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 548ms
117ms Image
image/gif 52.54.8.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&ptype=homepage&prem=0&sec=Home%20Page&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FLondon&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=17&tvcfg=all&tid=b9446b1b-25b2-4cda-ba8d-6c96e17b19dc&pid=c2d6a276-b193-45a8-be2b-5dfb31ef760e&dtm=1700284711308&qnm=_matherq&visible=1&tabid=49bc869e-0910-4bb1-a54c-82569e531a99&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x13536&tofa=1700284711&vid=1&lvidt=1700284711&duid=46d12f41-0709-438e-823d-e86802cebce3&fp=4145215253&cid=ma63527&mrk=484602605&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcwMDI4NDcwODMwNyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxOS4zbWIiLCJoZWFwVCI6IjIzLjFtYiIsImZzdFBhaW50IjoiMTcwOSIsImZldGNoUyI6IjExNzMiLCJkb21haW5TIjoiMTI0MSIsImRvbWFpbkUiOiIxMjQxIiwiY29ublMiOiIxMjQxIiwiY29ubkUiOiIxMzk5Iiwic3NsUyI6IjEyOTMiLCJyZXF1UyI6IjEzOTkiLCJyZXNwUyI6IjE0NzMiLCJyZXNwRSI6IjE2NTQiLCJkb21Mb2FkIjoiMTQ4MSIsImRvbUludGVyIjoiMTc0NSIsImRvbUxvYWRTIjoiMTkwMyIsImRvbUxvYWRFIjoiMTkxMCJ9LCJpZGVudGl0aWVzIjpbeyJ0eXBlIjoiZ2EiLCJpZCI6IjQ2MDcwMzg3NyIsInJlZlRpbWUiOiIxNzAwMjg0NzExMzA3In1dLCJ1c2VyRGF0YSI6eyJpc0xvY2FsIjoiMCJ9fQ
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.8.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-8-105.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Sat, 18 Nov 2023 05:18:31 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1

85 B
201 B

165ms
165ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 2f27c2e46b56724c2431e0cdf97e97460e2a83b149ee36d36890d342e3715912

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:31 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-2s4jKDtePKsBRkOQ9ia6/30998E"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sat, 18 Nov 2023 05:18:31 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.mlive.com
location: /esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D2B2 15 KB
6 KB 164ms
54ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mlive.com&us_privacy=1---

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 05:18:31 GMT
server: Kestrel
server-processing-duration-in-ticks: 283639
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 225ms
53ms Image
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1700284711344&plid=40806056&idsite=mlive.com&url=https%3A%2F%2Fwww.mlive.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.mlive.com%2F&sref=&sts=1700284711340&slts=0&title=Michigan+Local+News%2C+Breaking+News%2C+Sports+%26amp%3B+Weather&date=Sat+Nov+18+2023+05%3A18%3A31+GMT%2B0000+(Greenwich+Mean+Time)&action=pageview&js=1&pvid=72732463&u=pid%3D1b651170750c218281824643b9d3a7b6
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 05:18:31 GMT
Cache-Control: no-cache
Last-Modified: Saturday, 18-Nov-2023 05:18:31 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 230823541501762 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 58ms
57ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/230823541501762?v=2.9.138&r=stable&domain=www.mlive.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

04b090c301a46f0e04071e03788fd61221666cd30c5925f6a92d49233d85f275

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Nov 2023 05:18:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35461
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: faNjdJZZK18f2WOR54ebMqFdEbJbIiG9L6gufagJD+b0fres0Va/ChftYCn2dHO02Hbp/P1eM2xvuHZgpVvymQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
101 B 153ms
153ms XHR
application/json 35.244.193.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0014000001PAW0LAAX&src=esp&ver=1.2.0&us_privacy=1---
Requested by: Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 18 Nov 2023 05:18:31 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.mlive.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

POST
H2 200 153 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 169 KB
36 KB 435ms
435ms XHR
application/json 18.66.147.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/DG/DEFAULT/rest/rpc/153?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-11-18T05%3A18%3A31%2B00%3A00&ts=1700284711368

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-6.fra60.r.cloudfront.net

Software

- /

Resource Hash

890d3cb00882040aef921a417a9f85790bc1f34ef30f9908585b86b1b663a87f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 18 Nov 2023 05:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 35975
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: FnZZ3crdENhRgDastWbbWJ4r9OkfDMhnvxTkwe4bQWH6QwnyLIUlVQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 60ms
59ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=364464754&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAQCACgFK~&jid=1522254280&gjid=799454460&cid=460703877.1700284711&tid=UA-16643585-16&_gid=24803419.1700284711&_r=1&_slc=1&gtm=45He3b81n81TLXFLCRv78133989&cd1=undefined&cd2=undefined&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=GA%20pageview%20-%20template%20-%20All%20Pages&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd65=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-b&cd102=undefined&cd103=undefined&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd61=460703877.1700284711&z=1097257115

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
345 B 169ms
61ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-16643585-16&cid=460703877.1700284711&jid=1522254280&gjid=799454460&_gid=24803419.1700284711&_u=aADAAEAAAAQCACgFK~&z=697074361

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 18 Nov 2023 05:18:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 253ms
143ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=120978121945017&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1700284711472&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700284711470.66711320&cs_est=true&ler=empty&it=1700284711172&coo=false&rqm=GET

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 05:18:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 163ms
54ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=230823541501762&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1700284711473&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700284711470.66711320&ler=empty&it=1700284711172&coo=false&rqm=GET

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 05:18:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 252ms
143ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=120978121945017&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1700284711474&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1700284711470.66711320&ler=empty&it=1700284711172&coo=false&tm=1&rqm=GET

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 05:18:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 163ms
54ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=230823541501762&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1700284711475&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1700284711470.66711320&ler=empty&it=1700284711172&coo=false&tm=1&rqm=GET

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 05:18:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 137 KB
31 KB 450ms
449ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1518445225692931&correlator=4110897644193374&eid=31079667%2C31079672%2C31079525%2C31079575&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3&prev_iu_szs=300x250%2C300x250%2C300x250&ifi=2&sfv=1-0-40&fsbs=1%2C1%2C1&eri=1&sc=1&cookie=ID%3Deed23db067a1cce5%3AT%3D1700284711%3ART%3D1700284711%3AS%3DALNI_MZ2OtGiOiT94d4Oqzu8zw36Ez3qAg&gpic=UID%3D00000ccb8003d77d%3AT%3D1700284711%3ART%3D1700284711%3AS%3DALNI_Mauuy14cpfoyJGFLcnkEP8UdEhyrQ&abxe=1&dt=1700284711505&lmt=1700284670&adxs=1135%2C165%2C1135&adys=165%2C917%2C883&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mlive.com%2F&vis=1&psz=300x24%7C300x274%7C300x24&msz=300x24%7C300x274%7C300x24&fws=0%2C512%2C512&ohw=0%2C0%2C0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=460703877.1700284711&ga_sid=1700284711&ga_hid=364464754&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJDEwODRjZTdlLTZmOTQtNGYyMi05OGIxLWJiZmI1ODZjMjNjNVgBEhMKDGlkNS1zeW5jLmNvbRIBMFgBEhwKDWNyd2RjbnRybC5uZXQYpoD3hr4xSABSAghkEhsKDDMzYWNyb3NzLmNvbRilgPeGvjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YpoD3hr4xSABSAghkEhkKCnVpZGFwaS5jb20YpoD3hr4xSABSAghkEhQKBW9wZW54GKaA94a-MUgAUgIIZA..&dlt=1700284709788&idt=1110&prev_scp=rg_adslot%3DInFeed_Right%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3Ddesktop-InFeed_Right%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3Ddesktop-InFeed_Right-2%7Crg_adslot%3DInFeed_Left%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Left%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3Ddesktop-InFeed_Left%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Left%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3Ddesktop-InFeed_Left-2%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.70%26hb_adid_rubicon%3D25aff91d23f6222%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.70%26hb_adid%3D25aff91d23f6222%26hb_bidder%3Drubicon%7Crg_adslot%3DInFeed_Right%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D2%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3Ddesktop-InFeed_Right%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3Ddesktop-InFeed_Right-2%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.70%26hb_adid_rubicon%3D26b002e94db88cb%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.70%26hb_adid%3D26b002e94db88cb%26hb_bidder%3Drubicon&cust_params=ccaud%3D%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop&adks=1117919376%2C1117919391%2C3501067380&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0915963e6af70fba7ec18ba17145998fab56ae687db7783d834c32551033669c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32040
x-xss-protection: 0
google-lineitem-id: -1,5803014380,5803014380
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138366412552,138366002964
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame D2B2
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mlive.com&sn=ChromeSyncframe&so=0&topUrl=www.mlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=F7Zd_Hw4YktDWVR0SC83MkJsdkZIVW14ZmN6ZXJtaTZkendIVGNBbFZwcVNMeHVaajBzcW1Cd2JPTUVtbzRUS2hpdzZzdVIyREZxaU1OeVR6aWd5Y0htWERmTmxSSlFVK2tYeW5MbkNZamxyYzNHYjBKS3dvM3ZSOVY2Zz...

441 B
657 B

55ms
54ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=F7Zd_Hw4YktDWVR0SC83MkJsdkZIVW14ZmN6ZXJtaTZkendIVGNBbFZwcVNMeHVaajBzcW1Cd2JPTUVtbzRUS2hpdzZzdVIyREZxaU1OeVR6aWd5Y0htWERmTmxSSlFVK2tYeW5MbkNZamxyYzNHYjBKS3dvM3ZSOVY2ZzUwZ0JZSXVETlp0ZHN0VUNxOVBlTG4vMzZXMWNjd240L1l3eFhNR1NrSEZ6R1J1YUduSjdSM2ZoS3AveG91R0ROZ3hJU0ozUXJUKzRTcDNiR0tsUlhKSFYwSlQ4SG5ZTjczcUNrRFh2MUF2RnBIMkdKY05UMy82WGZPSlU4aWhnREoyMkJoYkRyV24xeGQzUkpNMU9DcU1VVkY0NzNKQT09fA&cppv=2

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08f576fb0f8857b391579279c01b2fb667cb3a19428025a7a80e0aa1529fe49a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1301734
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=F7Zd_Hw4YktDWVR0SC83MkJsdkZIVW14ZmN6ZXJtaTZkendIVGNBbFZwcVNMeHVaajBzcW1Cd2JPTUVtbzRUS2hpdzZzdVIyREZxaU1OeVR6aWd5Y0htWERmTmxSSlFVK2tYeW5MbkNZamxyYzNHYjBKS3dvM3ZSOVY2ZzUwZ0JZSXVETlp0ZHN0VUNxOVBlTG4vMzZXMWNjd240L1l3eFhNR1NrSEZ6R1J1YUduSjdSM2ZoS3AveG91R0ROZ3hJU0ozUXJUKzRTcDNiR0tsUlhKSFYwSlQ4SG5ZTjczcUNrRFh2MUF2RnBIMkdKY05UMy82WGZPSlU4aWhnREoyMkJoYkRyV24xeGQzUkpNMU9DcU1VVkY0NzNKQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 252223
content-length: 0
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 5D7F 0
176 B 192ms
61ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sat, 18 Nov 2023 05:18:31 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 b33e8052a0f7e2edf75d57a3f12b9cb4 Show response
h312.mlive.com/plugin/plugin/ 89 KB
22 KB 59ms
58ms Script
text/javascript 18.66.147.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/plugin/plugin/b33e8052a0f7e2edf75d57a3f12b9cb4

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-6.fra60.r.cloudfront.net

Software

- /

Resource Hash

49b1485a151b82944796c5a354059e9678e19256d30d5ecea984550fc05a5845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
age: 3881563
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 21620
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Oct 2023 07:05:48 GMT
server: -
etag: b33e8052a0f7e2edf75d57a3f12b9cb4
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: E4cMeLQdAvWmK3YA27T8i38uFLkxmH07osci2UewbzYvQ2y3gTZswg==
expires: Thu, 03 Oct 2024 07:05:48 GMT

POST
H2 200 LB-Zone-2 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/153/ 354 B
1017 B 329ms
328ms XHR
application/json 18.66.147.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/DG/DEFAULT/rest/rpc/153/LB-Zone-2?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=9bd20ef1-0d60-4923-a981-0ffcb5492f62&overruleReferrer=&time=2023-11-18T05%3A18%3A31%2B00%3A00&ts=1700284711900

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-6.fra60.r.cloudfront.net

Software

- /

Resource Hash

e7f8376deb8f9efd736fafca533fa2228c2f7f61fc8b39299953cc50f40011cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 231
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 2CXSWUClIhQygBKQZDgDRErD3Dn-KqItBDbYJq1UX5QsckZIEbhbyA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
422 B 214ms
211ms Image
image/gif 52.36.216.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=1940732&ntv_pl=773533
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.216.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-216-155.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
422 B 215ms
213ms Image
image/gif 52.36.216.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=1d1c7a7f-4d8d-4442-99bd-33b7db6e54af&ntv_fl=wklKktgzCnjHRw7QsGHOxzNhXSYYdxQ6qfiLggX0SK4_zL7CCIKet1WrjYdWawctXwBZdNjjMt9JUr-o3vSv43paXVDgzbliwhrmhfvWwtisnkIjHlH7DFAu_n15PTcab0NMDvpxyvYFt9w6HQeD2G3iJI4ik4SvK1iLD2Ek2ZwLNF8x2tWaGv8aOGF3rYS5&ntv_ht=J0lYZQA&ntv_at=303,302&ntv_a=AAAAAAAAAAUr0QA&ord=1700284711908&ntv_it
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.216.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-216-155.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
422 B 423ms
421ms Image
image/gif 52.36.216.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=521055f4-7fa7-4417-8f06-e5f2b36bbd0d&ntv_fl=No53AUp_qTJmWJYNLYz3zDH7Dla8D2Bigrcdt2SscM2kMem-3pcRHXCvigzogxEXbROyYw2Ws81uJlz4jdLVYKQ3Z3tmp8BpXdhrgLtAUP4vcxufrDpJfRuqM0eIwOLP-SNQ4CaBUNIm9_rhIvDqj74uhpFpT-YZA2ReFru7JzC97hNJGVnK2bx-90WhqT9o&ntv_ht=J0lYZQA&ntv_at=303&ntv_a=AAAAAAAAAAU70QA&ord=1700284711911&ntv_it
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.216.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-216-155.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
422 B 217ms
215ms Image
image/gif 52.36.216.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=184d4942-8994-4896-9571-a2a72e1a398d&ntv_fl=miNEdYZhkQ016qn5OkGErteWbVfee99L6iQoR7ftguTmpn7mHy_FswIjyqcX1MvinwGajFuuTzZP-GS2dac-BjQMyCK-dMH0JcHFbNBsZ2heWm1Akq2-nJMXbD3OsaEzXaajbXOCuTAcj2DTKGzDuWMzXKchQV-aY1qviJGgkhUSntywAmZta1kWWNVy9bL4&ntv_ht=J0lYZQA&ntv_at=303&ntv_a=AAAAAAAAAAVL0QA&ord=1700284711912&ntv_it
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.216.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-216-155.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
422 B 214ms
213ms Image
image/gif 52.36.216.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=6d6fe2d2-5c7e-4992-b1f3-087df53518e1&ntv_fl=MMTdWyeJBcdLcDTtFfyiRBPe8Vq-ba7jHN1vT59Rb8A3Gx9DTlsCGhZVDiRzP2sxmDlKROgv5HmkTnN_wXFe7Rda85b-8JrMprO2MigE-NYmDk_qdOyAdMYxgnG68Am6uZN0e7Lzhmz5dDwHzs6lORkwOQnpUx_tBoGsvZxtoWUaPil4_mVdjhcdbTCwtayc&ntv_ht=J0lYZQA&ntv_at=303&ntv_a=AAAAAAAAAAnc0LA&ord=1700284711912&ntv_it
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.216.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-216-155.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 privacyConsent
jadserve.postrelease.com/ 43 B
422 B 213ms
212ms Image
image/gif 52.36.216.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/privacyConsent?ntv_pl=1097042&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.216.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-216-155.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 319 B
165 B 97ms
96ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67818760c383bca2da40429a9b99a20c8ece6b749c87cb9bce0d22013b9c8494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 024bb88ac1797b6a370684d716646680 Show response
h312.mlive.com/plugin/library/ 296 KB
93 KB 59ms
58ms Script
text/javascript 18.66.147.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/plugin/library/024bb88ac1797b6a370684d716646680

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-6.fra60.r.cloudfront.net

Software

- /

Resource Hash

bc2406b2176025b949ef983c74399c618b679f5f951a2c9083be7bc7c5244c04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 18:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
age: 3406865
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 95058
x-xss-protection: 1; mode=block
last-modified: Sun, 08 Oct 2023 18:57:26 GMT
server: -
etag: 024bb88ac1797b6a370684d716646680
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: r05snbByS9iVwbpy-xi93mQLuLWF20aykkJa6YcMQ_kEZ5QByRzq7g==
expires: Tue, 08 Oct 2024 18:57:26 GMT

POST
H2 200 LB-Zone-2 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/153/ 4 KB
2 KB 326ms
326ms XHR
application/json 18.66.147.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-6.fra60.r.cloudfront.net

Software

- /

Resource Hash

fc33fc120439cbaa7becbb645627f8afb504e78dc2335444d03c9c05682e15ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1304
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: Zs4yrbi_kvSDIb63NVvaOpoyPwAViqdQUMwwSZuwIbbIJW5yxR295Q==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 container.html Show response
715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DF81 6 KB
3 KB 54ms
53ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 05:18:31 GMT
expires: Sun, 17 Nov 2024 05:18:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6F05 6 KB
3 KB 53ms
52ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 05:18:31 GMT
expires: Sun, 17 Nov 2024 05:18:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A481 6 KB
3 KB 52ms
52ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 05:18:31 GMT
expires: Sun, 17 Nov 2024 05:18:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame DF81 36 KB
14 KB 223ms
108ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0d006d3b93ee93e669d0b6b3b2b29bc4da89483eef6007c90ab91598a8bf701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14410
x-xss-protection: 0
server: cafe
etag: 7890425002344327526
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 17:26:40 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DF81 24 KB
7 KB 174ms
60ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 190553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF81 202 KB
64 KB 80ms
67ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 05:18:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame DF81 23 KB
9 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 09:24:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame DF81 3 KB
1 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 14:28:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame DF81 20 KB
9 KB 166ms
53ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 09:24:48 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DF81 0
0 180ms
63ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQYpxVQ7Mo3OjILUL8u19asDJZH9wnR18YUrJWBaEA0Z3ttheMkYTwv5VNO_VVcVHQAuVEzT2MAjOpi5a1WG41aITy1dQ
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 moatad.js Show response
z.moatads.com/advancedigitaldfp80721595993/ Frame 6F05 10 KB
4 KB 57ms
54ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/advancedigitaldfp80721595993/moatad.js
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 53ac7bdc78f11c023642ac320ca2cf33c334fd8deb50bd7bdc5c36fb9b325b14

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 08:17:59 GMT
server: AmazonS3
x-amz-request-id: 109SBACVHVEHGYYV
etag: "545be9b44feac8f7295b6698b7a11387"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=41486
accept-ranges: bytes
content-length: 3892
x-amz-id-2: Y5N+Yvlw+BTNCuy+rh83pzLUG54zXhMCiwLpYlkZfLbaCFFMQFgCKCmIx9Fkak7TlmMJPJYAz43bSM2Bu64t3w==

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6F05 24 KB
6 KB 155ms
65ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 190553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H2 200 creative.js Show response
ads.rubiconproject.com/prebid/ Frame 6F05 26 KB
9 KB 57ms
55ms Script
text/javascript 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/creative.js
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash: 35a2b85d7f2e1538d24526949815aa068a6e927045dc295ce9d4b0ba30b88104

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: gzip
last-modified: Wed, 18 Oct 2023 23:48:14 GMT
server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 9029
expires: Sat, 18 Nov 2023 05:18:32 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F05 202 KB
64 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 05:18:32 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/advancedigitaldfp80721595993/ Frame A481 10 KB
4 KB 58ms
56ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/advancedigitaldfp80721595993/moatad.js
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 53ac7bdc78f11c023642ac320ca2cf33c334fd8deb50bd7bdc5c36fb9b325b14

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 08:17:59 GMT
server: AmazonS3
x-amz-request-id: 109SBACVHVEHGYYV
etag: "545be9b44feac8f7295b6698b7a11387"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=41481
accept-ranges: bytes
content-length: 3892
x-amz-id-2: Y5N+Yvlw+BTNCuy+rh83pzLUG54zXhMCiwLpYlkZfLbaCFFMQFgCKCmIx9Fkak7TlmMJPJYAz43bSM2Bu64t3w==

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A481 24 KB
6 KB 192ms
103ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 190553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H2 200 creative.js Show response
ads.rubiconproject.com/prebid/ Frame A481 26 KB
9 KB 60ms
59ms Script
text/javascript 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/creative.js
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash: 35a2b85d7f2e1538d24526949815aa068a6e927045dc295ce9d4b0ba30b88104

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: gzip
last-modified: Wed, 18 Oct 2023 23:48:14 GMT
server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 9029
expires: Sat, 18 Nov 2023 05:18:32 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A481 202 KB
64 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 05:18:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 60ms
52ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_DFP1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=5&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1700284710990&de=746612520125&rx=777807366734&m=0&ar=51bd715ca6c-clean&iw=d919dfb&q=1&cb=0&cu=1700284710990&ll=2&lm=0&ln=0&em=0&en=0&d=4399703447%3A2915093164%3A5803014380%3A138366412552&bo=343101415&bp=387186655&bd=undefined&zMoatAU=%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&zMoatProduct=homepage-beta&zMoatPS=-&zMoatSlot=InFeed_Left&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=1&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387186655&zMoatJS=-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&dfp=0%2C1&la=387186655&gw=advanceddigitalheader640552616592&fd=1&it=500&ti=0&ih=2&pe=1%3A1709%3A1709%3A0%3A1745&fs=205853&na=839494153&cs=0
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 18 Nov 2023 05:18:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 53ms
53ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.mlive.com%2FIFRAME&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rjlubZVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-axhMBihjElCFgA%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=165&gp=917&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&pl=0&f=0&j=&t=1700284710990&de=746612520125&rx=777807366734&cu=1700284710990&m=1167&ar=51bd715ca6c-clean&iw=d919dfb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=917&lb=13196&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1709%3A1709%3A0%3A1745&as=0&ag=34&an=0&gf=34&gg=0&ix=34&ic=34&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=34&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=68&cd=0&ah=68&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4399703447%3A2915093164%3A5803014380%3A138366412552&bo=343101415&bp=387186655&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387186655&dfp=0%2C1&la=387186655&zMoatAU=%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&zMoatProduct=homepage-beta&zMoatPS=-&zMoatSlot=InFeed_Left&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=205853&na=803364448&cs=0
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 18 Nov 2023 05:18:32 GMT

GET
H2 200 cs Show response
advancelocal.blueconic.net/DG/DEFAULT/ 66 B
854 B 118ms
117ms Script
text/javascript 44.213.18.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://advancelocal.blueconic.net/DG/DEFAULT/cs?bcsessionid=9bd20ef1-0d60-4923-a981-0ffcb5492f62&&callback=bc_json155

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.213.18.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-213-18-121.compute-1.amazonaws.com

Software

- /

Resource Hash

912cec9863b5d66e61ffe10a433d335520b1153c09c391c8e6589c580e4e8c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 83
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 53ms
53ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_DFP1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=5&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1700284710990&de=969979995092&rx=777807366734&m=0&ar=51bd715ca6c-clean&iw=d919dfb&q=2&cb=0&cu=1700284710990&ll=2&lm=0&ln=0&em=0&en=0&d=4399703447%3A2915093164%3A5803014380%3A138366002964&bo=343101415&bp=387186655&bd=undefined&zMoatAU=%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&zMoatProduct=homepage-beta&zMoatPS=-&zMoatSlot=InFeed_Right&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=2&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387186655&zMoatJS=-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&dfp=0%2C1&la=387186655&gw=advanceddigitalheader640552616592&fd=1&it=500&ti=0&ih=2&pe=1%3A1709%3A1709%3A0%3A1745&fs=205853&na=1494877020&cs=0
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 18 Nov 2023 05:18:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F05 0
0 90ms
89ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQnSqViDanHBY0I9CMNG9Y9RQ2acHYRzM6BXJcGJcKRxopJUpp5ZV69AetBv-PdNp0BE0BhVNknAsYW30CdHi97atO-2JpNsKIKOIR26rMLiNAnkf6AnZfjCyY5be2iFa5iXI3M24VT6lFSI8dY5ZO7CTdabQwkBTHrNLwG_G4RwMxg0BHSkr5fEcPxoHwUiFo6m8CkaJcnBkqJ-I6qmgOKqgAy7k0n_p90ddKOgRPfiegK1DMJyk_-weSyvLA6EBLCGVtoDhPdl6LsKwbE8MsKkFuFIYZqfsjsMRWB7C4aZLkozDybVHPYE_oVi5JunsVc3N_vIcjCCCdWM6gyicuVFT1LNVb8jnuZ7heO9C1Ni97y6ehEMPHPgM&sai=AMfl-YQJEc5FvO7qz07v8lvmH--ndttbL6xbzAN94TtS9A2HPmySs6MTkMychkOvUNf-LGI2Q-ylYzlRzszH_13mEG7O1_gZOluROBoS9zbq2v3r66ApYyRM2uKtLRrxV4g&sig=Cg0ArKJSzJ_tyoWGrO7oEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
272 B 59ms
59ms Fetch
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e4c5690b8e89886bec5500c5e742364987c5baeb3c6d25dec33d171b40f0633c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: https://www.mlive.com
date: Sat, 18 Nov 2023 05:18:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 153 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 9 KB
5 KB 160ms
159ms XHR
application/json 18.66.147.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/DG/DEFAULT/rest/rpc/153?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=9bd20ef1-0d60-4923-a981-0ffcb5492f62&bctempid=&overruleReferrer=&time=2023-11-18T05%3A18%3A32%2B00%3A00&ts=1700284712356

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-6.fra60.r.cloudfront.net

Software

- /

Resource Hash

eb41a35461e710e0f075a0b21cf1389d752470dc314384ff634b8d256dc3e811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 3733
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: ELb2CXu95k8iCrTQZvRIQeKbYo-gXD8NJ2jPM6O4L-0UKdBRxNtfVQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 predict Show response
h312.mlive.com/rest/v2/custom/frontend/listener_realtime_model/ 2 B
884 B 343ms
343ms XHR
application/json 18.66.147.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/rest/v2/custom/frontend/listener_realtime_model/predict?itemId=93193c90-1299-460a-add2-602384af02fc&profileId=9bd20ef1-0d60-4923-a981-0ffcb5492f62

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/plugin/plugin/b33e8052a0f7e2edf75d57a3f12b9cb4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-6.fra60.r.cloudfront.net

Software

- /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 22
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache="Set-Cookie"
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: G7eE9CkWnSljsgeexvD_GX_-pha3dRSOjtkPusk3ssPE0qz_emesSA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 153 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 547 B
1 KB 333ms
332ms XHR
application/json 18.66.147.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-6.fra60.r.cloudfront.net

Software

- /

Resource Hash

8074aec2f48253e1a7d142d394effd00436685147e972938b48c7e8045368455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 176
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 22lEcM9zZ2xRzKjISSLk0Oxht2490eDRJUYBZFhg19HEZaT5lmUdcg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 153 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 183 B
1 KB 334ms
333ms XHR
application/json 18.66.147.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-6.fra60.r.cloudfront.net

Software

- /

Resource Hash

a2af465457e53ffb09fb97fef84fc7c92e2cb5ada7a09e1b97164e5b36f3accb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 163
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: bLnBBvjwsl8xsy8CRdP1AfgFCX9jprQgvYXRZTGR7ztCyO7KKszhZA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 153 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 183 B
1 KB 332ms
331ms XHR
application/json 18.66.147.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-6.fra60.r.cloudfront.net

Software

- /

Resource Hash

e0825ae573ddc69886f26310e2abb9b0c54a8a2205b1e2cf189d892250d123d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 164
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 1J8kap4ki0aaWbV2l1A50MWWHpKKjg9xOeLi_p-FCao466zPfJDYhA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 153 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 183 B
1 KB 334ms
333ms XHR
application/json 18.66.147.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-6.fra60.r.cloudfront.net

Software

- /

Resource Hash

be765640271edcbafd78cb6d6ab4e92f01292e11465724e444d65578e3333966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 164
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: KdIhcwcOG053wqJetTM9mEEF9jVPjU_YEx5N3KJfpm_xwAQUsUA8PQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 52ms
52ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=364464754&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blueconic&ea=segments&_u=aDDAAEABAAQCACgFKAC~&jid=&gjid=&cid=460703877.1700284711&tid=UA-16643585-16&_gid=24803419.1700284711&gtm=45He3b81n81TLXFLCRv78133989&cd1=undefined&cd2=1---&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=Blueconic%20-%20event%20call&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd64=undefined&cd65=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-b&cd99=undefined&cd102=undefined&cd103=undefined&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd61=460703877.1700284711&cd76=a0002%2Ca0022%2Ca0054%2Ca0107&cd77=undefined&cd78=undefined&cd79=undefined&cd80=undefined&cd85=undefined&cd89=undefined&cd96=1&cm1=undefined&cm2=undefined&cm3=undefined&cm4=undefined&z=420068060

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 01:42:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12957
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A481 0
0 92ms
92ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuK9Moa3MXMQ8XBF5O8OiNAPcE4g-j3zw99jrcps7AM9wVHOZz2rrEGbYUW5eyeOMfrK4SS2Z8q3-Z-n9JFPZpF6lRLKq72pGw4pmwCbGUdAx5BnzzEqbR2xJBUJZ7SB4_WjR7jreBvNnkLYog34ySWbF0juvsuezMLhpVMlX1l1S0X9YS7tz9GajPiA1XeXGYsJqttyXt__ahDus5688Zr5-hyEUO9ONh1iYCzzMBCQLBHZAtPvB5MdB3KMkuVXM2zQLloLEtGHFsg7COBxFSSGIPTxa3I-MEBPsf36Iz1_-d1jdIEjW3jD2MWW_wQ4rprSEYUunJnyZZIoz0d5hVZvdBb_ndrNi7Dq9KRzQr6CatYd46V-WBdGtM&sai=AMfl-YQZlPvqwRFkc9pxtG-5qzi2oLmMjTp1evZ21Lf-Snbph1lgKzUMHMzLljIHmx_A0jNHODu8nsrDRa-VsfayjzoIyykEQWeJ-d99n4RIJnSYbJ_q7_YGJTIiYAHe9SM&sig=Cg0ArKJSzJy4E5QH0xEBEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6F05 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3662ea8398492b04ad98656726af3df47215c13e153d12a5bc33900b359764aa

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 595D 261 B
165 B 188ms
69ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYoIv9xAEwAQ&v=APEucNVPmAFN1keWWX9BUyI3OaxjYdOx7aOwhFew_3jp6jx9rcxg7CcUrl4xP2Be2gdQDRF03gmUweFUN80SrN-f1tCGyBwJtj74WcZzosf9C1321ywBprBC1IKswOK9-g4_a1JK52oJlFlXVRHK8ejmfZQArtJT8wixgwGgiQRxCbJe0wKh1xk

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 05:18:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A631 89 KB
31 KB 201ms
85ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 05:18:32 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A631 42 B
110 B 254ms
139ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ACxW6p82OY6hCpBIQWuZbSBoKbvd_SNKAUv68_T4wkyzxJC77kPJKNCRlJkc-s0U4nug-PtzpL83WrSKCZMNV0RVLqDXEu7GZl78xnAIBiMPSxkLE

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A631 0
121 B 253ms
138ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10176498598416725609&x=8&ct=76

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cac05f13-fcc5-419d-a72e-c9b6205873b1
beacon-ams3.rubiconproject.com/beacon/d/ Frame A631 43 B
227 B 230ms
51ms Image
image/avif 2602:803:c003:200::77
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/cac05f13-fcc5-419d-a72e-c9b6205873b1?oo=0&accountId=10071&siteId=311380&zoneId=1580870&sizeId=15&e=6A1E40E384DA563BCA4A305755498916DAD37493D1358422DA34114BD5F078D8E1B7A1B8BD7F34FE16466D313740BFB7B61CFF852C439E7F8A5D7AB327442DA874A0D4929E3B29B5B5C438599EB8595B3AEE70BF60ED84DD08D70E42D290E8BF86E603BDABABD568C739F71D0AB981F10BE655156C41529F829DE3672408B67C2605645952F60178ECCE7E7E81BD50E3AF61BAC41CC057272235BF0456E47AF2E301EFECB4279D286AB83E4F79FE994232DDAA9C4C56102ACDA10306204D320B

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

POST
H2 200 153 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 183 B
1 KB 330ms
329ms XHR
application/json 18.66.147.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-6.fra60.r.cloudfront.net

Software

- /

Resource Hash

a0d140c2ca33bf8d8056d5f72bb19ec54c32c161401d2716e78b1d5f61527992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 163
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: eZ4SgUp_cV8R2k-9t6TMToE3Bq8U7TjUIMqRtiW6O_5OeIYUf4dIjA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 53ms
53ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.mlive.com%2FIFRAME&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rjlubZVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-axhMBihjElCFgA%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1135&gp=883&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&pl=0&f=0&j=&t=1700284710990&de=969979995092&rx=777807366734&cu=1700284710990&m=1172&ar=51bd715ca6c-clean&iw=d919dfb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=883&lb=13196&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1709%3A1709%3A0%3A1745&as=0&ag=4&an=0&gf=4&gg=0&ix=4&ic=4&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=4&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=8&cd=0&ah=8&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4399703447%3A2915093164%3A5803014380%3A138366002964&bo=343101415&bp=387186655&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387186655&dfp=0%2C1&la=387186655&zMoatAU=%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&zMoatProduct=homepage-beta&zMoatPS=-&zMoatSlot=InFeed_Right&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=2&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=205853&na=2144956387&cs=0
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 18 Nov 2023 05:18:32 GMT

GET
DATA 200
OK truncated
/ Frame A481 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17748f605f725df235fb07a30e6d98edda5ad451d081d4e420516b6673c2c958

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DF81 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 jul5x3nh_main_0_1200x628.jpg
ad.adsrvr.org/5tle5mg/6vqhass/ Frame DF81 306 KB
307 KB 191ms
59ms Image
image/jpg 65.9.65.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.adsrvr.org/5tle5mg/6vqhass/jul5x3nh_main_0_1200x628.jpg
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-65-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d61518fbb1caf9b2df5acdfd9054062887454516813302e1a088c69923d269b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 03:19:24 GMT
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 11:22:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 8102
x-amz-server-side-encryption: AES256
etag: "5865c9728bc069d80a6c6c9c500e3ee1"
x-cache: Hit from cloudfront
content-type: image/jpg
accept-ranges: bytes
content-length: 313780
x-amz-cf-id: SFjoO3HjvLgwVHaVhqIUHJ3RCzZ6ttUmY6G1V06Gr9tIby_p8dF2jw==

POST
H2 200 153 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 11 KB
6 KB 337ms
337ms XHR
application/json 18.66.147.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-6.fra60.r.cloudfront.net

Software

- /

Resource Hash

a44e1907df04f8b426457b5193e7927eab64e1e17d3d7af1854fca80b8fa1bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 4734
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: lgHoBv9BR1BV71Ze_SgXpebyOjDT_KezQqCoBWnaGs2wNtDNjXiwnA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A0DB 261 B
302 B 143ms
68ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYoIv9xAEwAQ&v=APEucNUbi12RIOfp4xuVQ_HfUVzfFMD8yk---4lqD5UPyxQk3SA58ETMGaJOPxS4wbA8rN_yEB7MBNJimdGPg1M9boRadhv0F2ukcFJ0oeu0HWKdutrapvrXt4zDySBbaWOCh14wXkvZKgEYxqhtBQNdv52NWZwF6R5c3SnpfoT3mzQiCimlJvQ

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 05:18:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4324 89 KB
31 KB 213ms
140ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 05:18:32 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4324 42 B
107 B 212ms
140ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DMgQ-TpqWjUe7oDg8EV3qPSe1411MZnVAu2S_ArUuEh4ZM6bSLQKq8FaancyPjI2b1P9eN6olTRgAcnhzZZ2DYAERg96zS-I5kwgsB_j6AYCipfME

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4324 0
56 B 210ms
138ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9583330902660098685&x=8&ct=76

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 18a2c01a-4163-4d0f-8d6d-a308f89639a7
beacon-ams3.rubiconproject.com/beacon/d/ Frame 4324 43 B
98 B 188ms
52ms Image
image/avif 2602:803:c003:200::77
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/18a2c01a-4163-4d0f-8d6d-a308f89639a7?oo=0&accountId=10071&siteId=311380&zoneId=1580874&sizeId=15&e=6A1E40E384DA563B851BB2249A4A6F4947A06FDE4AC2FDDB3E2BD1B62122210F53B3CD0982AF54EA8AFE6B78B30FAB5DB61CFF852C439E7F8A5D7AB327442DA874A0D4929E3B29B5B5C438599EB8595B3AEE70BF60ED84DD08D70E42D290E8BF86E603BDABABD568C739F71D0AB981F10BE655156C41529F829DE3672408B67C2605645952F601788974B69E479D147CA07455447B22489652A2B2EE0922820E3670EB36FBE5B00A7167F08DD37112E643F5011F666824AECDA10306204D320B

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:31 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B3A9 143 B
383 B 126ms
55ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1206
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 04:58:26 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3C81 1 KB
1001 B 120ms
55ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 27699
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Sat, 18 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 v3 Show response
id5-sync.com/gm/ 319 B
597 B 59ms
58ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

d1039618e7cdb24b71e44465b9903533f08985f40b1fad00d72c209fd6a7007e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Sat, 18 Nov 2023 05:18:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame DF81 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb05ab5f6d35bed3717c3fe66361fc9bf450490d4e149a906afec8e7712ac250

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 236ms
55ms Preflight 18.198.226.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.226.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-226-18.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Sat, 18 Nov 2023 05:18:32 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 56ms
55ms XHR
text/plain 18.198.226.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.226.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-226-18.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sat, 18 Nov 2023 05:18:32 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3C81
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESECRNGWGcG9y7WVtoN3OMdT8&google_cver=1&google_push=AXcoOmQUxhbBQ1-6Z8nPl_VZ-H_y-7CEZewpBm4-n7qdamceWCbVOud8CjI9_tD21VLgGkhG3S8ZzrytGkhS9EB-LmU01UFnvUeq
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg5MjQ4Mzc0NzY1Nzg2OTA4MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBBknfojYpKxF03Qq4Z3l8s&google_cver=1

43 B
398 B

83ms
55ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBBknfojYpKxF03Qq4Z3l8s&google_cver=1
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBBknfojYpKxF03Qq4Z3l8s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3C81
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJci1hjLQK9r4wCLKJYP3is&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJci1hjLQK9r4wCLKJYP3is&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bjZYRHVJMlQxUjRkSVk1&google_gid=CAESEJci1hjLQK9r4wCLKJYP3is&google_cver=1&google_push=AXcoOmQ5UCDULX7p2I0M7iUG4aha3mkmjSfeGcUxZaNobSV...

170 B
232 B

63ms
61ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bjZYRHVJMlQxUjRkSVk1&google_gid=CAESEJci1hjLQK9r4wCLKJYP3is&google_cver=1&google_push=AXcoOmQ5UCDULX7p2I0M7iUG4aha3mkmjSfeGcUxZaNobSVFnC88XIpOcp2nBZ4OyIX-iG0ErKF-ThT6Y-5ozegm3Ed2YeXQCT0

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 05:18:32 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bjZYRHVJMlQxUjRkSVk1&google_gid=CAESEJci1hjLQK9r4wCLKJYP3is&google_cver=1&google_push=AXcoOmQ5UCDULX7p2I0M7iUG4aha3mkmjSfeGcUxZaNobSVFnC88XIpOcp2nBZ4OyIX-iG0ErKF-ThT6Y-5ozegm3Ed2YeXQCT0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3C81 70 B
149 B 167ms
52ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDmKCHsyvkObhL321hxEUKU&google_cver=1&google_push=AXcoOmSTT1jdIUdLtPTb50OhHr9a49gbSFmrPQhqGJRUEXxbWvA91Zl-SaWJKTW1pGWDuX9cuuD_EK-uJSL5H5tISptcI0J-ZGtY
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 dds
rtb.openx.net/sync/ Frame 3C81 43 B
236 B 217ms
63ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEOFobZPYq3Ni3dgtzbzvTu8&google_cver=1&google_push=AXcoOmRNKHfjPOyL963g5yqjdcmDqwHzAptHPxJ5TJ3CrQqXsITPAg2LfsDOVR9frb0-pF2y8JiX_mE6uB81B9G6odppHTabbWus
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3C81
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK4zNbxyrq8eCRaqnWJ0V5k&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEK4zNbxyrq8eCRaqnWJ0V5k&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK4zNbxyrq8eCRaqnWJ0V5k&google_hm=ZVhJKFje4TimJRqHhCYZ6AAACJUAAAAB&google_nid=index&google_push=AXcoOmSoNPWeom9EYIRMpYqrMUuveNe5IbplC...

170 B
243 B

61ms
61ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK4zNbxyrq8eCRaqnWJ0V5k&google_hm=ZVhJKFje4TimJRqHhCYZ6AAACJUAAAAB&google_nid=index&google_push=AXcoOmSoNPWeom9EYIRMpYqrMUuveNe5IbplCC8rws1jYW5GBBVeLd_uKAAixvM7-9G0ylf3TMLNHiDz-QF3YQlHrshmV6ixCZUP

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPrIo7XHsZHpnNx7ldLUk2YG23Hi2xsRRy6fahXzTAtxD3m8fwvNPJ5UBTBxRPTzOljkSsCbXk1V0KtXLVu9PLNS309HnCN7TePUwf4SpoP%2FHq8nisuJhNRHv0b5Pqzf6hRGMZaT30X0%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK4zNbxyrq8eCRaqnWJ0V5k&google_hm=ZVhJKFje4TimJRqHhCYZ6AAACJUAAAAB&google_nid=index&google_push=AXcoOmSoNPWeom9EYIRMpYqrMUuveNe5IbplCC8rws1jYW5GBBVeLd_uKAAixvM7-9G0ylf3TMLNHiDz-QF3YQlHrshmV6ixCZUP
cache-control: no-cache
cf-ray: 827dc0de9c586402-LHR
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 3C81 0
239 B 194ms
65ms Image
text/plain 2600:9000:211e:b000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECJaQ7KLQfXiOCBRBmF2ZKM&google_cver=1&google_push=AXcoOmT45UDdm6O3GWfPQ9L4l7KIsSsrvmmIU2sd8nQ02GNuZwByNoZ7uE70rfO-A0PhLn7HOjDTV--o5QGm_oAAOJ6H7UKDDdc
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:b000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
cache-control: no-cache, must-revalidate
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: zpB2FOPMa_ORXgIQYxHRGpDbg8BkKZGmulSYW_nsSqOrZiEv9-ryxw==
x-cache: Miss from cloudfront

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C81
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEN...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmR1lUGezyqDrMhZ7ftEcAWtmwjwBKIe5r1c4ieXlzEg_HouxscfLxu0tBczELs2HOqDxvf3oOWsn0Dl8dfsd8lBeixsfz1x&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-1e0bf489-eb02-478b-9b67-78c3bc676aa3-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmR1lUGezyqDrMhZ7ftEc...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmR1lUGezyqDrMhZ7ftEcAWtmwjwBKIe5r1c4ieXlzEg_HouxscfLxu0tBczELs2HOqDxvf3oOWsn0Dl8dfsd8lBeixsfz1x&google_hm=Ax4L9InrAkeLm2d4w7xnaqM

170 B
188 B

63ms
62ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmR1lUGezyqDrMhZ7ftEcAWtmwjwBKIe5r1c4ieXlzEg_HouxscfLxu0tBczELs2HOqDxvf3oOWsn0Dl8dfsd8lBeixsfz1x&google_hm=Ax4L9InrAkeLm2d4w7xnaqM

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmR1lUGezyqDrMhZ7ftEcAWtmwjwBKIe5r1c4ieXlzEg_HouxscfLxu0tBczELs2HOqDxvf3oOWsn0Dl8dfsd8lBeixsfz1x&google_hm=Ax4L9InrAkeLm2d4w7xnaqM
date: Sat, 18 Nov 2023 05:18:33 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX1e0bf489eb02478b9b6778c3bc676aa3003
content-type: text/html

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3C81 0
130 B 175ms
61ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IwsEZeCm1h6KxT6xVqYqLrs3XKuhNUXKBhyOf89qcH_GA4dL95rpKCh2cXLTecRxEvXdb_

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B3A9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
176 B

71ms
71ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 05:18:32 GMT
expires: Sat, 18 Nov 2023 05:18:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 05:18:32 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DF81 0
0 96ms
94ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CbVv9J0lYZZTmI7yejuwPs5m12AHdleW3XPb-j45XwI23ARABIABglQKCARdjYS1wdWItMjkzNzQ5NDU2Nzk0OTI3OMgBCeACAKgDAcgDAqoEmQJP0F7KO3_Hu0Ht-7SkDSGBzfI2GrNdMQ4q70iH4QvDxNcHGZCCXQUVf5A-JouK6sDpjfAGNdqTCAxuIc5fGzmoRsKx-AeJpCYld1IjQZ5f36ReTgkZgEVTZTb2Ps2EUfelx_gMWcGBtJSPZi-bKqeskn8ikoHqsyJoM_q3g532NrbFtOi6YWt9kfCxQWka1FP_Kf7x5bIn2Ya5L4ug1Ku0KjCHLa8WH7AtUk2XYLzmeuv3vrKoDlcZ9HwkLV4zeKC-dTk6qn12FVJhk3WIgAac2jpGQzfu5WF7d6mLg0PMbTBm2ivmlPZbS-jKK5o5sB9zJlkgjea2CNAr-UdYd33CyBQ44JYGrdefpUxPgRfgVVVCpUAX__1AXOAEAYAGxJTzpeeds4XLAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB4g0TCNbR_5HmzIIDFTyPgwcds0wNG9AVAYAXAbIXHAoaEhRwdWItMjkzNzQ5NDU2Nzk0OTI3OBjfkR8&sigh=WmXBTwONkV0&uach_m=[UACH]&cid=CAQSPADICaaNPx3KtojXjcwB9wAEtqhZUv7zsFxnmU0roYdltitRJL6t7lOiOCUHJEG5lYxJnWSQAZJMlMyhZBgB&cbvp=2&vis=1
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H/1.1 200
OK google
de2-bid.adsrvr.org/bid/feedback/ Frame DF81 807 B
1 KB 192ms
58ms Image
image/gif 15.197.133.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de2-bid.adsrvr.org/bid/feedback/google?t=1&iid=dc786ad4-bcf2-4aab-aca3-e34a6c253e63&crid=jul5x3nh&wp=ZVhJJwAI8xQHg488AA1Ms74Dc3wY5-JjVVbXHA&aid=1&wpc=USD&sfe=178fc927&puid=CAESEDmKCHsyvkObhL321hxEUKU&tdid=&pid=5tle5mg&ag=dklrkw0&adv=6vqhass&sig=1nstJsj6C198VKN5dvrPnHpeh9Jb-9ZvzK5tvpWTqTog.&bp=0.5&cf=5926100&fq=0&td_s=www.mlive.com&rcats=&mste=&mfld=2&mssi=&mfsi=&uhow=150&agsa=&rgz=99986&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=pub-2937494567949278&did=&rcxt=Other&lat=51.170000&lon=10.450000&tmpc=1.3400000000000318&daid=&vp=0&osi=&osv=&bx=70&bffi=41&npt=1&c=CgdHZXJtYW55EglUaHVyaW5naWEaACILTmllZGVyZG9ybGE4AVALeACAAQCIAQOQAQGwAQC6AQQIGRgEwAGQ9gnQAZD2CdgCtBDgAqwC-AIBgAMBiAMCkAMAmAMAuAOLzgQ.&dur=CjsKHWNoYXJnZS1hbGxUVERDdXN0b21Db250ZXh0dWFsIhoI2v__________ARINdHRkY29udGV4dHVhbA..&durs=NojZGa&crrelr=&fpa=601&pcm=3&grdc=CAEYASABKAFAAUgC&said=1NIzGKFLxr9p8%2Fr%2FtrMHgQ%3D%3D&auct=1&im=1&mc=fe3aaff6-bc96-47ff-86ff-665b3a19d4a2&abr=116c7fc0-28c6-4b0d-b2fd-ef0c636e3e3c&tail=1&cbvp=2
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 15.197.133.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a4b61a47cf5978487.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
server: Kestrel
transfer-encoding: chunked
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type: image/gif
cache-control: must-revalidate, no-cache
x-connection: close

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DF81 0
0 91ms
89ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzeXYJ0lYZZTmI7yejuwPs5m12AHdleW3XPb-j45XwI23ARABIABglQKCARdjYS1wdWItMjkzNzQ5NDU2Nzk0OTI3OMgBCeACAKgDAaoEmQJP0F7KO3_Hu0Ht-7SkDSGBzfI2GrNdMQ4q70iH4QvDxNcHGZCCXQUVf5A-JouK6sDpjfAGNdqTCAxuIc5fGzmoRsKx-AeJpCYld1IjQZ5f36ReTgkZgEVTZTb2Ps2EUfelx_gMWcGBtJSPZi-bKqeskn8ikoHqsyJoM_q3g532NrbFtOi6YWt9kfCxQWka1FP_Kf7x5bIn2Ya5L4ug1Ku0KjCHLa8WH7AtUk2XYLzmeuv3vrKoDlcZ9HwkLV4zeKC-dTk6qn12FVJhk3WIgAac2jpGQzfu5WF7d6mLg0PMbTBm2ivmlPZbS-jKK5o5sB9zJlkgjea2CNAr-UdYd33CyBQ44JYGrdefpUxPgRfgVVVCpUAX__1AXOAEAYAGxJTzpeeds4XLAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB4g0TCNbR_5HmzIIDFTyPgwcds0wNG9AVAYAXAbIXHAoaEhRwdWItMjkzNzQ5NDU2Nzk0OTI3OBjfkR8&sigh=jA3qj93NI_s&uach_m=[UACH]&cid=CAQSPADICaaNPx3KtojXjcwB9wAEtqhZUv7zsFxnmU0roYdltitRJL6t7lOiOCUHJEG5lYxJnWSQAZJMlMyhZBgB&vt=10&cbvp=2&vis=1
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame A0DB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEGbeWDi5sx1j_7dUGs7AngY&google_cver=1

0
235 B

198ms
69ms

Image
text/plain

23.32.185.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEGbeWDi5sx1j_7dUGs7AngY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYoIv9xAEwAQ&v=APEucNUbi12RIOfp4xuVQ_HfUVzfFMD8yk---4lqD5UPyxQk3SA58ETMGaJOPxS4wbA8rN_yEB7MBNJimdGPg1M9boRadhv0F2ukcFJ0oeu0HWKdutrapvrXt4zDySBbaWOCh14wXkvZKgEYxqhtBQNdv52NWZwF6R5c3SnpfoT3mzQiCimlJvQ
Protocol: HTTP/1.1
Server: 23.32.185.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-192.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 05:18:32 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Fri, 17 Nov 2023 05:18:32 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEGbeWDi5sx1j_7dUGs7AngY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame A0DB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEPCPgzQt2LsvLGViruWNsTo&google_cver=1&adform_v=1

43 B
163 B

178ms
56ms

Image
image/gif

37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEPCPgzQt2LsvLGViruWNsTo&google_cver=1&adform_v=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYoIv9xAEwAQ&v=APEucNUbi12RIOfp4xuVQ_HfUVzfFMD8yk---4lqD5UPyxQk3SA58ETMGaJOPxS4wbA8rN_yEB7MBNJimdGPg1M9boRadhv0F2ukcFJ0oeu0HWKdutrapvrXt4zDySBbaWOCh14wXkvZKgEYxqhtBQNdv52NWZwF6R5c3SnpfoT3mzQiCimlJvQ
Protocol: H2
Server: 37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
last-modified: Fri, 18 Nov 2022 14:39:11 GMT
server: nginx
accept-ranges: bytes
etag: "6377990f-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEPCPgzQt2LsvLGViruWNsTo&google_cver=1&adform_v=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame 595D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEGbeWDi5sx1j_7dUGs7AngY&google_cver=1

0
235 B

196ms
68ms

Image
text/plain

23.32.185.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEGbeWDi5sx1j_7dUGs7AngY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYoIv9xAEwAQ&v=APEucNVPmAFN1keWWX9BUyI3OaxjYdOx7aOwhFew_3jp6jx9rcxg7CcUrl4xP2Be2gdQDRF03gmUweFUN80SrN-f1tCGyBwJtj74WcZzosf9C1321ywBprBC1IKswOK9-g4_a1JK52oJlFlXVRHK8ejmfZQArtJT8wixgwGgiQRxCbJe0wKh1xk
Protocol: HTTP/1.1
Server: 23.32.185.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-192.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 05:18:32 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Fri, 17 Nov 2023 05:18:32 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEGbeWDi5sx1j_7dUGs7AngY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame 595D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEPCPgzQt2LsvLGViruWNsTo&google_cver=1&adform_v=1

43 B
162 B

179ms
57ms

Image
image/gif

37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEPCPgzQt2LsvLGViruWNsTo&google_cver=1&adform_v=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYoIv9xAEwAQ&v=APEucNVPmAFN1keWWX9BUyI3OaxjYdOx7aOwhFew_3jp6jx9rcxg7CcUrl4xP2Be2gdQDRF03gmUweFUN80SrN-f1tCGyBwJtj74WcZzosf9C1321ywBprBC1IKswOK9-g4_a1JK52oJlFlXVRHK8ejmfZQArtJT8wixgwGgiQRxCbJe0wKh1xk
Protocol: H2
Server: 37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
last-modified: Fri, 18 Nov 2022 14:39:11 GMT
server: nginx
accept-ranges: bytes
etag: "6377990f-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEPCPgzQt2LsvLGViruWNsTo&google_cver=1&adform_v=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A631 0
56 B 89ms
88ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4728129216540&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A631 0
56 B 88ms
88ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4728129216540&version=m202309260101&ct=76&x=8&cor=10176498598416726000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A631 109 KB
42 KB 102ms
100ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BvBNCT_D4ADMpzr3GfGBwYCtP6q18Tlmw8_mqx8Zr5dhX4GrxtEqR0uDDNkD9_l7F1uWpnNQR5WN0iY-1SPXHz7VYzagAHT9kb8iYpdJjFFkB-M9NODppeZZ2ZVze26K6ZRfZqMw4PF_VlXkXuZTB1eHuifOKU-Rf9VFLFsMHqce-jnVPpXTOdb_F94UMMJslZ-Uj3xvA0o91ZonEtfBhU4cx8pQ&dbm_d=AKAmf-Ae-GnGvPMh-OOoVilBKDyX7_SK5bxUJk3SoMijw0z_MwSNUETXvwstTPU38pXOEpDgfNIlXezqu9RvxZIY44jRoeCjwI1vkbi8uJj1gLNz5ZFgwANp6R4aC8rnYbeQKpuyDbLkKo9Bo5Mz62p4ix9Mec0VNsac3uCV8WY27-xlZvl2I3OqOktLXIw9ozOoIScz1tr-irPfKAlkfUCX67YbYKWY9fN0HLF-UaeCRs7V-yM5wGTh5BRzoM9iZR0o6LJxB8XHPobW9db-ktNSv2MK-QS_5JAvHYpUX9jQdD15y85sl6YdggcjfFZmvN9sS1j9FMUbiSgjL6DTClQhdF_JTW0P6ASwySodjTQGHEQUZWeoQD5_cnkm9fOkxvjJ0hsxcuNITpkXSFV7Ygi5E1hcSrHRjLZowBp6XEZR85k6knsqa1_yPwIgoqOQNIGISoBfY7oeBPyA4S8kRpPslFGQQlG6HqNhFimP9Q6RqHVKT7DUUEfo8errSx2YKypUj-NGVi9byMmY_Evsss9ymfCqMgZxUj7Z5Rk975S3IUgx_yl5HEdqevqlkYv83v8FbXIJafY04dlbNBq222N-mAoJG1DI9u5IGnAuU_3t2uYy-0S0yTY4RzqofdMXaBN5G6sT_gBiHBfgMT-3YTEFoj2BjF4rXJ4JWhaPn8BRdeYHKlv2Q62FkotVWV4GY2WxPwowtshc5pamPy6zDrEzgY8OK1MYQKUJhDEFntxYBQghm3FYprksJAEV02rqh0R5QXkQzE633-Axp8E0NAab3phJtH1bvIeuUFzbJqNC8ZSInGc034k4bSF59U2-V4ZHM0EODJktxCz3p28GDNTwoDhjhb1QtmuPWJq-WUcwuhB8Jbab0KNTcS4g_SjfE2p2ry7PVaCKyMqWVSYDigshXquSR5KGu93C-kpOMqwQaqr9OjgcASW4mnKIHbSN1KST-Qu72VNSJ2EcD1cq49SA9p2q4kvIqBN62GUWpExSavHxhGWLxVlo3bAXlc9o6ajI8K_dbljWSrSv2Z7ZaRe60YwDWgOu2nS_nDtA1IGjIoPaDjI3FgBSNyES215Eax-XkzboSeufyD2KAHVadCW824lz-FnFuRPbu5MmV3RYaOi6rB2sRVSW6bdur3lMSMKspzua8ooiJ3d9iIrKoqsDJXE2_YbU_NYQ1uaS_oubY8EbCPx3LcOiZvNc0G2K8TO4In4P-WJ-rIJYWuKMwgJgo2732uRrl1CFjKn1NjpnFhnZtAIEihyG7lMS2mZOQ_GN4IobqK4NzrZpyatvmwySZmVC_cu7fT-RvJ7eYErvwBNR_G91rUQbDWYaT-kUrE_YWt5-7EsjPOaVIxIM9h2UbBopUIu8K7hhZ_1K1qfgvqceVHWapG-ZBKAiPNsx0Tv62rXpbuRtDHJvc3NhCTP2K3GdAzi-w1q6_-lVVvBgHT8th7lppJgVd7eMRNnL4lZ923bZCyf8hEByASrG1SQ6WRGyBPCVbpdYikNsOiQvk8x9hfMwbrgTkRraHr3XKDOE4peHAFBiBXWkWQiBBmf-cbXEwGJoiuajBvEuHX3H4fgb0aZjpjnc2FN9xc92AodEleHq4y3a4tDkt5wVoiQC8M43w-4Y4iVFAzli31CUIRCNTt9djrC0l2WuJPGZVvV-isTCGYKNVTNZRFSqhpMx3VTtDDbWPvVXB-UzHLxtW9yyfQNPZMb0txGzZXql2hl-x7OL4UHU7prk5W2MpuRtbOOKf3qgxrfo9Ut8XtTgm7nJSQgRLUKm0A-bbcebDZTqTpm0Ek_fEXPS6cpftdllRyKyNYUun40ozTesAJWgvbDoaMWkfYP5GpVmlG7Y9wpi8tRkkCU5RpP-aq67senG6_0cdC1tl-OUWbp-lBTdoqBenbPVxxMJ5LxYWcomyIdULsuH_pL0e8B1XVl1LY7dVm28xK6wlB_DzOwtGcXyVvEjE8DK9RZ5EkC6L7bTCEHXdRqXzAZRYcOtw-JHrN3ISiaYP9HPl3Rh-QG0pzsnQ_GSth6b_Cq0o8KYd2thYO1GNeiWGmpYfh_VFqrhqWlf-dqT6G5TYmfkqe6MSUatKQ3Lcv_X-HwtoDGBZMFVZShpzFQxHxYw_Qm4OlUr7U2TCnWVKmknj6I6imE1Y4nh0Irij0u56UXg1pgwxgh_Nx3eKT4mPuH-eJ72nPwuWyUoN9Jy8HglMRpandxw3LfqRk2GNEJ2fy9MX-2ypCLq8ZtCreU6nMzVBjR1x_u-Hy_ejxIBS3IkdRoY3oLtQBOC6LvEWQ-R8iEF8nfsz_FeJt2ivFdC7n00tbi16Lme3-KRvVX1Bo3Kndeq40LG74bHvLlgHhbwW9Up_6Eu9IrtGnLUxvgzyYW_TiqRRCK2HyzsUAgspn3gvTsCSAm_5yfPmFI0eoN6UJw2jz9OyApsexp7exGSJWS6kViFTLk1N_odJRWANcaBipq_qKe9dLFTcdK1eSsduOFx8LZHISwnLz-spKpf4rxcTsqDqU60Quwu0esWR244LOpBzNBPDbcpnlXJbP0DNXHW9HA1Fb7nk0WLsBTcdivDe6uAdq4_FQMmJdXW66ikFIb3JFiUdoBdj0wN3wdDm2S1jaCG9pLGNtraTAhO83EKTytwnCFpkYudcXRYGVXtph81h4ZpiiYRLf5sKfTB2hsyxuyh3TYjrTIt7ACjzjCbXsYfCx1ycVjwNRYzWoULuqTA3g3k8r1lNPSiFBIb5ieRvttAhDvhgaTUcQd6sNSfuxL-7cNY8A0tsvGvX75eiuSRzNZ8SiadwyzXOJvzUBh3aoWjqbd98ETc_aVDnE1S901WTRkp5zVZXh0JhFuELNWzesOCIi-PfnPyJVLXjUvr9YOVaKxU86lOm-ZbEJttEkzj_fssywOar9w5BC8DbtjnD4awdBegfPGKBrrNfMbxcD8p5LwRzUakLthyZYIthEFpUjQLb0hS_nA_V-9Gk0_S8RvsZsqDk-Ru2jrL6_xKNC7rABM0fI5Az7JZ6NaTK_idMDxCO6kkzE2IIkdsLjHh4lW9X7YVXe57WOc_OGTPzOPKhxHXocqbB0TGodUphjy6UP0PiMbHwBwMqQRaC5ojXMx-wmAwDnUgAxVsBa0nN6gVBwzauJZgNnjIS883lF5PvGlygAfuQmwdlAqGeJvWC8IJZZLJRzBMaKcH7CMgScbMdfmP4I8PMtVijeuLCEQpfEbiCGycKfSWK8u-mi6WTyLtG55p4vbIq_WVYg0LYBA_B6LSXrrWpJPaoGmOtWArRSNkb0H0Pt67koBpvyD28fhLb9lBk3Vsf69xvM_43mBjgFbBz4TBvN6Xcl7WBM8BX5wwg7R-vxdX_WRMKIGNBgTUJtJ1e1DStLNH61yLlQ6vzYsX7nGXFFx3d9VDbn8rv0PL09JACf-pubdmN6o4Z4GpFYa_Uelgy5yecj9wzmELl5IXkC1zxs0T89NlG6Zkc1k-mvYkD-6xMpv0nxZKchvQCaCY3bH88ePVcxziRuXr6D1gyPjbP2sw7BNmcBURptsLaTJI_Fu5W0R9JhmAie479C9BF92cfoFxz5jlEJYORWqnlwEkzZdTCPNscXxYLj0UtRCHn_R0TEzvhbd6TDUwAw-ZUklrIktrYvm162fqhQhvEAODKiSzB-wRKnhe3qsrtaxqsIQvICAza6JyIDwIDLIMXcox875dQwdQrM5ydOTmCCU1rqHQFGUK2-0NIwOiRAh95kR5DRckU5wbkm7EbGiHYCZZvGDj008G2gpGSim5z6Gv0P-aMqBFvwWBBLzjTKq-ZQ8lLFY28PzURwe33CpO3r786IkDTcfKjFfZ-MS37B4asMGeco9NrxMreiw01YOxyTdoH2MBeA&pr=8%3A95AA9401E277F4C4&cid=CAQSMgDICaaNZ1VTiV2sPG4TttpWeEeYl-G_MwScQB9XC5zhtSladCMWgMSP-_a2_oKs_nE5GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=10176498598416726000&adk=3030632&idt=254&cac=0&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fb148dc4dca57a0e3799bf263ff4051e295031e7d876fe85d82e4b71aa3067d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42853
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 153 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 11 KB
6 KB 335ms
334ms XHR
application/json 18.66.147.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-6.fra60.r.cloudfront.net

Software

- /

Resource Hash

cd9e326c69aa7d76bacc2f07c4dfcb105c8adeb85619076ae3aa5b6a0e498d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 4736
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: XihS4fGsoKROC_KfLExrJ5qdBH5CipMYuYy_2dLhrCkM64FtRCDL-Q==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4324 0
47 B 89ms
89ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9206132584203&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4324 0
47 B 88ms
88ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9206132584203&version=m202309260101&ct=76&x=8&cor=9583330902660098000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4324 109 KB
42 KB 124ms
123ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8cQPXWLwf6LZjy4yXMccOTG7mXjeiKPdnJ41s-Ieq3TEFr6CKtsHlW6joixF0u3XsQaEdhfXxHA3VhT_vrdEsUKe6EqHwFwstTj8TRqwpkT_C8H5I0-p0PMiIPNpGwygSNhOvydqzA3UVWe_SAH6xLeTq_fEKN1_I3BJHte1cqXcszeg&dbm_d=AKAmf-BSxQd8Ht7qx4xwVRtNbtlrH37uj7Prb9KO75h645ilRIcH7kGUCW4Rsn3EkanOaKQdH29ermSEhuRE__7uuwuW4wMHceHm1Ohx_lG10MGJdVIV5ZxGWqtlE1oWxBtiYNa3wb9cQyIpctjeuyDq3kTjf1UN_AxpNntbNLpEweKPaYD3GK5KiZ5srK3JMx0bNcy_eo3p6QLz_GG3DtLBeVX7JgLrPzrvmSlE1j3LxOh44IrAfyVRXJHYv2sLP-8ws87h4swgUlBgdApPXO2jjksFVV0lpPq62tcTygee6NaI_JKwSK47in2kerxjjGx_vIgy-RGZWNdSIhB1jlnBD8SzrHH7a-jY6tzpAZtMsVRiky1jVsGvbEXM3OGylZxtgDi9GcedFIp_LmoKs_Kp9kv0PZhoC9UmEjTG_36UwW4vobw3y9_xV3F9Ix5F0PzgrKIxOM77ank20GDiHTsFDkAfVH8aemhtD6ejCAaD1t6Z9SYHRrnIVl09CJbW_BdApgZ3kTEs4Q4cun7NUCRXZOi3oEe6WkdlDNCvRJoqIKI_Yp2Ou9eyX5DAdKJhNx5KplMned62YB0orwm7oJiOhNWtAkSVDw__9f7MMouc-_DnK-VQKIV6eRhTJB3awO9xCIgcXDFmV6CiZV_J9YFG3dV-qk7hZGu3DtaH07KJK865zAkXl4Ak8vGNySiTDe004WeU4-0c7dGGdC4EXbXaaARukCtDYDyebSHUdFCfNHKPX2Ic1TuZLnhBi8p-kqMvmvphjCTvoP5oHZs1gK_9PZwNzLquFTVRAzPOGk4lnSgISiB2PhzNXJp_8hdsYLuS4X0dM8a6Dh_WYxP5u21xqo6Zc3PWyDz2QqmBMQxh_DJ_QW1e6lxpCLZsr9BF-cdT78aj7kejIxTrgIcXaZYMWdgU_wYtSEAykcWFrkL0USthLOmbGSCI852wq9NNxk-Vlhffz1xzLzjfWczDewteOkkYCZxtuObFK71-FmXgjlfUuwidKHEyj8T6NfujNbR-GjkuOgW7Bq3V0pPbIRJmb1DHcAFxgVkv62MYoafIsOfKhH44MxS1IObNKpfE3ze5aYSlyiTHSX7WZv7eYS7UR5FD8cpVv5ctGsx9HyKuWU12Z8TcE7Qq3E3rGU6BR2Za0iEQ4WjiYHKVIzhfo4uwJcYn4ilDO_-zIts17uEHVDazPlCahDwdzCp2miJVB1PL14kBIEYqt-P-xNJ0eoU47remS-xQyURGEhmqf7DufVxmt31V5IEpy-BPsxeRr99rL7s7CkKTkrxDBbAo0btZV0ZYNev_kNpLHb-IopyDbhX7jKtyQpPVGX9H35jvX8D31ElGEFtL3JK18N_oRWZw3jxzqxDF2NjWrfVwGEMzg-Jup2OMsCD6WBCbXRtH168DIfWduZ52gkH_tQFlv1jqGRa28l49UNoWdLpaBfde4v3oRxsm_u0J_0ctSlMocIsyIbVFpNM4cA6tXCG0DZvTRysjL0qkKNtMKFxS2dtb5jX6hOHzjEG9hIbMny0y2TIk8w595rbrMiKKapIPbQbheaDeHatQgEzv3QII8ITTll9AuC-fkJ6xMINUwPNm_SpWmH3D3tSdgYdy94HUZWlKwPxjS49kjaUMe1k08AAQ3rpv92sJsRKgHbcj9whnVc_cWrq_IgMScg6FPIZH7LqpKMAUILYeuXZInNgHxV0_LAsUZEkMiAc67EXrL0-i2C2RuCiqt1hXmbUGVBdK0cqVWTrLfNWxcu8pjtAxzSXtYjtpEVoHY0wSbYjyMzQ-bntf6Odz4Zm8n1bBnjsbza7al7Ce7R4rsPanO3aPf7reqeaeh8msQ6OOSKjU_yLlxuTSJ38UQSdwP9DwMMdXq9L6j524TlTlwyY-yENumcLgaLHigzYMs86vlGF0TX8HkbRaOiKcvtW4cjpVgUwjE19KQp7LnIjQfCfB6RAfXqWWA61AYKNbucyQFxXD6_hVVQ5mU35KjKfDO06PJdHKcpq7M6LHnB9dBbJAyrJwOhLND4nujwcvY35WR83nr0g8bgkZvypREwb4XoTSoqhGAyFFsCrw06khP9aqo3gDiQRgq7Wy8A9UglaYYgpTFtTI23eW-rd3Oc-GZK8_9VcARccIlgaEZnKzGY8Kag_LYMo9oOSJzM82mLFSQrHToMep-HtZkYdNAqDwnKH6uEeIytxL7kJiYZQfKqi63qb4D5MHLza8Z90tYXSCtjL6iAMMnL7kuo-_3yIb0CBW3rlgLuU5sBAPwPr3Ai50AJoEZ7gxLeBsmEY6txYhb6n0SEGnNRxfqojn0FWXvpK-ghu_FC0pVdsICHTxAc-HOxVJZ-S6RPVrvcWtmeb_LGbC3gHa3vkz-fCZ2c3xvUbRNp5-OYqp25Cd-iOycNdfbgspKtZy2xfMJgFpqU_4-NFDOJnDur_vqJtYLofV8WfgqW2ReS4QUIPLsyzCNLU6Ces-bBvxAyod4dmSYmZ1Ne3A6bW4L01FZ7OGUDA6gGDT8Or2QuFS0uZjTkgjDTiiCOesquT1gYubAgyXuDzMjT48BAmtJNtu5CiAdGlUagx4NLEbJIz6dYqd49Knieep715qN0rNKMg5U728OVkDEDDT8vqWWD7wy3R0M-JUyLriwkjjpDXqObZa-LMYodfxx_2fHDw6Fde8XlsFausUQLY0V_YZBx5iJVycfYLRJmP2UqPGMRCsJqzgKAWtfc5HNelKktp3n12u7JYdaYqmWKpDwwU5Pi2_tdup-6JuUoMxSMc3bmyFdiDgfyvlbqxnQoXpwAJ8CJaQl7Nf3_pbd7V7u6MvbTOVBGMtuWjc_Fiyr2j3J_fm6LBie3Vjcwq1EXxb4CDB9PrxE7yUa_QIFRGRAkAc6gEYj6Xjw_CXN38_tN5iRgwR9cxjKaxtOuh1asXdBXuvcmWWhhDsyPSVRKnuDZqP9Blq1_mV02wwiQQzpIsY-fBPYsmPX1-eBxxzOgLcDlbYW1CDXwiECBuIHtNL4SQF8K5njURdtKI_VP3mlF5IjeoVtEsi-pioOus4MHGAJk6bAR95spsQYOL9NVUU2ve8zzg4HXjZUJuDnucSZ-RatKDaMHQZg0gEE2vlrHTw5ONlbottc_lUC7OLm4Vb_VRdA8szyCnSNv7eOUz5FDi2V4UOf7ce6hdijdnVOsV2_M3iMgBkYfM0HS7IiUM-6U49ZFAWN0SMBU7dFaDwiQV4AwU1-ptQ98IEJ4XgVVMK8_KJIP4era1G0SOeBCOOCOKBwMXte-KAmjnJ5_tB9IZCy_E-YSLUgFYfZm8gtAOpPHHta-hYcPoYPW2lLTrAOg0U5G62wQ5UM2l5BJ29IVHo7mORuqRArzo_Q_NPxKwGVqk2Hsb129HdkyWicFnbMAal9-MbuD3Z7p767dLmDJeP2mxrdhJ2VtbjnZZbJg6TOA45zERVyWW5c4CMSYRtIZ7UvOwF9Yb8p_2_X-APyNv8lfs5WUzOB-Rdj2Nc7VjFWj28vOv28JRSrStrMHyMXx2EodObzrwCbPudB45zZNBOaL2PMtMq3qd-ONcEax63vPJxqnd3plEuMPsGtYo9bN0X3WrxH8mSFpfTM3jjd9GuaTsI20EGiqZ1qnSP30KH7huLfdO6h5REEevHAUTtGkfxsliQ6BL7PLkWi9jKvIDtc4uzsPT7gmI0ofvVkDQSCgJevS84FI9bq4o2vi_FS2LsylkGQUKC08fst_LZsh1gbopDO-Iv3Jogv_oa66rGqMssg7TC8TIu9MTLZtl-XKatXFTJ0Rgu_xOU70E5vH-7u1P2yzWMkH-XUibdsgr1v3h_DmR8mq-zh70&pr=8%3A95AA9401E277F4C4&cid=CAQSMgDICaaNDJXdM4G2sqSNsceNaZGshvjB-J7e_gv-iuvmxju-BE5YL8VIdBX49_iKssI6GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=9583330902660098000&adk=250276038&idt=240&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5038389366c7814f9211d9e75c99bb7a5d4c002a81e13b2637cab1b3c501719d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42815
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 getuserdbdata Show response
app.matheranalytics.com/u/ 54 B
206 B 360ms
217ms XHR
text/plain 35.186.255.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://app.matheranalytics.com/u/getuserdbdata
Requested by: Host: js.matheranalytics.com
URL: https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1640
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.255.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.255.186.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 18 Nov 2023 05:18:33 GMT
via: 1.1 google
content-type: text/plain
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by: 5-gc-use1-3xwh0114

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 5 KB
3 KB 248ms
148ms XHR
application/json 2606:4700::6811:c376
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=8Gu2Z8RCvZ

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a690df8b229d3f5e8471dff581b7fb80a9117e0603d67a22422292448d3ffd46

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 18 Nov 2023 05:18:33 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-request-id: ls9t72xlk0
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.mlive.com
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 827dc0dfea3a4177-LHR

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/987057/61527013/ Frame A631 255 KB
77 KB 224ms
56ms Script
application/javascript 52.214.69.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/987057/61527013/skeleton.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=10071&ias_chanId=8&ias_placementId=20343401411&bidurl=https://www.mlive.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0glgzR6HpDVgVCUsMPfZFxC
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.69.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-69-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 44f22e506d2df5dcf79a87bf1063e74a89b0fe2262ce9adcf6ed27385a4a0951

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame A631 111 KB
39 KB 266ms
121ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
Origin: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 06:30:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame A631 11 KB
4 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BvBNCT_D4ADMpzr3GfGBwYCtP6q18Tlmw8_mqx8Zr5dhX4GrxtEqR0uDDNkD9_l7F1uWpnNQR5WN0iY-1SPXHz7VYzagAHT9kb8iYpdJjFFkB-M9NODppeZZ2ZVze26K6ZRfZqMw4PF_VlXkXuZTB1eHuifOKU-Rf9VFLFsMHqce-jnVPpXTOdb_F94UMMJslZ-Uj3xvA0o91ZonEtfBhU4cx8pQ&dbm_d=AKAmf-Ae-GnGvPMh-OOoVilBKDyX7_SK5bxUJk3SoMijw0z_MwSNUETXvwstTPU38pXOEpDgfNIlXezqu9RvxZIY44jRoeCjwI1vkbi8uJj1gLNz5ZFgwANp6R4aC8rnYbeQKpuyDbLkKo9Bo5Mz62p4ix9Mec0VNsac3uCV8WY27-xlZvl2I3OqOktLXIw9ozOoIScz1tr-irPfKAlkfUCX67YbYKWY9fN0HLF-UaeCRs7V-yM5wGTh5BRzoM9iZR0o6LJxB8XHPobW9db-ktNSv2MK-QS_5JAvHYpUX9jQdD15y85sl6YdggcjfFZmvN9sS1j9FMUbiSgjL6DTClQhdF_JTW0P6ASwySodjTQGHEQUZWeoQD5_cnkm9fOkxvjJ0hsxcuNITpkXSFV7Ygi5E1hcSrHRjLZowBp6XEZR85k6knsqa1_yPwIgoqOQNIGISoBfY7oeBPyA4S8kRpPslFGQQlG6HqNhFimP9Q6RqHVKT7DUUEfo8errSx2YKypUj-NGVi9byMmY_Evsss9ymfCqMgZxUj7Z5Rk975S3IUgx_yl5HEdqevqlkYv83v8FbXIJafY04dlbNBq222N-mAoJG1DI9u5IGnAuU_3t2uYy-0S0yTY4RzqofdMXaBN5G6sT_gBiHBfgMT-3YTEFoj2BjF4rXJ4JWhaPn8BRdeYHKlv2Q62FkotVWV4GY2WxPwowtshc5pamPy6zDrEzgY8OK1MYQKUJhDEFntxYBQghm3FYprksJAEV02rqh0R5QXkQzE633-Axp8E0NAab3phJtH1bvIeuUFzbJqNC8ZSInGc034k4bSF59U2-V4ZHM0EODJktxCz3p28GDNTwoDhjhb1QtmuPWJq-WUcwuhB8Jbab0KNTcS4g_SjfE2p2ry7PVaCKyMqWVSYDigshXquSR5KGu93C-kpOMqwQaqr9OjgcASW4mnKIHbSN1KST-Qu72VNSJ2EcD1cq49SA9p2q4kvIqBN62GUWpExSavHxhGWLxVlo3bAXlc9o6ajI8K_dbljWSrSv2Z7ZaRe60YwDWgOu2nS_nDtA1IGjIoPaDjI3FgBSNyES215Eax-XkzboSeufyD2KAHVadCW824lz-FnFuRPbu5MmV3RYaOi6rB2sRVSW6bdur3lMSMKspzua8ooiJ3d9iIrKoqsDJXE2_YbU_NYQ1uaS_oubY8EbCPx3LcOiZvNc0G2K8TO4In4P-WJ-rIJYWuKMwgJgo2732uRrl1CFjKn1NjpnFhnZtAIEihyG7lMS2mZOQ_GN4IobqK4NzrZpyatvmwySZmVC_cu7fT-RvJ7eYErvwBNR_G91rUQbDWYaT-kUrE_YWt5-7EsjPOaVIxIM9h2UbBopUIu8K7hhZ_1K1qfgvqceVHWapG-ZBKAiPNsx0Tv62rXpbuRtDHJvc3NhCTP2K3GdAzi-w1q6_-lVVvBgHT8th7lppJgVd7eMRNnL4lZ923bZCyf8hEByASrG1SQ6WRGyBPCVbpdYikNsOiQvk8x9hfMwbrgTkRraHr3XKDOE4peHAFBiBXWkWQiBBmf-cbXEwGJoiuajBvEuHX3H4fgb0aZjpjnc2FN9xc92AodEleHq4y3a4tDkt5wVoiQC8M43w-4Y4iVFAzli31CUIRCNTt9djrC0l2WuJPGZVvV-isTCGYKNVTNZRFSqhpMx3VTtDDbWPvVXB-UzHLxtW9yyfQNPZMb0txGzZXql2hl-x7OL4UHU7prk5W2MpuRtbOOKf3qgxrfo9Ut8XtTgm7nJSQgRLUKm0A-bbcebDZTqTpm0Ek_fEXPS6cpftdllRyKyNYUun40ozTesAJWgvbDoaMWkfYP5GpVmlG7Y9wpi8tRkkCU5RpP-aq67senG6_0cdC1tl-OUWbp-lBTdoqBenbPVxxMJ5LxYWcomyIdULsuH_pL0e8B1XVl1LY7dVm28xK6wlB_DzOwtGcXyVvEjE8DK9RZ5EkC6L7bTCEHXdRqXzAZRYcOtw-JHrN3ISiaYP9HPl3Rh-QG0pzsnQ_GSth6b_Cq0o8KYd2thYO1GNeiWGmpYfh_VFqrhqWlf-dqT6G5TYmfkqe6MSUatKQ3Lcv_X-HwtoDGBZMFVZShpzFQxHxYw_Qm4OlUr7U2TCnWVKmknj6I6imE1Y4nh0Irij0u56UXg1pgwxgh_Nx3eKT4mPuH-eJ72nPwuWyUoN9Jy8HglMRpandxw3LfqRk2GNEJ2fy9MX-2ypCLq8ZtCreU6nMzVBjR1x_u-Hy_ejxIBS3IkdRoY3oLtQBOC6LvEWQ-R8iEF8nfsz_FeJt2ivFdC7n00tbi16Lme3-KRvVX1Bo3Kndeq40LG74bHvLlgHhbwW9Up_6Eu9IrtGnLUxvgzyYW_TiqRRCK2HyzsUAgspn3gvTsCSAm_5yfPmFI0eoN6UJw2jz9OyApsexp7exGSJWS6kViFTLk1N_odJRWANcaBipq_qKe9dLFTcdK1eSsduOFx8LZHISwnLz-spKpf4rxcTsqDqU60Quwu0esWR244LOpBzNBPDbcpnlXJbP0DNXHW9HA1Fb7nk0WLsBTcdivDe6uAdq4_FQMmJdXW66ikFIb3JFiUdoBdj0wN3wdDm2S1jaCG9pLGNtraTAhO83EKTytwnCFpkYudcXRYGVXtph81h4ZpiiYRLf5sKfTB2hsyxuyh3TYjrTIt7ACjzjCbXsYfCx1ycVjwNRYzWoULuqTA3g3k8r1lNPSiFBIb5ieRvttAhDvhgaTUcQd6sNSfuxL-7cNY8A0tsvGvX75eiuSRzNZ8SiadwyzXOJvzUBh3aoWjqbd98ETc_aVDnE1S901WTRkp5zVZXh0JhFuELNWzesOCIi-PfnPyJVLXjUvr9YOVaKxU86lOm-ZbEJttEkzj_fssywOar9w5BC8DbtjnD4awdBegfPGKBrrNfMbxcD8p5LwRzUakLthyZYIthEFpUjQLb0hS_nA_V-9Gk0_S8RvsZsqDk-Ru2jrL6_xKNC7rABM0fI5Az7JZ6NaTK_idMDxCO6kkzE2IIkdsLjHh4lW9X7YVXe57WOc_OGTPzOPKhxHXocqbB0TGodUphjy6UP0PiMbHwBwMqQRaC5ojXMx-wmAwDnUgAxVsBa0nN6gVBwzauJZgNnjIS883lF5PvGlygAfuQmwdlAqGeJvWC8IJZZLJRzBMaKcH7CMgScbMdfmP4I8PMtVijeuLCEQpfEbiCGycKfSWK8u-mi6WTyLtG55p4vbIq_WVYg0LYBA_B6LSXrrWpJPaoGmOtWArRSNkb0H0Pt67koBpvyD28fhLb9lBk3Vsf69xvM_43mBjgFbBz4TBvN6Xcl7WBM8BX5wwg7R-vxdX_WRMKIGNBgTUJtJ1e1DStLNH61yLlQ6vzYsX7nGXFFx3d9VDbn8rv0PL09JACf-pubdmN6o4Z4GpFYa_Uelgy5yecj9wzmELl5IXkC1zxs0T89NlG6Zkc1k-mvYkD-6xMpv0nxZKchvQCaCY3bH88ePVcxziRuXr6D1gyPjbP2sw7BNmcBURptsLaTJI_Fu5W0R9JhmAie479C9BF92cfoFxz5jlEJYORWqnlwEkzZdTCPNscXxYLj0UtRCHn_R0TEzvhbd6TDUwAw-ZUklrIktrYvm162fqhQhvEAODKiSzB-wRKnhe3qsrtaxqsIQvICAza6JyIDwIDLIMXcox875dQwdQrM5ydOTmCCU1rqHQFGUK2-0NIwOiRAh95kR5DRckU5wbkm7EbGiHYCZZvGDj008G2gpGSim5z6Gv0P-aMqBFvwWBBLzjTKq-ZQ8lLFY28PzURwe33CpO3r786IkDTcfKjFfZ-MS37B4asMGeco9NrxMreiw01YOxyTdoH2MBeA&pr=8%3A95AA9401E277F4C4&cid=CAQSMgDICaaNZ1VTiV2sPG4TttpWeEeYl-G_MwScQB9XC5zhtSladCMWgMSP-_a2_oKs_nE5GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=10176498598416726000&adk=3030632&idt=254&cac=0&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 16:12:43 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame A631 31 KB
12 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:03:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47686
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 16:03:46 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A631 41 KB
14 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 22:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23062
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 22:54:10 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame BA96 281 B
555 B 214ms
53ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 18 Nov 2023 05:18:33 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/987057/61527013/ Frame 4324 255 KB
77 KB 299ms
156ms Script
application/javascript 52.214.69.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/987057/61527013/skeleton.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=10071&ias_chanId=8&ias_placementId=20343401411&bidurl=https://www.mlive.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g-ceEX1XhNxNm6Bx1pHWO5
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.69.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-69-158.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ee5129a78987fab7fb6e8f86fcf9bb17bebba663e5e4d76e42d20e51f0e7202f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4324 111 KB
39 KB 174ms
52ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
Origin: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 06:30:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 4324 11 KB
4 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8cQPXWLwf6LZjy4yXMccOTG7mXjeiKPdnJ41s-Ieq3TEFr6CKtsHlW6joixF0u3XsQaEdhfXxHA3VhT_vrdEsUKe6EqHwFwstTj8TRqwpkT_C8H5I0-p0PMiIPNpGwygSNhOvydqzA3UVWe_SAH6xLeTq_fEKN1_I3BJHte1cqXcszeg&dbm_d=AKAmf-BSxQd8Ht7qx4xwVRtNbtlrH37uj7Prb9KO75h645ilRIcH7kGUCW4Rsn3EkanOaKQdH29ermSEhuRE__7uuwuW4wMHceHm1Ohx_lG10MGJdVIV5ZxGWqtlE1oWxBtiYNa3wb9cQyIpctjeuyDq3kTjf1UN_AxpNntbNLpEweKPaYD3GK5KiZ5srK3JMx0bNcy_eo3p6QLz_GG3DtLBeVX7JgLrPzrvmSlE1j3LxOh44IrAfyVRXJHYv2sLP-8ws87h4swgUlBgdApPXO2jjksFVV0lpPq62tcTygee6NaI_JKwSK47in2kerxjjGx_vIgy-RGZWNdSIhB1jlnBD8SzrHH7a-jY6tzpAZtMsVRiky1jVsGvbEXM3OGylZxtgDi9GcedFIp_LmoKs_Kp9kv0PZhoC9UmEjTG_36UwW4vobw3y9_xV3F9Ix5F0PzgrKIxOM77ank20GDiHTsFDkAfVH8aemhtD6ejCAaD1t6Z9SYHRrnIVl09CJbW_BdApgZ3kTEs4Q4cun7NUCRXZOi3oEe6WkdlDNCvRJoqIKI_Yp2Ou9eyX5DAdKJhNx5KplMned62YB0orwm7oJiOhNWtAkSVDw__9f7MMouc-_DnK-VQKIV6eRhTJB3awO9xCIgcXDFmV6CiZV_J9YFG3dV-qk7hZGu3DtaH07KJK865zAkXl4Ak8vGNySiTDe004WeU4-0c7dGGdC4EXbXaaARukCtDYDyebSHUdFCfNHKPX2Ic1TuZLnhBi8p-kqMvmvphjCTvoP5oHZs1gK_9PZwNzLquFTVRAzPOGk4lnSgISiB2PhzNXJp_8hdsYLuS4X0dM8a6Dh_WYxP5u21xqo6Zc3PWyDz2QqmBMQxh_DJ_QW1e6lxpCLZsr9BF-cdT78aj7kejIxTrgIcXaZYMWdgU_wYtSEAykcWFrkL0USthLOmbGSCI852wq9NNxk-Vlhffz1xzLzjfWczDewteOkkYCZxtuObFK71-FmXgjlfUuwidKHEyj8T6NfujNbR-GjkuOgW7Bq3V0pPbIRJmb1DHcAFxgVkv62MYoafIsOfKhH44MxS1IObNKpfE3ze5aYSlyiTHSX7WZv7eYS7UR5FD8cpVv5ctGsx9HyKuWU12Z8TcE7Qq3E3rGU6BR2Za0iEQ4WjiYHKVIzhfo4uwJcYn4ilDO_-zIts17uEHVDazPlCahDwdzCp2miJVB1PL14kBIEYqt-P-xNJ0eoU47remS-xQyURGEhmqf7DufVxmt31V5IEpy-BPsxeRr99rL7s7CkKTkrxDBbAo0btZV0ZYNev_kNpLHb-IopyDbhX7jKtyQpPVGX9H35jvX8D31ElGEFtL3JK18N_oRWZw3jxzqxDF2NjWrfVwGEMzg-Jup2OMsCD6WBCbXRtH168DIfWduZ52gkH_tQFlv1jqGRa28l49UNoWdLpaBfde4v3oRxsm_u0J_0ctSlMocIsyIbVFpNM4cA6tXCG0DZvTRysjL0qkKNtMKFxS2dtb5jX6hOHzjEG9hIbMny0y2TIk8w595rbrMiKKapIPbQbheaDeHatQgEzv3QII8ITTll9AuC-fkJ6xMINUwPNm_SpWmH3D3tSdgYdy94HUZWlKwPxjS49kjaUMe1k08AAQ3rpv92sJsRKgHbcj9whnVc_cWrq_IgMScg6FPIZH7LqpKMAUILYeuXZInNgHxV0_LAsUZEkMiAc67EXrL0-i2C2RuCiqt1hXmbUGVBdK0cqVWTrLfNWxcu8pjtAxzSXtYjtpEVoHY0wSbYjyMzQ-bntf6Odz4Zm8n1bBnjsbza7al7Ce7R4rsPanO3aPf7reqeaeh8msQ6OOSKjU_yLlxuTSJ38UQSdwP9DwMMdXq9L6j524TlTlwyY-yENumcLgaLHigzYMs86vlGF0TX8HkbRaOiKcvtW4cjpVgUwjE19KQp7LnIjQfCfB6RAfXqWWA61AYKNbucyQFxXD6_hVVQ5mU35KjKfDO06PJdHKcpq7M6LHnB9dBbJAyrJwOhLND4nujwcvY35WR83nr0g8bgkZvypREwb4XoTSoqhGAyFFsCrw06khP9aqo3gDiQRgq7Wy8A9UglaYYgpTFtTI23eW-rd3Oc-GZK8_9VcARccIlgaEZnKzGY8Kag_LYMo9oOSJzM82mLFSQrHToMep-HtZkYdNAqDwnKH6uEeIytxL7kJiYZQfKqi63qb4D5MHLza8Z90tYXSCtjL6iAMMnL7kuo-_3yIb0CBW3rlgLuU5sBAPwPr3Ai50AJoEZ7gxLeBsmEY6txYhb6n0SEGnNRxfqojn0FWXvpK-ghu_FC0pVdsICHTxAc-HOxVJZ-S6RPVrvcWtmeb_LGbC3gHa3vkz-fCZ2c3xvUbRNp5-OYqp25Cd-iOycNdfbgspKtZy2xfMJgFpqU_4-NFDOJnDur_vqJtYLofV8WfgqW2ReS4QUIPLsyzCNLU6Ces-bBvxAyod4dmSYmZ1Ne3A6bW4L01FZ7OGUDA6gGDT8Or2QuFS0uZjTkgjDTiiCOesquT1gYubAgyXuDzMjT48BAmtJNtu5CiAdGlUagx4NLEbJIz6dYqd49Knieep715qN0rNKMg5U728OVkDEDDT8vqWWD7wy3R0M-JUyLriwkjjpDXqObZa-LMYodfxx_2fHDw6Fde8XlsFausUQLY0V_YZBx5iJVycfYLRJmP2UqPGMRCsJqzgKAWtfc5HNelKktp3n12u7JYdaYqmWKpDwwU5Pi2_tdup-6JuUoMxSMc3bmyFdiDgfyvlbqxnQoXpwAJ8CJaQl7Nf3_pbd7V7u6MvbTOVBGMtuWjc_Fiyr2j3J_fm6LBie3Vjcwq1EXxb4CDB9PrxE7yUa_QIFRGRAkAc6gEYj6Xjw_CXN38_tN5iRgwR9cxjKaxtOuh1asXdBXuvcmWWhhDsyPSVRKnuDZqP9Blq1_mV02wwiQQzpIsY-fBPYsmPX1-eBxxzOgLcDlbYW1CDXwiECBuIHtNL4SQF8K5njURdtKI_VP3mlF5IjeoVtEsi-pioOus4MHGAJk6bAR95spsQYOL9NVUU2ve8zzg4HXjZUJuDnucSZ-RatKDaMHQZg0gEE2vlrHTw5ONlbottc_lUC7OLm4Vb_VRdA8szyCnSNv7eOUz5FDi2V4UOf7ce6hdijdnVOsV2_M3iMgBkYfM0HS7IiUM-6U49ZFAWN0SMBU7dFaDwiQV4AwU1-ptQ98IEJ4XgVVMK8_KJIP4era1G0SOeBCOOCOKBwMXte-KAmjnJ5_tB9IZCy_E-YSLUgFYfZm8gtAOpPHHta-hYcPoYPW2lLTrAOg0U5G62wQ5UM2l5BJ29IVHo7mORuqRArzo_Q_NPxKwGVqk2Hsb129HdkyWicFnbMAal9-MbuD3Z7p767dLmDJeP2mxrdhJ2VtbjnZZbJg6TOA45zERVyWW5c4CMSYRtIZ7UvOwF9Yb8p_2_X-APyNv8lfs5WUzOB-Rdj2Nc7VjFWj28vOv28JRSrStrMHyMXx2EodObzrwCbPudB45zZNBOaL2PMtMq3qd-ONcEax63vPJxqnd3plEuMPsGtYo9bN0X3WrxH8mSFpfTM3jjd9GuaTsI20EGiqZ1qnSP30KH7huLfdO6h5REEevHAUTtGkfxsliQ6BL7PLkWi9jKvIDtc4uzsPT7gmI0ofvVkDQSCgJevS84FI9bq4o2vi_FS2LsylkGQUKC08fst_LZsh1gbopDO-Iv3Jogv_oa66rGqMssg7TC8TIu9MTLZtl-XKatXFTJ0Rgu_xOU70E5vH-7u1P2yzWMkH-XUibdsgr1v3h_DmR8mq-zh70&pr=8%3A95AA9401E277F4C4&cid=CAQSMgDICaaNDJXdM4G2sqSNsceNaZGshvjB-J7e_gv-iuvmxju-BE5YL8VIdBX49_iKssI6GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=9583330902660098000&adk=250276038&idt=240&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 16:12:43 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 4324 31 KB
12 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 16:03:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47686
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 16:03:46 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4324 41 KB
14 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 22:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23062
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 22:54:10 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7A5B 281 B
555 B 192ms
53ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 18 Nov 2023 05:18:33 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 20FF 38 KB
13 KB 53ms
52ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 138827
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:44:45 GMT
expires: Fri, 15 Nov 2024 14:44:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3154 38 KB
13 KB 53ms
52ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 138828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:44:45 GMT
expires: Fri, 15 Nov 2024 14:44:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 20FF 39 KB
15 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:09:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 17:09:38 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
609 B 111ms
110ms Stylesheet
text/css 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NwerSkIpHfdRfkMDR3HOhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-NwerSkIpHfdRfkMDR3HOhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sat, 18 Nov 2023 05:18:33 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
526 B 76ms
76ms XHR
application/json 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=339703812340-kido2ms26ssegr4jpn27vo7ro7hgkjme.apps.googleusercontent.com&as=%2F0WfeUkSNE8fpCRSZdYQcg

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c2a59a31829b370120cdd228334de59a085cb1f80b60f762d60de88ab2216f2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Q_wEdUMp9kjQGm8dSUbquw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Q_wEdUMp9kjQGm8dSUbquw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 3154 39 KB
15 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:09:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 17:09:38 GMT

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 57ms
56ms XHR
text/plain 18.198.226.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.226.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-226-18.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sat, 18 Nov 2023 05:18:33 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 60ms
60ms Preflight 18.198.226.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.226.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-226-18.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Sat, 18 Nov 2023 05:18:33 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame BA96 46 KB
13 KB 56ms
55ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e92610c8ef333bcc5802150887076cfd1a1b6590432185f2bc0a0abff06d906d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 05:18:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Nov 2023 11:35:45 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=22666
Connection: keep-alive
Content-Length: 13230
Expires: Sat, 18 Nov 2023 11:36:19 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7A5B 46 KB
13 KB 56ms
55ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e92610c8ef333bcc5802150887076cfd1a1b6590432185f2bc0a0abff06d906d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 05:18:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Nov 2023 11:35:45 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=22666
Connection: keep-alive
Content-Length: 13230
Expires: Sat, 18 Nov 2023 11:36:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4324 202 KB
64 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 05:18:33 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7657226687959464658/ Frame AE46 142 KB
22 KB 159ms
53ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91210fa256e2f98bdeb3f182d3aa308c7259f51148de80717738d700a0dcffe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 585115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22789
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 10:46:38 GMT
expires: Sun, 10 Nov 2024 10:46:38 GMT
last-modified: Wed, 09 Feb 2022 10:30:11 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4324 0
0 234ms
99ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvNoXkXVeTIK0c3-6SKeGBliZ6oFlcHKK9m8akp3T_P6BbbFKZr5OnUfO3YahN49NiP4ew_iiXVBXPP8-d4vTNnNLaJy6WQSHZkJQj35h_bvz_wnURlcdskcgPMj-3VtMMQVi_xhb7UlbhJf4nx_OB8jCgvqbq8lZMYleErTDJNvDmFG-E0p029KCzwLEu4TSu_Za6kL1CvIJDxZTdkbuHV0_xWs1pn5UvezzxhUypsjwyzMqhQHck1HTPJhpkGybhcKJkuWxoWGcivtcUHxuO0oE3UqAGy0V2drcxn3KKoaroaUqc2kARtoXB4eTcKIkSFg4CR7_RBvQQds-B3y_G89jRjzV9WNcIVjmlMhQDWsmVv63OWWWF7z97RIAcO4XFty7gVKMVJQkHnQVahkECr4sqO-2CWNSaJ_mu1Q655pCFtm5WjlGMZ-0f8M9yCqK1OZNKCuu-otMZX-ShGFJZoPMWlQQV9Z--5mfKQd-FAarrFYpCmsROihY02zEHFF9YEQZp3iaPYJqRp5ruse0rwp4okYo4CHr0mzL7Kv8nPAL8jNQEJW-HVQ1MKFyf6eGZ_CD2lfu1030YTfCQ7ZbYvB6HCzRPowfu_RzNO3RefCR4N0lNJ4h99M8W6MFFWX7ojqBfh3xg839L1SR4TvH4FvOLWxFq6Hol6dWR-_So8wEbCs9quJxu0OPYMzqJ2jU5_UudEpd8ji8UYGqT_Eam1wMvVXOwmsApas6XIXliyjfvU47wvNO7W8QvblWxPagNPHayKrt_RnXv9zTTuxKaVTpyUPh_m7n2ACWu_TZ04Ih6r6O9VImp3dyz8sc_6WDdEh9AdGqfCPsuG_xw9OW7FYQqxoDpP73xwc7gWwUzAE-c7rJP1ok3I3VMy0ZSrnimi5bAPVU5r-ueqIau_m_O2pk0EbmalJD2qEpOqkaAtu4oCsPFL5za9VsKaN0uPq91tbYJ2MMozhAHibHwKz-c_LHzol_tBJ-8HMz0PMuDlqNyQfllLUBX9LSGQtb6JaA4XnM2vTTm5x2Xfvlzrt311qS1IKPvGGmWpmGGf3a4J_q5Fn72lxtBuYsLqmH6k3DrvF28vjHbr5f4oXfYlrS4fkuHd_35wfiDO2LysQimgWn8cE0r8JMU9C8P6Ng5SqQ-VUyChtCr9pZb-wuU-ZcZnfPBAcqCdiSopjer1E3Wi5B-LdD04cQq0O5_QeavNVk2voKMgOp7EFPa9u9wKxzhZDf-X1Wg4n8N6BfrifHipteV76j41gYHt4gRtHNVfKCFkjpyDgcWIvzb4dZPRMqwpi_dSdAVK4XrQQJYQ3kcNZQiG9LcVoEBxFY8X1YS0zvPX7479POAZwf6caqOdGSZ5eEzvykwF5O5GmlcjLv9pMhl0WDJ8XDgfLiBUDSGJ0tUPGu5pjyqx4cpLhzJrXqy9&sai=AMfl-YRt2VuZsHZwO5DPs_b0JXEZvPpjrxH1woMDdZZ9DL4kmkLsgMUPHMROfh9K_hHAhxzXwcVW96h9_PA3g5IhZUJ373U62XQD5y-jdes54pWzJBoROi3E0JztLBixoBpJaD3j2FjtVnxuJuN6hl_ASs72rusag8_0KvYiRSTalA0ERmOXNLueTRypwIiCy6SyS41yJoA8WOUgbvvCCWwhMCTSQuzVRG0xlw_e8UbX8k5pab_G1zTtEX8YurAxDpKVu6_oD_zNMqgpq8Gvvz8&sig=Cg0ArKJSzKttXrVaNAUNEAE&uach_m=[UACH]&pr=8:95AA9401E277F4C4&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=267&cbvp=1&cstd=264&cisv=r20231109.86698&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 18 Nov 2023 05:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 117ms
116ms Image
image/gif 52.54.8.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ud&error=uid%2Fmuid%2Fduid%20not%20found&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FLondon&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=17&tvcfg=all&tid=ccb437bc-77e0-4746-9434-f8c79ba2ad8a&pid=c2d6a276-b193-45a8-be2b-5dfb31ef760e&dtm=1700284713187&qnm=_matherq&visible=1&tabid=49bc869e-0910-4bb1-a54c-82569e531a99&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x13196&tofa=1700284711&vid=1&lvidt=1700284711&duid=46d12f41-0709-438e-823d-e86802cebce3&fp=4145215253&cid=ma63527&mrk=484602605&cx=eyJ1c2VyREIiOnsic2VnbWVudHMiOltdLCJtZXRlckRhdGEiOnsibWV0ZXJUaHJlc2hvbGQiOiIwIiwicmVzZXRNZXRlciI6IjAifSwicGFnZVZpZXdzIjoiMiIsInVzZXJEQkZldGNoIjoiMSIsImVyciI6InVpZC9tdWlkL2R1aWQgbm90IGZvdW5kIiwibmV4dFVwZGF0ZSI6IjE4MDAwMDAiLCJuZXh0VXBkYXRlVFMiOiIxNzAwMjg2NTEyODExIn19
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.8.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-8-105.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Sat, 18 Nov 2023 05:18:33 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame BA96 7 B
380 B 213ms
53ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
Expires: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 7A5B 7 B
380 B 215ms
54ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A631 202 KB
64 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 05:18:33 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7657226687959464658/ Frame 253B 142 KB
22 KB 114ms
58ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91210fa256e2f98bdeb3f182d3aa308c7259f51148de80717738d700a0dcffe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 585115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22789
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Nov 2023 10:46:38 GMT
expires: Sun, 10 Nov 2024 10:46:38 GMT
last-modified: Wed, 09 Feb 2022 10:30:11 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A631 0
0 184ms
98ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyXJC9PLh-kOud9vgYQzk8r5jW8fjzrdNc3V6IDSC-vWJZU8vWtw9lMvtd-JqI0YOAa9_r_R9B8k85aEMG3c8GiuX5tiQtdhr-Knna_ZZ87REyysbhsWM6iLi0yrrQxN2MOcvR7a8xTO_1DSN-9izZFu04XlU9qN9xtP_ly1XJIpEjWZrmnYpXyA3WxLO7EkwF49jEozZ3V20YsVGbefDO5IqnHlVRAtN0APF_gQlcW7cCFtbxOdR3kfgb67kmOzg9oS2FzHWGnqNEKNF15mFQROnBUxqq1fROWeqgrytWDH29nSMQ5UDxpsoZqAKJ1bPTvDHnBq1zGFHUzUAvMhZHYBWHm4nglxMn6iJ1EaqdCVyPZV5qt5htAy8uCJwgZQNadzZQ09mso1HuSX6CmiIjpunDotdla016H5Jt5NDbo4ALp-xLsp6NvAlv1mOsqpTYVXLczddSwsPo2MD9o1wW5D8YjBH4YXMvR7MQSYUEia98-42AadxY0LC1kn6BYrj0fV0QWPVU4j03k2YkatHUXZ1pEYEtBIAQp9uO4wtguT_KHQEAMEsbufuGEexINtLZHUpsuOQ5YGSynLz_BRBrzYUQECUF-tCVkaddmtMHx4I73nhh1_QQ5EyKiEJjmXVPH-k3-oju7qZqeCC9qxmVqouPYl_okibETwYSDPQD6nAzJCLkE_sDeOMlaYfLjTQjF19DuWgv4y7bs3WqpIKhXgJVJOLee7paxiTtjOTPfuGdOtDJ9YbjRhU9uVFUftrzuOpWa7Cso6ihoW44iZqXBm2QvUzfCXc8GgOkSPKYPAKtqOokNIGVDIRb2oAnsVSmdcdxCIaVJPqQUMlU6xedAFw2Jc0OVvC1M-KTV6Kbuo2T-9zV7W9BtRLoDzUR9ctnVRMm1_2VqRdPENpbMDTHwm3Cee773ba0cM1jLqBwRbrC1IxZ5lENHjG2dih2YA-8F6yIxZQmRpTRp8HT3GYRaJDXIhPt5fN_k0JhzTkFKYFyrWg1_7YsDAdpm5aRkylJTEC-F93MOVq5lrM9Qc7ueNJR86KuUxm0dc7nm07nYIuVjLHbn3NFN-2YcafMOlK5a48v0pcXSk2fBwJwRlhNspvTaNAfcGpEfn-e3CAPGN2vXX73WMZUCIoTXVDT40YF40Ql-4BcTccLG8ijQecyetFMdsf-zI32lEW6tuuMMPyphoeEBU0Y6om0UReyO5Y0302OO2O4Bsx3YhyED_j1ogofFcjW_jXPwGYUkXNoAmwrSAbFW1mVhEYKhig8H1Xv3Khpyv-PeyPCWlN7TlMtX6qW_d6ty8K_tExAyhgiw9Tcovt0MJQQkeDGXMQUK1Ec1ZDx0wWhfYbwtWHykxATpBFDvWIExGpGclTVr-zyYEHTQbr0tudKZorY6iQsuD4zmKgSpGOrCflO83w9Rw&sai=AMfl-YRITssZYtUB-snmUWlH-k_kR4R47xYEbQqXRwwISysK0s88AyulW7sn1jOnuZecwNaqKvbFb_csfsCg7gLxR2GM3-S11VW-Yot-J86bHp-a1R1RayScfZGx03E-77TN3xfOvSobzayN22FSnnrCbPAwWqVcKLYok4hObtBVK0kFSWxXbvrUS4EiXtCnemSoavAlAjf_Pwx3Pem1kg_S6Yf5GIWHl4SVNLt4Lc_W0xZP417uGIHzV9LdDRN4Gdat-8LKFlMTuWXGG9b-mAw&sig=Cg0ArKJSzI-CmhyQSBaoEAE&uach_m=[UACH]&pr=8:95AA9401E277F4C4&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=337&cbvp=1&cstd=335&cisv=r20231109.62202&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 18 Nov 2023 05:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 53ms
53ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rjlubZVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-axhMBihjElCFgA%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=165&gp=917&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&pl=0&f=0&j=&t=1700284710990&de=746612520125&rx=777807366734&cu=1700284710990&m=2261&ar=51bd715ca6c-clean&iw=d919dfb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=917&lb=13196&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1709%3A1709%3A0%3A1745&as=1&ag=1132&an=34&gi=1&gf=1132&gg=34&ix=1132&ic=1132&ez=1&ck=1132&kw=954&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1132&bx=34&ci=1132&jz=954&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=954&cd=68&ah=954&am=68&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4399703447%3A2915093164%3A5803014380%3A138366412552&bo=343101415&bp=387186655&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387186655&dfp=0%2C1&la=387186655&zMoatAU=%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&zMoatProduct=homepage-beta&zMoatPS=-&zMoatSlot=InFeed_Left&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=205853&na=747407723&cs=0
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 18 Nov 2023 05:18:33 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 20FF 0
20 B 89ms
89ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BlhNeKElYZZDmLauk9u8PxIiSwAEAAAAAOAHgBAI&bg=!PD-lP3DNAAZxrfrxUa07ADQBe5WfONNa3waEtwEfwDdWoQvDQ-Ee_ZGS5IuaLzwIK2JhyN_PNvmJ0WFBs-c8LSdZkRgQAgAAAJNSAAAABGgBBwoAMAjkQJYwVgEQKPNqLXewVixvpzBaavhMVzGZGdggrnaFecXLan_PoVsNuTAgLWDiy5kDQNWn2Z8FPnHZwbiW7SsoAEOpWNL-Fs3hvh3rtKXg4OD95wivDnnxagVWc0XUwOZtMqQ0bxpjBJ7mE68VNgd6zpCY9yrhRUwzdkcAW51de4FzfuphxkzkQ7Bbb4r6emc_25BbPxyCfMVlZpNmFtwrXrdomPmHe3_RvcYi6eeEiiaEnvoSOxCrH_ZSYonEeQ439x3xsii19M45bH0eggP0Y1QDaDpzF_c-kquUS4yXhRwz48qFYV8jSISqJ-S1DdehFVvNCwWOf1OMRW2Bz9ZAkDRPJEHlOEcck8D3HQnSj8beNI7wYV5KaNQt60q1EpceSjHg_Kqn2rDMFNXzvWII1eRuuTea4b-dmtxiu3C0iduu8zyOi_NOR6AQMQIwQTHNgjWcbLbnvKsPqaSFnCOia36HcTiS2ZDbFpHTb9p6WU47xw7kWspcLdohOtNgVHXEEtZpPwydoBq7gcCCVG0ouhnLd4T-reMeRpFKWiMtBsWUqyFqAcJUYt7_hTUOQvHKA7C6MWfuRSY4InWbFkeAH4kF9NHbWgLVizOqzxccPl_w8OrsBsG2upqbUGV4Lukdy52nWs7yrFHRqyVlYbmPkK_bfRoZ3zYDatyMLxgLErlRvumuIx7mAYJf6LO10HmRnM1SUfZjHKSBLoM9AqA5y33JmIGkWrX6qVWaUDm5H88GfarUDnRohxF0sTwFa3PuPTW8lllwH2RIIgp86xsHaViX6qQqUUvwTuVa7sGaH9xhdTV3uYpiN047Sf2Zfafl--RZywiA-E5kcFudtDEsunFT1z6xX0S6khGVJwtrXkYqL3SwJbhI8lV4wnLQ62mnB1uf9w-LpUt9xALO_uZ1SCrWF0xGqejkIC78Ll7WyKGDFP3Hj3BZXhxNIhCMOIXRjKxg7dN1NRjJwqrcT_60GkDLAeEr_3lq5utWJTt4qWY981AnQ45irc031J0gHzfPAwI3znvaEQpXibs5brfediyNx8-8kNUUgvF6Eg16Yarpdm_pi3x_3Y7Lea_YuEQ6VAA2U6-Wg-NONzQdx8reFUsPH-klqoYCdaMSGVsSUBp6fXr6oxAW14W1-I7g7FVV11_EuHVVGQQwMnDXpyTRGbU

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame A631
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/987057/61527013/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=10071&ias_chanId=8&ias_placementId=20343401411&bidurl=https://www.mlive.com/&ias_dealId=&adsaf...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_KElYZZDmLauk9u8PxIiSwAE&cbFunctionName=goog_wrapCb_KElYZZDmLauk9u8PxIiSwAE&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...

1 KB
1 KB

52ms
51ms

Script
application/javascript

2600:9000:2491:7000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_KElYZZDmLauk9u8PxIiSwAE&cbFunctionName=goog_wrapCb_KElYZZDmLauk9u8PxIiSwAE&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:2491:7000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:15:34 GMT
x-amz-version-id: 5yD0MD0xvY5qMDPlbaeccRZIQga4BLlQ
content-encoding: gzip
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 370980
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 13 Nov 2023 22:15:32 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: pKHQkxdlwTgkBwYBUCVOxgf4ekSyddLP7BpLyVEm_cKbH4ag3xS2MQ==

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
server: nginx
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_KElYZZDmLauk9u8PxIiSwAE&cbFunctionName=goog_wrapCb_KElYZZDmLauk9u8PxIiSwAE&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame D565 91 KB
23 KB 60ms
60ms Script
application/javascript 2600:9000:2491:7000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:7000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 5029763
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: _2NatZHWtYpyIuC8W71PhxOmcfY1GhvzZmxwRn8FcCP0b2zlubcbsA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A631 43 B
216 B 638ms
197ms Image
image/gif 2600:1f13:800:7782:14df:363:a706:6a6f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=cdbdd157-1f48-a9ed-eec4-f19d3e170e80&tv=%7Bc:uieUDG,pingTime:-3,time:48,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:48,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVW5nCk+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181*.987057-61527013%7C1811%7C1812%7C1813%7C1814%7C1911%7C1912%7C19131%7C1914,idMap:181*,rmeas:1,rend:0,renddet:DIV,siq:25%7D&br=c
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:14df:363:a706:6a6f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A631 43 B
215 B 636ms
198ms Image
image/gif 2600:1f13:800:7782:14df:363:a706:6a6f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=cdbdd157-1f48-a9ed-eec4-f19d3e170e80&tv=%7Bc:uieUDI,pingTime:-6,time:50,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:50,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B43~0%5D,as:%5B43~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVW5nCk+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181*.987057-61527013%7C1811%7C1812%7C1813%7C1814%7C1911%7C1912%7C19131%7C1914,idMap:181*,rmeas:1,rend:0,renddet:DIV,siq:25%7D&tpiLookup=ao:www.mlive.com*%2C715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com*&br=c
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:14df:363:a706:6a6f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 53ms
53ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rjlubZVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-axhMBihjElCFgA%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=165&gp=917&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&pl=0&f=0&j=&t=1700284710990&de=746612520125&rx=777807366734&cu=1700284710990&m=2262&ar=51bd715ca6c-clean&iw=d919dfb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=917&lb=13196&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1709%3A1709%3A0%3A1745&as=1&ag=1132&an=1132&gi=1&gf=1132&gg=1132&ix=1132&ic=1132&ez=1&ck=1132&kw=954&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1132&bx=1132&ci=1132&jz=954&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=954&cd=954&ah=954&am=954&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4399703447%3A2915093164%3A5803014380%3A138366412552&bo=343101415&bp=387186655&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387186655&dfp=0%2C1&la=387186655&zMoatAU=%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&zMoatProduct=homepage-beta&zMoatPS=-&zMoatSlot=InFeed_Left&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=205853&na=238328582&cs=0
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 18 Nov 2023 05:18:33 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 4324
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/987057/61527013/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=10071&ias_chanId=8&ias_placementId=20343401411&bidurl=https://www.mlive.com/&ias_dealId=&adsaf...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_KElYZY65LuGv7_UP3KiW4Aw&cbFunctionName=goog_wrapCb_KElYZY65LuGv7_UP3KiW4Aw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...

1 KB
1 KB

52ms
51ms

Script
application/javascript

2600:9000:2491:7000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_KElYZY65LuGv7_UP3KiW4Aw&cbFunctionName=goog_wrapCb_KElYZY65LuGv7_UP3KiW4Aw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:2491:7000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:15:34 GMT
x-amz-version-id: 5yD0MD0xvY5qMDPlbaeccRZIQga4BLlQ
content-encoding: gzip
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 370980
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 13 Nov 2023 22:15:32 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: QqrrWNLhC5GJnaYs6A3rrsJl_92NaryxQv53_BPGZOlEXuZbQRQN1A==

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
server: nginx
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_KElYZY65LuGv7_UP3KiW4Aw&cbFunctionName=goog_wrapCb_KElYZY65LuGv7_UP3KiW4Aw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 2D4C 91 KB
23 KB 60ms
59ms Script
application/javascript 2600:9000:2491:7000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:7000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 5029763
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Usx4qooQKxeuErnYH-UvEjOM_v1RAHRs-PAEuHuUgqlsI6cFaWH5gg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A631 43 B
215 B 753ms
393ms Image
image/gif 2600:1f13:800:7782:14df:363:a706:6a6f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=cdbdd157-1f48-a9ed-eec4-f19d3e170e80&tv=%7Bc:uieUEZ,pingTime:-2,time:129,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:849,beZ:850,mfA:853,cmA:855,inA:855,inZ:858,prA:858,prZ:869,si:874,poA:874,poZ:891,cmZ:891,mfZ:891,loA:899,loZ:901,ltA:978,ltZ:978%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:129,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B122~0%5D,as:%5B122~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVW5nCk+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181*.987057-61527013%7C1811%7C1812%7C1813%7C1814%7C1911%7C1912%7C19131%7C1914,idMap:181*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,siq:25,sinceFw:103,readyFired:true%7D&br=c
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:14df:363:a706:6a6f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:34 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame AE46 29 KB
10 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 23:16:59 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4324 43 B
215 B 742ms
392ms Image
image/gif 2600:1f13:800:7782:14df:363:a706:6a6f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=d3b4d2ca-6033-4133-98bc-56e45427a9e9&tv=%7Bc:uieUF9,pingTime:-3,time:80,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:80,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B74~0%5D,as:%5B74~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVW5nDh+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C1811%7C1812%7C1813%7C1814%7C1815%7C191*.987057-61527013%7C1911%7C1912%7C1913%7C1914,idMap:191*,rmeas:1,rend:0,renddet:DIV,siq:17%7D&br=c
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:14df:363:a706:6a6f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 253B 29 KB
10 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 23:16:59 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4324 43 B
215 B 737ms
394ms Image
image/gif 2600:1f13:800:7782:14df:363:a706:6a6f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=d3b4d2ca-6033-4133-98bc-56e45427a9e9&tv=%7Bc:uieUFf,pingTime:-6,time:86,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:86,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B80~0%5D,as:%5B80~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVW5nDh+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C1811%7C1812%7C1813%7C1814%7C1815%7C191*.987057-61527013%7C1911%7C1912%7C1913%7C1914,idMap:191*,rmeas:1,rend:0,renddet:DIV,siq:17%7D&tpiLookup=ao:www.mlive.com*%2C715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com*&br=c
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:14df:363:a706:6a6f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:34 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 53ms
52ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rjlubZVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-axhMBihjElCFgA%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=165&gp=917&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&pl=0&f=0&j=&t=1700284710990&de=746612520125&rx=777807366734&cu=1700284710990&m=2262&ar=51bd715ca6c-clean&iw=d919dfb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=917&lb=13196&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1709%3A1709%3A0%3A1745&as=1&ag=1132&an=1132&gi=1&gf=1132&gg=1132&ix=1132&ic=1132&ez=1&ck=1132&kw=954&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1132&bx=1132&ci=1132&jz=954&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=954&cd=954&ah=954&am=954&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4399703447%3A2915093164%3A5803014380%3A138366412552&bo=343101415&bp=387186655&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387186655&dfp=0%2C1&la=387186655&zMoatAU=%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&zMoatProduct=homepage-beta&zMoatPS=-&zMoatSlot=InFeed_Left&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=205853&na=1957140219&cs=0
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 18 Nov 2023 05:18:33 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4324 43 B
215 B 701ms
393ms Image
image/gif 2600:1f13:800:7782:14df:363:a706:6a6f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=d3b4d2ca-6033-4133-98bc-56e45427a9e9&tv=%7Bc:uieUFP,pingTime:-2,time:122,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:864,beZ:865,mfA:867,cmA:868,inA:868,inZ:872,prA:872,prZ:876,si:881,poA:882,poZ:899,cmZ:899,mfZ:899,loA:949,loZ:951,ltA:986,ltZ:986%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:122,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B116~0%5D,as:%5B116~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVW5nCk+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181.987057-61527013%7C1811%7C1812%7C1813%7C1814%7C1815%7C191*.987057-61527013%7C1911%7C1912%7C1913%7C1914,idMap:191*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,siq:17,sinceFw:104,readyFired:true%7D&br=c
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:14df:363:a706:6a6f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3154 0
20 B 91ms
90ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BCXZ6KElYZY65LuGv7_UP3KiW4AwAAAAAOAHgBAI&bg=!NjWlNXrNAAZxrfrxUa07ADQBe5WfONHmEUN3qB9D1W6FjmoOfid74RRnHoPJSgJSqnNS-MIangPXZWcuo6YJJ6PKVqspAgAAALtSAAAAAmgBB5kDTWPXTCqZJMymEQrbXYSrAHPrhDc0-xHyOgNSyRd0p3Xoyfv6HSkvtTURyCmaP5drkFE3BKmuG_M3uSoPXvAtlQTLCz-Dh914V2nKMrR7-HhtjpVsDI77u8quYst1I8Ts2rDv22D8KWoDqYF6hjm8CHxidJ4oPF_P9NzO7iLFRw3n7gaAfWqkyS0ZflqeGOn1bIOwdZET77IPqHJYU3S08zaw_4QPcPPLlrPtD26VLKMhQzopqTkZGzptzuaEko7O_btdUJ0qmqlklcWyDd3sq1XSEdmYqv8Ex6hMkCUPbnBXiffL9cGvvVKjE8dhpZ8CGako1n_DAVITOrkbSHdBNPqhkF429KXKr3UQJMSixJB1QKe0GOnPO6DtPpc-eoGrrgpy1ZrB8TxHFuv2B0MCyWtJ4PHqQcYMSyWcPzPtrFJb7KongPzqBuBXRXP_EO1zKCl6eF4PDr3Y22kzYp_OmTCkDCcmasreMbSa6PuR9YsYyvT6oq5ELoWw3Ki9z__CvWyLFCIib5cUvEPGf3Vc8eN2GuUqNsGWlid5dTqzJVYrHvgt3EiX-PRP1Fygkeef_QGb_pKnWTCa17TlyUkUSb0djRzGQascemkebCjTqrq9NY0OzI3WkMw5EqlVzdeoXna1E2l4DzfwnkSMgqzbzXIF2ZvY40gWfPVudsemAIkOHImRtni9EpVlJAwUcDv3lbEhQaBxwLA2RZRZMDtr9aWDjydB6fgnD7HsBeJ-KZfsEJgDXz4-THi3KnN4gPqKUMVcNaAYWZV2F4rgNE6rjRauXkMJgFCr5ceIhhX0M1m25P8U4udVaoyCYyabHuvPHBSAtH9gvwIazrIvdftk5u5ru4GOhib-lWy73fkdLE7S-kcg5ugSdWuGoiA9HQwxMBIxNGEKcrGsO_N4TBejo3qukZJt8UQ8FLQdoyuj2qhw-Aorv-YhwyHydfcM_aIqEmgip9GJFUiHBsXloScNVr8zVeA4bAj6LNW-5tAGqKY9V8rNXxfzqlGvqXZTOVf5rFcCMKyYbnLvrrT0szZdurV8j5M6Muf9dtvWMAiFTzTTahkfyENjvDx-NRrdDLG1AOhBtsQV7w_EZnJ5MQ9glijMZjYDPhXNeCfAfbVA

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4324 0
0 93ms
93ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvNoXkXVeTIK0c3-6SKeGBliZ6oFlcHKK9m8akp3T_P6BbbFKZr5OnUfO3YahN49NiP4ew_iiXVBXPP8-d4vTNnNLaJy6WQSHZkJQj35h_bvz_wnURlcdskcgPMj-3VtMMQVi_xhb7UlbhJf4nx_OB8jCgvqbq8lZMYleErTDJNvDmFG-E0p029KCzwLEu4TSu_Za6kL1CvIJDxZTdkbuHV0_xWs1pn5UvezzxhUypsjwyzMqhQHck1HTPJhpkGybhcKJkuWxoWGcivtcUHxuO0oE3UqAGy0V2drcxn3KKoaroaUqc2kARtoXB4eTcKIkSFg4CR7_RBvQQds-B3y_G89jRjzV9WNcIVjmlMhQDWsmVv63OWWWF7z97RIAcO4XFty7gVKMVJQkHnQVahkECr4sqO-2CWNSaJ_mu1Q655pCFtm5WjlGMZ-0f8M9yCqK1OZNKCuu-otMZX-ShGFJZoPMWlQQV9Z--5mfKQd-FAarrFYpCmsROihY02zEHFF9YEQZp3iaPYJqRp5ruse0rwp4okYo4CHr0mzL7Kv8nPAL8jNQEJW-HVQ1MKFyf6eGZ_CD2lfu1030YTfCQ7ZbYvB6HCzRPowfu_RzNO3RefCR4N0lNJ4h99M8W6MFFWX7ojqBfh3xg839L1SR4TvH4FvOLWxFq6Hol6dWR-_So8wEbCs9quJxu0OPYMzqJ2jU5_UudEpd8ji8UYGqT_Eam1wMvVXOwmsApas6XIXliyjfvU47wvNO7W8QvblWxPagNPHayKrt_RnXv9zTTuxKaVTpyUPh_m7n2ACWu_TZ04Ih6r6O9VImp3dyz8sc_6WDdEh9AdGqfCPsuG_xw9OW7FYQqxoDpP73xwc7gWwUzAE-c7rJP1ok3I3VMy0ZSrnimi5bAPVU5r-ueqIau_m_O2pk0EbmalJD2qEpOqkaAtu4oCsPFL5za9VsKaN0uPq91tbYJ2MMozhAHibHwKz-c_LHzol_tBJ-8HMz0PMuDlqNyQfllLUBX9LSGQtb6JaA4XnM2vTTm5x2Xfvlzrt311qS1IKPvGGmWpmGGf3a4J_q5Fn72lxtBuYsLqmH6k3DrvF28vjHbr5f4oXfYlrS4fkuHd_35wfiDO2LysQimgWn8cE0r8JMU9C8P6Ng5SqQ-VUyChtCr9pZb-wuU-ZcZnfPBAcqCdiSopjer1E3Wi5B-LdD04cQq0O5_QeavNVk2voKMgOp7EFPa9u9wKxzhZDf-X1Wg4n8N6BfrifHipteV76j41gYHt4gRtHNVfKCFkjpyDgcWIvzb4dZPRMqwpi_dSdAVK4XrQQJYQ3kcNZQiG9LcVoEBxFY8X1YS0zvPX7479POAZwf6caqOdGSZ5eEzvykwF5O5GmlcjLv9pMhl0WDJ8XDgfLiBUDSGJ0tUPGu5pjyqx4cpLhzJrXqy9&sai=AMfl-YRt2VuZsHZwO5DPs_b0JXEZvPpjrxH1woMDdZZ9DL4kmkLsgMUPHMROfh9K_hHAhxzXwcVW96h9_PA3g5IhZUJ373U62XQD5y-jdes54pWzJBoROi3E0JztLBixoBpJaD3j2FjtVnxuJuN6hl_ASs72rusag8_0KvYiRSTalA0ERmOXNLueTRypwIiCy6SyS41yJoA8WOUgbvvCCWwhMCTSQuzVRG0xlw_e8UbX8k5pab_G1zTtEX8YurAxDpKVu6_oD_zNMqgpq8Gvvz8&sig=Cg0ArKJSzKttXrVaNAUNEAE&uach_m=[UACH]&pr=8:95AA9401E277F4C4&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=558&vt=11&dtpt=291&dett=3&cstd=264&cisv=r20231109.86698&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame AE46 2 KB
1 KB 56ms
55ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 05:21:00 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame AE46 3 KB
1 KB 55ms
54ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 05:21:00 GMT

GET
H3 200 head2_3line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame AE46 12 KB
3 KB 55ms
54ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_3line_family.svg

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

779560b566f055003c68dd89d16a1411bd308db8bcfbc6acfa37ee6f3292988e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3390
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 05:30:50 GMT

GET
H3 200 head1_2line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame AE46 7 KB
2 KB 65ms
63ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_2line_family.svg

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a4ce4cc9de9b9337c9591716670e26c1ee79f11a5ff24a0476cecfb23d0604a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 630
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2220
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 05:23:03 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame AE46 6 KB
2 KB 63ms
62ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 747
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 05:21:06 GMT

GET
H3 200 300x250_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame AE46 39 KB
39 KB 56ms
55ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_family.jpg

Requested by

Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc47b6ece0cbc3d797f2338b3485b6bcc52b967cd51f1d74a89086f517d91ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:12:41 GMT
x-content-type-options: nosniff
age: 352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39696
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 05:27:41 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A631 0
0 90ms
90ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyXJC9PLh-kOud9vgYQzk8r5jW8fjzrdNc3V6IDSC-vWJZU8vWtw9lMvtd-JqI0YOAa9_r_R9B8k85aEMG3c8GiuX5tiQtdhr-Knna_ZZ87REyysbhsWM6iLi0yrrQxN2MOcvR7a8xTO_1DSN-9izZFu04XlU9qN9xtP_ly1XJIpEjWZrmnYpXyA3WxLO7EkwF49jEozZ3V20YsVGbefDO5IqnHlVRAtN0APF_gQlcW7cCFtbxOdR3kfgb67kmOzg9oS2FzHWGnqNEKNF15mFQROnBUxqq1fROWeqgrytWDH29nSMQ5UDxpsoZqAKJ1bPTvDHnBq1zGFHUzUAvMhZHYBWHm4nglxMn6iJ1EaqdCVyPZV5qt5htAy8uCJwgZQNadzZQ09mso1HuSX6CmiIjpunDotdla016H5Jt5NDbo4ALp-xLsp6NvAlv1mOsqpTYVXLczddSwsPo2MD9o1wW5D8YjBH4YXMvR7MQSYUEia98-42AadxY0LC1kn6BYrj0fV0QWPVU4j03k2YkatHUXZ1pEYEtBIAQp9uO4wtguT_KHQEAMEsbufuGEexINtLZHUpsuOQ5YGSynLz_BRBrzYUQECUF-tCVkaddmtMHx4I73nhh1_QQ5EyKiEJjmXVPH-k3-oju7qZqeCC9qxmVqouPYl_okibETwYSDPQD6nAzJCLkE_sDeOMlaYfLjTQjF19DuWgv4y7bs3WqpIKhXgJVJOLee7paxiTtjOTPfuGdOtDJ9YbjRhU9uVFUftrzuOpWa7Cso6ihoW44iZqXBm2QvUzfCXc8GgOkSPKYPAKtqOokNIGVDIRb2oAnsVSmdcdxCIaVJPqQUMlU6xedAFw2Jc0OVvC1M-KTV6Kbuo2T-9zV7W9BtRLoDzUR9ctnVRMm1_2VqRdPENpbMDTHwm3Cee773ba0cM1jLqBwRbrC1IxZ5lENHjG2dih2YA-8F6yIxZQmRpTRp8HT3GYRaJDXIhPt5fN_k0JhzTkFKYFyrWg1_7YsDAdpm5aRkylJTEC-F93MOVq5lrM9Qc7ueNJR86KuUxm0dc7nm07nYIuVjLHbn3NFN-2YcafMOlK5a48v0pcXSk2fBwJwRlhNspvTaNAfcGpEfn-e3CAPGN2vXX73WMZUCIoTXVDT40YF40Ql-4BcTccLG8ijQecyetFMdsf-zI32lEW6tuuMMPyphoeEBU0Y6om0UReyO5Y0302OO2O4Bsx3YhyED_j1ogofFcjW_jXPwGYUkXNoAmwrSAbFW1mVhEYKhig8H1Xv3Khpyv-PeyPCWlN7TlMtX6qW_d6ty8K_tExAyhgiw9Tcovt0MJQQkeDGXMQUK1Ec1ZDx0wWhfYbwtWHykxATpBFDvWIExGpGclTVr-zyYEHTQbr0tudKZorY6iQsuD4zmKgSpGOrCflO83w9Rw&sai=AMfl-YRITssZYtUB-snmUWlH-k_kR4R47xYEbQqXRwwISysK0s88AyulW7sn1jOnuZecwNaqKvbFb_csfsCg7gLxR2GM3-S11VW-Yot-J86bHp-a1R1RayScfZGx03E-77TN3xfOvSobzayN22FSnnrCbPAwWqVcKLYok4hObtBVK0kFSWxXbvrUS4EiXtCnemSoavAlAjf_Pwx3Pem1kg_S6Yf5GIWHl4SVNLt4Lc_W0xZP417uGIHzV9LdDRN4Gdat-8LKFlMTuWXGG9b-mAw&sig=Cg0ArKJSzI-CmhyQSBaoEAE&uach_m=[UACH]&pr=8:95AA9401E277F4C4&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=586&vt=11&dtpt=249&dett=3&cstd=335&cisv=r20231109.62202&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DF81 42 B
64 B 196ms
90ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6Us_iyOi7aUDoZvM3LVxwbOGTJ1OHnVLSFU3LC91Fa_Z0oN5Y_3J48DjA0vDMPoNfFf6Lv7YISQi8RFm66G0MdoutNkI7_j0B4iuY4kIVWtAwuEQZ&sig=Cg0ArKJSzIYan-qrDq8AEAE&id=lidar2&mcvt=1005&p=177,1135,342,1435&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=9&adk=1117919376&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700284711991&rpt=471&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 53ms
53ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rjlubZVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-axhMBihjElCFgA%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1135&gp=883&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&pl=0&f=0&j=&t=1700284710990&de=969979995092&rx=777807366734&cu=1700284710990&m=2263&ar=51bd715ca6c-clean&iw=d919dfb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=883&lb=13196&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1709%3A1709%3A0%3A1745&as=1&ag=1094&an=4&gi=1&gf=1094&gg=4&ix=1094&ic=1094&ez=1&ck=1094&kw=886&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1094&bx=4&ci=1094&jz=886&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=886&cd=8&ah=886&am=8&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4399703447%3A2915093164%3A5803014380%3A138366002964&bo=343101415&bp=387186655&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387186655&dfp=0%2C1&la=387186655&zMoatAU=%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&zMoatProduct=homepage-beta&zMoatPS=-&zMoatSlot=InFeed_Right&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=2&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=205853&na=2055362439&cs=0
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 18 Nov 2023 05:18:33 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 253B 2 KB
1 KB 60ms
59ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 05:21:00 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 253B 3 KB
1 KB 60ms
59ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 05:21:00 GMT

GET
H3 200 head2_3line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 253B 12 KB
3 KB 60ms
59ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_3line_family.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

779560b566f055003c68dd89d16a1411bd308db8bcfbc6acfa37ee6f3292988e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3390
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 05:30:50 GMT

GET
H3 200 head1_2line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 253B 7 KB
2 KB 61ms
60ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_2line_family.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a4ce4cc9de9b9337c9591716670e26c1ee79f11a5ff24a0476cecfb23d0604a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 630
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2220
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 05:23:03 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 253B 6 KB
2 KB 61ms
61ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 747
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 05:21:06 GMT

GET
H3 200 300x250_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 253B 39 KB
39 KB 62ms
61ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_family.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc47b6ece0cbc3d797f2338b3485b6bcc52b967cd51f1d74a89086f517d91ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7657226687959464658/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:12:41 GMT
x-content-type-options: nosniff
age: 352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39696
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Nov 2023 05:27:41 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A631 43 B
215 B 655ms
391ms Image
image/gif 2600:1f13:800:7782:14df:363:a706:6a6f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=cdbdd157-1f48-a9ed-eec4-f19d3e170e80&tv=%7Bc:uieUGy,time:226,type:e,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:226,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B219~0%5D,as:%5B219~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVW5nCk+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181*.987057-61527013%7C1811%7C1812%7C1813%7C1814%7C191.987057-61527013%7C1911%7C1912%7C19131%7C1914,idMap:181*,rmeas:1,rend:0,renddet:DIV,siq:25,sis:211%7D&br=c
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:14df:363:a706:6a6f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4324 43 B
215 B 461ms
198ms Image
image/gif 2600:1f13:800:7782:14df:363:a706:6a6f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=d3b4d2ca-6033-4133-98bc-56e45427a9e9&tv=%7Bc:uieUGy,time:167,type:e,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:167,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B161~0%5D,as:%5B161~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVW5nCk+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181.987057-61527013%7C1811%7C1812%7C1813%7C1814%7C1815%7C191*.987057-61527013%7C1911%7C1912%7C1913%7C1914,idMap:191*,rmeas:1,rend:0,renddet:DIV,siq:17%7D&br=c
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:14df:363:a706:6a6f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 56ms
52ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rjlubZVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-axhMBihjElCFgA%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1135&gp=883&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&pl=0&f=0&j=&t=1700284710990&de=969979995092&rx=777807366734&cu=1700284710990&m=2263&ar=51bd715ca6c-clean&iw=d919dfb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=883&lb=13196&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1709%3A1709%3A0%3A1745&as=1&ag=1094&an=1094&gi=1&gf=1094&gg=1094&ix=1094&ic=1094&ez=1&ck=1094&kw=886&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1094&bx=1094&ci=1094&jz=886&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=886&cd=886&ah=886&am=886&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4399703447%3A2915093164%3A5803014380%3A138366002964&bo=343101415&bp=387186655&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387186655&dfp=0%2C1&la=387186655&zMoatAU=%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&zMoatProduct=homepage-beta&zMoatPS=-&zMoatSlot=InFeed_Right&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=2&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=205853&na=1055028177&cs=0
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 18 Nov 2023 05:18:33 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 54ms
53ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rjlubZVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-axhMBihjElCFgA%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1135&gp=883&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&pl=0&f=0&j=&t=1700284710990&de=969979995092&rx=777807366734&cu=1700284710990&m=2263&ar=51bd715ca6c-clean&iw=d919dfb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=883&lb=13196&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1709%3A1709%3A0%3A1745&as=1&ag=1094&an=1094&gi=1&gf=1094&gg=1094&ix=1094&ic=1094&ez=1&ck=1094&kw=886&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1094&bx=1094&ci=1094&jz=886&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=886&cd=886&ah=886&am=886&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4399703447%3A2915093164%3A5803014380%3A138366002964&bo=343101415&bp=387186655&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387186655&dfp=0%2C1&la=387186655&zMoatAU=%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&zMoatProduct=homepage-beta&zMoatPS=-&zMoatSlot=InFeed_Right&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=2&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=205853&na=38452752&cs=0
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 18 Nov 2023 05:18:33 GMT

GET
H2 200 115 Show response
check.analytics.rlcdn.com/check/ 25 B
382 B 264ms
125ms XHR
application/json 143.204.98.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://check.analytics.rlcdn.com/check/115
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-119.fra50.r.cloudfront.net
Software: /
Resource Hash: 8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 18 Nov 2023 05:18:33 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-trace-id: Root=1-65584929-0ec8d40a27b6c03220fb40ce
x-amzn-requestid: 11dabb2e-4928-4b85-8ff5-8a83f72ff9f3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: OlBelH7IjoEEQfA=
content-length: 25
x-amz-cf-id: 8I4C_lra8z9AoGWOWz803VNo687Tts2f4Y5o58h3DG7jtamylOsXag==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A631 43 B
215 B 208ms
199ms Image
image/gif 2600:1f13:800:7782:14df:363:a706:6a6f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=cdbdd157-1f48-a9ed-eec4-f19d3e170e80&tv=%7Bc:uieUKE,pingTime:-10,time:480,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xNTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1700284713755%7C%7Ca0754daf8a088da5e0cb60260db3b1f5%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7Cb4e07efe11ab7bb2f02bc4d6348ff1c2%7C%7Cd0dcd7f5f2adeed3c293b908a6a538d7%7C%7Cbd3fa4584e8ceb5022ebf89065e31ea4%7C%7C852dea90e73e4ddd91570718bcc4de39%7C%7C17eca40170009f4a12e600b0cfb25ab1%7C%7C1663701684%7D
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:14df:363:a706:6a6f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4324 43 B
215 B 392ms
391ms Image
image/gif 2600:1f13:800:7782:14df:363:a706:6a6f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=d3b4d2ca-6033-4133-98bc-56e45427a9e9&tv=%7Bc:uieUKL,pingTime:-10,time:428,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xNTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1700284713763%7C%7C73a7af13833909005ec33422fa7740d1%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7C4a2eaff4d6fa2cd40e8938acab9a7c85%7C%7C4d2fed4d32223dad5a6b692edb54956e%7C%7C5ca3fdcc0ef76260f763d6a6b9232a8d%7C%7Cc532c3dab702f6399a4243969fa0fdb6%7C%7C5705ad5ad91aa8f7069699897457a6e3%7C%7C1663701684%7D
Requested by: Host: 715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
URL: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:14df:363:a706:6a6f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:33 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F05 0
0 197ms
91ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvl3bZG0kShyis8dOefXt9JZycFN5nYXf383a1x4HsGTaw8O82IasSkQxN2zu2w24-ZqLYiwmpcJTjho9Gcc8o8utwW_QvleOpAO-Wk9-De53R-72UtoA-lQvNxCuAS_peuQdRxAF3cAMU7HLZ7JqCzMCVoglsWJiuRi0wfZu2B3J8X6onbmOX1JgID-CoFCEumkvAXMcQHj5668rsImr_jZ1MbmdzG8MC_XjrDskEokufoFKieR2Ea0BijuqqFGMysEbbeU8HV91tujVFb0upApzYuRM8hA5aGUtGHasZtj6-SEnP-5PyCkGKJnNc3kgQNvlKZWWZjzs1pdFagGwDSWtcLR8U8WdGJ5IURzxYvAil1lTNjliaUYSYO7A&sai=AMfl-YSb7NxxKWzFYxWlO202Th3sCPTsRwqhFvl7v9czWNeVC7yQ0wGQB2c9j-YlEPGhDP9CE6iCJRu9QojDCJSOhaVPMayd5hGUS6m4oon-JDLqPZ7KAA4jodwi2yNtiLo&sig=Cg0ArKJSzLShkKBLZBsFEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Nov 2023 05:18:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A481 0
0 190ms
90ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxouwAL7DKaRAV9NmqC92EDUB8-1fLSh3VFLGYhTmUrft--fpdOYKgh9zWOscjDtf8NZMEQfvUvAzGHUPCBytqGhDr_IheKwWKsfxG4_elQQr2_jwo-xl4nwNdXXjTjipwkFhR0-ezBJ_geBURPJAna810iMAB0lcF1kxiGoTqWsNipmuEOc5I4L6CT-ElFf6YgchDSuHZF9OlNL7Ve26q3N6lqmWvX7EqMVc3AkWRh9ULOl8mptwPJIhcD7eZLTXDK4tFSCSHImYDNjvNHNTE9byvqyaCv9P9LGZi_Ns6RTpKp4mJeA9HfwtmFk8schVdOFaUfY3O0jLoBIm7PTLaV33SQdvN7c7woKgKFeVAFFeqfIo9hTWYdQmdHw&sai=AMfl-YRpH6NoU_J3Ac94wzwXGhyMXrE1-hwY6WU1igc7f6NLUPZILf3OOp6oIo1qJb7NTEMO5bOm_-U6Kag-5bfuwDwE2o4P532TaevBZ3vjQrECwN2jcPQ_UQZAWXuUd04&sig=Cg0ArKJSzDmkYsZaQF0NEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Nov 2023 05:18:34 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 53ms
53ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_HEADER1&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&t=1700284710990&de=63335504335&rx=777807366734&m=0&ar=51bd715ca6c-clean&iw=d919dfb&q=3&cb=0&cu=1700284710990&ll=2&lm=0&ln=0&em=0&en=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=advanceddigitalheader640552616592&fd=1&it=500&ti=0&ih=2&pe=1%3A1709%3A1709%3A0%3A1745&fs=205853&na=151922379&cs=0
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 18 Nov 2023 05:18:34 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 69ms
68ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fd1d75a76acd89c167656ab5323379a55ba21799b2fbd717d15776543247a12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12295
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 53ms
53ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.mlive.com%2F-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rjlubZVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-axhMBihjElCFgA%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1700284710990&de=63335504335&rx=777807366734&cu=1700284710990&m=3185&ar=51bd715ca6c-clean&iw=d919dfb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=13196&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1709%3A1709%3A0%3A1745&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205853&na=650917164&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 18 Nov 2023 05:18:34 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 05:18:34 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 956F 13 KB
5 KB 55ms
53ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 51710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 14:56:44 GMT
expires: Sat, 16 Nov 2024 14:56:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 60D8 829 B
560 B 64ms
63ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6de91413b207c94b7b0da80030f595d9f8dc87dda88b21c68b92d8ba6d80f7ec

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lShEO89bBPTxM49bFJf-2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lShEO89bBPTxM49bFJf-2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 05:18:34 GMT
expires: Sat, 18 Nov 2023 05:18:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A631 43 B
215 B 198ms
198ms Image
image/gif 2600:1f13:800:7782:14df:363:a706:6a6f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=cdbdd157-1f48-a9ed-eec4-f19d3e170e80&tv=%7Bc:uieUU3,time:1063,type:e,im:%7Bpci:%7Btdr:1004%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1063,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1056~0%5D,as:%5B1056~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:755,fm:tVW5nCk+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181*.987057-61527013%7C1811%7C1812%7C1813%7C1814%7C191.987057-61527013%7C1911%7C1912%7C19131%7C1914,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:25,sis:211%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:14df:363:a706:6a6f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:34 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4324 43 B
215 B 198ms
197ms Image
image/gif 2600:1f13:800:7782:14df:363:a706:6a6f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=d3b4d2ca-6033-4133-98bc-56e45427a9e9&tv=%7Bc:uieUUW,time:1059,type:e,im:%7Bpci:%7Btdr:1005%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1059,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1053~0%5D,as:%5B1053~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:749,fm:tVW5nCk+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181.987057-61527013%7C1811%7C1812%7C1813%7C1814%7C1815%7C191*.987057-61527013%7C1911%7C1912%7C1913%7C1914,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:17,sis:178%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:14df:363:a706:6a6f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:34 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 956F 39 KB
15 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:09:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 17:09:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 60D8 0
0 87ms
86ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=1518445225692931&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4324 42 B
64 B 89ms
89ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1Amjz7hLjO1cYzwbzA_B_W44rG3S0Gh9tXxZH65lVbR3zJknpgxBzwi1xQSxib6SaOIgCAVKr95rDiT_sAuPyRpJsEbsQCx4YkDayRdv-SlPGeuuuPtfOW6B5&sig=Cg0ArKJSzNRdbsQ2-flBEAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700284712471&rpt=928&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A631 43 B
215 B 198ms
197ms Image
image/gif 2600:1f13:800:7782:14df:363:a706:6a6f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=cdbdd157-1f48-a9ed-eec4-f19d3e170e80&tv=%7Bc:uieUVx,pingTime:0,time:1155,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:24%7D,%7Bpiv:100,vs:i,r:,t:1154%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1,o:1154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1147~0,1~100%5D,as:%5B1148~300.250%5D%7D%7D,%7Bsl:i,t:1154,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1147~0,1~100%5D,as:%5B1148~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:755,fm:tVW5nCk+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181*.987057-61527013%7C1811%7C1812%7C1813%7C1814%7C191.987057-61527013%7C1911%7C1912%7C19131%7C1914,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:25,sis:211%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:14df:363:a706:6a6f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:34 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4324 43 B
215 B 198ms
198ms Image
image/gif 2600:1f13:800:7782:14df:363:a706:6a6f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=d3b4d2ca-6033-4133-98bc-56e45427a9e9&tv=%7Bc:uieUWe,pingTime:0,time:1139,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:17%7D,%7Bpiv:100,vs:i,r:,t:1138%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1,o:1138,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1133~0,0~100%5D,as:%5B1133~300.250%5D%7D%7D,%7Bsl:i,t:1138,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1133~0,0~100%5D,as:%5B1133~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:749,fm:tVW5nCk+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181.987057-61527013%7C1811%7C1812%7C1813%7C1814%7C1815%7C191*.987057-61527013%7C1911%7C1912%7C1913%7C1914,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:17,sis:178%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:14df:363:a706:6a6f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:34 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A631 42 B
64 B 91ms
90ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuF48u9L3BGQC1uydH5SUtbCbAkm8dG_XxFxcUjsRjNEmFEEP4Qw-83ZhYBOfP0HpM9p3mSWwXULglVGhOd6IDx35AoNoEGgxW0ADsNEI7dlnhb3HbP6mtAtJIi&sig=Cg0ArKJSzHIad8Z3pKmDEAE&id=lidar2&mcvt=1013&p=0,0,250,300&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700284712428&rpt=1021&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 956F 0
10 B 53ms
52ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?b2KRNw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 88ms
88ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=1518445225692931&bg=!9Pel97jNAAZxrfrxUa07ADQBe5WfOLKXYvjQMWMskHhiIEk1hPmRIMrZ87-Lm93XyfRW4YtMHN0C4DY7KHuDKrSwEQriAgAAAExSAAAABGgBBwoAJiMyK_BSX11npboX2F2dnFxdYH2qMigEXtJHNsUrbBV0sQbCpQ_FmQLAKaC6SXUINpNJx5nyOz4qA9YE1D4wIez-n9Bww2wTaZcIJGg-cw5nwNsFzal3FldyYFByo6-z4VIC81xcaftenRx6qkCZ71SzPDfssvvFmFjami3iBFAKBCeyb0nTqb1g2jylovqrHxrWZgOsQZ0-ajqG6NtkCoVUYU5hcqfTDr0wU7DE4Kn0cEPNXCGlkcFvN87LcPETcCX9JAaBDun9Sq6zCNNU_6pyTYb_0FYX9PkiEb5XxFaO1Dq1gDOvjJpHVYA4kjEykrslSMuW46VLjLUhoKAmZ8ay7e8sFyMUZXovxccX2OrCQzzX6vSrR8x-n5XWI6_grOF8yEqJw638OXeMq6VR4NCza_KpTd8i9z9ZpKyJWwhz1dmBY7D2RTMvgmj-sbEnnv1aWBYNzx2FXXnqpYsqfmsMwHyJBNfNStX9WUgTMzqB_h1jSTOERn6ffRskygmtVx-QmmTUBFQgXFOqbFHEDq8kT0nyBDoNT-COKWKfoCHIU_iAC9Qxc7AwpA2LZWaEG3ZgBQATHEupPzjdW5Uhbh2ifro-UpulIeC5BcAmOyp_KVKnYnYeppygrkJ3NtT2Fz-ndWTBiCm6vjuLW9Kco-CfA9wCZU0Sngk6jkD3GJX2DvguY-uQOOaXeofVo3yPjSRHSyJ6sjIpynS4bWieKPzYg7NehCQsV31LaH9cpkqCFW1Mg5MFsTrTGDpUZEKhp9MWXwzCUaKMmjGnt4jBjjrUkD4m1Cht8II1mdBplz5ZvLIk1E8pRyYN1wd0IYsqx7CC3BNfkqG27H3ak4MVYRBXxls11Jhri0LeWhOEVLlpJjz_MDgtQj5HugkvfOOAyVrDInyOWpMSh0UKo3nx1XCNHJ1FOisOUdHtJoY_PQaHhpHT8wjynLFP4G4GzYRaj79ll-k-ov12p3hjjKwoBhAqDx9S-zT35WQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A631 0
20 B 86ms
86ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4728129216540&version=m202309260101&ct=76&x=8&cor=10176498598416726000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6F05 42 B
64 B 91ms
91ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdiuS2aB6btb0WIlkCYI68OCW1TxENTzTdEvBs0tNrBrNBsOdoo_4pn0PQF1Tiio5Zlc7y68wxk3-NU2PdwdxNx30FdgjYu_miCe8_UJmtzsp3j7qrb9aQpkY4FMHHlp2B-JxSJTwpWQ&sig=Cg0ArKJSzJKG8i-i9N8bEAE&id=lidar2&mcvt=1017&p=917,165,1167,465&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1117919391&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700284712018&rpt=2145&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4324 0
20 B 86ms
86ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9206132584203&version=m202309260101&ct=76&x=8&cor=9583330902660098000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A481 42 B
64 B 91ms
91ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkgIylsAv8MXp-b2h0RglW5rUU8w6AJWyVos2ikaUtbgvg6EzZM1A3PZpq4LNSWSrwVIu8svdsY6TH-XA8bWb3QmlBFYBxSMZQOFEnP1IImMiuhHqOviJNMD2hMl9JGr1EfGFHS4htmg&sig=Cg0ArKJSzGJLSgnUzbB9EAE&id=lidar2&mcvt=1021&p=883,1135,1133,1435&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3501067380&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700284712023&rpt=2148&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A631 43 B
215 B 197ms
197ms Image
image/gif 2600:1f13:800:7782:14df:363:a706:6a6f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=cdbdd157-1f48-a9ed-eec4-f19d3e170e80&tv=%7Bc:uieVbG,pingTime:1,time:2156,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:24%7D,%7Bpiv:100,vs:i,r:,t:1154%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1002,o:1154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1147~0,1~100%5D,as:%5B1148~300.250%5D%7D%7D,%7Bsl:i,t:1154,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:199,fm:tVW5nCk+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181*.987057-61527013%7C1811%7C1812%7C1813%7C1814%7C191.987057-61527013%7C1911%7C1912%7C19131%7C1914,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:25,sis:211%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:14df:363:a706:6a6f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:35 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A631 43 B
215 B 198ms
197ms Image
image/gif 2600:1f13:800:7782:14df:363:a706:6a6f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=cdbdd157-1f48-a9ed-eec4-f19d3e170e80&tv=%7Bc:uieVbG,pingTime:1,time:2156,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:24%7D,%7Bpiv:100,vs:i,r:,t:1154%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1002,o:1154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1147~0,1~100%5D,as:%5B1148~300.250%5D%7D%7D,%7Bsl:i,t:1154,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:199,fm:tVW5nCk+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181*.987057-61527013%7C1811%7C1812%7C1813%7C1814%7C191.987057-61527013%7C1911%7C1912%7C19131%7C1914,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:25,sis:211,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:14df:363:a706:6a6f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:35 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4324 43 B
215 B 198ms
198ms Image
image/gif 2600:1f13:800:7782:14df:363:a706:6a6f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=d3b4d2ca-6033-4133-98bc-56e45427a9e9&tv=%7Bc:uieVcn,pingTime:1,time:2140,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:17%7D,%7Bpiv:100,vs:i,r:,t:1138%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1002,o:1138,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1133~0,0~100%5D,as:%5B1133~300.250%5D%7D%7D,%7Bsl:i,t:1138,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:200,fm:tVW5nCk+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181.987057-61527013%7C1811%7C1812%7C1813%7C1814%7C1815%7C191*.987057-61527013%7C1911%7C1912%7C1913%7C1914,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:17,sis:178%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:14df:363:a706:6a6f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:35 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4324 43 B
215 B 197ms
197ms Image
image/gif 2600:1f13:800:7782:14df:363:a706:6a6f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=d3b4d2ca-6033-4133-98bc-56e45427a9e9&tv=%7Bc:uieVcn,pingTime:1,time:2140,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:17%7D,%7Bpiv:100,vs:i,r:,t:1138%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1002,o:1138,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1133~0,0~100%5D,as:%5B1133~300.250%5D%7D%7D,%7Bsl:i,t:1138,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:200,fm:tVW5nCk+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181.987057-61527013%7C1811%7C1812%7C1813%7C1814%7C1815%7C191*.987057-61527013%7C1911%7C1912%7C1913%7C1914,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:17,sis:178,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:14df:363:a706:6a6f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:35 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sdk-runtime-config.js Show response
buy.tinypass.com/api/v3/anon/assets/ 266 B
509 B 163ms
60ms XHR
application/json 2606:4700::6812:907e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=8Gu2Z8RCvZ

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15231070bbf73027e43b762b9ae1ae5528df0db791b4b1faa411f4e34dc43067

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.mlive.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:36 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 9741
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: Mfksa4smh7P
wn: prod-dash-10-0-125-79
last-modified: Sat, 18 Nov 2023 02:36:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.006
cache-control: public, max-age=14400
cf-ray: 827dc0f43c1bdd78-LHR
expires: Sat, 18 Nov 2023 09:18:36 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9661 16 KB
6 KB 208ms
56ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=170034
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sat, 18 Nov 2023 05:18:36 GMT
expires: Mon, 20 Nov 2023 04:32:30 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame A803 3 KB
2 KB 147ms
50ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1117
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 827dc0f6deb16100-LHR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 18 Nov 2023 05:18:36 GMT
expires: Sat, 18 Nov 2023 09:18:36 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 53A6 281 B
555 B 53ms
53ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 18 Nov 2023 05:18:36 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame AA43 22 KB
8 KB 177ms
69ms Document
text/html 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

de9b285795f260217cec80a0e417b7c25203b2152b5e4b67c0fc360654d35303

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8061
content-type: text/html; charset=UTF-8
date: Sat, 18 Nov 2023 05:18:36 GMT
expires: Mon, 20 Nov 2023 05:18:36 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 cm
trc.taboola.com/sg/prebidJS/1/ 43 B
409 B 144ms
51ms Image
image/gif 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/prebidJS/1/cm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Sat, 18 Nov 2023 05:18:36 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 6601
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lcy-eglc8600037-LCY
pragma: no-cache
server: nginx
x-timer: S1700284717.617258,VS0,VE8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 53A6 46 KB
13 KB 63ms
63ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e92610c8ef333bcc5802150887076cfd1a1b6590432185f2bc0a0abff06d906d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 05:18:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Nov 2023 11:35:45 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=22663
Connection: keep-alive
Content-Length: 13230
Expires: Sat, 18 Nov 2023 11:36:19 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 53A6 7 B
380 B 53ms
53ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 2963 2 KB
1 KB 75ms
75ms Document
text/html 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cffb32ea6be802b0e5d42facb289fb01129e7697f75aeff6468dddbc4e1e64b

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 827dc0f74e547192-LHR
content-encoding: br
content-type: text/html
date: Sat, 18 Nov 2023 05:18:36 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cP%2FnJQRRWz4Ax2r7VxDqomTDydiJdTvw8uwpoidnvo%2FeXSU0GxOgEtjvHce004JqNDRkhAgIRWW89Mp0BJRG0NnLVwsORkmW9O2rzVOLzQaqvZsX%2Bw%2FTXLeNq9595mtrkI0DMyX6TTDWA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9661 0
42 B 183ms
52ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58335653&p=159879&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:36 GMT
content-length: 0

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 2963
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVhJKFje4TimJRqHhCYZ6AAA%262197&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVhJKFje4TimJRqHhCYZ6AAA%262197&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=0a0bf32a37c84c90a0a0a84eadb968e6
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0

70 B
148 B

52ms
52ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:37 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Date: Sat, 18 Nov 2023 05:18:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 2963
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVhJKFje4TimJRqHhCYZ6AAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOlh5dYOsl365KrwRj5bp1I&google_cver=1

43 B
733 B

70ms
70ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOlh5dYOsl365KrwRj5bp1I&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIL%2FHjJk8ac823rNMLMYyrE6qSlmM4i9c9zoiIvgqwubla3780scbLV4mU7DtjAZznO8GWlmFu7okAlY6l3XEzvkO4iBTdgtsb4YBK6JUzlegXGp%2Fmz%2BHTAs96nCfbTE3vVL4Q7Gs4%2FtkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 827dc0f8bece7192-LHR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOlh5dYOsl365KrwRj5bp1I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 2963 70 B
148 B 54ms
52ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:36 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 2963
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVhJKFje4TimJRqHhCYZ6AAACJUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENfN-IkfOAk7YG90RFWlG94&google_cver=1

43 B
732 B

75ms
75ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENfN-IkfOAk7YG90RFWlG94&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwuVzHjN0bXrAiNk5f4hX%2FMMoIjjRgKgMjk1QLTb66jpJoYMfU3l41evZ9QA9rXG0zvA9tQ2ZtqtWUEyG54%2BoR%2Bs1WCYnstcaf3ltr7NA9myG2v0r1d6vHC0m9hIxIqd8AYrocDUekP%2Fow%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 827dc0f82e9c7192-LHR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENfN-IkfOAk7YG90RFWlG94&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 2963
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVhJKFje4TimJRqHhCYZ6AAACJUAAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVhJKFje4TimJRqHhCYZ6AAACJUAAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

143ms
143ms

Image
image/gif

52.46.128.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVhJKFje4TimJRqHhCYZ6AAACJUAAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.128.147 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 05:18:37 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BF1HMMBHKFC8EC857PBZ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 05:18:37 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 38HFAB5CXM78VZ6C0NBA
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVhJKFje4TimJRqHhCYZ6AAACJUAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 2963
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=

43 B
732 B

72ms
71ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKpUy%2FmlFE4mSNOG8EvSFQzYo254NdgrOu785ry5rqLtL9DOiYVJJ7kmd%2FjUVgI7LhqzU6i0Fqo2SUGWqWlRB9XFSfPHPs%2F73FUeoi962jfAt7MH8giHJlSh4aAdE71bygVTzJbrZ5VF0w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 827dc0f8fede7192-LHR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
date: Sat, 18 Nov 2023 05:18:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
content-type: text/html; charset=utf-8

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 2963 43 B
654 B 274ms
59ms Image
image/gif 2607:ae80:192:1::173
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZVhJKFje4TimJRqHhCYZ6AAACJUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 2607:ae80:192:1::173 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 05:18:36 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1700284716898025-421

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame 2963
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=n6XDuI2T1R4dIY5

43 B
339 B

70ms
70ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=n6XDuI2T1R4dIY5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mFS1YURSp4nGciO0cJRigeQzo%2FJdM%2Bnjaum%2Fxt8hzwrkn2LouwowwzpNHI1pMqfdDkhDyVdg3yuyu8wSb0zonJKTomFO%2FtK2%2BkOaBp8Ca6udAjZ54DmyB8BKClQFqOnOALVUAvHdFyE1zA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 827dc0f81da86402-LHR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 18 Nov 2023 05:18:35 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=n6XDuI2T1R4dIY5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 2963 43 B
229 B 60ms
48ms Image
image/gif 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZVhJKFje4TimJRqHhCYZ6AAA%262197
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:18:36 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 4851
etag: "da1f1d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 827dc0f7df476100-LHR
content-length: 43
expires: Sun, 19 Nov 2023 05:18:36 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 53ms
53ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rjlubZVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-axhMBihjElCFgA%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=165&gp=917&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&pl=0&f=0&j=&t=1700284710990&de=746612520125&rx=777807366734&cu=1700284710990&m=6308&ar=51bd715ca6c-clean&iw=d919dfb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=917&lb=13196&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1709%3A1709%3A5873%3A1745&as=1&ag=5179&an=1132&gi=1&gf=5179&gg=1132&ix=5179&ic=5179&ez=1&ck=1132&kw=954&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5179&bx=1132&ci=1132&jz=954&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5012&cd=954&ah=5012&am=954&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=4399703447%3A2915093164%3A5803014380%3A138366412552&bo=343101415&bp=387186655&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387186655&dfp=0%2C1&la=387186655&zMoatAU=%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&zMoatProduct=homepage-beta&zMoatPS=-&zMoatSlot=InFeed_Left&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=205853&na=276721568&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 18 Nov 2023 05:18:37 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 53ms
53ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rjlubZVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-axhMBihjElCFgA%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1135&gp=883&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&pl=0&f=0&j=&t=1700284710990&de=969979995092&rx=777807366734&cu=1700284710990&m=6309&ar=51bd715ca6c-clean&iw=d919dfb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=883&lb=13196&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1709%3A1709%3A5873%3A1745&as=1&ag=5141&an=1094&gi=1&gf=5141&gg=1094&ix=5141&ic=5141&ez=1&ck=1094&kw=886&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5141&bx=1094&ci=1094&jz=886&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4944&cd=886&ah=4944&am=886&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=4399703447%3A2915093164%3A5803014380%3A138366002964&bo=343101415&bp=387186655&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387186655&dfp=0%2C1&la=387186655&zMoatAU=%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&zMoatProduct=homepage-beta&zMoatPS=-&zMoatSlot=InFeed_Right&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=2&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=205853&na=1585737251&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 18 Nov 2023 05:18:37 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 60ms
59ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=45je3b81v875661087z878133989&_p=1700284709923&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYWJhMj&cid=460703877.1700284711&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dp=%2F&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1700284710&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&en=blueconic&ep.headline=undefined&ep.author=undefined&ep.entry_id=undefined&ep.page_type=homepage&ep.product=homepage-beta&ep.platform=desktop&ep.user_subscription_status=undefined&ep.ab_test_group_user=sub-group-b&ep.search_term=undefined&ep.targeting_codes=undefined&ep.targeting_codes2=undefined&ep.targeting_codes3=undefined&ep.targeting_codes4=undefined&ep.targeting_codes5=undefined&ep.targeting_codes6=undefined&ep.entry_tags=undefined&ep.referring_subdomain=undefined&ep.browser_cookie_region=undefined&ep.monthly_visit_number=1&ep.content_region=undefined&ep.content_topics=undefined&ep.blog_category=undefined&ep.section=Home%20Page&ep.article_date_original=undefined&ep.article_date_updated=undefined&ep.entity_type=undefined&ep.entity_value=undefined&ep.auxiliaries=undefined&ep.lotame_id=undefined&ep.gigya_user_id=undefined&ep.usprivacy_cookie=1---&ep.userid_flag=false&ep.panorama_id=undefined&ep.targeting_codes7=undefined&ep.targeting_codes8=undefined&ep.targeting_codes9=undefined&ep.ga_bc_1=a0002%2Ca0022%2Ca0054%2Ca0107&ep.ga_bc_2=undefined&ep.ga_bc_3=undefined&ep.ga_bc_4=undefined&ep.ga_bc_5=undefined&ep.clavis_interest_topics=undefined&ep.site_cdp_segments=undefined&ep.bc_visit_number=1&_et=1657&up.frequency=undefined&up.recency=undefined&up.intensity=undefined&up.behavioral_momentum=undefined&tfd=9094
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 53ms
53ms Image
image/gif 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&ra=6&pxm=1&sgs=3&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_DFP1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rjlubZVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-axhMBihjElCFgA%3D%3D&sc=1&os=1-UA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=165&gp=917&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&pl=0&f=0&j=&t=1700284710990&de=746612520125&rx=777807366734&cu=1700284710990&m=6510&ar=51bd715ca6c-clean&iw=d919dfb&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=917&lb=13196&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1709%3A1709%3A5873%3A1745&as=1&ag=5381&an=5179&gi=1&gf=5381&gg=5179&ix=5381&ic=5381&ez=1&ck=1132&kw=954&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5381&bx=5179&ci=1132&jz=954&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5213&cd=5012&ah=5213&am=5012&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=4399703447%3A2915093164%3A5803014380%3A138366412552&bo=343101415&bp=387186655&bd=undefined&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=343101415&zMoatOrigSlicer2=387186655&dfp=0%2C1&la=387186655&zMoatAU=%2F344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&zMoatProduct=homepage-beta&zMoatPS=-&zMoatSlot=InFeed_Left&zMoatPlatform=desktop&zMoatVersion=-&zMoatATF=false&zMoatCounter=1&zMoatJS=3%3A-&zMoatAdUnit1=-&zMoatAdUnit2=-&zMoatSM=-&hv=moat%20slot%20tag&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=205853&na=1956108203&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 05:18:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 18 Nov 2023 05:18:37 GMT

Verdicts & Comments Add Verdict or Comment

670 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

83 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
h312.mlive.com/DG/DEFAULT	1970-01-21 01:54:04	Name: BCSessionID Value: 9bd20ef1-0d60-4923-a981-0ffcb5492f62
advancelocal.blueconic.net/DG/DEFAULT	1970-01-21 01:03:40	Name: BCSessionID Value: 9bd20ef1-0d60-4923-a981-0ffcb5492f62
xfinity.userlogin-paymentupdate.service.auigebjhfbas.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: a05bd0ed45e827cc249b12c46ad6ab7d
www.mlive.com/	1969-12-31 23:59:59	Name: arc-geo Value: {"country":"GB","continent":"EU","regioncode":"EN","city":"LONDON","areacode":"","zipcode":"","timezone":"GMT","network":"","networktype":"","bandwidth":"1"}
.mlive.com/	1970-01-20 16:18:08	Name: AKA_A2 Value: A
.mlive.com/	1970-01-20 16:18:06	Name: sophiTagses.073a Value: *
.mlive.com/	1970-01-21 01:54:04	Name: sophiTagid.073a Value: 4504a863-a7ca-43b0-a5e8-0e9785e09ac8.1763444910319.1.1700284710.1763444910319.178a6ff7-1b09-4479-9638-4862b8c19198
.mlive.com/	1970-01-21 01:54:04	Name: _sp_duid Value: 4504a863-a7ca-43b0-a5e8-0e9785e09ac8
.mlive.com/	1970-01-20 18:27:40	Name: _gcl_au Value: 1.1.471922638.1700284711
.mlive.com/	1970-01-20 17:01:16	Name: utag_vnum Value: 1702876710565&vn=1
.mlive.com/	1970-01-20 16:18:06	Name: utag_invisit Value: true
.mlive.com/	1970-01-20 16:18:06	Name: utag_dslv_s Value: Less than 1 day
.mlive.com/	1970-01-20 16:18:04	Name: lotame_domain_check Value: mlive.com
www.mlive.com/	1970-01-20 17:01:16	Name: _pbjs_userid_consent_data Value: 3524755945110770
.mlive.com/	1970-01-20 17:01:16	Name: pbjs_sharedId Value: 1084ce7e-6f94-4f22-98b1-bbfb586c23c5
www.mlive.com/	1970-01-20 16:18:08	Name: _lr_retry_request Value: true
www.mlive.com/	1970-01-20 17:01:16	Name: _lr_env_src_ats Value: false
www.mlive.com/	1970-01-21 01:03:40	Name: last_visit_bc Value: 1700284710878
www.mlive.com/	1970-01-20 16:28:09	Name: authsource_origin Value: false
www.mlive.com/	1970-01-21 01:03:40	Name: usprivacy Value: 1---
.mlive.com/	1970-01-21 01:03:40	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sat+Nov+18+2023+05%3A18%3A31+GMT%2B0000+(Greenwich+Mean+Time)&version=202310.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=a4fc359f-8846-441b-a1c1-03bc249bfc21&interactionCount=0&landingPath=https%3A%2F%2Fwww.mlive.com%2F&groups=1912%3A0%2CC0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0
.mlive.com/	1970-01-21 01:39:40	Name: __gads Value: ID=eed23db067a1cce5:T=1700284711:RT=1700284711:S=ALNI_MZ2OtGiOiT94d4Oqzu8zw36Ez3qAg
.mlive.com/	1970-01-21 01:39:40	Name: __gpi Value: UID=00000ccb8003d77d:T=1700284711:RT=1700284711:S=ALNI_Mauuy14cpfoyJGFLcnkEP8UdEhyrQ
www.mlive.com/	1970-01-21 01:03:40	Name: ntv_as_us_privacy Value: 1---
www.mlive.com/	1970-01-20 16:19:31	Name: _lr_geo_location_state Value:
www.mlive.com/	1970-01-20 16:19:31	Name: _lr_geo_location Value: DE
.mlive.com/	1970-01-20 16:18:06	Name: _ml_ses Value: *
.t.co/	1970-01-21 01:54:04	Name: muc_ads Value: 4b8a379f-28a3-4513-b61b-192434e3ea1a
.mlive.com/	1970-01-20 16:18:06	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.mlive.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1700284711340%2C%22slts%22:0}
.mlive.com/	1970-01-21 01:47:28	Name: _parsely_visitor Value: {%22id%22:%22pid=1b651170750c218281824643b9d3a7b6%22%2C%22session_count%22:1%2C%22last_session_ts%22:1700284711340}
.mlive.com/	1970-01-21 01:46:52	Name: _awl Value: 2.1700284711.5-3814c5ce34b0a05621488586c846d6bb-6763652d6575726f70652d7765737431-0
.mlive.com/	1970-01-20 16:18:08	Name: AMP_TOKEN Value: %24NOT_FOUND
.mlive.com/	1970-01-21 01:54:04	Name: _ga Value: GA1.2.460703877.1700284711
.mlive.com/	1970-01-20 16:19:31	Name: _gid Value: GA1.2.24803419.1700284711
.mlive.com/	1970-01-20 16:18:04	Name: _gat_UA-16643585-16 Value: 1
.twitter.com/	1970-01-21 01:54:04	Name: guest_id_marketing Value: v1%3A170028471132688965
.twitter.com/	1970-01-21 01:54:04	Name: guest_id_ads Value: v1%3A170028471132688965
.twitter.com/	1970-01-21 01:54:04	Name: personalization_id Value: "v1_Qc1Ub5m6XLgfVZSRzGhXFw=="
.twitter.com/	1970-01-21 01:54:04	Name: guest_id Value: v1%3A170028471132688965
.rubiconproject.com/	1970-01-21 01:03:40	Name: khaos Value: LP3LM7OM-1Z-EVPW
.rubiconproject.com/	1970-01-21 01:03:40	Name: audit Value: 1\|SDziDG3X/EiX5PpMvpg8iq2qEsFCZ0ctSdOhPT1GMTl7fdy5ErN6pxJVuMSL///09TNBETKI888zgHlbzd1OQD/8MtLNt/Ye9jlMomVdK8Qijy0RC4Zd8RuybVyVU0yt
.mlive.com/	1970-01-20 18:27:40	Name: _fbp Value: fb.1.1700284711470.66711320
.criteo.com/	1970-01-21 01:39:40	Name: uid Value: 4befe486-a6b7-4676-a6a2-7d67dc88dc84
.openx.net/	1970-01-21 01:03:40	Name: i Value: dd6371b4-6111-439c-8787-a5e870b83d8f\|1700284711
.mlive.com/	1970-01-21 01:39:40	Name: cto_bundle Value: bkUYJF8wMU94YTRhMXI4Y0VxQUtUWlBOWmtMb084akVMJTJGWSUyQjB6RFVPRjVSVUpKa2MzMUFZcVZEckU0dUpPJTJGQ3B3ZFdVNGc4alVXUFFWTVN2d1c5ZzglMkJTWDJXYnNnZ2NRMU9Yd253TyUyQm1hSmFlSlMlMkZyN2JuWURRMXJYOU1iMyUyQjZsaXU0eVpDZXVtbExsMHhtTk9VTjBleUF4QSUzRCUzRA
.postrelease.com/	1970-01-21 01:03:40	Name: opt_out Value: 1
www.mlive.com/	1969-12-31 23:59:59	Name: ntvSession Value: {"id":1940732,"placementID":773533,"lastInteraction":1700284711906,"sessionStart":1700284711906,"sessionEndDate":1700352000000,"experiment":""}
.doubleclick.net/	1970-01-21 01:39:40	Name: IDE Value: AHWqTUklxcDYm3Fa9zk2lqcGRpZP2LbCRdbYv2UWN9rfsF9Lr1AZxU3kEixkDMWJZ2A
www.mlive.com/	1969-12-31 23:59:59	Name: BCSessionID Value: 9bd20ef1-0d60-4923-a981-0ffcb5492f62
advancelocal.blueconic.net/	1970-01-20 16:28:09	Name: AWSALBCORS Value: 2amx6wfFwQbSQkhCXc6iLGGvCCeBAP3N9MmgMW3a1wmQQONrhm9AEzPMdG2WLf9yXg6JeBKWd1SwBaLsiG7mmFE4eWlWfaYk204l+9eHa/DVdRJ0Yhc2vUU1bPyJ
.mlive.com/	1969-12-31 23:59:59	Name: utag_vs Value: 4
.mlive.com/	1970-01-21 01:54:04	Name: utag_dslv Value: 1700284712392
.mlive.com/	1970-01-21 01:54:04	Name: _ga_GG8B674XK4 Value: GS1.1.1700284710.1.0.1700284712.0.0.0
.casalemedia.com/	1970-01-21 01:03:40	Name: CMID Value: ZVhJKFje4TimJRqHhCYZ6AAA
.casalemedia.com/	1970-01-20 18:27:40	Name: CMPS Value: 2197
.casalemedia.com/	1970-01-20 18:27:40	Name: CMPRO Value: 2197
.doubleclick.net/	1970-01-20 16:18:08	Name: DSID Value: NO_DATA
.mlive.com/	1970-01-21 01:46:52	Name: _pcid Value: %7B%22browserId%22%3A%22lp3lm7k3nyszrbwg%22%7D
.adsrvr.org/	1970-01-21 01:05:07	Name: TDID Value: 0010e99e-af72-4836-aaec-b26ac59ef1f4
.adsrvr.org/	1970-01-21 01:05:07	Name: TDCPM Value: CAEYBTgBQgQiAggB
.mlive.com/	1970-01-21 01:46:52	Name: _pcus Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
.doubleclick.net/	1970-01-20 20:37:16	Name: APC Value: AfxxVi5wlmncLQLiNU1Fxmueb8aqVg2SpNHgIjO2spbbeWboeECErQ
.w55c.net/	1970-01-21 01:48:19	Name: wfivefivec Value: n6XDuI2T1R4dIY5
.1rx.io/	1970-01-21 01:03:40	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1e0bf489-eb02-478b-9b67-78c3bc676aa3-003%22%7D
.w55c.net/	1970-01-20 17:01:16	Name: matchgoogle Value: 5
h312.mlive.com/	1970-01-20 16:28:09	Name: AWSALB Value: kScOyypXaHPG5Gn3YtuBEyLs7oShGGBuKLewHBmaOYpzWqYg5S8YMuPxjAeKifNCdufR3YlcapanrWW7Wu4uwcUtETqIAgIEYyOtylOmbVU1ujaWRM933y5WmoJH
h312.mlive.com/	1970-01-20 16:28:09	Name: AWSALBCORS Value: kScOyypXaHPG5Gn3YtuBEyLs7oShGGBuKLewHBmaOYpzWqYg5S8YMuPxjAeKifNCdufR3YlcapanrWW7Wu4uwcUtETqIAgIEYyOtylOmbVU1ujaWRM933y5WmoJH
.targeting.unrulymedia.com/	1970-01-21 01:03:40	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1e0bf489-eb02-478b-9b67-78c3bc676aa3-003%22%7D
.piano.io/	1970-01-20 16:18:06	Name: __cf_bm Value: LUlKv_h12eEMhDU2EkXJrZh3LDlzFVzPN8Mw7o4GMTs-1700284713-0-AZBEoUpHnR1uGU/mKZzH4SV48IFhfbnG4/4bKP6UVGFPD1/rv5O15QA3IWrwkZMp5NgISi+yOYvQd5HZJxL9XyQ=
.mlive.com/	1970-01-21 01:54:04	Name: __tbc Value: %7Bkpex%7DH3eJiUWNw-JJMceovSXysGxGTC8sYZbqO0iw7H8_XSieHqX2PJilglda91ubTy3t
.mlive.com/	1970-01-20 17:01:16	Name: __pat Value: -18000000
.mlive.com/	1970-01-20 16:19:31	Name: __pvi Value: eyJpZCI6InYtMjAyMy0xMS0xOC0wNS0xOC0zMS0xMTYtUXFJclY1TUZUQWdiQ2FkSC1iMDhiN2NhNTMwYTM0MWZjY2RhZGNjMGNmMmY0OGJhYSIsImRvbWFpbiI6Ii5tbGl2ZS5jb20iLCJ0aW1lIjoxNzAwMjg0NzEzMDczfQ%3D%3D
.mlive.com/	1970-01-21 01:46:52	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXQF8g
.mlive.com/	1970-01-21 01:54:04	Name: xbc Value: %7Bkpex%7D9mdLNmk9HIKELpekPTBZ-P1mEzU2_ylsFo6urlqqTZ0Y5DRtVU-5u-DfRQ1hV98wZf7ivxm7eq7bUp3exHZqj1ogUmoP1Q2wDvxB-lIFT-gq78JafCzr6mEBNoSfHIKBUc7qMhand9_VkionqtUXsdtE4bx8Y0qPNpVwcBY6nRcNJ3cm--_MfePaax5tAtkAb20uf_9L4eyujywE1IjGHu4cSG8DslMitSPFLSpomliQ8BMqyWAp7nnYOiWg2xKRE_BaGK_Hc2bB06wNskmNSWvEeklRCRqYbkPU2qQZz6_maEMuRWUlCMB95LLZgF3kRjEtaw0c26-utEnMauveASLl1KUg4mgBeJn5_jx1PP3aDZ54HNyk471y3HzHYw_R0rD_UfGKbpgU-HFKfou7DmESZD7mlWEj--vZiZkhKKb2eoiU5CxoXvHLWCah-bv6nK45xvGZJBK-YxNTFoEOkGYW4HxCKr2w6xXhE7GmCcsrxG7-MwHMu3b6gN8SEvMkcxH40BY_6MA9SiiLL95JUOQpT1_Vh7JbDqcVTJfkM-Wb7QYEU9xIYSPXlBfImZcRNIW8hphIcJkS51t24pkuaTXCf1HJ9kQpJemd1uTfqiEowtGFg81ENnND53VxXHmYb85ahyim84vCGtXKNwBpQ-kExmjKXCd08ZlT756wlSjf0ne0v7nNDFTwbynIiWyPDWbwRWn8aXtozMamMbKc5fGvEqsaiKHNLvbtanHYH0tg6o_0ZgRzng4vz6AjQ_-nRs8l5ICdS_hE3buaKfLSFPdDib0MSt-0FFwqatIgiVtnLfSXvXiPINT-DDsi-F6MPFraG7om7i6WNUv4jo0wkqmJZp3IhhlBQ9a2bfLnLYHh0YhCuldLWjhYNJkSz35BjJEoC_AWN-rJvIKTMFbuv2p6BLSwjFq-q-qKQGuNDK9edWPHEvwoOvt8cQ4-woIDo8xuuS0V85lGkN0aNJB1ib-K2uy6VT7PuzV0ZlNQDNvbHmJX2VZEiUMzFVD8HufMlS1g5y0VHmX4wgEqMm_xDtlNuZ_0KkN_W2hLpVwRu-8q1Yg9DZ0EFSnZHqZu3FdHImw0FqoU2N2dG7GphrDgPA
.turn.com/	1970-01-20 20:37:16	Name: uid Value: 3892483747657869080
.mlive.com/	1970-01-21 01:54:04	Name: _ml_id Value: 46d12f41-0709-438e-823d-e86802cebce3.1700284711.1.1700284713.1700284711
www.mlive.com/	1970-01-20 16:19:31	Name: _lr_sampling_rate Value: 100
.www.mlive.com/	1970-01-20 16:28:09	Name: RT Value: "z=1&dm=www.mlive.com&si=1949a85b-a6a7-409a-ba72-755c2dd29ac3&ss=lp3lm5eb&sl=1&tt=4j5&rl=1&ld=4j6"
.ads.pubmatic.com/	1970-01-20 16:19:31	Name: KCCH Value: YES
.w55c.net/	1970-01-20 17:01:16	Name: matchcasale Value: 5
.ads.stickyadstv.com/	1970-01-20 17:01:16	Name: UID Value: 2a267d7c8421afe7c57ee8b262bbefa
.ads.stickyadstv.com/	1970-01-20 17:01:16	Name: uid-bp-34673 Value: ZVhJKFje4TimJRqHhCYZ6AAACJUAAAAB
.amazon-adsystem.com/	1970-01-20 21:43:31	Name: ad-id Value: A-vUv0cE5E04ssPkw8Zhvk8\|t

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=115 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

715e80dcd0eae6e5cc130c161306e4e5.safeframe.googlesyndication.com
a.teads.tv
aax.amazon-adsystem.com
accounts.google.com
ad.adsrvr.org
ad.turn.com
ad.yieldlab.net
ads.pubmatic.com
ads.rubiconproject.com
ads.stickyadstv.com
advancelocal.blueconic.net
ampcid.google.com
ampcid.google.de
analytics.twitter.com
api.rlcdn.com
app.matheranalytics.com
apps.sophi.io
at.teads.tv
ats-wrapper.privacymanager.io
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
buy.tinypass.com
c.amazon-adsystem.com
c.go-mpulse.net
c2.piano.io
cdn-ima.33across.com
cdn.cookielaw.org
cdn.id5-sync.com
cdn.indexww.com
cdn.parsely.com
cdn.prod.uidapi.com
cdn.sophi.io
cdn.tinypass.com
check.analytics.rlcdn.com
cm.adform.net
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
d1z2jf7jlzjs58.cloudfront.net
de2-bid.adsrvr.org
display.bidder.taboola.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
ecollector-us-east.sophi.io
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
exchange.postrelease.com
experience.tinypass.com
fastlane.rubiconproject.com
fw.adsafeprotected.com
geo.privacymanager.io
geolocation.onetrust.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
h312.mlive.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
jadserve.postrelease.com
js-sec.indexww.com
js.matheranalytics.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
micro.rubiconproject.com
mlive.com
mug.criteo.com
news.google.com
oa.openxcdn.net
oajs.openx.net
p1.parsely.com
pagead2.googlesyndication.com
pm.w55c.net
prebid-a.rubiconproject.com
prebid.media.net
privacy.crwdcntrl.net
px.moatads.com
r.turn.com
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.go-mpulse.net
s.ntv.io
s0.2mdn.net
satisfycork.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
snap.licdn.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
t.co
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.mlive.com
xfinity.userlogin-paymentupdate.service.auigebjhfbas.net
z.moatads.com
104.102.36.95
104.18.35.167
104.18.36.155
104.244.42.131
104.244.42.197
107.178.250.234
108.138.1.25
13.32.119.77
13.32.121.108
13.32.99.59
142.250.186.34
143.204.98.119
143.204.98.99
146.75.116.157
15.197.133.55
15.197.193.217
151.101.1.44
162.19.138.118
162.19.138.120
172.208.17.140
172.217.16.194
172.64.149.180
172.64.151.101
18.198.226.18
18.245.60.53
18.245.86.83
18.66.147.6
185.64.189.112
185.64.190.78
2001:4860:4802:32::36
23.201.255.110
23.215.22.18
23.32.184.192
23.32.185.123
23.32.185.192
23.32.185.35
2600:1901:0:328a::1
2600:1f13:800:7782:14df:363:a706:6a6f
2600:9000:211e:b000:1b:5138:8a40:93a1
2600:9000:2250:2200:a:e047:753:a221
2600:9000:2491:7000:8:48e:53c0:93a1
2602:803:c003:200::44
2602:803:c003:200::77
2606:4700:10::ac43:266a
2606:4700:4400::6812:2089
2606:4700::6811:c376
2606:4700::6812:82ec
2606:4700::6812:907e
2606:4700::6812:dff8
2607:ae80:192:1::173
2a00:1450:4001:802::2002
2a00:1450:4001:803::200e
2a00:1450:4001:806::2002
2a00:1450:4001:806::2006
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200d
2a00:1450:4001:810::200e
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:400c:c0c::9d
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:480:9a4::11a6
2a02:26f0:480:f::213:7ec5
2a02:26f0:480:f::213:7ec6
2a02:26f0:7100:59a::11a6
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:400::300
3.229.10.156
34.102.146.192
34.120.133.55
34.120.135.53
34.120.63.153
34.250.99.225
34.95.81.168
34.98.64.218
35.186.255.72
35.227.252.103
35.244.193.51
37.157.6.254
44.213.18.121
46.228.164.11
46.228.174.117
52.19.8.73
52.2.255.127
52.214.69.158
52.222.250.165
52.223.1.76
52.29.13.21
52.36.216.155
52.46.128.147
52.48.43.143
52.54.8.105
54.155.18.159
65.9.61.60
65.9.65.116
65.9.66.122
69.173.144.138
75.2.53.215
95.101.148.20
95.101.149.233
95.101.149.35
99.86.4.30
000875f535d3c8342137670778185a66af35c904fd6d5e5f19fb57438eea12db
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
020d2ea87fc79904e40de0e3766ba94a822a77aa2851380f283b51accd47869f
04b090c301a46f0e04071e03788fd61221666cd30c5925f6a92d49233d85f275
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0709e11f34bb1e47193a170bc8baf94732a32a867443b29be840c550cc03981d
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08f576fb0f8857b391579279c01b2fb667cb3a19428025a7a80e0aa1529fe49a
0915963e6af70fba7ec18ba17145998fab56ae687db7783d834c32551033669c
097d8f818d81ed5f76b3229a13550aeb9cfe556957fa496e0661a38b40688305
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1194491324f0e5b99036c8ae0ad83d12f0f21d841cc31eae81caf10c05d76b
0c8bf567531efae7de0018febd1d15200cec6c97eaa7d629afd2a0509485b875
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0fb148dc4dca57a0e3799bf263ff4051e295031e7d876fe85d82e4b71aa3067d
119fed91dd6c9d67ebd586f19666d8f8b3ea231a64366f0e174424d2629cadda
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
15231070bbf73027e43b762b9ae1ae5528df0db791b4b1faa411f4e34dc43067
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17748f605f725df235fb07a30e6d98edda5ad451d081d4e420516b6673c2c958
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d2fe099cdabb07612ca67384bc13ab2ffb96c91ef822a42282a4f8802bcd2f8
20968f90541ca3c75bba68253aa18ba3bbe677624e86dc48e14bf3ded2bd1e7b
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
22e71eb21b25151227e895938df2d792d7d8d1218f464ef90aced02b790bc84c
22ed960a5947aa61df4e9e38677c904e2ad4757de3d0d7ca8a55d1b01f1e4b26
2522f37c245031a0e03659c3cc53b31b7d0f180c29bafb15888b5e012e122c54
2667e7493e46594bafe160a7fe784c1ba5614075f69057a1790cbd1f4ce9e718
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
278c594fb1e8381410e079777ccd31fa020a6c6c602e4679409935b70ad0706d
28445ab5a58bac3609ddba4d1200c1797a766b538fd6b0bdb0926fbe386f327c
2954b823b72cadfae4cbb2365451dbb36b295a343cec1242b3444c41ee361028
2a70c011ae2744e9d6486d31e25e621e6d7c5334224c69f04409012afba00c2b
2f27c2e46b56724c2431e0cdf97e97460e2a83b149ee36d36890d342e3715912
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
2fd1d75a76acd89c167656ab5323379a55ba21799b2fbd717d15776543247a12
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35a2b85d7f2e1538d24526949815aa068a6e927045dc295ce9d4b0ba30b88104
3662ea8398492b04ad98656726af3df47215c13e153d12a5bc33900b359764aa
36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90
3747bb73cc9a3c008943a9c2c470edba183bfca97f9798695ae57b2f5be5c44a
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3f5684bf5aa4a6eb5c9015394c8739dff39377a73adf72c30ba511d0ab5b50f3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42308388615b5db6864e14b07c14f3d330a44aa3916a6b4ec212f32c4cfb59d4
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f22e506d2df5dcf79a87bf1063e74a89b0fe2262ce9adcf6ed27385a4a0951
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49b1485a151b82944796c5a354059e9678e19256d30d5ecea984550fc05a5845
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a4ce4cc9de9b9337c9591716670e26c1ee79f11a5ff24a0476cecfb23d0604a
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
4ecd9991564fb3cd2c59f47d46f4facf8f70ec4dfbe4df42f6a84951b240bedf
4fb1d13154b4b396d3ce77eb8294a859bef473d7d991624d266b0247c419a9ef
4fb731738e143f7dcecc1db22ae8b99c0804b76d173b9f76a618f89ee8d1d171
5038389366c7814f9211d9e75c99bb7a5d4c002a81e13b2637cab1b3c501719d
5287c26bcda2e326b21549876412bf038c0203b3882bb677b3e2e6c41a3f52ea
53ac7bdc78f11c023642ac320ca2cf33c334fd8deb50bd7bdc5c36fb9b325b14
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54e4fb0fdbc12d37c2c985f00ab56c96ae13d9f2ed2e8b7f51c0c59040ceba04
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
574c2ba7ab3c822802fabafe74221d17a2b124667e375a48328b448c799344a5
59eb2597946aa8c95434f9ae866a18d834a05d0a1ee096c5a649f59ab1de81e6
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5ccea5b60dae78fabaa67647f61c87078ded6180392aa92621f083c3cf586458
5cffb32ea6be802b0e5d42facb289fb01129e7697f75aeff6468dddbc4e1e64b
5f26dfc3f5d603822dd5eb17c772720fd8d984f3fa596f757973dabe24ebda6e
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6d55944664ea05fc63a29cba6ef737c7a961f22e616cd2b7e9dc6139aa5fd
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
648afc9fc01390c553bb882e68a452b45f47ffef036a7e9d68d40fcb68a8f192
67818760c383bca2da40429a9b99a20c8ece6b749c87cb9bce0d22013b9c8494
68d0af84061ff848e39aca212cc7466cc4944e4ec16906c6392adf9dd18bad38
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6bfe280c501d01dc9b39511ab8b8f9346efdf243c3db60a935f108c8e36b56d9
6d61518fbb1caf9b2df5acdfd9054062887454516813302e1a088c69923d269b
6de91413b207c94b7b0da80030f595d9f8dc87dda88b21c68b92d8ba6d80f7ec
702c805fec65a8cc8c6c40aed34123b021e5ed6107cc6dfdebc4b0fc2e229887
7140c865b7b91aa50093c42daaa5dfab8125619aabbfae00b5e3dd45069a7766
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7310e401efd5214d7c4baf2a6df94becd6d945da0682fbc3a93274eadc68e8c2
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
779560b566f055003c68dd89d16a1411bd308db8bcfbc6acfa37ee6f3292988e
7b7c04a30ceb7953f56d91e59bd11923135f153ab9019d8cfb33bc4b2b681004
7c2a59a31829b370120cdd228334de59a085cb1f80b60f762d60de88ab2216f2
7d5303f4bbac88e65f4aca15141860f164d54f5565d1d61455653ca2ecc8cd85
7dc47b6ece0cbc3d797f2338b3485b6bcc52b967cd51f1d74a89086f517d91ff
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
8074aec2f48253e1a7d142d394effd00436685147e972938b48c7e8045368455
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
890d3cb00882040aef921a417a9f85790bc1f34ef30f9908585b86b1b663a87f
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8b98ee4e69f00f9157ff104ebd587e0d097ba13114434be0601c52dc39522a6c
8c3b9ccc12a0c47b90f9a1d0e88c96c70299533cde7db8f673d7d6f99f46cde5
8c79555f44291106c6cc3c46aae1bd82645b4b658929ff6190a82840d1108624
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8deec7b21dcc5e2bb48bf813af2372f1c7c4299c82920d09af522191ba5cd2ed
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
8ff58a68496bb37cfa68712116e7050a4dad72e15215407e27b5aa487bd7a1e6
900058dffaf216c9a853e2d7e4109bfa2a58994237b2d4e5793734e4c2ecb4ac
91210fa256e2f98bdeb3f182d3aa308c7259f51148de80717738d700a0dcffe5
912cec9863b5d66e61ffe10a433d335520b1153c09c391c8e6589c580e4e8c4a
913488a6a0b7109e191bcc076f45bd244dec61412808e9aef582560edc3077dc
989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99e1423386be6f10f36748465dc7c2aca22f9973c160e3833c1f3f28d7326373
9a7a1edadd59a6e84d556ca5682679f252331deebd680ac3c7aec02cd371920d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d140c2ca33bf8d8056d5f72bb19ec54c32c161401d2716e78b1d5f61527992
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a2af465457e53ffb09fb97fef84fc7c92e2cb5ada7a09e1b97164e5b36f3accb
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
a44e1907df04f8b426457b5193e7927eab64e1e17d3d7af1854fca80b8fa1bf7
a690df8b229d3f5e8471dff581b7fb80a9117e0603d67a22422292448d3ffd46
a7e702f15b65f58d32945e27b8416dac2811afad1a828a9a617d5c0c1cc85b21
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4aab23f2abdbef0e01780c8e11567a9a7c7a5e425d57540e5b24115ff38508f
b9afeb90db17ffa772a8bbc38f8ae37524ac4c0660dfc228f528cfe36a38d53d
bb05ab5f6d35bed3717c3fe66361fc9bf450490d4e149a906afec8e7712ac250
bb5e59be9d91ab09c743760da7054e15b0651ff22256c268c6b715a2d5f3ccf9
bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc
bc2406b2176025b949ef983c74399c618b679f5f951a2c9083be7bc7c5244c04
bc81a36f49ee5477359a07befbf558311c2693d4cc6f6a0eec697099335cfc9f
be765640271edcbafd78cb6d6ab4e92f01292e11465724e444d65578e3333966
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7
c8164ab49ff3d32ffbe7e6ad17e8b16e8765b94ab42088494bfad6ce09be8893
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd9e326c69aa7d76bacc2f07c4dfcb105c8adeb85619076ae3aa5b6a0e498d3c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0a685a5a025e94bec5d54afec196ddee808a5310ba507057d8b50f656d8360e
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d1039618e7cdb24b71e44465b9903533f08985f40b1fad00d72c209fd6a7007e
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
dcca1d9eef3e1dbf5b40ed4ec26695da6f9fdecef0819f1a699e5c0bd1e8f6c4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9b285795f260217cec80a0e417b7c25203b2152b5e4b67c0fc360654d35303
df55fe88e3f2f45584110b0f4bb0cb758e7afc0d1cffba678828e31af6a2feb2
e0825ae573ddc69886f26310e2abb9b0c54a8a2205b1e2cf189d892250d123d1
e0d006d3b93ee93e669d0b6b3b2b29bc4da89483eef6007c90ab91598a8bf701
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c5690b8e89886bec5500c5e742364987c5baeb3c6d25dec33d171b40f0633c
e5696a4c04cb9236e69390a6a84619091cfe6ce887e5747c74f3214a69419484
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
e7f8376deb8f9efd736fafca533fa2228c2f7f61fc8b39299953cc50f40011cc
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e92610c8ef333bcc5802150887076cfd1a1b6590432185f2bc0a0abff06d906d
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
eb41a35461e710e0f075a0b21cf1389d752470dc314384ff634b8d256dc3e811
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec554103bf5e0b4462dffc405d746abdce3f805c081725f17b068c21dd1d1a5b
edc1df875d326efe2c8c41612f570394d23a3503c9680f5fa20a5184fe9d3125
ee5129a78987fab7fb6e8f86fcf9bb17bebba663e5e4d76e42d20e51f0e7202f
ee9d11c373870aee4391c291c71c32919add23f19e67b5da86421d8d067c60a8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f88f89a0cead9c36ddbe19508f32f64bd91e94e92b6006dd575e8d0deb317d7f
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804
fc33fc120439cbaa7becbb645627f8afb504e78dc2335444d03c9c05682e15ac
feeb83e3a11fb74465e062a5081f1f6f573ef66197f218a3a86447fefe3166f6

www.mlive.com Open in urlscan Pro 2a02:26f0:480:f::213:7ec5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

351 Requests

95 %HTTPS

35 %IPv6

63 Domains

117 Subdomains

103 IPs

9 Countries

5221 kBTransfer

15103 kBSize

83 Cookies

37 Outgoing links

Page URL History

Redirected requests

351 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mlive.com Open in urlscan Pro
2a02:26f0:480:f::213:7ec5 Public Scan

Screenshot
Live screenshot

Full Image

351
Requests

95 %
HTTPS

35 %
IPv6

63
Domains

117
Subdomains

103
IPs

9
Countries

5221 kB
Transfer

15103 kB
Size

83
Cookies

351 HTTP transactions
4 data transactions