urlscan.io logo urlscan.io
SecurityTrails logo

www.mlive.com Open in urlscan Pro
2a02:26f0:3500:12::1730:17b4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sign-verifyaccountamazonqupctex.duckdns.org/
Effective URL: https://www.mlive.com/
Submission: On October 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 125 IPs in 10 countries across 86 domains to perform 475 HTTP transactions. The main IP is 2a02:26f0:3500:12::1730:17b4, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.mlive.com. The Cisco Umbrella rank of the primary domain is 61450.
TLS certificate: Issued by R3 on September 28th 2023. Valid for: 3 months.
This is the only time www.mlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.240.155.157 46606 (UNIFIEDLA...)
1 1 75.2.53.215 16509 (AMAZON-02)
34 2a02:26f0:350... 20940 (AKAMAI-ASN1)
11 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:1901:0:3... 396982 (GOOGLE-CL...)
1 13.32.121.95 16509 (AMAZON-02)
1 18.245.86.71 16509 (AMAZON-02)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
4 35.71.130.31 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 95.101.149.35 16625 (AKAMAI-AS)
15 52.222.236.26 16509 (AMAZON-02)
5 23.35.237.151 16625 (AKAMAI-AS)
1 143.204.98.19 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700::68... 13335 (CLOUDFLAR...)
7 2600:9000:223... 16509 (AMAZON-02)
1 143.204.102.18 16509 (AMAZON-02)
1 23.212.213.167 16625 (AKAMAI-AS)
2 108.138.7.41 16509 (AMAZON-02)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 146.75.116.157 54113 (FASTLY)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2 107.178.250.234 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 23.201.255.110 16625 (AKAMAI-AS)
3 108.138.1.25 16509 (AMAZON-02)
3 65.9.66.122 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
5 23.32.185.35 16625 (AKAMAI-AS)
2 54.211.72.119 14618 (AMAZON-AES)
1 13.32.99.122 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.100.58 16509 (AMAZON-02)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
1 52.48.43.143 16509 (AMAZON-02)
1 99.86.4.71 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
7 75.101.156.217 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
4 54.217.195.217 16509 (AMAZON-02)
4 54.174.77.247 14618 (AMAZON-AES)
1 23.215.22.18 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 63.34.81.234 16509 (AMAZON-02)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 108.138.9.235 16509 (AMAZON-02)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 2a02:2638:d::2 44788 (ASN-CRITE...)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 54.204.183.119 14618 (AMAZON-AES)
3 4 104.18.26.193 13335 (CLOUDFLAR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 34.205.227.76 14618 (AMAZON-AES)
1 52.223.6.21 16509 (AMAZON-02)
1 151.101.65.44 54113 (FASTLY)
1 2602:803:c003... 26667 (RUBICONPR...)
4 2a03:2880:f17... 32934 (FACEBOOK)
1 2 2a02:2638:d::d 44788 (ASN-CRITE...)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
2 2600:1901:0:8... 396982 (GOOGLE-CL...)
1 178.250.1.11 44788 (ASN-CRITE...)
5 34.98.64.218 396982 (GOOGLE-CL...)
5 2a00:1450:400... 15169 (GOOGLE)
46 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
1 23.212.222.245 16625 (AKAMAI-AS)
8 2a00:1450:400... 15169 (GOOGLE)
2 162.19.138.82 16276 (OVH)
40 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 141.95.98.65 16276 (OVH)
13 30 142.250.74.194 15169 (GOOGLE)
1 8 104.18.27.193 13335 (CLOUDFLAR...)
3 4 185.89.211.12 29990 (ASN-APPNEX)
1 35.186.255.72 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 6 54.155.244.184 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 3.124.223.97 16509 (AMAZON-02)
6 172.217.16.194 15169 (GOOGLE)
1 2 34.91.62.186 396982 (GOOGLE-CL...)
2 2 178.250.7.11 44788 (ASN-CRITE...)
3 3 69.173.144.138 26667 (RUBICONPR...)
3 3 46.228.174.117 56396 (AMOBEE)
1 185.86.139.101 201081 (SMARTADSE...)
2 35.156.97.229 16509 (AMAZON-02)
16 2606:4700::68... 13335 (CLOUDFLAR...)
28 2600:1f13:800... 16509 (AMAZON-02)
1 2 151.101.66.49 54113 (FASTLY)
5 52.223.40.198 16509 (AMAZON-02)
3 5 185.64.190.78 62713 (AS-PUBMATIC)
2 2 216.52.2.39 32475 (SINGLEHOP...)
3 4 2001:678:cb4:... 56396 (AMOBEE)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
1 35.227.252.103 15169 (GOOGLE)
4 151.101.2.133 54113 (FASTLY)
1 143.204.98.66 16509 (AMAZON-02)
3 151.101.130.133 54113 (FASTLY)
1 50.17.156.171 14618 (AMAZON-AES)
1 34.120.133.55 396982 (GOOGLE-CL...)
2 23.35.236.201 16625 (AKAMAI-AS)
1 95.101.148.20 16625 (AKAMAI-AS)
2 104.18.24.18 13335 (CLOUDFLAR...)
2 95.101.149.233 16625 (AKAMAI-AS)
1 2a04:4e42:400... 54113 (FASTLY)
1 69.173.144.165 26667 (RUBICONPR...)
6 198.47.127.205 3257 (GTT-BACKB...)
1 2 67.220.228.203 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
3 185.64.191.210 62713 (AS-PUBMATIC)
1 99.81.194.117 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 54.172.79.116 14618 (AMAZON-AES)
5 6 37.157.4.29 198622 (ADFORM)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 3.75.62.37 16509 (AMAZON-02)
1 2 209.54.182.161 16509 (AMAZON-02)
2 2 35.168.210.0 14618 (AMAZON-AES)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 2 13.32.27.83 16509 (AMAZON-02)
2 2 193.0.160.130 54312 (ROCKETFUEL)
1 35.244.174.68 15169 (GOOGLE)
1 173.231.181.122 32475 (SINGLEHOP...)
1 185.64.190.81 ()
1 1 85.114.159.118 ()
1 1 35.214.243.32 ()
1 2606:4700:10:... ()
1 98.98.134.241 ()
475 125
1    162.240.155.157 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-240-155-157.unifiedlayer.com
sign-verifyaccountamazonqupctex.duckdns.org
1    75.2.53.215 (United States)

ASN16509 (AMAZON-02, US)
PTR: a135022da78f12244.awsglobalaccelerator.com
mlive.com
34    2a02:26f0:3500:12::1730:17b4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.mlive.com
11    2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    2600:1901:0:328a::1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
satisfycork.com
1    13.32.121.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-95.fra60.r.cloudfront.net
cdn.sophi.io
1    18.245.86.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-71.fra60.r.cloudfront.net
apps.sophi.io
1    2a02:26f0:480:9a4::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    35.71.130.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8fd921d2017b5f79.awsglobalaccelerator.com
ecollector-us-east.sophi.io
2    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
15    52.222.236.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-26.fra56.r.cloudfront.net
h312.mlive.com
5    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    143.204.98.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-19.fra50.r.cloudfront.net
ats-wrapper.privacymanager.io
6    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
news.google.com
www.google-analytics.com
8    2606:4700::6812:a07e (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
api-v3.tinypass.com
7    2600:9000:223f:a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    143.204.102.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-102-18.fra50.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1    23.212.213.167 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-213-167.deploy.static.akamaitechnologies.com
s.ntv.io
2    108.138.7.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-41.fra56.r.cloudfront.net
sb.scorecardresearch.com
3    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a02:26f0:3500:16::215:1484 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
6    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
3    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
3    2a00:1450:4001:829::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a02:26f0:480:18d::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
5    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
at.teads.tv
sync.teads.tv
2    54.211.72.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-72-119.compute-1.amazonaws.com
advancelocal.blueconic.net
1    13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net
geo.privacymanager.io
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net
cdn.parsely.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    52.48.43.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
privacy.crwdcntrl.net
1    99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
7    75.101.156.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-156-217.compute-1.amazonaws.com
jadserve.postrelease.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
4    54.217.195.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-195-217.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
id.crwdcntrl.net
4    54.174.77.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-77-247.compute-1.amazonaws.com
www.i.matheranalytics.com
1    23.215.22.18 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-18.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
p1.parsely.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net
aax.amazon-adsystem.com
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2600:9000:2250:2000:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
4    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
1    2600:1f18:730:b130:4ca3:4a50:1ce1:678d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    54.204.183.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-183-119.compute-1.amazonaws.com
rp4.liadm.com
4    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    34.205.227.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-227-76.compute-1.amazonaws.com
exchange.postrelease.com
1    52.223.6.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8c33d2b6751b365d.awsglobalaccelerator.com
direct.adsrvr.org
1    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
display.bidder.taboola.com
1    2602:803:c003:200::43 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
2    2600:1901:0:8344:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
lexicon.33across.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
5    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
46    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
17    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    23.212.222.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-222-245.deploy.static.akamaitechnologies.com
ead.mlive.com
8    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
40    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
30    142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
8    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
4    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    35.186.255.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.255.186.35.bc.googleusercontent.com
app.matheranalytics.com
1    2606:4700::6811:c376 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
6    54.155.244.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-244-184.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
2    2606:4700::6812:b07e (United States)

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
2    3.124.223.97 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-223-97.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
6    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net
googleads4.g.doubleclick.net
2    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    35.156.97.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-97-229.eu-central-1.compute.amazonaws.com
x.bidswitch.net
16    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
28    2600:1f13:800:7782:dc6d:1d37:b6db:4601 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    216.52.2.39 (New York, United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
pubmatic-match.dotomi.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
4    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
static.advance.net
1    143.204.98.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-66.fra50.r.cloudfront.net
check.analytics.rlcdn.com
3    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
fonts.advance.net
1    50.17.156.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-156-171.compute-1.amazonaws.com
idx.liadm.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
2    104.18.24.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
6    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
2    67.220.228.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    99.81.194.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-194-117.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    54.172.79.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-79-116.compute-1.amazonaws.com
a.audrte.com
6    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    2a05:d018:d29:3601:865d:cd9c:e13b:6712 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    35.168.210.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-210-0.compute-1.amazonaws.com
i.liadm.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
2    13.32.27.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-83.fra56.r.cloudfront.net
live.rezync.com
2    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    173.231.181.122 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    185.64.190.81 (None, )

ASN- ()
simage4.pubmatic.com
1    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
1    35.214.243.32 (None, )

ASN- ()
csync.loopme.me
1    2606:4700:10::6816:1957 (None, )

ASN- ()
mwzeom.zeotap.com
1    98.98.134.241 (None, )

ASN- ()
pixel-sync.sitescout.com
Apex Domain
Subdomains		 Transfer
61 googlesyndication.com
663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
346 KB
51 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
328 KB
51 mlive.com
mlive.com — Cisco Umbrella Rank: 56143
www.mlive.com — Cisco Umbrella Rank: 61450
h312.mlive.com — Cisco Umbrella Rank: 96503
ead.mlive.com — Cisco Umbrella Rank: 114950
2 MB
46 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
796 KB
41 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 720
fw.adsafeprotected.com — Cisco Umbrella Rank: 1153
dt.adsafeprotected.com — Cisco Umbrella Rank: 658
306 KB
18 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581
image6.pubmatic.com — Cisco Umbrella Rank: 967
ads.pubmatic.com — Cisco Umbrella Rank: 588
simage2.pubmatic.com — Cisco Umbrella Rank: 959
image2.pubmatic.com — Cisco Umbrella Rank: 1116
simage4.pubmatic.com
30 KB
16 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
180 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
9 KB
12 google.com
news.google.com — Cisco Umbrella Rank: 6566
accounts.google.com — Cisco Umbrella Rank: 32
ampcid.google.com — Cisco Umbrella Rank: 2926
www.google.com — Cisco Umbrella Rank: 2
147 KB
11 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3504
ads.rubiconproject.com — Cisco Umbrella Rank: 2373
fastlane.rubiconproject.com — Cisco Umbrella Rank: 563
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3219
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
eus.rubiconproject.com — Cisco Umbrella Rank: 662
token.rubiconproject.com — Cisco Umbrella Rank: 504
173 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 385
256 KB
10 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 8991
cdn.tinypass.com — Cisco Umbrella Rank: 6818
buy.tinypass.com — Cisco Umbrella Rank: 7378
api-v3.tinypass.com — Cisco Umbrella Rank: 20852
179 KB
9 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1164
privacy.crwdcntrl.net — Cisco Umbrella Rank: 20254
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073
id.crwdcntrl.net — Cisco Umbrella Rank: 2704
sync.crwdcntrl.net — Cisco Umbrella Rank: 1011
44 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 334
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657
aax.amazon-adsystem.com — Cisco Umbrella Rank: 426
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086
s.amazon-adsystem.com — Cisco Umbrella Rank: 328
74 KB
8 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1906
google-bidout-d.openx.net — Cisco Umbrella Rank: 1919
us-u.openx.net — Cisco Umbrella Rank: 547
rtb.openx.net — Cisco Umbrella Rank: 912
1 KB
8 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1252
exchange.postrelease.com — Cisco Umbrella Rank: 5503
5 KB
7 advance.net
static.advance.net — Cisco Umbrella Rank: 41673
fonts.advance.net — Cisco Umbrella Rank: 73485
267 KB
7 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 12318
www.i.matheranalytics.com — Cisco Umbrella Rank: 12078
app.matheranalytics.com — Cisco Umbrella Rank: 18546
45 KB
6 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3616
c1.adform.net — Cisco Umbrella Rank: 643
4 KB
6 adsrvr.org
direct.adsrvr.org — Cisco Umbrella Rank: 3724
match.adsrvr.org — Cisco Umbrella Rank: 402
1 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
21 KB
6 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1558
at.teads.tv — Cisco Umbrella Rank: 5088
sync.teads.tv — Cisco Umbrella Rank: 1584
5 KB
6 sophi.io
cdn.sophi.io — Cisco Umbrella Rank: 24285
apps.sophi.io — Cisco Umbrella Rank: 36009
ecollector-us-east.sophi.io — Cisco Umbrella Rank: 31549
38 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 1024
r.turn.com — Cisco Umbrella Rank: 4738
d.turn.com — Cisco Umbrella Rank: 1513
2 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 379
104 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
mug.criteo.com — Cisco Umbrella Rank: 2541
dis.criteo.com — Cisco Umbrella Rank: 648
8 KB
5 liadm.com
rp.liadm.com — Cisco Umbrella Rank: 1727
rp4.liadm.com — Cisco Umbrella Rank: 6196
idx.liadm.com — Cisco Umbrella Rank: 2639
i.liadm.com — Cisco Umbrella Rank: 617
2 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 416
www.linkedin.com — Cisco Umbrella Rank: 708
px4.ads.linkedin.com — Cisco Umbrella Rank: 6066
5 KB
5 moatads.com
z.moatads.com — Cisco Umbrella Rank: 712
px.moatads.com — Cisco Umbrella Rank: 628
87 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2979
3 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
3 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
278 B
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1156
id5-sync.com — Cisco Umbrella Rank: 470
32 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22832
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27465
899 B
3 rlcdn.com
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4599
api.rlcdn.com — Cisco Umbrella Rank: 1168
idsync.rlcdn.com — Cisco Umbrella Rank: 445
734 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
177 KB
3 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1319
lexicon.33across.com — Cisco Umbrella Rank: 1726
5 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
125 KB
3 satisfycork.com
satisfycork.com — Cisco Umbrella Rank: 32641
24 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1000
2 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2003
1 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
551 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 753
cdn.indexww.com — Cisco Umbrella Rank: 1795
2 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3431
pubmatic-match.dotomi.com
207 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
803 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
291 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 649
2 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1145
545 B
2 taboola.com
display.bidder.taboola.com — Cisco Umbrella Rank: 10462
trc.taboola.com — Cisco Umbrella Rank: 680
11 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1420
contextual.media.net — Cisco Umbrella Rank: 780
9 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3328
p1.parsely.com — Cisco Umbrella Rank: 2550
21 KB
2 blueconic.net
advancelocal.blueconic.net — Cisco Umbrella Rank: 31083
2 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 981
7 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 179
3 KB
2 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 2886
geo.privacymanager.io — Cisco Umbrella Rank: 2195
51 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 655
564 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
220 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1562
c.go-mpulse.net — Cisco Umbrella Rank: 689
50 KB
1 sitescout.com
pixel-sync.sitescout.com
187 B
1 zeotap.com
mwzeom.zeotap.com
439 B
1 loopme.me
csync.loopme.me
226 B
1 adition.com
dsp.adfarm1.adition.com
524 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1504
283 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
587 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8325
553 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 50844
611 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 951
45 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343
574 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 5898
3 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2118
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2931
3 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
13 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1235
17 KB
1 google.de
ampcid.google.de — Cisco Umbrella Rank: 81257
367 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 869
726 B
1 t.co
t.co — Cisco Umbrella Rank: 614
377 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 792
15 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 4063
163 KB
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1 KB
1 duckdns.org
sign-verifyaccountamazonqupctex.duckdns.org
491 B
0 onaudience.com Failed
pixel.onaudience.com Failed
0 semasio.net Failed
uipglob.semasio.net Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 admedo.com Failed
pool.admedo.com Failed
475 86
Domain Requested by
46 s0.2mdn.net www.mlive.com
s0.2mdn.net
40 pagead2.googlesyndication.com 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
34 www.mlive.com www.mlive.com
30 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
ads.pubmatic.com
28 dt.adsafeprotected.com 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
17 tpc.googlesyndication.com www.mlive.com
663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
16 cdnjs.cloudflare.com s0.2mdn.net
buy.tinypass.com
15 h312.mlive.com www.mlive.com
h312.mlive.com
11 cdn.cookielaw.org www.mlive.com
cdn.cookielaw.org
8 googleads.g.doubleclick.net www.mlive.com
663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
pagead2.googlesyndication.com
7 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
7 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
7 jadserve.postrelease.com s.ntv.io
www.mlive.com
7 static.adsafeprotected.com www.mlive.com
663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
6 simage2.pubmatic.com ads.pubmatic.com
6 googleads4.g.doubleclick.net www.mlive.com
6 fw.adsafeprotected.com 3 redirects www.mlive.com
6 www.google.com 1 redirects www.mlive.com
663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
tpc.googlesyndication.com
6 securepubads.g.doubleclick.net www.mlive.com
securepubads.g.doubleclick.net
5 c1.adform.net 4 redirects ads.pubmatic.com
5 image6.pubmatic.com 3 redirects ads.pubmatic.com
5 match.adsrvr.org 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 a.audrte.com 3 redirects
4 static.advance.net buy.tinypass.com
www.mlive.com
4 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
4 sync.teads.tv googleads.g.doubleclick.net
4 us-u.openx.net googleads.g.doubleclick.net
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 www.facebook.com www.mlive.com
4 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.i.matheranalytics.com www.mlive.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.mlive.com
4 ecollector-us-east.sophi.io cdn.sophi.io
3 image2.pubmatic.com ads.pubmatic.com
3 px.moatads.com www.mlive.com
3 fonts.advance.net static.advance.net
3 ad.turn.com 3 redirects
3 pixel.rubiconproject.com 3 redirects
3 id5-sync.com cdn.id5-sync.com
micro.rubiconproject.com
3 www.googletagservices.com 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
3 px.ads.linkedin.com 3 redirects
3 bcp.crwdcntrl.net tags.crwdcntrl.net
3 accounts.google.com www.mlive.com
accounts.google.com
3 tags.crwdcntrl.net www.mlive.com
securepubads.g.doubleclick.net
3 c.amazon-adsystem.com www.mlive.com
c.amazon-adsystem.com
3 connect.facebook.net www.mlive.com
connect.facebook.net
3 satisfycork.com www.mlive.com
satisfycork.com
2 p.rfihub.com 2 redirects
2 live.rezync.com 2 redirects
2 i.liadm.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 cr.frontend.weborama.fr 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
2 ads.pubmatic.com micro.rubiconproject.com
2 ap.lijit.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 x.bidswitch.net 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
2 sync.1rx.io 2 redirects
2 dis.criteo.com 2 redirects
2 um.simpli.fi 1 redirects
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
micro.rubiconproject.com
2 lexicon.33across.com cdn-ima.33across.com
micro.rubiconproject.com
2 oajs.openx.net 1 redirects www.mlive.com
2 gum.criteo.com 1 redirects static.criteo.net
2 region1.google-analytics.com www.googletagmanager.com
2 advancelocal.blueconic.net h312.mlive.com
2 js.matheranalytics.com 1 redirects www.mlive.com
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 sb.scorecardresearch.com www.mlive.com
2 news.google.com www.googletagmanager.com
news.google.com
2 z.moatads.com www.mlive.com
z.moatads.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 www.googletagmanager.com www.mlive.com
www.googletagmanager.com
1 pubmatic-match.dotomi.com
1 pixel-sync.sitescout.com
1 mwzeom.zeotap.com
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 idsync.rlcdn.com ssum-sec.casalemedia.com
1 d.turn.com 1 redirects
1 ups.analytics.yahoo.com
1 pr-bh.ybp.yahoo.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr
1 sync.crwdcntrl.net
1 cms.quantserve.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 trc.taboola.com
1 js-sec.indexww.com micro.rubiconproject.com
1 contextual.media.net micro.rubiconproject.com
1 api.rlcdn.com micro.rubiconproject.com
1 id.crwdcntrl.net micro.rubiconproject.com
1 idx.liadm.com micro.rubiconproject.com
1 api-v3.tinypass.com cdn.tinypass.com
1 check.analytics.rlcdn.com micro.rubiconproject.com
1 rtb.openx.net 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
1 ads.travelaudience.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 dclk-match.dotomi.com 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
1 r.turn.com 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
1 ssbsync.smartadserver.com 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 c2.piano.io cdn.tinypass.com
1 app.matheranalytics.com js.matheranalytics.com
1 ead.mlive.com www.mlive.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com www.mlive.com
1 fastlane.rubiconproject.com micro.rubiconproject.com
1 display.bidder.taboola.com micro.rubiconproject.com
1 direct.adsrvr.org micro.rubiconproject.com
1 exchange.postrelease.com micro.rubiconproject.com
1 prebid.media.net micro.rubiconproject.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 htlb.casalemedia.com micro.rubiconproject.com
1 rp4.liadm.com www.mlive.com
1 rp.liadm.com 1 redirects
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 stats.g.doubleclick.net www.google-analytics.com
1 px4.ads.linkedin.com www.mlive.com
1 www.linkedin.com 1 redirects
1 p1.parsely.com www.mlive.com
1 cdn.id5-sync.com www.mlive.com
1 secure.cdn.fastclick.net www.mlive.com
1 ampcid.google.de www.google-analytics.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 privacy.crwdcntrl.net tags.crwdcntrl.net
1 analytics.twitter.com www.mlive.com
1 t.co www.mlive.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 ampcid.google.com www.google-analytics.com
1 geo.privacymanager.io ats-wrapper.privacymanager.io
1 cdn.tinypass.com experience.tinypass.com
1 at.teads.tv a.teads.tv
1 c.go-mpulse.net s.go-mpulse.net
1 micro.rubiconproject.com www.mlive.com
1 static.ads-twitter.com www.googletagmanager.com
1 s.ntv.io www.mlive.com
1 d1z2jf7jlzjs58.cloudfront.net www.mlive.com
1 experience.tinypass.com www.mlive.com
1 ats-wrapper.privacymanager.io www.mlive.com
1 a.teads.tv www.googletagmanager.com
1 s.go-mpulse.net www.mlive.com
1 apps.sophi.io www.mlive.com
1 cdn.sophi.io www.mlive.com
1 mlive.com 1 redirects
1 sign-verifyaccountamazonqupctex.duckdns.org 1 redirects
0 pixel.onaudience.com Failed
0 uipglob.semasio.net Failed
0 sync.srv.stackadapt.com Failed ads.pubmatic.com
0 pool.admedo.com Failed ads.pubmatic.com
475 161
Subject Issuer Validity Valid
advancelocal.web.arc-cdn.net
R3		 2023-09-28 -
2023-12-27		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
satisfycork.com
R3		 2023-09-08 -
2023-12-07		 3 months crt.sh
cdn.sophi.io
Amazon RSA 2048 M01		 2023-09-17 -
2024-10-15		 a year crt.sh
apps.sophi.io
Amazon RSA 2048 M01		 2023-03-18 -
2024-04-15		 a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.sophi.io
Amazon RSA 2048 M01		 2023-04-11 -
2024-05-10		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
w723.lonestarlive.com
Amazon RSA 2048 M01		 2023-07-07 -
2024-08-04		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-13 -
2024-08-12		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-28 -
2024-08-28		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-02 -
2023-10-31		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.blueconic.net
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-12-25		 10 months crt.sh
*.google.de
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.i.matheranalytics.com
Amazon RSA 2048 M01		 2023-03-02 -
2024-01-13		 10 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.bidder.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-10-01 -
2023-12-30		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
li.lisecurelink.com
R3		 2023-09-05 -
2023-12-04		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
app.matheranalytics.com
GTS CA 1D4		 2023-10-07 -
2024-01-06		 3 months crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
advancelocal.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-10 -
2024-09-10		 a year crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2023-06-27 -
2024-07-24		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh

This page contains 43 frames:

Primary Page: https://www.mlive.com/
Frame ID: 85B9C0A7E131CFCE4DEA5415833A70C7
Requests: 188 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 94FBBEC1B0627B99B4452E68588EDA09
Requests: 1 HTTP requests in this frame

Frame: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 24E6BABB1215C8A6A1E1794BA4D8245F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mlive.com&us_privacy=1---
Frame ID: 78458131BB9BA87202A53BA066D850AF
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 668BAF1FEB90156BF0BF55C7E43074C8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310161805000/amp4ads-v0.mjs
Frame ID: 00AF940AE98DCD36A80EE534CD2EAEBC
Requests: 13 HTTP requests in this frame

Frame: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 928D0F0EAC3820A430FC6FC9FCBC2050
Requests: 32 HTTP requests in this frame

Frame: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 16162F8E57EF6F090E1DE95B20448AE6
Requests: 30 HTTP requests in this frame

Frame: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 62F715D4DC358FF220EFC861A2F5B560
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUwpqAC6or-LC05xRQRaTm8pyt6wh1IOR-nHCeLSeia6YexVmb1o3ZlinybzwLDa_O9CdlXims6yo0uADPy6X5dXNXo4rj-G4lEI3aBtCtUP5I9YMapGIHx3bAarJC2M8SZR2_UA-Js6JIU5-BdaRgJknyte0n7FZ7OBg9QhoQgIunUPIA
Frame ID: 6D7AD28147C2444D22F598D5905AC0D1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUXq1qEiuDu6jGkV-5NMpTQDTXhQflF6XJkewUUMiIliUNbCfIR7qVWV1ZiU9HA2_ka6tBRmHWBBt9Nl_5uYYwwV_rGAxHIeq8J_3QV7NvNi2WD897g3fE5ioL-XKPg6WfI4rMGNEfy0ifFAliVJ-zapuUConYtzqNJffl0D-bVx3ri4G8
Frame ID: D8764C7BEF6B163D27AC6621F3169F4E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUbQEBVA8lL-AXyNtN5DgDgmixd3gTkVbEQh8nCxu_9H2MqoYpqtnIlA4UR0UfuiZ7V__fEMGtO_OhbwO3Y3_V-596Jxhqgzq_7vWqTlajSP6wO_hbp7EX7ir50eFg3cQxyXli2ir4--nVlRFpZzPR8b_fy9qzLXOPhZ-vHGMvqcESPLMw
Frame ID: DEB26B22D57ADDCEA181FB6A3CB02CF0
Requests: 5 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Frame ID: 44FAAC2A5C78EF8B4BD7D86C373484D6
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 01E2841A130F81240BE78BED4FF48341
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 235B7ADBDE3FCA33B6006619DBBFF9FF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BEFE1961BD587426E0141A877582E46B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DC7B4BC67EEA909938AF5AC61FAA9A24
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Frame ID: 7E572A0BE0BCE7602446CEF56B86EB76
Requests: 16 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 9D0B2C09A6A1AB7D1639FCAAC35D6635
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: BD5DCED2F8A4E3E78F4BBEAC263732E8
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 7C48E9242C35DC38C20C60782EAFC21E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3B54BDEBDA698E392448B451E46868F4
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Frame ID: BD2385EDF24B32FFE83F1F3166007773
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 457B9EBD37BBE9CB015991FF7A6DD59F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Frame ID: 8294FFFF68564FEB0BA39962EF8ADE9B
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 72B3643F2CFECC0C56654FCC9856994C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7F5770780B431FD2D70DF75B8358E748
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Frame ID: 6FA3FA9257B12DCD85334E4B1CA19674
Requests: 21 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 06CF49AC894F62325D333288C50F7446
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F2D5442D9650D705967E0920D3DB4BE4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 19BC6A74652B0737339D402240394550
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 37702954D9C2EFDE673560C8223E8166
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 798A647B2CB6F82F8BF59E3356F6D20F
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F7E02589-AD28-4407-8CD4-71C1A6737A96&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 82F440D4A73038ECEE7A44D538E63DC7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MnhZvWV9Xbkpfly-PX5H62B_We8pfFO_Nn6atMG_
Frame ID: 12169DE99B704DEED4FBDE09B6C98664
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=F7E02589-AD28-4407-8CD4-71C1A6737A96&gdpr=0&gdpr_consent=
Frame ID: 5F1808D2216D57F6723507AECE4801DF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7935742583793311957&gdpr=0&gdpr_consent=
Frame ID: 2E02E1A320850FD4E486858737D8CFB6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293474550224189585&gdpr=0&gdpr_consent=
Frame ID: 9CBED27BC0ED4E8B07E4735E86BEC19B
Requests: 1 HTTP requests in this frame

Frame: https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=87a34052-4fb4-4a84-9718-66424af25c95
Frame ID: 8271583A628DCA11BFDE18D0DBB89A3D
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: 19430B5F5B3A980FA40B8110ABEA310C
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 66D30C28D2B0C407B05EFB9345C9E1A9
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFETW5FN0tiMEVBQUJpeUVEMFB3dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: B3D3FA9D36808CD4297D85D7B4E46B79
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: BEB5C7F5953A8DC8B37B3C1CCD82BF8F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Michigan Local News, Breaking News, Sports & WeatherLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronKeyKeyKeyKeyKeyKeyKeyKeyBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://sign-verifyaccountamazonqupctex.duckdns.org/ HTTP 307
    https://mlive.com/ HTTP 301
    https://www.mlive.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

475
Requests

90 %
HTTPS

32 %
IPv6

86
Domains

161
Subdomains

125
IPs

10
Countries

6169 kB
Transfer

16631 kB
Size

129
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sign-verifyaccountamazonqupctex.duckdns.org/ HTTP 307
    https://mlive.com/ HTTP 301
    https://www.mlive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1638 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma63527/all/17/ml.br.js
Request Chain 105
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1698144365197&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1698144365197&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1698144365197%26url%3Dhttps%253A%252F%252Fwww.mlive.com%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1698144365197&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1698144365197&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJtsG9Nvl5qNAAAAYthSqzaiLKk2M7MWOEofmmSblS4cjFmFIVJ4mn8_rALd0J4Ig6gF4mfL1Pv
Request Chain 117
  • https://rp.liadm.com/j?dtstmp=1698144365383&se=e30&duid=94c49eadf2ac--01hdgmna95jtpzaanmc19emtt7&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid HTTP 302
  • https://rp4.liadm.com/j?se=e30&duid=94c49eadf2ac--01hdgmna95jtpzaanmc19emtt7&dtstmp=1698144365383&n3pc=true&wpn=prebid&pu=https%3A%2F%2Fwww.mlive.com%2F&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6OjQ%3D
Request Chain 140
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
Request Chain 147
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=mlive.com&sn=ChromeSyncframe&so=0&topUrl=www.mlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=1bljf3wzakhwTTFmdHZvQmpOcEdBbG1oUm5lYlRjU1dBYStzOGcrMlFyaE90TVhBcWtjMk5nQitEV3d4TnIvRUFrdlUza0VweExpS0d1OFUvRERDZzBCclRXU3Q0TjBSVFErSGZGL2lVL0lVdFRsb3I5UWxNbFlqNmJsNi9naVVSRmNOcmFBTHVEWjJ1K0V4eTlTbVBreHNUZUNKUjNhZDFONXRyZVVTdFJGbVo2aHUxZUFRd0hFUURWNGx6K1lrYlpqU09WSTc2UHB5bzJPSGZPaForVEl6T1pmQ3VtY0U2TzdicGl0R1l1QVY2NG5qbUxaS0pubS93TVY2VXdXZVR0SWJ1b01SeVVFTnE4Q3cxOVlVR3pOYkF2QT09fA&cppv=2
Request Chain 174
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyseGg4kcM3Wn1CVGxyijE&google_cver=1
Request Chain 208
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTegbh883pkn0q5MHzKmaAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyseGg4kcM3Wn1CVGxyijE&google_cver=1
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMaWLqE0RJwihreBZdBFB44&google_cver=1
Request Chain 210
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzNTc0MjU4Mzc5MzMxMTk1Nw%3D%3D
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBFnmzUjb_tSMUOgeq6Algo&google_cver=1
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEE1u4L4zDej-KEDshr11gMc&google_cver=1
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBFnmzUjb_tSMUOgeq6Algo&google_cver=1
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEE1u4L4zDej-KEDshr11gMc&google_cver=1
Request Chain 260
  • https://um.simpli.fi/gp_match?google_gid=CAESEDG-S97PMhBHm2fWMr0ORHs&google_cver=1&google_push=AXcoOmS7DX-3VnrFuI4a2mx2YdVPxHI6hfnkp_KjETCiWVpani6x0cj4grP7d86GBgC7ErOYYlaECLFEkKxot-GYh78E27TxvheU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E5479AC49FFD48A9BACA5E6F7BC2A995&google_push=AXcoOmS7DX-3VnrFuI4a2mx2YdVPxHI6hfnkp_KjETCiWVpani6x0cj4grP7d86GBgC7ErOYYlaECLFEkKxot-GYh78E27TxvheU
Request Chain 261
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS_5s1secc3w--C87ro81tHHQDrUtoO9sa-jxi09B7JRpB6S_5Y-LSusm63IwKbD_RJjR3N1XlUhSZ5IFZ5WJKZE9__t3RE&google_gid=CAESEPs6Rsg7fKsLNYDZWcUiuys&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-zp8ZTCBBErb2yTjJW49NNff_qUoelQDLBD9Z7A&google_push=AXcoOmS_5s1secc3w--C87ro81tHHQDrUtoO9sa-jxi09B7JRpB6S_5Y-LSusm63IwKbD_RJjR3N1XlUhSZ5IFZ5WJKZE9__t3RE
Request Chain 262
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJbyh-g9b5CWXXr7Ge3gKSs&google_cver=1&google_push=AXcoOmTzqHgdJaAqwgSr4GC9oklo9JtEYPVyHfcIdSZEw_nnOLU6SrSw2DykvnXaB2ShwTraUEATdNuXrQqy9-GxPIgOOtP8u9Ql HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80N0I2RjUtTC1EME1Q&google_push=AXcoOmTzqHgdJaAqwgSr4GC9oklo9JtEYPVyHfcIdSZEw_nnOLU6SrSw2DykvnXaB2ShwTraUEATdNuXrQqy9-GxPIgOOtP8u9Ql
Request Chain 263
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN0SIY5GvPFZfKgHc_eqvMg&google_cver=1&google_push=AXcoOmTEd3Q2LrY0UvQ1aXObb-1HooDTU5u_kkzOLIhXRn_t-X1P1Yu9gEZzU5lKq2ZNU7JMdVH1KO5rqQpUHJHlg8cUoi47F1nq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN0SIY5GvPFZfKgHc_eqvMg&google_hm=ZTegbh883pkn0q5MHzKmaAAADJwAAAIB&google_nid=index&google_push=AXcoOmTEd3Q2LrY0UvQ1aXObb-1HooDTU5u_kkzOLIhXRn_t-X1P1Yu9gEZzU5lKq2ZNU7JMdVH1KO5rqQpUHJHlg8cUoi47F1nq
Request Chain 264
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJNhuEY7nJGX4apIwo4fIeM&google_cver=1&google_push=AXcoOmQWUe-BidlNk4eHYajhmsqpqPot2F4Vs032W_ChP6Aouxq4TkTV2xE2NWsfPhKfrqxK7d3ArC61dQE-5La3HJOOPTTfttlA HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQWUe-BidlNk4eHYajhmsqpqPot2F4Vs032W_ChP6Aouxq4TkTV2xE2NWsfPhKfrqxK7d3ArC61dQE-5La3HJOOPTTfttlA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1698144367198 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b402c6d9-82b4-466d-adf5-bca8a318a981-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQWUe-BidlNk4eHYajhmsqpqPot2F4Vs032W_ChP6Aouxq4TkTV2xE2NWsfPhKfrqxK7d3ArC61dQE-5La3HJOOPTTfttlA%26google_hm%3DA7QCxtmCtEZtrfW8qKMYqYE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQWUe-BidlNk4eHYajhmsqpqPot2F4Vs032W_ChP6Aouxq4TkTV2xE2NWsfPhKfrqxK7d3ArC61dQE-5La3HJOOPTTfttlA&google_hm=A7QCxtmCtEZtrfW8qKMYqYE
Request Chain 268
  • https://fw.adsafeprotected.com/rfw/st/1627455/73523879/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=20487174429&bidurl=https://www.mlive.com/&ias_dealId=&xsId=ABAjH0iovI6m7najlj5Ri-eDtuJ9&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iovI6m7najlj5Ri-eDtuJ9&adContainerId=brand_safety_bqA3ZdHzMNvpx_APkYid2Ak&cbFunctionName=goog_wrapCb_bqA3ZdHzMNvpx_APkYid2Ak&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.mlive.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.mlive.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:9d162533-ad4e-9438-f46f-53a86e034ce9,c:rXDln9,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c476d5db8-4vxz9,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C19*.1627455-73523879%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1b,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:64,oid:89346706-725a-11ee-86f8-12e17e8d9074,v:19.8.457,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?xsId=ABAjH0iovI6m7najlj5Ri-eDtuJ9&ias_xappb=&adContainerId=brand_safety_bqA3ZdHzMNvpx_APkYid2Ak&cbFunctionName=goog_wrapCb_bqA3ZdHzMNvpx_APkYid2Ak&true_pb=
Request Chain 286
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIk3gNG57s9X_N2hwv8QFTg&google_cver=1&google_push=AXcoOmQX3IAVLP-Cu7gbPtPwsNiXvDtYsBxjfK6d6mX5xUMJqoDYQCE2LKxPuQrEc_YUXyZVnf3awdsznLk2TOiO80wCIKrmLImb5w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIk3gNG57s9X_N2hwv8QFTg&google_push=AXcoOmQX3IAVLP-Cu7gbPtPwsNiXvDtYsBxjfK6d6mX5xUMJqoDYQCE2LKxPuQrEc_YUXyZVnf3awdsznLk2TOiO80wCIKrmLImb5w
Request Chain 289
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFmDQnwiCgLZN1h19cn8yKM&google_cver=1&google_push=AXcoOmS2s27UESB6mqq1syrefp-YzzCdca1LMOhoiGGHGSC8HhvBufC9FJTpFW_Y2ClfQ9Jv_LhnmkVjmPwQCMnjAyrxJ9fzbqUJog HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFmDQnwiCgLZN1h19cn8yKM&google_cver=1&google_push=AXcoOmS2s27UESB6mqq1syrefp-YzzCdca1LMOhoiGGHGSC8HhvBufC9FJTpFW_Y2ClfQ9Jv_LhnmkVjmPwQCMnjAyrxJ9fzbqUJog&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9-Alia0oRAeM1HHBpnN6lg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmS2s27UESB6mqq1syrefp-YzzCdca1LMOhoiGGHGSC8HhvBufC9FJTpFW_Y2ClfQ9Jv_LhnmkVjmPwQCMnjAyrxJ9fzbqUJog
Request Chain 290
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJbyh-g9b5CWXXr7Ge3gKSs&google_cver=1&google_push=AXcoOmQT6L7NFi-BnoxF-Um1xp-DTgpjSGroxSiZPr4u4iUuQMD1xxWLYHbGbacF8H5buR_c0JSZFLv_ZWyRc0Fndus_2p7wnoF6pw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80N0I2RjUtTC1EME1Q&google_push=AXcoOmQT6L7NFi-BnoxF-Um1xp-DTgpjSGroxSiZPr4u4iUuQMD1xxWLYHbGbacF8H5buR_c0JSZFLv_ZWyRc0Fndus_2p7wnoF6pw
Request Chain 291
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN0SIY5GvPFZfKgHc_eqvMg&google_cver=1&google_push=AXcoOmRZq2YcxXmIGbYuajbIeB1pXWKVDU_J6ILXAe4lLkVhLu6wIT_Gxqte2VzxgPYJNYWFH5mq2aHxw1sAQ52u_etiYB0DUWaHZQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN0SIY5GvPFZfKgHc_eqvMg&google_hm=ZTegbh883pkn0q5MHzKmaAAADJwAAAIB&google_nid=index&google_push=AXcoOmRZq2YcxXmIGbYuajbIeB1pXWKVDU_J6ILXAe4lLkVhLu6wIT_Gxqte2VzxgPYJNYWFH5mq2aHxw1sAQ52u_etiYB0DUWaHZQ
Request Chain 292
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDhHBXkXWVKXnQjj_de4_GU&google_cver=1&google_push=AXcoOmTKujMJYxqAM69XDpLYy7MHC7gGvAaGGXRlVEOxtF5RiZqlvL0wvkFbQnpXIEFEJpJbbmX8007rTdIBogarq8iVJdQ_Glq3aQ HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDhHBXkXWVKXnQjj_de4_GU&google_cver=1&google_push=AXcoOmTKujMJYxqAM69XDpLYy7MHC7gGvAaGGXRlVEOxtF5RiZqlvL0wvkFbQnpXIEFEJpJbbmX8007rTdIBogarq8iVJdQ_Glq3aQ&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTKujMJYxqAM69XDpLYy7MHC7gGvAaGGXRlVEOxtF5RiZqlvL0wvkFbQnpXIEFEJpJbbmX8007rTdIBogarq8iVJdQ_Glq3aQ&google_hm=HigGvGZHDG6jkl4JT4CNdStQ
Request Chain 294
  • https://fw.adsafeprotected.com/rfw/st/1627455/73523879/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=20487174429&bidurl=https://www.mlive.com/&ias_dealId=&xsId=ABAjH0hTHxFfkJmVa_Oaa6_y7CT7&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hTHxFfkJmVa_Oaa6_y7CT7&adContainerId=brand_safety_bqA3ZdiuNbDhx_APj7ya2AQ&cbFunctionName=goog_wrapCb_bqA3ZdiuNbDhx_APj7ya2AQ&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.mlive.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.mlive.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:a0cf9363-36ec-21dc-ede7-a460499e5455,c:rXDloX,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c476d5db8-88r69,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:tTBeHRq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192%7C193%7C194%7C195%7C1a*.1627455-73523879%7C1a1%7C1a2%7C1b,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:28,oid:893c08dc-725a-11ee-8c41-ca595392a758,v:19.8.457,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?xsId=ABAjH0hTHxFfkJmVa_Oaa6_y7CT7&ias_xappb=&adContainerId=brand_safety_bqA3ZdiuNbDhx_APj7ya2AQ&cbFunctionName=goog_wrapCb_bqA3ZdiuNbDhx_APj7ya2AQ&true_pb=
Request Chain 296
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJFgXuAQ7ibJ7_on04YSMdI&google_cver=1&google_push=AXcoOmTpkeO3wwTEcKl1u1sToUQYEOI4dHeXLx8KXWp0xg4Q9OH6ci_Wh8vgt-SVBQ3_1kfgA4bB-KwOvK0ebTpt3NdCL627fgRu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMyODU2NzQ3MDYwNDQxNjQ3Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJFgXuAQ7ibJ7_on04YSMdI&google_cver=1
Request Chain 299
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENw3HL_wh-ZjoKmZIPjSkbc&google_cver=1&google_push=AXcoOmQ9lPhaLMe5CTMNxGZkmKlGZMutpiHt83ZFWtz7j42IcqdgxRUEhojEiRPdB3LPREISs2zC0aVGPGpym3Pl7gHVVOFCkFW5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ9lPhaLMe5CTMNxGZkmKlGZMutpiHt83ZFWtz7j42IcqdgxRUEhojEiRPdB3LPREISs2zC0aVGPGpym3Pl7gHVVOFCkFW5&google_hm=ufXTKJwwTVe1G9-uMMB5D4Q
Request Chain 300
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEE6xrDsCjtPBxkgnfpWAsLg&google_cver=1&google_push=AXcoOmSlULO_Vu0vng9jy59HMb-4W56NLdWmKmX9aJlJcv_JjUj-7ZyTy235By9QCt7GFTAGH_ZoMPelKIUknKj988iB6PnH9_g HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GYCETvqhTBQgUYEUTQIc2Q&google_push=AXcoOmSlULO_Vu0vng9jy59HMb-4W56NLdWmKmX9aJlJcv_JjUj-7ZyTy235By9QCt7GFTAGH_ZoMPelKIUknKj988iB6PnH9_g
Request Chain 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJbyh-g9b5CWXXr7Ge3gKSs&google_cver=1&google_push=AXcoOmQ-5xEWtNMi3WuIBsDWbHf92JIKFaaz05RymzuUcaiZKUnWq9eoQRDhngl85ebBZRBe_ccHaLr3lcsp6cy8n4tJ7stPEtDo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80N0I2RjUtTC1EME1Q&google_push=AXcoOmQ-5xEWtNMi3WuIBsDWbHf92JIKFaaz05RymzuUcaiZKUnWq9eoQRDhngl85ebBZRBe_ccHaLr3lcsp6cy8n4tJ7stPEtDo
Request Chain 304
  • https://fw.adsafeprotected.com/rfw/st/1627455/73523879/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=20496570232&bidurl=https://www.mlive.com/&ias_dealId=&xsId=ABAjH0hRzb1rz0v5eO96gdlc4UBs&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hRzb1rz0v5eO96gdlc4UBs&adContainerId=brand_safety_bqA3ZbaBNZPpx_AP6sqg2AQ&cbFunctionName=goog_wrapCb_bqA3ZbaBNZPpx_AP6sqg2AQ&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.mlive.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.mlive.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:1df311bb-60bd-5c17-1c99-12f3a40b6bb7,c:rXDlq2,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c476d5db8-v6qdr,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:tTBeHSx+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1627455-73523879%7C181%7C182%7C191%7C192%7C193%7C194%7C195%7C1a1%7C1a2%7C1a3%7C1b,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:26,oid:893e5224-725a-11ee-bdd2-bab2ca4014fe,v:19.8.457,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?xsId=ABAjH0hRzb1rz0v5eO96gdlc4UBs&ias_xappb=&adContainerId=brand_safety_bqA3ZbaBNZPpx_AP6sqg2AQ&cbFunctionName=goog_wrapCb_bqA3ZbaBNZPpx_AP6sqg2AQ&true_pb=
Request Chain 432
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 433
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F7E02589-AD28-4407-8CD4-71C1A6737A96&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F7E02589-AD28-4407-8CD4-71C1A6737A96&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 434
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MnhZvWV9Xbkpfly-PX5H62B_We8pfFO_Nn6atMG_
Request Chain 435
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9-Alia0oRAeM1HHBpnN6lg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 437
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3178064303 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F7E02589-AD28-4407-8CD4-71C1A6737A96
Request Chain 438
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F7E02589-AD28-4407-8CD4-71C1A6737A96 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OGdkM3liUkJNMHlTYUd5TlNjNkt0Y2lRUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=495642018782524576&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 439
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjdFMDI1ODktQUQyOC00NDA3LThDRDQtNzFDMUE2NzM3QTk2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 440
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDHniUyDtLRPK-TxJixtnAk&google_cver=1
Request Chain 442
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2209110177565714097
Request Chain 446
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTegbh883pkn0q5MHzKmaAAADJwAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTegbh883pkn0q5MHzKmaAAADJwAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 448
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTegbh883pkn0q5MHzKmaAAADJwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN0SIY5GvPFZfKgHc_eqvMg&google_cver=1
Request Chain 449
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTegbh883pkn0q5MHzKmaAAA%263228&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4328567470604416477 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e61cab99-4f36-41e8-af29-a4ab000e8c11 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=97445181-b32e-464d-866c-6ddf387b6f27%3A1698144371.967899&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D97445181-b32e-464d-866c-6ddf387b6f27%253A1698144371.967899%26_%3D1698144371.9708557&cb=1698144371.9708915 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336725915444250&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D97445181-b32e-464d-866c-6ddf387b6f27%253A1698144371.967899%26_%3D1698144371.9708557 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=97445181-b32e-464d-866c-6ddf387b6f27%3A1698144371.967899&_=1698144371.9708557
Request Chain 450
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=495642018782524576&expiration=1699353971
Request Chain 452
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336725915444250
Request Chain 453
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4328567470604416477
Request Chain 465
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7935742583793311957&gdpr=0&gdpr_consent=
Request Chain 466
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293474550224189585&gdpr=0&gdpr_consent=
Request Chain 467
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=87a34052-4fb4-4a84-9718-66424af25c95
Request Chain 470
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFETW5FN0tiMEVBQUJpeUVEMFB3dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 471
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 473
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F7E02589-AD28-4407-8CD4-71C1A6737A96&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F7E02589-AD28-4407-8CD4-71C1A6737A96&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 476
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4328567470604416477&gdpr=0&gdpr_consent=&us_privacy=

475 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mlive.com/
Redirect Chain
  • http://sign-verifyaccountamazonqupctex.duckdns.org/
  • https://mlive.com/
  • https://www.mlive.com/
457 KB
84 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c6aeff368d58d8ebd95dd9a7c0040097dcf00b30f7029f44014b92df01e54914
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-true-ttl
-1
cache-control
private, max-age=60
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Tue, 24 Oct 2023 10:46:03 GMT
etag
W/"7135b-oj6qgvoEhHkmN3hGvzKsQBC77Bs"
expires
Tue, 24 Oct 2023 10:47:03 GMT
last-modified
Tue, 24 Oct 2023 10:45:55 GMT
link
<https://www.mlive.com/pf/resources/fonts/Inter/Inter-Bold.woff2?d=1155>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.mlive.com/pf/resources/fonts/Inter/Inter-Italic.woff2?d=1155>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.mlive.com/pf/resources/fonts/Inter/Inter-Regular.woff2?d=1155>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.mlive.com/pf/resources/fonts/Inter/Inter-SemiBold.woff2?d=1155>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.mlive.com/pf/resources/fonts/farnhamheadline-medium.woff?d=1155>;rel="preload";as="font";type="font/woff";crossorigin,<https://www.mlive.com/pf/resources/fonts/farnhamheadline-semi-bold.woff?d=1155>;rel="preload";as="font";type="font/woff";crossorigin <https://cdn.sophi.io>;rel="preconnect",<https://apps.sophi.io>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://micro.rubiconproject.com>;rel="preconnect",<https://securepubads.g.doubleclick.net>;rel="preconnect",<https://tags.crwdcntrl.net>;rel="preconnect",<https://c.amazon-adsystem.com>;rel="preconnect",<https://a.teads.tv>;rel="preconnect" <https://cdn.cookielaw.org>;rel="preconnect"
prerender-cache-tag
prerender-advancelocal-mlive-prod-b308edcd
referrer-policy
no-referrer-when-downgrade
server
openresty
server-timing
cdn-cache; desc=HIT edge; dur=26 origin; dur=0 ak_p; desc="1698144363003_389027508_509506852_2616_10185_6_15_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 82232 0 pmb=mRUM,2
x-amz-cf-id
0pMPvFOO14-pdsHntcZeDAUgZuztlYi5mFTkS1nN_R3BRdGLaejB5w==
x-amz-cf-pop
FRA56-P7
x-arc-pb-request-id
6df13ed5-e043-41d0-985f-d68a4085cadb 7b420ad9-877e-4e00-8ca8-0049c9eef3e2
x-arc-request-id
0.b4163017.1698144363.1e5e7524

Redirect headers

content-length
134
content-type
text/html
date
Tue, 24 Oct 2023 10:46:02 GMT
location
https://www.mlive.com:443/
server
awselb/2.0
Inter-Bold.woff2
www.mlive.com/pf/resources/fonts/Inter/ 		104 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/Inter/Inter-Bold.woff2?d=1155
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 24 Oct 2023 10:46:03 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD56-P6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144363.1e5e7692
server-timing
cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1698144363180_389027508_509507218_5874_8723_7_0_219";dur=1
content-length
106140
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:40 GMT
server
openresty
etag
"444a7284663a3bc886683eb81450b294"
x-edgeconnect-cache-status
1
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
font/woff2
access-control-allow-origin
*, *
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
X0bP3OutCofEtPCAc214GPbXJH75_n5MSgv9eBgofiwuzIqtP6oY6w==
expires
Wed, 23 Oct 2024 10:46:03 GMT
Inter-Italic.woff2
www.mlive.com/pf/resources/fonts/Inter/ 		104 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/Inter/Inter-Italic.woff2?d=1155
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
900058dffaf216c9a853e2d7e4109bfa2a58994237b2d4e5793734e4c2ecb4ac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Tue, 24 Oct 2023 10:46:03 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL58-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144363.1e5e7693
server-timing
cdn-cache; desc=HIT, edge; dur=15, ak_p; desc="1698144363181_389027508_509507219_6998_8115_7_0_219";dur=1
content-length
106876
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:40 GMT
server
openresty
etag
"fd26ff23f831db9ae85a805386529385"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Ed11I13B1ZKexmJLdnlMc6LFiMS_ENvzWMMGd2FTazFmwR8S96QJ0A==
expires
Wed, 23 Oct 2024 10:46:03 GMT
Inter-Regular.woff2
www.mlive.com/pf/resources/fonts/Inter/ 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/Inter/Inter-Regular.woff2?d=1155
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Tue, 24 Oct 2023 10:46:03 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144363.1e5e7694
server-timing
cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="1698144363183_389027508_509507220_6412_9962_7_0_219";dur=1
content-length
98868
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:40 GMT
server
openresty
etag
"dc131113894217b5031000575d9de002"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
yYobtBmne242bIkzyif1KMl5UcEs9GZC5UceTtQjSKPp5l2ENXoJ8w==
expires
Wed, 23 Oct 2024 10:46:03 GMT
Inter-SemiBold.woff2
www.mlive.com/pf/resources/fonts/Inter/ 		103 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/Inter/Inter-SemiBold.woff2?d=1155
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Tue, 24 Oct 2023 10:46:03 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL58-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144363.1e5e7695
server-timing
cdn-cache; desc=HIT, edge; dur=13, ak_p; desc="1698144363180_389027508_509507221_6676_8926_7_0_219";dur=1
content-length
105804
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:40 GMT
server
openresty
etag
"007ad31a53f4ab3f58ee74f2308482ce"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ketGM84WWwZYFXHixwBvbhc-1VvzNQzjzeKTUbGVQG4-LB3oTosFzg==
expires
Wed, 23 Oct 2024 10:46:03 GMT
farnhamheadline-medium.woff
www.mlive.com/pf/resources/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/farnhamheadline-medium.woff?d=1155
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144363.1e5e7696
server-timing
cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1698144363181_389027508_509507222_5925_7775_7_0_219";dur=1
content-length
36831
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:40 GMT
server
openresty
etag
W/"05b85684cbf3bc11490297c50cfd67c3"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
font/woff
access-control-allow-origin
*, *
cache-control
public, max-age=31536000
x-amz-cf-id
WefK-rHZzNfOgOCRnQ1ByzJ7R6beALyFpo_BZ9LGhOfYYtKSfvKuYQ==
expires
Wed, 23 Oct 2024 10:46:03 GMT
farnhamheadline-semi-bold.woff
www.mlive.com/pf/resources/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/farnhamheadline-semi-bold.woff?d=1155
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD56-P6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144363.1e5e7697
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1698144363180_389027508_509507223_5747_8147_7_0_219";dur=1
content-length
37066
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:40 GMT
server
openresty
etag
W/"c9a8222fbabe6b700baacd21dd7a1f61"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
eddpYP28CUxkAGzs86ZsZjoaRRfyQeA0g7z0u2MegVGgDaLSjFbvaQ==
expires
Wed, 23 Oct 2024 10:46:03 GMT
default.css
www.mlive.com/pf/dist/components/output-types/ 		45 B
627 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/output-types/default.css?d=1155
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
120, 31536000
date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL58-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144363.1e5e7698
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698144363235_389027508_509507224_12259_10047_7_0_255";dur=1
content-length
57
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:41 GMT
server
openresty
etag
"534bb0614e61e484cae7d5dc8ecc424c"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ohgZ5CuqC3_BybdQ8ECK-8NAMVz0IJafxsenHsLeLwixtx_Zg2I9wA==
expires
Wed, 23 Oct 2024 10:46:03 GMT
default.css
www.mlive.com/pf/dist/components/combinations/ 		421 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1155
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
38953fb39e1de00aaf22489fdfb8518c3afc70707b31a8a7f2f2f90842df5f0e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL58-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144363.1e5e7699
server-timing
cdn-cache; desc=HIT, edge; dur=9, ak_p; desc="1698144363181_389027508_509507225_6354_7489_7_0_255";dur=1
content-length
64766
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:41 GMT
server
openresty
etag
W/"6e35f52cdaa796e09e97e859b0a8c014"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
87en3BZ4g3ydnyfkbGk5knmMmWk53LaslyvthRE8ILW1Zcbx6tIAJg==
expires
Wed, 23 Oct 2024 10:46:03 GMT
style.css
www.mlive.com/pf/resources/dist/mlive/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1155
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
15b928b17d6e9bc5ff8a6d5f7d3ee66bdbd2bf2379e4b076781364ca131346ed
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
MIA3-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144363.1e5e769a
server-timing
cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1698144363182_389027508_509507226_6005_8596_7_0_255";dur=1
content-length
510
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:39 GMT
server
openresty
etag
W/"899fb486f789abb234dadf6da181a9a8"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
NsXux7vR1b1_8Go0ieq4BMsSWD8B8vSa9TxG9NGrsVq6N3Vjyw26NQ==
expires
Wed, 23 Oct 2024 10:46:03 GMT
react.js
www.mlive.com/pf/dist/engine/ 		339 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/engine/react.js?d=1155
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
639b2621a9e32e0b717cc9c14bd7e3d9b9cb3d0682f221bf97720163f1ddfa27
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144363.1e5e77f8
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1698144363313_389027508_509507576_4522_11085_7_0_146";dur=1
content-length
105635
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:41 GMT
server
openresty
etag
W/"9ea662f32ee75a53754c559b97d00aef"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
ek4Fj1gxRtndZufNwMVyfNKzHlqd8QhARMj8HE-iJv0uykY-TjRqPQ==
expires
Wed, 23 Oct 2024 10:46:03 GMT
default.js
www.mlive.com/pf/dist/components/combinations/ 		2 MB
468 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/combinations/default.js?d=1155
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
23e3d6ce021e460c3125f3a7b58c71b9ec0df69b2760e9d97ea977e8ebc34e48
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL58-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144363.1e5e77f9
server-timing
cdn-cache; desc=HIT, edge; dur=16, ak_p; desc="1698144363312_389027508_509507577_6034_9801_7_0_146";dur=1
content-length
478913
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:41 GMT
server
openresty
etag
W/"b39cd359772ada5f939dc874708e2ee0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
09KUQDojMkIdQn0l929h_431BySbqJWOZHUESh-zqsf4f63aNvx6Cw==
expires
Wed, 23 Oct 2024 10:46:03 GMT
S3BFIWGL65BG3IP6P5JXLV76BQ.jpg
www.mlive.com/resizer/DK6yOlzb_qzZj1QaSSsuOaiM4Es=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/DK6yOlzb_qzZj1QaSSsuOaiM4Es=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/S3BFIWGL65BG3IP6P5JXLV76BQ.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c44f2686cfd1d6280909ea9aa4e4d65e48e999161a24cf16cbf06c30e71ceef6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 24 Oct 2023 10:46:03 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 24 Oct 2023 10:05:32 GMT
server
Akamai Image Manager
x-serial
1896
x-check-cacheable
YES
etag
"1c1497fd814610640ba712d27cc44c483bd2e312"
x-arc-request-id
0.b4163017.1698144363.1e5e77f5
content-type
image/avif
cache-control
private, no-transform, max-age=31533545
server-timing
cdn-cache; desc=HIT, edge; dur=262, ak_p; desc="1698144363393_389027508_509507573_40717_13983_7_0_219";dur=1
content-length
65043
expires
Wed, 23 Oct 2024 10:05:08 GMT
iabCcpaIntegrationScript-noGAM.js
cdn.cookielaw.org/opt-out/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 10:46:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ZkLmnzyu8aoAQNwZHm6Yqw==
age
15382
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
92965cfc-901e-0118-2ce1-5ab326000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
81b1a23ed8451941-FRA
logo_main.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_main.svg?d=1155
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144363.1e5e769b
server-timing
cdn-cache; desc=HIT, edge; dur=9, ak_p; desc="1698144363183_389027508_509507227_6662_9219_7_0_182";dur=1
content-length
660
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:40 GMT
server
openresty
etag
W/"351c57e1a77c618772f5966a7f2094ee"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
atq03iR3BvhZLw2bH4fxmOx_d7kJhsQk4g9nb8hnQEHVAvlJQCgN9Q==
expires
Wed, 23 Oct 2024 10:46:03 GMT
logo_main_sm.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_main_sm.svg?d=1155
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144363.1e5e769c
server-timing
cdn-cache; desc=HIT, edge; dur=150, ak_p; desc="1698144363180_389027508_509507228_20417_8195_7_0_182";dur=1
content-length
902
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:40 GMT
server
openresty
etag
W/"cb98cda61d359616349bbc2a92540ddb"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
uZdq0y10_-LgXHEVIhBi98E9-yiqU_vJVW-3UgLwgDp1ZXeOsWq77A==
expires
Wed, 23 Oct 2024 10:46:03 GMT
social-monochrome.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/social-monochrome.svg?d=1155
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144363.1e5e77f6
server-timing
cdn-cache; desc=HIT, edge; dur=10, ak_p; desc="1698144363309_389027508_509507574_5058_9928_7_0_182";dur=1
content-length
603
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:40 GMT
server
openresty
etag
W/"7819fa78e2e7770bb40587187d83cb87"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
lJYizpz3NFYiumN2o0sjgylPZOCYFHvjwRXrJ5-ynxLJp7s2IP_acw==
expires
Wed, 23 Oct 2024 10:46:03 GMT
logo_footer.png
www.mlive.com/pf/resources/images/mlive/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_footer.png?d=1155
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5fe498f984078cc4039385dc4a4befa8cbd53ae03eb24187cac828668ca60415
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 24 Oct 2023 10:46:03 GMT
x-check-cacheable
YES
x-arc-request-id
0.b4163017.1698144363.1e5e77fa
server-timing
cdn-cache; desc=HIT, edge; dur=13, ak_p; desc="1698144363315_389027508_509507578_5932_13426_7_0_146";dur=1
content-length
1579
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 16:17:34 GMT
server
Akamai Image Manager
x-serial
137
etag
W/"be8042e858f0c6b5cd87834c8aafe76d"
x-edgeconnect-cache-status
1
content-type
image/avif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31469431
expires
Tue, 22 Oct 2024 16:16:34 GMT
AdvanceLocal_horizontal.svg
www.mlive.com/pf/resources/images/common/logos/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/logos/AdvanceLocal_horizontal.svg?d=1155
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
702c805fec65a8cc8c6c40aed34123b021e5ed6107cc6dfdebc4b0fc2e229887
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
MIA3-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144363.1e5e77f7
server-timing
cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="1698144363308_389027508_509507575_4533_8487_7_0_182";dur=1
content-length
3554
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:40 GMT
server
openresty
etag
W/"3770993da506fb6d4bbccfcdcc3a4800"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
22WDpKMR3dNfXv5-AuyUPYzc7kpknVLUXzTzRSky3uNBEuiphlhzeA==
expires
Wed, 23 Oct 2024 10:46:03 GMT
privacyoptions29x14.png
www.mlive.com/pf/resources/images/common/icons/ 		626 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/privacyoptions29x14.png?d=1155
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
81d96c2c7c2e932a708503820d985a2cec124fb641787b758321ffae78359ce8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 24 Oct 2023 10:46:03 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 16:17:34 GMT
server
Akamai Image Manager
etag
W/"3becc0b0069622544a1ffb2da90eebe3"
x-arc-request-id
0.b4163017.1698144363.1e5e77fb
content-type
image/png
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31469457
server-timing
cdn-cache; desc=HIT, edge; dur=18, ak_p; desc="1698144363314_389027508_509507579_6440_13541_7_0_146";dur=1
content-length
626
expires
Tue, 22 Oct 2024 16:17:00 GMT
ad-choices-arrow.png
www.mlive.com/pf/resources/images/common/logos/ 		190 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/logos/ad-choices-arrow.png?d=1155
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 24 Oct 2023 10:46:03 GMT
x-check-cacheable
YES
x-arc-request-id
0.b4163017.1698144363.1e5e77fc
server-timing
cdn-cache; desc=HIT, edge; dur=21, ak_p; desc="1698144363319_389027508_509507580_7330_13197_7_0_146";dur=1
content-length
190
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 16:18:09 GMT
server
Akamai Image Manager
x-serial
859
etag
W/"c6e75cc6be8dcb2f2d1ab36209f3c3b7"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31469491
expires
Tue, 22 Oct 2024 16:17:34 GMT
v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
satisfycork.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
1e4d38de62c8382d0c6085804ed1d77beb15e15e93d7a71ffac4a095c4099877
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Tue, 24 Oct 2023 10:46:03 GMT
x-datacenter
gce-europe-west1
etag
"97df683b8a6e00379b35212a637ef81430b209df8d2c161761832e023385621d"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-zlrc
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1033761249
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sophi.min.js
cdn.sophi.io/advancelocal/ 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sophi.io/advancelocal/sophi.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b9afeb90db17ffa772a8bbc38f8ae37524ac4c0660dfc228f528cfe36a38d53d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 03:02:23 GMT
x-amz-version-id
.qZXsiAWjTa0yWFLcXE5U.grm2eEgIL7
content-encoding
br
last-modified
Mon, 27 Feb 2023 17:38:35 GMT
server
AmazonS3
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
etag
W/"0915af152c652f927c398faa26e9904b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
27821
x-amz-cf-id
mtfr6i4dxqvLrVnwlcYH05cCK6tUs7B4VR2IUIImaHCA3Z0LicVXxQ==
al-mlive.segments.min.js
apps.sophi.io/latest/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.sophi.io/latest/al-mlive.segments.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-71.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0709e11f34bb1e47193a170bc8baf94732a32a867443b29be840c550cc03981d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
5x.gfjtiZoE7IFt5eELjKuStLmrI5ZXL
content-encoding
gzip
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 10:43:39 GMT
last-modified
Thu, 09 Feb 2023 19:54:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
172
x-amz-server-side-encryption
AES256
etag
W/"25a09f4745cf7bc62917c4a8bea2a575"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=0
x-amz-cf-id
YoLRo6uPteSA8x4SuYpt8GndNjLpoMduYgtakgHWDiCniDfxeGVJTA==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fc7f40fe3b6fca4d842274e5c319024864535325c7484e201b7c53257209809
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
HAfQnQ1aKA6QX2rlLtw0Ew==
age
49108
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6821
x-ms-lease-status
unlocked
last-modified
Mon, 23 Oct 2023 16:07:32 GMT
server
cloudflare
etag
0x8DBD3E229E2FD41
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
50454938-301e-0079-5eea-05c5a7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81b1a23ed8461941-FRA
SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:9a4::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Sun, 24 Sep 2023 15:58:37 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
gtm.js
www.googletagmanager.com/ 		481 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6538803b246937100aaca47264912ef3b13903c1bc63b071f12001968fa1714f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
135668
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 24 Oct 2023 10:46:03 GMT
chevron-white.svg
www.mlive.com/pf/resources/images/common/arrows/ 		864 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/arrows/chevron-white.svg?d=1155
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1155
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144363.1e5e77fd
server-timing
cdn-cache; desc=HIT, edge; dur=168, ak_p; desc="1698144363308_389027508_509507581_20818_8447_9_0_219";dur=1
content-length
486
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:40 GMT
server
openresty
etag
W/"691552a6377a1dfc9eeae87d6aeb8931"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
kyZL8QSNyGzMMMQGRk7hdEZ3todtSdJJI77ppVq9OuEMUDmMHIg7Dw==
expires
Wed, 23 Oct 2024 10:46:03 GMT
newsletter.svg
www.mlive.com/pf/resources/images/mlive/promo/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/promo/newsletter.svg?d=1155
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1155
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a7e702f15b65f58d32945e27b8416dac2811afad1a828a9a617d5c0c1cc85b21
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD56-P6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144363.1e5e79b4
server-timing
cdn-cache; desc=HIT, edge; dur=38, ak_p; desc="1698144363475_389027508_509508020_8450_9662_9_0_219";dur=1
content-length
1059
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:40 GMT
server
openresty
etag
W/"22c89d844df3fcb416b9291f7e668863"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
_0KfNsXDvt7aUjOokahMbirM-gqpVi70xFhq8OtAeQyUfuWJMuRppA==
expires
Wed, 23 Oct 2024 10:46:03 GMT
chevron-black-right.svg
www.mlive.com/pf/resources/images/common/arrows/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/arrows/chevron-black-right.svg?d=1155
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1155
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD56-P6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144363.1e5e79b6
server-timing
cdn-cache; desc=HIT, edge; dur=38, ak_p; desc="1698144363469_389027508_509508022_7937_10000_9_0_219";dur=1
content-length
746
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:40 GMT
server
openresty
etag
W/"4347be806f2c6a630a5407afb75ab920"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
nr3XxHJYGsVpB3XnC5HLx-lLkKzOP5hRKR1bo02b8wp9xacflx1OrA==
expires
Wed, 23 Oct 2024 10:46:03 GMT
ZVAQ3DJZPREN3DBYYCCFBVLAXU.png
www.mlive.com/resizer/yUCWNeBxL7cSo_f6tFUEiV3skF0=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/yUCWNeBxL7cSo_f6tFUEiV3skF0=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ZVAQ3DJZPREN3DBYYCCFBVLAXU.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4f36d629bc21caef49ede1b322f5e2683f5b2493155d2a778d1c12b5d195ce27
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 24 Oct 2023 10:46:03 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 20:27:17 GMT
server
Akamai Image Manager
etag
"e848fd0e64fff694ab4f7dfff20778155aee31f2"
x-arc-request-id
0.b4163017.1698144363.1e5e79b7
content-type
image/avif
cache-control
private, no-transform, max-age=31484562
server-timing
cdn-cache; desc=HIT, edge; dur=49, origin; dur=0, ak_p; desc="1698144363467_389027508_509508023_8773_8931_9_0_219";dur=1
content-length
56136
expires
Tue, 22 Oct 2024 20:28:45 GMT
ACEDVDVOVJFUFE24UWUJZFZQYE.JPG
www.mlive.com/resizer/mygDjqDcfdmJpbYXP0q4ntCAalo=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/mygDjqDcfdmJpbYXP0q4ntCAalo=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ACEDVDVOVJFUFE24UWUJZFZQYE.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
30c19660e83a69b962ac0ed57f98bc1ddfb75d048534723749edfbb066b23307
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 24 Oct 2023 10:46:03 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 20:51:16 GMT
server
Akamai Image Manager
x-serial
1972
x-check-cacheable
YES
etag
"8292acf92783623387f56e3067411888220041ca"
x-arc-request-id
0.b4163017.1698144363.1e5e79b8
content-type
image/avif
cache-control
private, no-transform, max-age=31485811
server-timing
cdn-cache; desc=HIT, edge; dur=105, origin; dur=0, ak_p; desc="1698144363469_389027508_509508024_14609_11104_10_0_146";dur=1
content-length
40141
expires
Tue, 22 Oct 2024 20:49:34 GMT
5QBIDD4Q2BBHTDT7ZG3EB7M6QI.JPG
www.mlive.com/resizer/YrnlpYHfpbmfh385of44JDwpi-U=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/YrnlpYHfpbmfh385of44JDwpi-U=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/5QBIDD4Q2BBHTDT7ZG3EB7M6QI.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
f8532f376b717cca04d77b38868520a1f7ae50a6e2a2f429915021c3042124a9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 24 Oct 2023 10:46:03 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 21 Oct 2023 01:28:09 GMT
server
Akamai Image Manager
x-serial
1859
x-check-cacheable
YES
etag
"8a9b114d6c37614dc1c27acb04fa3399d3410810"
x-arc-request-id
0.b4163017.1698144363.1e5e79b9
content-type
image/avif
cache-control
private, no-transform, max-age=31243368
server-timing
cdn-cache; desc=HIT, edge; dur=105, ak_p; desc="1698144363537_389027508_509508025_23064_12856_7_0_146";dur=1
content-length
27552
expires
Sun, 20 Oct 2024 01:28:51 GMT
B2NVMWPUTNDPFI64VNT5NRL6AI.png
www.mlive.com/resizer/ETRkLfLr1v2nT4-HCrd_mlDoSNs=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/ETRkLfLr1v2nT4-HCrd_mlDoSNs=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/B2NVMWPUTNDPFI64VNT5NRL6AI.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
3a55969ec3a6e3cadee975e296740782f8ddd01a9f4f8931d582d1c9a960e7c5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 24 Oct 2023 10:46:03 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 24 Oct 2023 02:18:11 GMT
server
Akamai Image Manager
etag
"ac54e2baabf7deb9ba0994df88147217e8302163"
x-arc-request-id
0.b4163017.1698144363.1e5e79ba
content-type
image/avif
cache-control
private, no-transform, max-age=31505661
server-timing
cdn-cache; desc=HIT, edge; dur=66, origin; dur=0, ak_p; desc="1698144363465_389027508_509508026_10227_10354_9_0_146";dur=1
content-length
26206
expires
Wed, 23 Oct 2024 02:20:24 GMT
4GZFOIXUXVA67HYFUNI6KA26VE.jpg
www.mlive.com/resizer/Ibw_CEgk3NZw1a0Tibi2yIphD3w=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/Ibw_CEgk3NZw1a0Tibi2yIphD3w=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/4GZFOIXUXVA67HYFUNI6KA26VE.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
00f178763295f250aefd3f02bd0861e3c49241ad1d4b381f17db391e428285eb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 24 Oct 2023 10:46:03 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 21:05:51 GMT
server
Akamai Image Manager
x-serial
667
x-check-cacheable
YES
etag
"ac2f38a62870db4541bcf012d5b2e46ac0adf9c3"
x-arc-request-id
0.b4163017.1698144363.1e5e79bb
content-type
image/avif
cache-control
private, no-transform, max-age=31486780
server-timing
cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="1698144363466_389027508_509508027_4116_17579_9_0_146";dur=1
content-length
34702
expires
Tue, 22 Oct 2024 21:05:43 GMT
F463MR4P65A3FMZEEUBUU5VE6A.jpg
www.mlive.com/resizer/86FWoRHfT4ywAJxQ-rc-ea3F_Yw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/86FWoRHfT4ywAJxQ-rc-ea3F_Yw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/F463MR4P65A3FMZEEUBUU5VE6A.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
fe0ff712027539a1129eb9f36c3b81dee4acaf304ba22032f7a17815d4ff6cb9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 24 Oct 2023 10:46:03 GMT
x-check-cacheable
YES
x-arc-request-id
0.b4163017.1698144363.1e5e79bc
server-timing
cdn-cache; desc=HIT, edge; dur=14, ak_p; desc="1698144363468_389027508_509508028_5270_12738_9_0_146";dur=1
content-length
16959
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 12 Oct 2023 07:49:15 GMT
server
Akamai Image Manager
x-serial
1993
etag
"19175296a3f72581b5259861233d9779d8aa9ceb"
x-edgeconnect-cache-status
1
content-type
image/avif
cache-control
private, no-transform, max-age=30488791
expires
Fri, 11 Oct 2024 07:52:34 GMT
NUNL3ONXGREIRLMSTNEQFD2PG4.jpg
www.mlive.com/resizer/DkpJC3F5rYheGIjc4DN12nQk19w=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/DkpJC3F5rYheGIjc4DN12nQk19w=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/NUNL3ONXGREIRLMSTNEQFD2PG4.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1a3a3246ee8a8d270ddb3f00c5ad7ca24ac25f062094f28522b6acba2185119b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 24 Oct 2023 10:46:03 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 22:52:03 GMT
server
Akamai Image Manager
etag
"a4d1403de59bf70d428400d83068b3be1220e0f6"
x-arc-request-id
0.b4163017.1698144363.1e5e79be
content-type
image/avif
cache-control
private, no-transform, max-age=31493266
server-timing
cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="1698144363466_389027508_509508030_4341_10045_9_0_146";dur=1
content-length
22711
expires
Tue, 22 Oct 2024 22:53:49 GMT
UJRWHTXLGFDVTNSBUHPMNPBXHA.jpg
www.mlive.com/resizer/B1vLB2ardHvShA0JEcmLrSN80_M=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/B1vLB2ardHvShA0JEcmLrSN80_M=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/UJRWHTXLGFDVTNSBUHPMNPBXHA.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1dc7e458129149cd831f90a7904e2609fb204432fe4de02d547cea2101b3e3ac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 24 Oct 2023 10:46:03 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 18:13:24 GMT
server
Akamai Image Manager
etag
"8f665bf76684b1e39f7f56e876c84e5fb67f9ff4"
x-arc-request-id
0.b4163017.1698144363.1e5e79bf
content-type
image/avif
cache-control
private, no-transform, max-age=31476454
server-timing
cdn-cache; desc=HIT, edge; dur=7, ak_p; desc="1698144363465_389027508_509508031_4339_10299_9_0_146";dur=1
content-length
12685
expires
Tue, 22 Oct 2024 18:13:37 GMT
OWXVYSX3BNAP7PJ5QPK4YBU34U.jpg
www.mlive.com/resizer/UzCrrTva1vIt6DGcBo7IaTR7Bkw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		11 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/UzCrrTva1vIt6DGcBo7IaTR7Bkw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/OWXVYSX3BNAP7PJ5QPK4YBU34U.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
2582a31bc0a88f7a04a4f119d4ba35e5762198cf5338632d29c6c4d47997d016
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Tue, 24 Oct 2023 10:46:03 GMT
x-check-cacheable
YES
x-arc-request-id
0.b4163017.1698144363.1e5e79c0
server-timing
cdn-cache; desc=HIT, edge; dur=15, ak_p; desc="1698144363466_389027508_509508032_5179_10059_9_0_146";dur=1
content-length
11430
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 10 Apr 2023 10:35:59 GMT
server
Akamai Image Manager
x-serial
326
etag
"85691b3a4c2549295453557168234b02a88b5525"
x-edgeconnect-cache-status
1
content-type
image/avif
cache-control
private, no-transform, max-age=29722747
expires
Wed, 02 Oct 2024 11:05:10 GMT
92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28a669c7ee4519c5c60a775a5c32da42e3288e5277ed89318e5f1658b97aefbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
72186
content-md5
xyYCAi3W1qEGA7WYnxS3KQ==
content-length
1791
x-ms-lease-status
unlocked
last-modified
Tue, 03 Oct 2023 14:03:42 GMT
server
cloudflare
etag
0x8DBC4198CE8BF88
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9bf019ea-601e-004b-5b02-f6c5d0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81b1a23fa9664d58-FRA
expires
Wed, 25 Oct 2023 10:46:03 GMT
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
600
content-length
0
date
Tue, 24 Oct 2023 10:46:04 GMT
server
nginx
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/advancelocal/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Tue, 24 Oct 2023 10:46:04 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		66 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
81b1a241bf42362c-FRA
access-control-allow-headers
Content-Type
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
q9b9clsZLLfdBtwdmheOfdbmJj61AqqK
date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
br
last-modified
Wed, 16 Aug 2023 09:22:55 GMT
x-amz-request-id
VAV0CSCY9Q57MG1W
etag
"ee3af1e29ac1607ef3d41c515d1e05ad"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3418
x-amz-id-2
cPLXOZ6L+iEYmfx3GteX84SDKFgFy2jW1mYBv+PrrEQ7WbkP6ayrYDP4RTkijM74SIevbeZWGtNQgP70TTKcNQ==
script.js
h312.mlive.com/ 		139 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/script.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
ee9d11c373870aee4391c291c71c32919add23f19e67b5da86421d8d067c60a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:40:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
age
347
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
42761
x-xss-protection
1; mode=block
last-modified
Tue, 24 Oct 2023 10:39:47 GMT
server
-
etag
5c45f35780f8bb4bd55c5b3f4f0e65a0
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
b8nNr-hiRpgxenkugRZOG-_d6LHk67-Ox5nFFvUl6RRnyulrj_WzwA==
expires
Tue, 24 Oct 2023 10:50:16 GMT
moatheader.js
z.moatads.com/advanceddigitalheader640552616592/ 		242 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
17c3dab99f83d00fa510dcb7428bc4f045768515e29d825ca53dbb678dbdb05b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 09:39:58 GMT
server
AmazonS3
x-amz-request-id
BXRMRAF8MXQXTC8Y
etag
"47dd75b69c34845d5885471bccb21f88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=16195
accept-ranges
bytes
content-length
86457
x-amz-id-2
Geq9HS/byl5R7LtGEcm7EEH/qiEkyQdVuq4RvSLVirYikhqCIBTAhG+rqXQ3kv80J6ORJ5qiS3k=
ats.js
ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ 		156 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-19.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb5e59be9d91ab09c743760da7054e15b0651ff22256c268c6b715a2d5f3ccf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
vARkeOieo2JNVDzbKxyldiy10m_tXtgu
content-encoding
gzip
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 10:34:53 GMT
last-modified
Wed, 04 Oct 2023 09:51:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
671
x-amz-server-side-encryption
AES256
etag
W/"8396faf5122b62492a4e34f0e9dfe637"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
BiREhbxW-J29XlKlxxqZ5klBzGBpw8_cxRVIHfaERM0vJM5gjSkhLw==
swg.js
news.google.com/swg/js/v1/ 		206 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5c74e4b4a531ebddffe40e7d140c441807d26ffc57ae9a48a1208dc9c977858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:03:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2577
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60550
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 00:02:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 24 Oct 2023 10:53:06 GMT
load
experience.tinypass.com/xbuilder/experience/ 		338 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
date
Tue, 24 Oct 2023 10:46:03 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 09:46:20 GMT
server
cloudflare
age
3583
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
81b1a242b99b1981-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
js9mtf425x
expires
Tue, 24 Oct 2023 11:16:03 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202309.1.0/ 		424 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 10:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wp4bduWb8cLN8oREjFODhQ==
age
7590
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
104423
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:28 GMT
server
cloudflare
etag
0x8DBD0539A07337D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
dbd74625-001e-004d-1f95-02f66f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81b1a2425c6e1941-FRA
skeleton.gif
static.adsafeprotected.com/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adunitid=frwjhs&adnum=4425014
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 28 May 2023 02:26:58 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
12903545
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
WMBRJvY-kaFZawatKnJ7tID7lR8iAbXlLa3r4cgJzkwS2SRfIqCqvw==
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		75 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e949e0ba546cccd944b7fc64ebc3f97123638dd1b3af8eec5732cd599c2ed46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
81b1a243483d906c-FRA
vary
Accept-Encoding
content-type
text/javascript
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 24 Oct 2023 09:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3382
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 24 Oct 2023 11:49:42 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.102.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-102-18.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 06:26:26 GMT
Via
1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Age
15578
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
xp5syOCljG6yHD7xlZEyUABQneM7KvqiQau7VMCmFVKGCHwbRAB_bg==
Expires
Wed, 25 Oct 2023 06:26:26 GMT
load.js
s.ntv.io/serve/ 		614 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.212.213.167 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-213-167.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c39132857ba1f8dce335c6f2c350d01ff1e6864bb04b15150ce52f0f46d8c3f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 10:46:04 GMT
Content-Encoding
gzip
x-amz-request-id
6Z5Y30SV659F5RCX
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
p7ICO20tDrMt7yKsvl/BB7qy4DyKSLaWQ9RCZtiyK8bmu4M6enZYsdKRU5NFpgR/mUj/Fs6Cpk8=
Last-Modified
Mon, 09 Oct 2023 20:42:42 GMT
Server
AmazonS3
ETag
"f5d07a2c15f76a429bfac37e4fd5fb90"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-41.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 07:14:50 GMT
content-encoding
gzip
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
16995
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
_UtkP1lIb5uOZzRYywPp-Qf3b_xQ8gsSXcnPfPlqYBGCZTQwOIX44A==
fbevents.js
connect.facebook.net/en_US/ 		199 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 24 Oct 2023 10:46:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53588
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
UP9x0by9iE5alUVfQ0G558Dss3IJZSy6+c5YlC/wS8qRccDxS1Siql31EfuveDvqt13oYGqsVlVBKxsYp3QI+A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:04 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230113-FRA
insight.min.js
snap.licdn.com/li.lms-analytics/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
51f361716f7032e7456f1032326fdc3881a9462a0e8539ee3b02ad3f8316e0c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 24 Oct 2023 07:29:34 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=74563
accept-ranges
bytes
content-length
3855
ml.br.js
js.matheranalytics.com/static/ltm/ma63527/all/17/
Redirect Chain
  • https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1638
  • https://js.matheranalytics.com/static/ltm/ma63527/all/17/ml.br.js
149 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma63527/all/17/ml.br.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
6bfe280c501d01dc9b39511ab8b8f9346efdf243c3db60a935f108c8e36b56d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 14:40:27 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 13 Oct 2023 19:41:13 GMT
server
nginx
age
72337
etag
"d57e309468cdb5833b84963f20429014"
vary
Accept-Encoding
x-cache
HIT Fri, 13 Oct 2023 19:49:12 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44099

Redirect headers

date
Tue, 24 Oct 2023 10:46:04 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma63527/all/17/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
0-gc-euwest1-xgfw1027
js
www.googletagmanager.com/gtag/ 		256 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b22433fbaac7094ba76d12050dc8e49317a9dc73932d14bff18a185fc13c6bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88805
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 24 Oct 2023 10:46:04 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1155
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f13e75c70e708e1d02806877d8ac794d0a5072c747f485a44a8a59d466237e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29452
x-xss-protection
0
server
cafe
etag
457 / 19654 / m202310180101 / config-hash: 16778064189060331725
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 10:46:04 GMT
10071.js
micro.rubiconproject.com/prebid/dynamic/ 		531 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/10071.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1155
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
bc5cbc8ceaba960343c07ebec234d697813d9da28f218ea3ab6fa0fcaf35f180

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:04 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-10071_MI_Desktop_Mobile.js
content-type
text/javascript;charset=UTF-8
cache-control
public, must-revalidate, max-age=14400
content-length
153773
expires
Wed, 25 Oct 2023 01:34:19 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		263 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1155
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c5f80cce6889f5bd1236ae540178efed729c20bf20c5afaeed6e2fa02d50323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:13:50 GMT
content-encoding
gzip
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront), 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified
Tue, 17 Oct 2023 19:57:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
1935
etag
W/"b9a7eb01b5274e82795d834c0b8154f1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
WkzGNAjo3LZATInPb3AB2WCkAydN1hTCpDPBPhvx6QTCjYwlZ3klaQ==
lt.min.js
tags.crwdcntrl.net/lt/c/963/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1155
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fb1d13154b4b396d3ce77eb8294a859bef473d7d991624d266b0247c419a9ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 09:42:47 GMT
content-encoding
gzip
via
1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 14:13:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
3844
x-amz-server-side-encryption
AES256
etag
W/"acf40b9beb60ff814c409d1a2b654497"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
FxGYvyva-kPOxDerVrC08L4VyjZWh6JirCrOkNw2VhYNG15MT5DiZA==
icon-menu-outline.svg
www.mlive.com/pf/resources/images/common/icons/ 		523 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/icon-menu-outline.svg?d=1155
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1155
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
3f5684bf5aa4a6eb5c9015394c8739dff39377a73adf72c30ba511d0ab5b50f3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1155
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 24 Oct 2023 10:46:04 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
52C8PR7BXCK0KDY9
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144364.1e5e8320
server-timing
cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1698144364442_389027508_509510432_361_10434_8_0_219";dur=1
content-length
278
x-amz-id-2
I/+zeMgJWZswDsjL6ZQFf17Bkt1jb3vlJ4EgJ9FbPKelLPo3q7NI5FWufveid3nakZpH2a2xjp4=
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:40 GMT
server
openresty
etag
W/"ef41b0e325b0902f9a8781e21cc20457"
x-edgeconnect-cache-status
1
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
image/svg+xml
access-control-allow-origin
*, *
cache-control
public, max-age=31536000
x-amz-cf-id
JZEWTGln7ST0bD7lHSQgV7u-5pgWjA4p84thVVUgu7HjVnyeqQl5vw==
expires
Wed, 23 Oct 2024 10:46:04 GMT
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/advancelocal/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Tue, 24 Oct 2023 10:46:04 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
600
content-length
0
date
Tue, 24 Oct 2023 10:46:04 GMT
server
nginx
client
accounts.google.com/gsi/ 		198 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1155
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
604b2b92648ad81f3bb7b5740928559c0594df2817f6e33ca69556a53bc01583
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-xIZIv7BCEUDKLmStUHwFow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:04 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-xIZIv7BCEUDKLmStUHwFow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 24 Oct 2023 10:46:04 GMT
config.json
c.go-mpulse.net/api/ 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ&d=www.mlive.com&t=5660481&v=1.720.0&sl=0&si=cc33aa5a-507d-4219-8748-0a8753d06710-s314kq&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=468260
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:18d::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
28445ab5a58bac3609ddba4d1200c1797a766b538fd6b0bdb0926fbe386f327c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 24 Oct 2023 10:46:04 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
fpc
at.teads.tv/ 		0
336 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_11014&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=471b531&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Oct 2023 10:46:04 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.mlive.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Tue, 24 Oct 2023 10:46:04 GMT
user-white.svg
www.mlive.com/pf/resources/images/common/icons/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/user-white.svg?d=1155
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1155
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1155
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 24 Oct 2023 10:46:04 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b4163017.1698144364.1e5e83bc
server-timing
cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1698144364515_389027508_509510588_356_9838_7_0_146";dur=1
content-length
2508
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 23 Oct 2023 15:58:40 GMT
server
openresty
etag
W/"fdc13d9553130cf8463df06e8ba5682d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
OWfoe5USRL9M0PbmOLkpd34wocjSveEn5lRSGiiHV7cft-DEJLbsIg==
expires
Wed, 23 Oct 2024 10:46:04 GMT
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		16 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?&callback=bc_json579
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.211.72.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-72-119.compute-1.amazonaws.com
Software
- /
Resource Hash
24bcc5ed9bdd0c9aee18cdde9c798a4b939d9918e46d2b2ba32739e643256ada
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1238
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6456
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 21:11:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 24 Oct 2023 11:15:26 GMT
tinypass.min.js
cdn.tinypass.com/api/ 		361 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe1b470a249dc18677bf8072fdf0befec818a47f146984010a4d62dc3cfba98b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:04 GMT
x-amz-version-id
n67YzhLYTLm3RnE9xFLN7wInpmQRe47e
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
53ZNDCJTWSRHJ67N
age
3632
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
zqtuYgpRBHfmk/q160g9dCvfEfu+9sJSDGkjuWq1g783dMfHamAmipSg22VuR53Up3YvjLCQs2M=
last-modified
Tue, 24 Oct 2023 09:44:42 GMT
server
cloudflare
etag
W/"c57b041f68bb8ae63c0de390741f7b2c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
81b1a246df7e1981-FRA
expires
Tue, 24 Oct 2023 14:46:04 GMT
/
geo.privacymanager.io/ 		30 B
611 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash
a79f00e0930c3c99dbebf0a0f79384a8ab93dc88bb87e04b572f51a3b4b8367e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 01:31:07 GMT
via
1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront), 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
33297
x-amzn-requestid
7b88b6da-3e55-4fba-9bd2-0d89274ba9cd
x-amzn-trace-id
Root=1-65371e5b-1ab1a1b55873232544a5dbd6;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
NSGuVGcYjoEEoVA=
content-length
30
x-amz-cf-id
1zmAfXm80MqegV0vyn-BKRFOB0lnLL3dOoNhjKjSyhgJR3PbZqLXPQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
en.json
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ea084acf-769b-4fd5-855a-0bd46d125eb1/ 		152 KB
28 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ea084acf-769b-4fd5-855a-0bd46d125eb1/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
198e362fd4a64c0f1397b4ef5b7559f3ca19ef05c521ee6afad62a208ceb9255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 10:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
71463
content-md5
J9cg0GLltJzWTPvBvKAWTg==
content-length
27960
x-ms-lease-status
unlocked
last-modified
Tue, 03 Oct 2023 14:03:49 GMT
server
cloudflare
etag
0x8DBC419913F8E0F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
38f690f5-901e-0002-5002-f6873b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81b1a246eb0a4d58-FRA
expires
Wed, 25 Oct 2023 10:46:04 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 24 Oct 2023 10:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
p.js
cdn.parsely.com/keys/mlive.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/mlive.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
public
date
Tue, 24 Oct 2023 06:55:16 GMT
content-encoding
gzip
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
last-modified
Wed, 29 Jun 2022 14:34:05 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
14560
etag
W/"62bc62dd-df3e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
8jTYHnsmTVxpYcZp2-9CIak5w2iiZX7fZBZHYK4CTMmyIe8du-FLcQ==
expires
Wed, 25 Oct 2023 06:43:24 GMT
b
sb.scorecardresearch.com/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6034988&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1698144364629&ns_c=UTF-8&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&c7=https%3A%2F%2Fwww.mlive.com%2F&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&c9=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-41.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:04 GMT
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
kgGitGNRLzwShUzuMGimjxNXRkSAVgJPpC1LCrb92dCr1JGpkLcTiw==
x-cache
Miss from cloudfront
adsct
t.co/1/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=3a2c39fe-2f39-4d18-b8bd-0478f313565d&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=af5587fd-22d1-43ca-853e-d6b4946c8076&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.29
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-response-time
109
date
Tue, 24 Oct 2023 10:46:04 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
3665d3ad5cfeb1c1
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
c2c3613645d2f09ecfd7ce75470164889e4b3aae14f7cccc67e99aee49caa3b3
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=3a2c39fe-2f39-4d18-b8bd-0478f313565d&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=af5587fd-22d1-43ca-853e-d6b4946c8076&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.29
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-response-time
109
date
Tue, 24 Oct 2023 10:46:04 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
421b5601708654f0
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
db89cd7bee276f154b2c3e3c6166d89d5d1d85bb8db6c596447148a2b79d6727
content-length
43
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 15 Oct 2023 08:32:45 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=79236
accept-ranges
bytes
content-length
3272
120978121945017
connect.facebook.net/signals/config/ 		139 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/120978121945017?v=2.9.135&r=stable&domain=www.mlive.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
117bd1d2c6b893c4d694d03852fe39549668ded1d36058fc26cbb4213b3b7771
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 24 Oct 2023 10:46:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
37102
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
k8c5zKNACNKOnh4jiRl0pxu8abNDpD5DMz9rnOrk6AaFnfx4xzl1qcc61PT/CSEdbWRME8UofSkiet0DZjybKw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/ 		422 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b333a33f794194adaf94287fb06c6529010aade13c0574140ea03f4bd9f433bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:47:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
57503
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135328
x-xss-protection
0
server
cafe
etag
16474413789440466402
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 22 Oct 2024 18:47:41 GMT
iframe.html
z.moatads.com/hd09824092/ Frame 94FB 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=3005
content-length
1374
content-type
text/html
date
Tue, 24 Oct 2023 10:46:04 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
x-akamai-ew-subworker
8096267
x-amz-id-2
tXhAc64MXavoo2Ys7gL4K0CHvWdnnjW6yMDYhattkSwkbmjydK4ZTHB9EYLhbnHzR5lAnVYPFb8=
x-amz-request-id
7Y2H1YDSCY2G4ZCG
set
privacy.crwdcntrl.net/consent/ 		61 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy.crwdcntrl.net/consent/set?ct=skip&ca=1&ccd=1&cds=1&cta=1&c=963&src=LTJS
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
5f26dfc3f5d603822dd5eb17c772720fd8d984f3fa596f757973dabe24ebda6e

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:04 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.29.248
access-control-allow-credentials
true
content-length
61
expires
0
10071-pbjs-floors.json
ads.rubiconproject.com/floors/ 		60 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/10071-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
f2f1d763c9ce0f5402cff7335c0a42d0354b9692717b6464df33fd16179e6bb1

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 24 Oct 2023 10:46:04 GMT
content-encoding
gzip
last-modified
Tue, 24 Oct 2023 09:40:39 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
6685
3178
config.aps.amazon-adsystem.com/configs/ 		505 B
771 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3178
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-71.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
c8164ab49ff3d32ffbe7e6ad17e8b16e8765b94ab42088494bfad6ce09be8893

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:01:22 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2682
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
505
x-amz-cf-id
eO6HJWn6A7NiZ_PS7g4YCLTnUPjCxeLosvacF7hY8MP0nhD-tlIwnw==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3178&u=https%3A%2F%2Fwww.mlive.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e5696a4c04cb9236e69390a6a84619091cfe6ce887e5747c74f3214a69419484

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 05:46:45 GMT
via
1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
17958
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1692
x-amz-cf-id
rFqSkcL3Wizcm4SMcLuo7_WvCMDU4dzXqVZPYnl_zcGd0-_l393Amg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
date
Tue, 24 Oct 2023 03:15:30 GMT
x-amz-cf-pop
FRA56-P6
age
27035
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
GkfEZX5BVnZu_yyN_12hwKg9Hsp-bniPv3crnZ0-Iy6C0iJR1oB-Xw==
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=45je3an0&_p=1921934849&cid=1618411612.1698144365&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1698144364&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&en=page_view&_fv=1&_nsi=1&_ss=1&ep.headline=undefined&ep.author=undefined&ep.entry_id=undefined&ep.page_type=homepage&ep.product=homepage-beta&ep.platform=desktop&ep.user_subscription_status=undefined&ep.ab_test_group_user=undefined&ep.search_term=undefined&ep.targeting_codes=undefined&ep.targeting_codes2=undefined&ep.targeting_codes3=undefined&ep.targeting_codes4=undefined&ep.targeting_codes5=undefined&ep.targeting_codes6=undefined&ep.entry_tags=undefined&ep.referring_subdomain=undefined&ep.browser_cookie_region=undefined&epn.monthly_visit_number=1&ep.content_region=undefined&ep.content_topics=undefined&ep.blog_category=undefined&ep.section=Home%20Page&ep.article_date_original=undefined&ep.article_date_updated=undefined&ep.entity_type=undefined&ep.entity_value=undefined&ep.auxiliaries=undefined&ep.gigya_user_id=undefined&ep.usprivacy_cookie=undefined&ep.userid_flag=false&ep.targeting_codes7=undefined&ep.targeting_codes8=undefined&ep.targeting_codes9=undefined
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
jadserve.postrelease.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.mlive.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.156.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-156-217.compute-1.amazonaws.com
Software
nginx /
Resource Hash
441d0436504637abe57f12cfc25ff757b42b340169e87c5ade8cd9987278420b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:05 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
1516
expires
Mon, 1 Jan 1990 12:00:00 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 24 Oct 2023 10:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
data
bcp.crwdcntrl.net/6/ 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.195.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-195-217.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
8f29d409d4db465dde9aadeac085fc363d04614edebdc060e3a490d74020acaa

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:05 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.25.177
access-control-allow-credentials
true
content-length
60
expires
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&ptype=homepage&prem=0&sec=Home%20Page&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=17&tvcfg=all&tid=a0330373-a51f-4cea-b330-248174f8616d&pid=83d2c3d5-37ee-4655-89f6-2e215a361603&dtm=1698144365055&qnm=_matherq&visible=1&tabid=8f8d43eb-d394-4601-9648-7511b187e95a&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x13597&tofa=1698144365&vid=1&lvidt=1698144365&duid=ba341e8a-af0d-433d-85a1-37ccc91294f9&fp=2849720740&cid=ma63527&mrk=484602605&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY5ODE0NDM2MjE2MyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMG1iIiwiZnN0UGFpbnQiOiIxMjIwIiwiZmV0Y2hTIjoiNzU3IiwiZG9tYWluUyI6IjgzMCIsImRvbWFpbkUiOiI4MzAiLCJjb25uUyI6IjgzMCIsImNvbm5FIjoiODUzIiwic3NsUyI6IjgzNyIsInJlcXVTIjoiODUzIiwicmVzcFMiOiI4OTciLCJyZXNwRSI6IjE0ODMiLCJkb21Mb2FkIjoiOTAyIiwiZG9tSW50ZXIiOiIxNzMwIiwiZG9tTG9hZFMiOiIxODQ5IiwiZG9tTG9hZEUiOiIxODYwIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTYxODQxMTYxMiIsInJlZlRpbWUiOiIxNjk4MTQ0MzY1MDUzIn1dLCJ1c2VyRGF0YSI6eyJpc0xvY2FsIjoiMCJ9fQ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.77.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-77-247.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Tue, 24 Oct 2023 10:46:05 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
style
accounts.google.com/gsi/ 		533 B
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Rw_rSf-Rx6-gqMbDy-Tx9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:05 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Rw_rSf-Rx6-gqMbDy-Tx9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 24 Oct 2023 10:46:05 GMT
status
accounts.google.com/gsi/ 		40 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=339703812340-kido2ms26ssegr4jpn27vo7ro7hgkjme.apps.googleusercontent.com&as=7b0taLXgHQTThzzqzq%2BHOg
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b68cefe0d6395da7ca1493f2a1f3c76b0bdda80ec175d1e3828ba598e4b5883b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Wr-VbuzBBU6J1uCc6piCdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:05 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Wr-VbuzBBU6J1uCc6piCdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:05 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 24 Oct 2023 11:01:05 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 02:03:18 GMT
content-encoding
gzip
via
1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
31368
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
4v6dY6k6ZlFzJt6ZWZ8p_BdNKDRuL8auOVNimDpCnBlnvavGmj8i8Q==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		142 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c50ffbb0d5049173748e6468980ae6811d8c7effecb8c7428984ea00734545fa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 08:11:43 GMT
server
cloudflare
x-amz-request-id
85VX6K1WK8KDXANP
age
835
etag
W/"f782ea030d6823bac929128fb89f783a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
81b1a24a2cf6bbc8-FRA
x-amz-id-2
XoyjN5eBRzfOYVg1sA8PuP1xV7Bk9Ddn9XrM7czqjwc2gKMasduypuLFDauD22XD4HObGvPwd34=
otFlat.json
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 10:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ku3O1VFWoltPW4n5m1lGVQ==
age
71464
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:22 GMT
server
cloudflare
etag
0x8DBD053964DC527
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
01d1c1df-801e-007c-1695-02177c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81b1a24a2f564d58-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 10:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Xznrm5/jaKmHSjGeIIkHOA==
age
71290
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12708
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:24 GMT
server
cloudflare
etag
0x8DBD05397A0A023
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
7ba047ac-601e-0039-4695-02c29f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81b1a24a3f594d58-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 10:46:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
69506
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
26202f15-501e-008b-2395-023dee000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
81b1a24a3f5d4d58-FRA
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1921934849&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAQCACgFK~&jid=1050425401&gjid=2134947582&cid=1618411612.1698144365&tid=UA-16643585-16&_gid=816436110.1698144365&_r=1&_slc=1&gtm=45He3an0n81TLXFLCR&cd1=undefined&cd2=undefined&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=GA%20pageview%20-%20template%20-%20All%20Pages&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd65=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=undefined&cd102=undefined&cd103=undefined&cd61=1618411612.1698144365&z=2033811594
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
p1.parsely.com/plogger/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1698144365191&plid=28725553&idsite=mlive.com&url=https%3A%2F%2Fwww.mlive.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.mlive.com%2F&sref=&sts=1698144365186&slts=0&title=Michigan+Local+News%2C+Breaking+News%2C+Sports+%26amp%3B+Weather&date=Tue+Oct+24+2023+12%3A46%3A05+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&js=1&pvid=96996140&u=pid%3D336843c63610af2fcd7a72c371fc146e
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 10:46:05 GMT
Cache-Control
no-cache
Last-Modified
Tuesday, 24-Oct-2023 10:46:05 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1698144365197&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1698144365197&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1698144365197%26url%3Dhttps%253A%252F%252Fwww.mlive.com%252F%26t...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1698144365197&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1698144365197&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJtsG9Nvl5qNAAAAYthSqzaiLKk2M7MWOEofm...
0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1698144365197&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJtsG9Nvl5qNAAAAYthSqzaiLKk2M7MWOEofmmSblS4cjFmFIVJ4mn8_rALd0J4Ig6gF4mfL1Pv
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:05 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 6418EFCCF31B4793A7838F51B5BD3AF2 Ref B: FRAEDGE2014 Ref C: 2023-10-24T10:46:05Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript
x-li-fabric
prod-ltx1
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYIdAu2Ch2JXRGGLr8waA==

Redirect headers

date
Tue, 24 Oct 2023 10:46:05 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: AF28544D6C024C84A93813A42D24360A Ref B: FRAEDGE1809 Ref C: 2023-10-24T10:46:05Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1698144365197&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJtsG9Nvl5qNAAAAYthSqzaiLKk2M7MWOEofmmSblS4cjFmFIVJ4mn8_rALd0J4Ig6gF4mfL1Pv
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYIdAuzG0Dxx5hCb6DNFg==
578
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		169 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/578?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-10-24T12%3A46%3A05%2B02%3A00&ts=1698144365199
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
c8e5b46d3a5bc1349ccbf785e56779ad8215435e7854e96c34ae330ca9e0b81f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 24 Oct 2023 10:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
35962
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
_kVTNIW70mntmzHay7HSLl5Ab_e7SmdOX688GE0OZKXXru24JLmuyg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
230823541501762
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/230823541501762?v=2.9.135&r=stable&domain=www.mlive.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bb162b437e41d76ecb9dc749fd4a635ae3857b129262136902a168de203f41b7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 24 Oct 2023 10:46:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35383
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
kLyku0UePinxaHjpv7nOI7W1573ZZBVpQ92u4gTWSzBCGtYSntXGeZxwd6zN5CAfg0rNJMiloIvyAzt2pWQXfw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-16643585-16&cid=1618411612.1698144365&jid=1050425401&gjid=2134947582&_gid=816436110.1698144365&_u=YADAAEAAAAQCACgFK~&z=431869617
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 24 Oct 2023 10:46:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.mlive.com%2F&pid=3hE4mBCRSFBdx&cb=0&ws=1600x1200&v=23.1010.1530&t=1500&slots=%5B%7B%22sd%22%3A%22ad-small-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22desktop-InFeed_Right%22%7D%2C%7B%22sd%22%3A%22ad-small-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22desktop-InFeed_Left%22%7D%2C%7B%22sd%22%3A%22ad-large-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22desktop-InFeed_Right%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:05 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
16MSB66BEQP9PXTDTZEA
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
oreQbW2Y-UrCvvjT9x3n1BFqmUOkqpONMjHmchU0QY7YIfuY1KD-Qg==
ob.js
cdn-ima.33across.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 18 Sep 2023 17:20:48 GMT
server
cloudflare
age
60684
etag
W/"650886f0-39ac"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
81b1a24bd94539d0-FRA
expires
Fri, 27 Oct 2023 10:46:05 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 02:45:51 GMT
content-encoding
gzip
via
1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
28814
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
c8MzuMYazAtQDgZoXp-LVVttgGvlC1iqyb4nFB3Q5dhJPmZy1Axqyw==
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-a892"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 25 Oct 2023 10:46:05 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:2000:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Tue, 24 Oct 2023 06:40:14 GMT
Via
1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
14752
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
N4rVrX41YJr1xZH8PXvrSYLzssuXXxcDKRiNeHGU7Bm0610LBdqj0g==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 04:08:06 GMT
content-encoding
gzip
age
2356679
x-guploader-uploadid
ADPycdvbRy62debeuap5d2X_nL0IA_diTxUlLVjzCe57950pX-t7YrXJ8wYXRaQQII6P20H4VGYSQ4HjVG7QKouB4behPw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 26 Sep 2024 04:08:06 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		688 B
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2398668466386247&correlator=3820892667833448&eid=31078931&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x91%7C970x91&ifi=1&sfv=1-0-40&fsbs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698144365357&lmt=1698137155&adxs=0&adys=13601&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.mlive.com%2F&vis=1&psz=728x4&msz=728x0&fws=4&ohw=728&ga_vid=1618411612.1698144365&ga_sid=1698144365&ga_hid=1921934849&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJGYyOThiZTkyLWVmNWQtNGEzNi05N2Q4LWRkYjBmM2I3NGJjYVgBEhsKDDMzYWNyb3NzLmNvbRio1qqKtjFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBip1qqKtjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YqdaqirYxSABSAghkEhkKCnVpZGFwaS5jb20YqdaqirYxSABSAghkEhQKBW9wZW54GKnWqoq2MUgAUgIIZA..&dlt=1698144363065&idt=2220&prev_scp=rg_adslot%3DInFeed_Center_Wide_Adhesion%26rg_atf%3Dtrue%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Center_Wide_Adhesion%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3Ddesktop-InFeed_Center_Wide_Adhesion%26rg_a9%3DAdvance_MI_ATF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta&cust_params=ccaud%3D%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop&adks=2024654923&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2b149f0b2858055b10eae7a4c175df95da1d7e5d8aa4a4bed6b08330d4de66b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 24E6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 10:46:05 GMT
expires
Wed, 23 Oct 2024 10:46:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1698144365383&se=e30&duid=94c49eadf2ac--01hdgmna95jtpzaanmc19emtt7&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid
  • https://rp4.liadm.com/j?se=e30&duid=94c49eadf2ac--01hdgmna95jtpzaanmc19emtt7&dtstmp=1698144365383&n3pc=true&wpn=prebid&pu=https%3A%2F%2Fwww.mlive.com%2F&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6OjQ%3D
42 B
346 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?se=e30&duid=94c49eadf2ac--01hdgmna95jtpzaanmc19emtt7&dtstmp=1698144365383&n3pc=true&wpn=prebid&pu=https%3A%2F%2Fwww.mlive.com%2F&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6OjQ%3D
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
54.204.183.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-183-119.compute-1.amazonaws.com
Software
/
Resource Hash
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:06 GMT
x-pixel-event-id
5c0a6f14-62bd-47ca-a58c-cf3d5cd7637e
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
null
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
42

Redirect headers

location
https://rp4.liadm.com/j?se=e30&duid=94c49eadf2ac--01hdgmna95jtpzaanmc19emtt7&dtstmp=1698144365383&n3pc=true&wpn=prebid&pu=https%3A%2F%2Fwww.mlive.com%2F&i6=MmEwMDpjOTg6MjA1MDphMDA3OjI6OjQ%3D
access-control-allow-origin
https://www.mlive.com
date
Tue, 24 Oct 2023 10:46:05 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 10:46:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
12248
x-ms-lease-status
unlocked
last-modified
Mon, 23 Oct 2023 06:29:02 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d2da33ca-701e-0078-48ba-059a7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
81b1a24bc9364d58-FRA
FormLogo.jpg
cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/0820a53f-bf37-4e26-90be-016196d39852/63d4f326-4506-4914-9e18-8751853c7769/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/0820a53f-bf37-4e26-90be-016196d39852/63d4f326-4506-4914-9e18-8751853c7769/FormLogo.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 10:46:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/VgjLzERih8MeSo4vme4Lw==
age
52466
content-length
90639
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Mon, 15 May 2023 15:10:31 GMT
server
cloudflare
etag
0x8DB555686483EB7
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
8d410a7e-a01e-0139-4f40-87de17000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
81b1a24bd84b1941-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 24 Oct 2023 10:46:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
51816
x-ms-lease-status
unlocked
last-modified
Mon, 23 Oct 2023 16:07:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b497124a-301e-009d-27db-05cb39000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
81b1a24be84c1941-FRA
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=488240
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c9aa617b3e2571426a52c5b918fb4dbdb6ddf49c87a966a9e3f82a7e03eeec7

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHzbpjNxCYL%2F2wrbZ3DOBwJtvrIdt3H6g5LeQWol2SVWr72L4Hn8EDuYPkh2zqVdwFuD1LHkB%2FN259OMPkd6iNH5tfaLHdYF1%2B7rAOn44Pk93%2BjL98Gtmy1L8QL71PQi3UnIE1vX"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81b1a24c781530e7-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ 		0
112 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Tue, 24 Oct 2023 10:46:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		353 B
750 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
68d79f4d7674297fa3aa66abda97390ad3da8e1c8c97f835316302b045b6bfcf

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:05 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 24 Oct 2023 10:46:05 GMT
prebid
exchange.postrelease.com/ 		0
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_eid=W3sic291cmNlIjoicHViY2lkLm9yZyIsInVpZHMiOlt7ImlkIjoiZjI5OGJlOTItZWY1ZC00YTM2LTk3ZDgtZGRiMGYzYjc0YmNhIiwiYXR5cGUiOjF9XX1d&us_privacy=1---&ntv_ptd=1134022,1134019&ntv_pas=eyIxMTM0MDE5IjpbWzMwMCwyNTBdXSwiMTEzNDAyMiI6W1szMDAsMjUwXV0sImxlbmd0aCI6Mn0=&ntv_pbv=v8.17.0&ntv_pb_rid=131438cc3ab08b8&ntv_ppc=W3siYWRVbml0Q29kZSI6ImFkLXNtYWxsLTIiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX0seyJhZFVuaXRDb2RlIjoiYWQtc21hbGwtMSIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fSx7ImFkVW5pdENvZGUiOiJhZC1sYXJnZS0xIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19XQ==&ntv_dbr=eyJhZC1zbWFsbC0yIjowLCJhZC1zbWFsbC0xIjowLCJhZC1sYXJnZS0xIjowfQ==&ntv_url=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.227.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-227-76.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:05 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
advancelocal
direct.adsrvr.org/bid/bidder/ 		0
397 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/advancelocal
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.223.6.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8c33d2b6751b365d.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 24 Oct 2023 10:46:04 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
auction
display.bidder.taboola.com/OpenRTB/TaboolaHB/ 		10 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://display.bidder.taboola.com/OpenRTB/TaboolaHB/auction?publisher=1494809
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
268a7aa9d7e11e42b950e5c96764671e23c8effec20959bbe8cf4ca1a8a331da

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

x-served-by
cache-fra-eddf8230117-FRA
date
Tue, 24 Oct 2023 10:46:05 GMT
via
1.1 varnish
server
nginx
x-timer
S1698144366.521411,VS0,VE402
x-cache
MISS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mlive.com
x-envoy-upstream-service-time
391
accept-ranges
bytes
content-length
10444
x-cache-hits
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		634 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311380&zone_id=1580874%3B1580870%3B1580874&size_id=15&us_privacy=1---&eid_pubcid.org=f298be92-ef5d-4a36-97d8-ddb0f3b74bca%5E1&rf=https%3A%2F%2Fwww.mlive.com%2F&tg_i.domain=mlive.com&tg_i.page=https%3A%2F%2Fwww.mlive.com%2F&tg_i.aupname=344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right%2Crg_platform%3Ddesktop%3B344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Left%2Crg_platform%3Ddesktop%3B344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right%2Crg_platform%3Ddesktop&tg_i.pbadslot=desktop-InFeed_Right%3Bdesktop-InFeed_Left%3Bdesktop-InFeed_Right&tk_flint=dmpbjs_v8.17.0&x_source.tid=f9714716-6244-4f8b-aa27-1ec68c099f34&l_pb_bid_id=26568d271ebfa86%3B27f8cecc5945bb2%3B2894fefa757a8c5&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=01c73f8d-1cd4-4a8a-a260-551a18a4dd14%3Bab3a9f4a-f0a1-46a2-9307-0c8edf264bd6%3Bea69704b-f3fc-41d1-bc35-dd3c272b567c&rp_maxbids=1&p_gpid=desktop-InFeed_Right%3Bdesktop-InFeed_Left%3Bdesktop-InFeed_Right&slots=3&rand=0.24934009643903243
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
df8576ab056877de430c23b755e5a7e51362dd8a143f49df4b39795c25da78b5

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:05 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.195.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-195-217.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
60332d6bc2bf41f5babe6d3883fba2bb9bb200721e6b70e05ecb66fe3fc5f5e8

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:05 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.20.131
access-control-allow-credentials
true
content-length
60
expires
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1698144365520&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&fbp=fb.1.1698144365516.591892973&cs_est=true&ler=empty&it=1698144364673&coo=false&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 24 Oct 2023 10:46:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1698144365522&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&fbp=fb.1.1698144365516.591892973&ler=empty&it=1698144364673&coo=false&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 24 Oct 2023 10:46:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1698144365524&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&cd[content_name]=undefined&sw=1600&sh=1200&v=2.9.135&r=stable&ec=1&o=30&fbp=fb.1.1698144365516.591892973&ler=empty&it=1698144364673&coo=false&tm=1&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 24 Oct 2023 10:46:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1698144365525&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&cd[content_name]=undefined&sw=1600&sh=1200&v=2.9.135&r=stable&ec=1&o=30&fbp=fb.1.1698144365516.591892973&ler=empty&it=1698144364673&coo=false&tm=1&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 24 Oct 2023 10:46:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
trk.gif
jadserve.postrelease.com/ 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=689486&ntv_pl=773533
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.156.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-156-217.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:05 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=4b8ccf89-1049-4f64-9bef-b4ff5f8607a1&ntv_fl=MMTdWyeJBcdLcDTtFfyiRBPe8Vq-ba7jHN1vT59Rb8CDsmz0DgKVSKUn13PM5yVKqzQnKbzU0JYdvquE4HGUU1aAAloZjb9syL07ga1zAzWM5in98C0sVHdRAdCUs8b-vVUf_nQP1osOL1Fl9AW5EMnjesSdV--ayIlhQ9HtQY1f8btqFw18pc3HRZgWZcga&ntv_ht=baA3ZQA&ntv_at=303,302&ntv_a=AAAAAAAAAAnc0LA&ord=1698144365579&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.156.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-156-217.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:05 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=df51a0a3-2b02-4bb4-b51b-5ea06a1cd887&ntv_fl=wklKktgzCnjHRw7QsGHOxzNhXSYYdxQ6qfiLggX0SK7HV5UnHb3FttoQ1TUkpjfneBkzdziTFDkN2598rbeWm_LTSjkT8X6WE3ThBxbBbud7yfmHVDkUuptBoCJABNRaoGzM9dTsyAt3yXMdMAKisvo7rsuwgE-61rqgbKnRIxjIpqpmilL6utF_bjxu1P5r&ntv_ht=baA3ZQA&ntv_at=303&ntv_a=AAAAAAAAAAUr0QA&ord=1698144365582&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.156.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-156-217.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:05 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=6005a9ef-8674-4273-ab21-1960c99b61da&ntv_fl=No53AUp_qTJmWJYNLYz3zDH7Dla8D2Bigrcdt2SscM3CpoPlbX4AtwcbgDnVvarghEffYH_qzXjGDbRShLiDak5brchriypv7eRmnaIMZqUSqtkn56wncNAbCYXXleSOYTYeIETYbMjsACChwMHnTYbZEiIKsgyLQwCMv9ZTy172NLoBpqa2OOFO5SAb8Bn2&ntv_ht=baA3ZQA&ntv_at=303&ntv_a=AAAAAAAAAAU70QA&ord=1698144365583&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.156.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-156-217.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:05 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=069712db-97f6-4afa-9bd2-62d338f8ea30&ntv_fl=miNEdYZhkQ016qn5OkGErteWbVfee99L6iQoR7ftguQ5IuBoVvenFFAWxf-JwP8ptgBM7KcVAWiqUyLuRHunh-gPJoa30CDsgQaTb7mfKNxJ980UoNE2uv0-I0N48T11lmPQ34U0W2GIN0QYiuH4FB9cKSpZnYmNSTuJgPbEd3axUrz7lpU_sUpocOFDuAmE&ntv_ht=baA3ZQA&ntv_at=303&ntv_a=AAAAAAAAAAVL0QA&ord=1698144365583&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.156.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-156-217.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:05 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
privacyConsent
jadserve.postrelease.com/ 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/privacyConsent?ntv_pl=1097042&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.156.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-156-217.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:05 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
syncframe
gum.criteo.com/ Frame 7845 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mlive.com&us_privacy=1---
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 10:46:05 GMT
server
Kestrel
server-processing-duration-in-ticks
290486
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
85 B
204 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
2e6fae990ae5cbc43b4c4d9bd9c5de290d4a8fbf36cce1505c442062675d1985

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:05 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-DpSXPvFL5+OMOrhQK+UoKPjUpsQ"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 24 Oct 2023 10:46:05 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.mlive.com
location
/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
e28a09dfbea912bc64736f3d6b14636cea5d146aea984528e3ac
satisfycork.com/confirm/ 		288 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/confirm/e28a09dfbea912bc64736f3d6b14636cea5d146aea984528e3ac
Requested by
Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
46e6dd073230308cfae9b03e4fb191de8938029dd2d6f40cad8ae908e09e1ee7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Tue, 24 Oct 2023 10:46:05 GMT
via
1.1 google
x-buildnumber
1033761249
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
x-hostname
fen-hoothoot-europe-west1-zlrc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Tue, 24 Oct 2023 10:46:04 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.195.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-195-217.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
5b810dbbeedea4c5880519da41c3237a8bd008da8640e24699b020101411b98c

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:05 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.9.96
access-control-allow-credentials
true
content-length
60
expires
0
b33e8052a0f7e2edf75d57a3f12b9cb4
h312.mlive.com/plugin/plugin/ 		89 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/plugin/plugin/b33e8052a0f7e2edf75d57a3f12b9cb4
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
49b1485a151b82944796c5a354059e9678e19256d30d5ecea984550fc05a5845
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 07:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
age
1741217
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
21620
x-xss-protection
1; mode=block
last-modified
Tue, 03 Oct 2023 07:05:48 GMT
server
-
etag
b33e8052a0f7e2edf75d57a3f12b9cb4
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
X3uDWQMOSz0vPsLqeU3AcfBbliF3XQGe2FYe3dRdLVcmiX8gDqGovg==
expires
Thu, 03 Oct 2024 07:05:48 GMT
LB-Zone-3
h312.mlive.com/DG/DEFAULT/rest/rpc/578/ 		354 B
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/578/LB-Zone-3?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=f7fa1be7-402c-4871-96a8-88c4d258ed1e&overruleReferrer=&time=2023-10-24T12%3A46%3A05%2B02%3A00&ts=1698144365664
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
1d0175c02ca6a826f8fefe8161e9723fe268f41e6eff29ba738b7c95c5993289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 24 Oct 2023 10:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
232
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
HyOaFiFOFz4jXKWQC2ynmwnSg775DxORL0XraeHh6nTk_unm_pl64Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
envelope
lexicon.33across.com/v1/ 		49 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000001PAW0LAAX&src=esp&ver=1.1.0&us_privacy=1---
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 24 Oct 2023 10:46:05 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2398668466386247&correlator=3820892667833448&eid=31078931&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50&fluid=height&ifi=2&sfv=1-0-40&fsbs=1&eri=1&sc=1&cookie=ID%3D3e7347e3a79fb19c%3AT%3D1698144365%3ART%3D1698144365%3AS%3DALNI_MaFnZgL5sj14GK7nrxAn0E_faY4dQ&gpic=UID%3D00000ca19d086579%3AT%3D1698144365%3ART%3D1698144365%3AS%3DALNI_MaeUuIkOCPGhqQm4pPPBicv3U1LBg&abxe=1&dt=1698144365688&lmt=1698137155&adxs=517&adys=1306&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.mlive.com%2F&vis=1&psz=566x24&msz=566x24&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1618411612.1698144365&ga_sid=1698144365&ga_hid=1921934849&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJGYyOThiZTkyLWVmNWQtNGEzNi05N2Q4LWRkYjBmM2I3NGJjYVgBEhsKDDMzYWNyb3NzLmNvbRio1qqKtjFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBip1qqKtjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YqdaqirYxSABSAghkEhkKCnVpZGFwaS5jb20YqdaqirYxSABSAghkEhQKBW9wZW54GKnWqoq2MUgAUgIIZA..&dlt=1698144363065&idt=2220&prev_scp=rg_adslot%3DInFeed_Native_C%26rg_atf%3Dfalse%26rg_iab%3Dfalse%26rg_grid%3D1%26rg_counter%3D1%26rg_gpid%3Ddesktop-InFeed_Native_C%26rg_pagetype%3Dhomepage%26rg_product%3Diabfalse&cust_params=ccaud%3D%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop&adks=767953642&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3bcd3711271d04002a10d20f649e90fba21f214cdb1ae9d1a334b94f89c9f5e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15394
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 7845
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=mlive.com&sn=ChromeSyncframe&so=0&topUrl=www.mlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=1bljf3wzakhwTTFmdHZvQmpOcEdBbG1oUm5lYlRjU1dBYStzOGcrMlFyaE90TVhBcWtjMk5nQitEV3d4TnIvRUFrdlUza0VweExpS0d1OFUvRERDZzBCclRXU3Q0TjBSVFErSGZGL2lVL0lVdFRsb3I5UWxNbFlqNmJsNi...
436 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=1bljf3wzakhwTTFmdHZvQmpOcEdBbG1oUm5lYlRjU1dBYStzOGcrMlFyaE90TVhBcWtjMk5nQitEV3d4TnIvRUFrdlUza0VweExpS0d1OFUvRERDZzBCclRXU3Q0TjBSVFErSGZGL2lVL0lVdFRsb3I5UWxNbFlqNmJsNi9naVVSRmNOcmFBTHVEWjJ1K0V4eTlTbVBreHNUZUNKUjNhZDFONXRyZVVTdFJGbVo2aHUxZUFRd0hFUURWNGx6K1lrYlpqU09WSTc2UHB5bzJPSGZPaForVEl6T1pmQ3VtY0U2TzdicGl0R1l1QVY2NG5qbUxaS0pubS93TVY2VXdXZVR0SWJ1b01SeVVFTnE4Q3cxOVlVR3pOYkF2QT09fA&cppv=2
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ad3d55b21fbaf47b2cb671bbae5cb7b142446aaa3d6cb9b05bf9b3017bf0d28b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
7842220
expires
0

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=1bljf3wzakhwTTFmdHZvQmpOcEdBbG1oUm5lYlRjU1dBYStzOGcrMlFyaE90TVhBcWtjMk5nQitEV3d4TnIvRUFrdlUza0VweExpS0d1OFUvRERDZzBCclRXU3Q0TjBSVFErSGZGL2lVL0lVdFRsb3I5UWxNbFlqNmJsNi9naVVSRmNOcmFBTHVEWjJ1K0V4eTlTbVBreHNUZUNKUjNhZDFONXRyZVVTdFJGbVo2aHUxZUFRd0hFUURWNGx6K1lrYlpqU09WSTc2UHB5bzJPSGZPaForVEl6T1pmQ3VtY0U2TzdicGl0R1l1QVY2NG5qbUxaS0pubS93TVY2VXdXZVR0SWJ1b01SeVVFTnE4Q3cxOVlVR3pOYkF2QT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
273913
content-length
0
expires
0
024bb88ac1797b6a370684d716646680
h312.mlive.com/plugin/library/ 		296 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/plugin/library/024bb88ac1797b6a370684d716646680
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
bc2406b2176025b949ef983c74399c618b679f5f951a2c9083be7bc7c5244c04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 07:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
age
1741216
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
95058
x-xss-protection
1; mode=block
last-modified
Tue, 03 Oct 2023 07:05:48 GMT
server
-
etag
024bb88ac1797b6a370684d716646680
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
EHEoFWeWCIYclKh7I5GOP4gevC_omPGYz20kriOOGzs6_ygCf0t5vw==
expires
Thu, 03 Oct 2024 07:05:48 GMT
LB-Zone-3
h312.mlive.com/DG/DEFAULT/rest/rpc/578/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/578/LB-Zone-3?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=f7fa1be7-402c-4871-96a8-88c4d258ed1e&overruleReferrer=&time=2023-10-24T12%3A46%3A05%2B02%3A00&ts=1698144365762
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
c53a295dad24e8de144c2eb5875d35601237d511150fcb2f220717ca9e14c186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 24 Oct 2023 10:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1295
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
eXgTkeBz9iPy_mPXsvID-Ku8L3e0SRer2XlOqcmPtuaWk48xzjF8gQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
078e21afd5065807a4f8c4300d2a600e076c3aa
satisfycork.com/e0977755b6ee9/ 		3 B
27 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/e0977755b6ee9/078e21afd5065807a4f8c4300d2a600e076c3aa
Requested by
Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Tue, 24 Oct 2023 10:46:05 GMT
via
1.1 google
x-buildnumber
1033761249
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
x-hostname
fen-hoothoot-europe-west1-zlrc
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
ads
securepubads.g.doubleclick.net/gampad/ 		73 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2398668466386247&correlator=3820892667833448&eid=31078931&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3&prev_iu_szs=300x250%2C300x250%2C300x250&ifi=3&sfv=1-0-40&fsbs=1%2C1%2C1&eri=1&sc=1&cookie=ID%3D3e7347e3a79fb19c%3AT%3D1698144365%3ART%3D1698144365%3AS%3DALNI_MaFnZgL5sj14GK7nrxAn0E_faY4dQ&gpic=UID%3D00000ca19d086579%3AT%3D1698144365%3ART%3D1698144365%3AS%3DALNI_MaeUuIkOCPGhqQm4pPPBicv3U1LBg&abxe=1&dt=1698144365951&lmt=1698137155&adxs=1135%2C165%2C1135&adys=165%2C957%2C883&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.mlive.com%2F&vis=1&psz=300x24%7C300x274%7C300x24&msz=300x24%7C300x274%7C300x24&fws=0%2C512%2C512&ohw=0%2C0%2C0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1618411612.1698144365&ga_sid=1698144365&ga_hid=1921934849&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJGYyOThiZTkyLWVmNWQtNGEzNi05N2Q4LWRkYjBmM2I3NGJjYVgBEhsKDDMzYWNyb3NzLmNvbRiF2qqKtjFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBip1qqKtjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YqdaqirYxSABSAghkEhkKCnVpZGFwaS5jb20YqdaqirYxSABSAghkEhQKBW9wZW54GKnWqoq2MUgAUgIIZA..&dlt=1698144363065&idt=2220&prev_scp=rg_adslot%3DInFeed_Right%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3Ddesktop-InFeed_Right%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3Ddesktop-InFeed_Right-2%7Crg_adslot%3DInFeed_Left%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Left%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3Ddesktop-InFeed_Left%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Left%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3Ddesktop-InFeed_Left-2%26hb_format_taboola%3Dbanner%26hb_size_taboola%3D300x250%26hb_pb_taboola%3D0.40%26hb_adid_taboola%3D29beaf679cd22df%26hb_bidder_taboola%3Dtaboola%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.40%26hb_adid%3D29beaf679cd22df%26hb_bidder%3Dtaboola%7Crg_adslot%3DInFeed_Right%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D2%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3Ddesktop-InFeed_Right%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3Ddesktop-InFeed_Right-2&cust_params=ccaud%3D%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop&adks=1117919376%2C1117919391%2C3501067380&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1bde6baf726e0854f4ced185413392b59f59e699f60766a3f2c59a00e4009c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23100
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		66 B
854 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?bcsessionid=f7fa1be7-402c-4871-96a8-88c4d258ed1e&&callback=bc_json580
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.211.72.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-72-119.compute-1.amazonaws.com
Software
- /
Resource Hash
e89bff6c6b3074cd07c3aae54e650faa65d21ef5da83d3929e42609fe6c8bd77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 668B 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 24 Oct 2023 10:46:06 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310161805000/ Frame 00AF 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310161805000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4ed98afdf07c26938026bc4321a292270ab5e88543721eb3742bdee15e7e522
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 23 Oct 2023 17:15:20 GMT
age
63046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56087
x-xss-protection
0
server
sffe
etag
"ce965173ccfc061f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Oct 2024 17:15:20 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310161805000/v0/ Frame 00AF 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310161805000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b545845a2273d287b89de2dad629d30137ceb38d1ce78fa423e6980c00b368f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 23 Oct 2023 17:15:20 GMT
age
63046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5214
x-xss-protection
0
server
sffe
etag
"074ac5099ebe1c18"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Oct 2024 17:15:20 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310161805000/v0/ Frame 00AF 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310161805000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ba86813c2f8c836d52722a88a63de130aa006799e180ab3649adf02d1a4a0cc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 23 Oct 2023 17:15:20 GMT
age
63046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29090
x-xss-protection
0
server
sffe
etag
"28725fc6b633962c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Oct 2024 17:15:20 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310161805000/v0/ Frame 00AF 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310161805000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcbc708657f35c221e95dc2b142ea95a0c45653489b7823f29284b18afe92785
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 23 Oct 2023 17:15:20 GMT
age
63046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1904
x-xss-protection
0
server
sffe
etag
"6742f79812773482"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Oct 2024 17:15:20 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310161805000/v0/ Frame 00AF 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310161805000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
296be36e260dedaaf7a6cadd800abc5bdfaf2873f8dfcef7f350862aae28c311
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 23 Oct 2023 17:15:20 GMT
age
63046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12961
x-xss-protection
0
server
sffe
etag
"7f93bdbf69ef7d3d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Oct 2024 17:15:20 GMT
truncated
/ Frame 00AF 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2269d597806253cbcc55661ee4149440503675d928525e17955465c94e196d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
3509427277317186610
s0.2mdn.net/simgad/ Frame 00AF 		263 KB
264 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3509427277317186610
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43c9e3a6f6597f00d484d2c96b7922c1eb151f0c16496f040ef855c8fc5f392a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 20:29:39 GMT
x-content-type-options
nosniff
age
224187
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
269585
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 14:56:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 20 Oct 2024 20:29:39 GMT
l
www.google.com/ads/measurement/ Frame 00AF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaReFKZ1CTZoZ8BgBQrUTcnflkdaQJzq3YHs_zW3lZSEalYncGfVLKfxnc1-pWWUcmfwPSfOGDFwyF2BiA1fCnp9N_b8IA
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 00AF 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 21:19:17 GMT
x-content-type-options
nosniff
server
cafe
age
48409
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 24 Oct 2023 21:19:17 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 00AF 		295 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 21:19:17 GMT
x-content-type-options
nosniff
server
cafe
age
48409
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 24 Oct 2023 21:19:17 GMT
578
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/578?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=f7fa1be7-402c-4871-96a8-88c4d258ed1e&bctempid=&overruleReferrer=&time=2023-10-24T12%3A46%3A06%2B02%3A00&ts=1698144366155
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
92bbb712a1f3adc759f8344e17d3557ab2543e6b5170f0bd296f8e4d5992091b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
3807
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
UDBZES05hiYbZ8qiUY7rFVppls8m0vX_0mpvBOARXl3RhQd8DZX9lw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
predict
h312.mlive.com/rest/v2/custom/frontend/listener_realtime_model/ 		2 B
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/rest/v2/custom/frontend/listener_realtime_model/predict?itemId=93193c90-1299-460a-add2-602384af02fc&profileId=f7fa1be7-402c-4871-96a8-88c4d258ed1e
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/plugin/plugin/b33e8052a0f7e2edf75d57a3f12b9cb4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
22
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache="Set-Cookie"
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
znl6WEVIE7_pLdLQF0W-xFsCpF-y2lMMQUn9KukMzrBWUsHE59tUlQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
578
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		547 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/578?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=f7fa1be7-402c-4871-96a8-88c4d258ed1e&bctempid=&overruleReferrer=&time=2023-10-24T12%3A46%3A06%2B02%3A00&ts=1698144366181
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
fd5ca384bc60b15c9c3a495c3bb71a8cb251aeb915d4005738bf972018522d44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
177
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
rtcLenrvXtwykeUh8tC1pV3FmI1WIlEj1HBEYjKNHOZUN051wMmt6w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
578
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/578?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=f7fa1be7-402c-4871-96a8-88c4d258ed1e&bctempid=&overruleReferrer=&time=2023-10-24T12%3A46%3A06%2B02%3A00&ts=1698144366183
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
fb8649309a46f38bb19e2a3db6295552482cd6eb8cd2af14e3765e047926c398
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
164
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
EJXXa1JbKYBh0Pgc36rQ0H5x3gRTvrMF8mWzh1c1JIOZz3vled3MIg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
578
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/578?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=f7fa1be7-402c-4871-96a8-88c4d258ed1e&bctempid=&overruleReferrer=&time=2023-10-24T12%3A46%3A06%2B02%3A00&ts=1698144366222
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
d8096f85a2d3078e12cac5d2b3efbb21a12158e173b70999d65f411d8eabb275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
164
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
Ai_RNRMClixXQTfbvJ1u8EnZGbwnyKOeZuq24OQkXeC8KvyhWLMqkA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
578
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/578?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=f7fa1be7-402c-4871-96a8-88c4d258ed1e&bctempid=&overruleReferrer=&time=2023-10-24T12%3A46%3A06%2B02%3A00&ts=1698144366225
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
d2041d1c4ead2fa086aea675a6b7c67e6c2aa8389ff36931d96d78817d89369f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
164
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
jdPeJB_G_aj1JhwYZGbBNvHwlRSDV2m0jBDQAGE51gXcSKU_iU-CpQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1921934849&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blueconic&ea=segments&_u=aDDAAEABAAQCACgFKAC~&jid=&gjid=&cid=1618411612.1698144365&tid=UA-16643585-16&_gid=816436110.1698144365&gtm=45He3an0n81TLXFLCR&cd1=undefined&cd2=1---&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=Blueconic%20-%20event%20call&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd64=undefined&cd65=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-c&cd99=undefined&cd102=undefined&cd103=undefined&cd61=1618411612.1698144365&cd76=a0002%2Ca0022%2Ca0054%2Ca0107&cd77=undefined&cd78=undefined&cd79=undefined&cd80=undefined&cd85=undefined&cd89=undefined&cd96=1&cm1=undefined&cm2=undefined&cm3=undefined&cm4=undefined&z=2099130916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 00:26:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37176
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
578
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/578?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=f7fa1be7-402c-4871-96a8-88c4d258ed1e&bctempid=&overruleReferrer=&time=2023-10-24T12%3A46%3A06%2B02%3A00&ts=1698144366259
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
3d62e1858381186e1b10205fd3e920dacca549a3719c6f25d132fae609fed9c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
163
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
OmrG6WIPnLubqPssi_bzsNKXTtyr13oV2pj0npMDWYzubKoMNrBJ4A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
578
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/578?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=f7fa1be7-402c-4871-96a8-88c4d258ed1e&bctempid=&overruleReferrer=&time=2023-10-24T12%3A46%3A06%2B02%3A00&ts=1698144366277
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
056b40c49cad6d3706eeacfa89dc5cda157e2b2f9117c347d1aadd51708d5dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4559
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
L54meDcrzQEmYUDsFiwJH9YnGIAo5E9or2PoACTY5DyXN39yH5NLmg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
baker
ead.mlive.com/ 		19 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ead.mlive.com/baker?dtstmp=1698144366323
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.222.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-222-245.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Expires
Tue, 24 Oct 2023 10:46:06 GMT
Pragma
no-cache
Date
Tue, 24 Oct 2023 10:46:06 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
si
googleads.g.doubleclick.net/pagead/drt/ Frame 00AF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Redirect headers

date
Tue, 24 Oct 2023 10:46:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 00AF 		42 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZe4Dd8e0Jq-uB-C9hzzvYpScgNmz_3klXBDczHO2MfzdkJsPQ_F6rYV8CwgRgklX9i4qgprVoQBj5IOyuLPEZ8nMRYAr7JTAZjIBT3U2ENOBt2_MayBmSp_WK-I1VIp6H49lsqJJY1aAzaAA6KTwnsSyy7w&dbm_d=AKAmf-DB5B4r13_iNaxISDOIEitRidiOxppWFMHlks_a9uY9Qi1D7bVzjnlBiwkRUp_9FoIx-QSZ_juj_FBXH3YRux1y2HpUQ8d89CIlQHFT-yKLoxp0zXNXM0UK-DbQkRZHVBdFzxJPUSf89PI3bHl2uGvnCefSV9i-RirASYqFgLYkcGOD0aKDKl9F5zm6ny4ZRpwHVLiTuutbt8i4J4rIchOBAmVQwTB_al6g6VV2AjRxNLwSIw7PnMnS23HzTzxV8XQS5vajt6n_fqG1nQZRW-8hsLPbS_AtbE3m2hn4DDaZoqNwjwGiAUlPCQpJ1r5ENqzsWdef6b0ZhYwLv1NzZrkFi_Mkj83wpfap2xLrAmtniC3QEcBHjbbQWKhg0Tb7UWr7S0qrfV3gUrkDM4VtOTyubPttOz3MUX37d6Tj1SYIhpkiLb-JhrnAcdlmTjiVStgoKmwU_pClm_gqtCrQTBuKWtMw2zDMDXmJWyzdE8LEbiM5CI1GR9eRtKManJK-aJI1Mdjf6OPJN971nCjNay4oaehp2okSvkyJgNxZAVC9mgoQuVGlvBpQTddPV5wcBZVF9ROp7LFMwoQKkBGTnH12TlQOlGKMpdHGh8ml7tzSwvRv9t-asHIQM7BYhwmyMBCfHZzDVXm637--I-alS1EneXZ7GdhRaBFQg6QieKLmsrdlLxWeL7F3lUyyWm9opAbapVQy-11-Z7xIFVyl61rw76moj1xvLKni2FUvxtdj-7e6DTr29M5tN36REBikrFhpYOhp4HukCqtWEK3bc-HNtTBF9kr8vtVbVJ0Ui4r-_rSLetij5agQKaw_Uqez1pW0R1SGaUOK-_LidyWOC3Oeh_YwFWxQG4G4XIYEQ3FkCN5zM-HG5vtoawNHTEpkRlc993sIBtYx6_7bFLqJFH0x4J9R62rolTBZ-oCQNp_M5mM4WO0ImQ09duSLJH60xE89_Zel6ShDVSKZL8hcXPGwb__s6B8lR7oSWCVrTVmsbKfeIc_JTCxNWYRqPpsdkTfKFhcZCfABnUjzjzcDLDCyU9IL5I-XGUlmBj4xoIrGPlJekAHQ_PcUMZlpBOG82Wtegd7gXPSKOkFUkm7O_EDyEQ7Hzg0bWDaX8UEn0wwFdus6Ya9lnLRbNk3WWTtNTz_lqTd_SVrbTHj2v_AifpQ0bJR1U8z6MpH_6cbPscjxQztkQ887dZpWofJH2Tk6Enm2DEsKxEkqIi8tFjW0f-OhL6Qh8IPb1D1MM8LBcf4ONXbvVvu9T1_Hg_xJZmYcLQ_LpsC7Hz1ldI3TSn5OU-y6ZPM_1QqoY7DKXcaAdcXWzwCr3hpCeRzBT72KPseuy8LuzwYhR0JqsuvTz5Lslx_KYuGYVhWfftuxqcUvXVsEum43b9C26kkOx-0QbOLh5fmALX771XeaS5ssj85_sAq1_lnspDf8L-qEDxanEMQMedgRZFJSamBlkO9DJHkHnjJM8A3HB2NEo4LlRqzHf7wCmhJagflII9OSnsidNzns5dX9sarYd5BveDfo7chJFlQ0DFXBngpPJLcewYPxHZmd_PUVG6WgIdpH-2UPNiLawxS4Cq3vpppxqbNtCLYX9EPepTgnvp5z2KRiuOFU7cMcVYtmX8B_DlRiktZ8k5p8nV6N1DOn-56VcwwRONigZ0hbiSwt-4sUWj4d6UT2DZ2SdXmzfn6rfnCfZCrOSquNKlRq7flsQJjSDHUKzSlMtUKmVJlhZCW_Y11l-xoookAOHuaSPPhTu9iZuHrsMcmSFXGzBbWqH5yb_HcfWkTCi7_YGUqgCoFsKLzWNgFkRfezdrU4CaPZ4Hwgg7oVtakc6mbIuLcEq460SDGGyXCT9riOwTKrQZd1lrZkUPEeoZbcMJpfjblKNqewN8OF2LRvLqZ1IaG2lPJ1-yzx70n31RtFsNpzxshDTaCkTf34JLsJ93psY4u2yD7x6gTUB3TThntbybUQTE5nPel6xF7Bz628bkgPhsIrVsfo2bbCBc89P6sNPgblmEi0vLnLKYhbx8kyd1mWfMndBrxyAt3PV2X7FDSbaPRC03z7cb8dQkx6LHmYd7ogz4mqo7Qggi8JMSdZHlLOhlFfoqsa8c9WVcYpUDlvTLx4Q5i5M0bGm3EEd7OTeuj0t4-P3VrrOM7xhbeN-avjSI7hYyH3IqbEuOZqL3-Y0aU4MriS5PezqdeOHhDxa8zo7VT7mhvNmhg2QqxnqGt53RYYJ0Kbhu23zUNgZMg7uuMxx_l2CsJCMnSvCJC5DyOTsNxrD84z2rwb-k0TUgX9vZAptoHb1kqJbuzHuDWk96ItecHQVIlr85Z6wdhmPz48MSB-QafrmN4GujUA9-UYKE4UHKR5_N9UuxVU8QREXn1kQRNLiBJ1pnLGpAsuViglmeqEM7z0oO9CFSjTAsItX5lD-OjQii8IQ0GvxNcjmzNp80CfZQ-PNPFvCEYjBGb_ABSUsN_-VtridUzV-bbc8oY4Ybu4iGmF7u8qvaDLoinQUxJeuIW6Y_oiJaejtOuopoeUo0tFcK9wvlsBVVk-IFEx7rH1V0sqQ0OBhyFCbuPUZiDqC3DSWp76KdNMG9mWgZRlotuFe80RxDAqMBq-hMKED8zQDQqCJXOoU3_gCqP6nQjNxjZFMG9x4BV9uwKeiW1jtP-O6TBeCrq5cQZRA3Ekp66P61KvVVHcT9feboh5Y_lu5Dtu1tN0VPZvgtQSTG2Ui6yE13koJ9OyTC6Rz6W5i-4Ij5PoT2VAE52rT9u037xUrgz6mQRRkjwBLGl26FcnrmPMWvQocmrbJV6YIT6inorc-SG1TGdPRfjT8xjGZbH5ZJzjNIKj2D28_rzIa1WWE6_pfFHNNe0AeiPdTFeBXmtxK6PLxfMBsR9Wlr2BwcC5v9w-GwLT8gAp7LNAhLuezgo6YxYG1cvVqza_EdJglAf4ZN6VVLaAEuLjuIrfgVUgZAZl0juYIYk-BLNxWJ6hP4IWjf6ewdNHNYeqEVdUWHQRyye8Xf1anJGVA73FM_9R1TKHvzjhzVCM_9kNQ5-dsCfJevqcDPZafE8LGQCeH8ibRDNYJdSVWCinjBPO5YVwkDHbGdgSY2_EbP7Dd4YpcPcOer-E4UuuTYRTGczjy_hjutrd3CPpFDZEXrv2OGoXiu7kak_dXIe_ODbWiZqbP8y9ceB__u6e-cTh3-cIoRSEYxUqMV0OkGlFqo1pTkX-WS3ISj7mCIBJbsPrbKkandS1o-T6qiouAit0f6zF_vAK0E27vo_kgLp-nAjvN1i9SSMwLj0sf_dUFK05mNlE_sK9kwSn6V0FyxMnfCxga6X63MEQKoOv5_6ksmMhUUS4IsLOXeGuK428oNgS-Cyq-3ytml5WqdqZMOazlxJjstlGdWlh95hwRW8J3ubSbRPRdvg6ayGmXbxS3F1cTSdS_amJh-Y70fsbJRCkipFW68g1ck2bBayz0lXKSPgYqibjrSU8KNaB46aey7soC-9YPIPcec67jE27_v9DhQ2vPA-e317TjvVJFnRlKu6cowL47gQ2tuc9Z8zQBjC8hgmBRttuSYcSZzCOZkbA3PB6Of7E60P8yQH636fbbB3OCBNhdUOgayK17rEpKT5QFpQwzdmIqOOcuupB8Lsj8gBjoXhTj7PG-0Di9u70G_EXjhzYW6S5hPomk4xaxaxR05QV_UXyNVIx5pBNgUb0jg_2GdLa56rciL4PoUCaTq_FDVlm0m05f6coVH_MMcnTCgNDFrddDwgXxJoW4DhLfO_txUssozW46hl1uBJbths-APjBeH7gQAMG2cXY47Cqbi-aj9uJ17UA0npY3Fog9fcJcZunRw0vQmImgVtVoARLsB-qm057mCCB-RWSaGF8Q3hsm37oReTrhfNoXtro9YQViAdcH9dvVHpgE56ie1EF-_L0WkQ41JPYDCf1YWJGJyDCJK-tomO0LcQA29n7r9H_OAXOQFqpbysQRfmN3XZYkr_oBxBnRzDKQjaoqdLiAR4YbPzQCdbUvZ_Ju2OTofwsdTb5GtOKjcaw1tuk2gwTByzE8gvV5ia0Eo97BtfNDQXMTkqpfWOQMXoYl_DPZJm8pCakld5GZGAMpVulN9tfRXxUmUpAqRu_tDJt3Actl21_iXqh9Zd9dS4OqpMIF0qNUtgqnTRi7i9yTPao38Gz4jz1qiEuQVfKRu6963j5XUAkKswGoqUhLOytFKbv4U4L-mDOdpByrG4LsGvaybI0-m9U0h6peAq4-l8HNCossn6oMq43D_mVNvqGe26PNrZAK2wf9n1uhkuIyvFOjLdnLsa1WaK6ROZZnNjQdw&cid=CAQSOwDICaaNh8arm3Mqay1NCh5bziDFpNcA-xK3N8_teLQBK0o3Zw70RlU7i3bsEmntwIBWMDpGpQ5xKagSGAE&dc_exteid=31325234520215313063537805210995920&dc_pubid=4&cbvp=2
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 00AF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_8TKbaA3Zaz7Le23juwPvoeqqA6vlJjic7Kn_qr9EWQQASC3yNNHYJWCgICwB6ABguDu0inIAQapAtngjh6u6rE-qAMBqgSZAk_QjOOxWfosrOJvkCDseAr-TGkDn61XZkPrXr8HG50i8ht4-IcUSoKGTZFxDjSMfrjrDD9fE2fSq8JLX2k63pWbxH2QnrKQDbFLenK_JGB_3_daKlguzu3_Y2uZOcG23wC8IXSikliBW3prTMkdxSQ8tb3Yu_aaqvceunwbNtSzOmEWmF-ahv3e4c2aR8iBttUtdfFEF4mfe3YkRVBPSfJESPZwTQCePT2KouFH2Bx_DkPBwmrr6tdV_9k35-WULQL_nuXzVTTIYkYy7QCV74U1czMHSbeXMVpcarVQPcemcPmp_s8YNU_6O4BXXZwc1EGX1-H-Ioy1plL74r5S-KNtaOJ-qS_Ks3GSpB--ziI9d6ySsNhKmiq-wAT-w_yZvwTgBAOIBY-8-8tMkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAeCmL-yBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcKEJSiERjW0MX3AdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCdUBaHR0cHM6Ly9mb3JkLmRlL3Nob3AvYW5nZWJvdGUvYnVzaW5lc3Mtd2Vla3M_YmFubmVyZXU9bnR2OnNlcDoyMDIzOmw6dGE6c2Q6cmV0bDprdTo6Zm9yZHByb2dyYW1tYXRpYzpwcjpuYXRpdmVhZDoxMDAxNzI1OF8wMDRfMF8wXzhfa3VnYS0wMDA6Ong6dm06cHA6aW5tcmt0ZHRhLXBsYXRkdGE6MXgxOmlhczpkZTo6YW1wMi10MjpzaHByOmN1c3RvbWludGVudDpudHY6dHJrgAoDyAsB4g0TCIu6yd3AjoIDFe2bgwcdvoMK5bATt5L1FMgT5abY4wPQEwDYEw2IFAHYFAHQFQGAFwGyFx4KHAgAEhRwdWItNjQyMjIzMTY1MTQ5MzI3OBjfkR8&sigh=sYF-7TgBVqE&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNh8arm3Mqay1NCh5bziDFpNcA-xK3N8_teLQBK0o3Zw70RlU7i3bsEmntwIBWMDpGpQ5xKagSGAE&template_id=509&vt=10&cbvp=2
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
container.html
663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 928D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 10:46:05 GMT
expires
Wed, 23 Oct 2024 10:46:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1616 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 10:46:05 GMT
expires
Wed, 23 Oct 2024 10:46:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 62F7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 10:46:05 GMT
expires
Wed, 23 Oct 2024 10:46:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
7c43dbd339fa29c64002ce5d60b9b52ea3df1a9019fa9d514d1b862ffaa0ef83
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
https://www.mlive.com
date
Tue, 24 Oct 2023 10:46:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6D7A 		624 B
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUwpqAC6or-LC05xRQRaTm8pyt6wh1IOR-nHCeLSeia6YexVmb1o3ZlinybzwLDa_O9CdlXims6yo0uADPy6X5dXNXo4rj-G4lEI3aBtCtUP5I9YMapGIHx3bAarJC2M8SZR2_UA-Js6JIU5-BdaRgJknyte0n7FZ7OBg9QhoQgIunUPIA
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 10:46:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 928D 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 10:46:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 928D 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CfQ_QuUmmNqqTiVJ0ngnMqkeJjlTleIEZsYCyuaSZN63wPP972b1r_-MeE-VfJmHP6kvYpOwyRrRbpDlVHxshJtdudM9jj0DZIZAQMOwDejU8V394
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 928D 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5605769349746788545&x=1&ct=76
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/ Frame 928D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/window_focus_fy2021.js
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 07:40:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
11139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 07:40:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/ Frame 928D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 07:40:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
11139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 07:40:27 GMT
l
www.google.com/ads/measurement/ Frame 928D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQLH12TtQIp80qK4kgBb-Zgqxy9DLI-mvtKAENY7YGIhH-4qHI_oCS1U6dXdBkJWFgNVv9L_F3gMG5Nu0kyiIKgfknGAw
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 928D 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 10:46:06 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D876 		640 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUXq1qEiuDu6jGkV-5NMpTQDTXhQflF6XJkewUUMiIliUNbCfIR7qVWV1ZiU9HA2_ka6tBRmHWBBt9Nl_5uYYwwV_rGAxHIeq8J_3QV7NvNi2WD897g3fE5ioL-XKPg6WfI4rMGNEfy0ifFAliVJ-zapuUConYtzqNJffl0D-bVx3ri4G8
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 10:46:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1616 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 10:46:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1616 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CmRSuNILnxJGYi4JC3qtCL7bRIDg7ZrxHGpB32YO03wXJY-KhzeNStY2lmjI6V3tW1-BXkxLl80atmMUWFzEnqwKAMMSrKl7INCEMeJYLigieSMgU
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1616 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3448785722896780839&x=1&ct=76
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/ Frame 1616 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/window_focus_fy2021.js
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 07:40:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
11139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 07:40:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/ Frame 1616 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 07:40:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
11139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 07:40:27 GMT
l
www.google.com/ads/measurement/ Frame 1616 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSVmKEXtJaEI7l9b2E167yQFfgQq4gbhlRy38JL-JahpGfKwnWR1vwhMbb4qmD_um0n4a-9AaMoQU4GXwcP_ocvC6PjXA
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1616 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 10:46:06 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DEB2 		640 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUbQEBVA8lL-AXyNtN5DgDgmixd3gTkVbEQh8nCxu_9H2MqoYpqtnIlA4UR0UfuiZ7V__fEMGtO_OhbwO3Y3_V-596Jxhqgzq_7vWqTlajSP6wO_hbp7EX7ir50eFg3cQxyXli2ir4--nVlRFpZzPR8b_fy9qzLXOPhZ-vHGMvqcESPLMw
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 10:46:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 62F7 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 24 Oct 2023 10:46:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 62F7 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A7KlaqOnc_njDbD51tinQk6gFCuIRUhH1BDZLzR6bI4ycBJJqXuA8ZlCNgsMNPYEpxumwOowgFa6h42YzJzzsgU-Jg8uIhCI0zPq6_RGnz7Cuzfa4
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 62F7 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16989405773401132155&x=1&ct=76
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/ Frame 62F7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/window_focus_fy2021.js
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 07:40:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
11139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 07:40:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/ Frame 62F7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 07:40:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
11139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 07:40:27 GMT
l
www.google.com/ads/measurement/ Frame 62F7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSO2xZV4vhrPQIJwOrRhdZUGyGCFTVPUqFxUswoLSzhXV42xZ8RQPiXD7O_3igeasvDpCrg-xykgKRHPdsqwmO_hwvNfw
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 62F7 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 10:46:06 GMT
578
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/578?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=f7fa1be7-402c-4871-96a8-88c4d258ed1e&bctempid=&overruleReferrer=&time=2023-10-24T12%3A46%3A06%2B02%3A00&ts=1698144366578
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
559b79592091b9928dc188dd8acbb61979b39f617a8521b83b3500d386731f9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4803
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
iZLPKMLLSUlAeW_hiK6ouEZJXpwjqBGdrpompZ7n6z6t58Ja4CoLUg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
v2
id5-sync.com/gm/ 		276 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v2
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
33fd6d83a3006e2210608c9046d1ea08cc8b768bb901235403b64a933f4e83d3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Tue, 24 Oct 2023 10:46:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rum
dsum-sec.casalemedia.com/ Frame 6D7A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyseGg4kcM3Wn1CVGxyijE&google_cver=1
43 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyseGg4kcM3Wn1CVGxyijE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUwpqAC6or-LC05xRQRaTm8pyt6wh1IOR-nHCeLSeia6YexVmb1o3ZlinybzwLDa_O9CdlXims6yo0uADPy6X5dXNXo4rj-G4lEI3aBtCtUP5I9YMapGIHx3bAarJC2M8SZR2_UA-Js6JIU5-BdaRgJknyte0n7FZ7OBg9QhoQgIunUPIA
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnB1brk%2F%2FoO4%2Bhu9P5Spwk8KjbXO%2BrhXERLJRa6Np%2FG3rxkeN7cwVNVCNCJhOKlrRmbdcBQGmfgPKYJ2zNxOEWpqXiecCNK0rvXlX4BbOlufCgBgD4FZ19M6fUSAdRMXkr%2B3E6iLzUajog%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81b1a2540f2703d0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyseGg4kcM3Wn1CVGxyijE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6D7A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTegbh883pkn0q5MHzKmaAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyseGg4kcM3Wn1CVGxyijE&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyseGg4kcM3Wn1CVGxyijE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUwpqAC6or-LC05xRQRaTm8pyt6wh1IOR-nHCeLSeia6YexVmb1o3ZlinybzwLDa_O9CdlXims6yo0uADPy6X5dXNXo4rj-G4lEI3aBtCtUP5I9YMapGIHx3bAarJC2M8SZR2_UA-Js6JIU5-BdaRgJknyte0n7FZ7OBg9QhoQgIunUPIA
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvWnyBUsJp2X2L1R20uVD%2BqdxiIS5fgLm9YAzHjfN%2BPBlXSt0Ygn7bnHbid1zkOb8%2FLDSc58KGrYn9BtirkF%2FKBgIhaIoFddTFRBprEb5AzSgOvcbj05jtN6TjSv1C3zWFxrd8%2FdR2yDmg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81b1a2540f3903d0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyseGg4kcM3Wn1CVGxyijE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6D7A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMaWLqE0RJwihreBZdBFB44&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMaWLqE0RJwihreBZdBFB44&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUwpqAC6or-LC05xRQRaTm8pyt6wh1IOR-nHCeLSeia6YexVmb1o3ZlinybzwLDa_O9CdlXims6yo0uADPy6X5dXNXo4rj-G4lEI3aBtCtUP5I9YMapGIHx3bAarJC2M8SZR2_UA-Js6JIU5-BdaRgJknyte0n7FZ7OBg9QhoQgIunUPIA
Protocol
H2
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
an-x-request-uuid
673b0a31-1e7d-4625-8fdf-e3ae014d2e27
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.132; 178.162.209.132; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMaWLqE0RJwihreBZdBFB44&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6D7A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzNTc0MjU4Mzc5MzMxMTk1Nw%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzNTc0MjU4Mzc5MzMxMTk1Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUwpqAC6or-LC05xRQRaTm8pyt6wh1IOR-nHCeLSeia6YexVmb1o3ZlinybzwLDa_O9CdlXims6yo0uADPy6X5dXNXo4rj-G4lEI3aBtCtUP5I9YMapGIHx3bAarJC2M8SZR2_UA-Js6JIU5-BdaRgJknyte0n7FZ7OBg9QhoQgIunUPIA
Protocol
H2
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
an-x-request-uuid
054be08c-37a2-426c-8c02-2d36aa05b556
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzNTc0MjU4Mzc5MzMxMTk1Nw%3D%3D
x-proxy-origin
178.162.209.132; 178.162.209.132; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DEB2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBFnmzUjb_tSMUOgeq6Algo&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBFnmzUjb_tSMUOgeq6Algo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUbQEBVA8lL-AXyNtN5DgDgmixd3gTkVbEQh8nCxu_9H2MqoYpqtnIlA4UR0UfuiZ7V__fEMGtO_OhbwO3Y3_V-596Jxhqgzq_7vWqTlajSP6wO_hbp7EX7ir50eFg3cQxyXli2ir4--nVlRFpZzPR8b_fy9qzLXOPhZ-vHGMvqcESPLMw
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBFnmzUjb_tSMUOgeq6Algo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame DEB2 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUbQEBVA8lL-AXyNtN5DgDgmixd3gTkVbEQh8nCxu_9H2MqoYpqtnIlA4UR0UfuiZ7V__fEMGtO_OhbwO3Y3_V-596Jxhqgzq_7vWqTlajSP6wO_hbp7EX7ir50eFg3cQxyXli2ir4--nVlRFpZzPR8b_fy9qzLXOPhZ-vHGMvqcESPLMw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame DEB2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEE1u4L4zDej-KEDshr11gMc&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEE1u4L4zDej-KEDshr11gMc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUbQEBVA8lL-AXyNtN5DgDgmixd3gTkVbEQh8nCxu_9H2MqoYpqtnIlA4UR0UfuiZ7V__fEMGtO_OhbwO3Y3_V-596Jxhqgzq_7vWqTlajSP6wO_hbp7EX7ir50eFg3cQxyXli2ir4--nVlRFpZzPR8b_fy9qzLXOPhZ-vHGMvqcESPLMw
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Tue, 24 Oct 2023 10:46:06 GMT
pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEE1u4L4zDej-KEDshr11gMc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame DEB2 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUbQEBVA8lL-AXyNtN5DgDgmixd3gTkVbEQh8nCxu_9H2MqoYpqtnIlA4UR0UfuiZ7V__fEMGtO_OhbwO3Y3_V-596Jxhqgzq_7vWqTlajSP6wO_hbp7EX7ir50eFg3cQxyXli2ir4--nVlRFpZzPR8b_fy9qzLXOPhZ-vHGMvqcESPLMw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Tue, 24 Oct 2023 10:46:06 GMT
pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame D876
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBFnmzUjb_tSMUOgeq6Algo&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBFnmzUjb_tSMUOgeq6Algo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUXq1qEiuDu6jGkV-5NMpTQDTXhQflF6XJkewUUMiIliUNbCfIR7qVWV1ZiU9HA2_ka6tBRmHWBBt9Nl_5uYYwwV_rGAxHIeq8J_3QV7NvNi2WD897g3fE5ioL-XKPg6WfI4rMGNEfy0ifFAliVJ-zapuUConYtzqNJffl0D-bVx3ri4G8
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBFnmzUjb_tSMUOgeq6Algo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame D876 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUXq1qEiuDu6jGkV-5NMpTQDTXhQflF6XJkewUUMiIliUNbCfIR7qVWV1ZiU9HA2_ka6tBRmHWBBt9Nl_5uYYwwV_rGAxHIeq8J_3QV7NvNi2WD897g3fE5ioL-XKPg6WfI4rMGNEfy0ifFAliVJ-zapuUConYtzqNJffl0D-bVx3ri4G8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame D876
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEE1u4L4zDej-KEDshr11gMc&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEE1u4L4zDej-KEDshr11gMc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUXq1qEiuDu6jGkV-5NMpTQDTXhQflF6XJkewUUMiIliUNbCfIR7qVWV1ZiU9HA2_ka6tBRmHWBBt9Nl_5uYYwwV_rGAxHIeq8J_3QV7NvNi2WD897g3fE5ioL-XKPg6WfI4rMGNEfy0ifFAliVJ-zapuUConYtzqNJffl0D-bVx3ri4G8
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Tue, 24 Oct 2023 10:46:06 GMT
pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEE1u4L4zDej-KEDshr11gMc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame D876 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGP6N3_QBMAE&v=APEucNUXq1qEiuDu6jGkV-5NMpTQDTXhQflF6XJkewUUMiIliUNbCfIR7qVWV1ZiU9HA2_ka6tBRmHWBBt9Nl_5uYYwwV_rGAxHIeq8J_3QV7NvNi2WD897g3fE5ioL-XKPg6WfI4rMGNEfy0ifFAliVJ-zapuUConYtzqNJffl0D-bVx3ri4G8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Tue, 24 Oct 2023 10:46:06 GMT
pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
getuserdbdata
app.matheranalytics.com/u/ 		54 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.matheranalytics.com/u/getuserdbdata
Requested by
Host: js.matheranalytics.com
URL: https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1638
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.255.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.255.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 24 Oct 2023 10:46:06 GMT
via
1.1 google
content-type
text/plain
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
9-gc-use1-c5270117
execute
c2.piano.io/xbuilder/experience/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66c51321a7606c0399942fc34e958cffdeb5f2d5e3aacdaadcffad36414e290d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 24 Oct 2023 10:46:06 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
8e3zmbcxay
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
81b1a254190c2bfc-FRA
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1616 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3635101480928&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1616 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3635101480928&version=m202309260101&ct=76&x=1&cor=3448785722896781000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1616 		108 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUuUNG_fi5TQ1ySSlTT01qKMxWLQYwfvZIX2grxXR7sJBca3W0JdYoKif-ewLA1pMdy0riLnv7ZOW3QoVYzJeyVH9Ln6YjOa0j7MTmYZmZVSJchtWdGDMCBnfCQEmMzzAyJ9RT8tv80MF8P7-SbtLqDb_l6HLAPWiqk1Rdw7y9DZoazPU&dbm_d=AKAmf-BxYq_NPkBbUDJs5q6aPLcNJtsE1ocHFYqXHnnKa-3mq0eBmH3XTxQ_RvquPU2jiKoAYUWHnirNvDtVlBeRbI_rBEJPlCYlKZnYK-3LiMJLEWE_XIy5KvUfZ3wfRXUub1p9sSaxNXAoLauUf6mZP_qF-Pqmib2-Wrz8P7z2BrX41ERMtn9x7nJhEJP-6WzGq0-S5Y1_covupfH9UofxxDCg8_9dDwP-f549zOxfDiLFPN9n53burUbo9OtrXwMeJ2J5GQE1OS4FTfTy8DT5Tnmh5u3DmwkE3RbhEGdvQv909jws1iLXPs90adXd3aDdH2RD2EpwVpoZVPHxRCk4IWXOyP-iuQummzItSd6qRLOrqjVlAOoAGngGtWHe5Erzq_aKZOu-pv6QUnCU3fW5hG7UvnWXhsYVZJJylLuaIh7wYiv_N8KKMl2rkzj-ba0x2REs1wRE4naN0IvvXw1T82MBIFxzkKaNrpbzF9OgWa6L-Xd9ryhdMs4vAVhFOKlkapycKZ6YXqgN_pcvhReHFbV6BhjWL2R6OaK2vlvYu1IXhSOfH3pTJPg5xP4PuH4EQiIaJ_xDgIHjUeEZyiDvwsD0y1kBpkC4mTsjMr6X1hUn5ftigL4OceFwVXq1E6XUckbxfKdq4wyMSvMq-EH_MwIAwc3PINbVovQejkbasLzRfGr0hKdc8mPoDMZaB3QWbGgB7O9BBYSK7PKxdpxvoODio2S09oN1U95Nbu0jtniEbMnKZp0FLppcuAPWhsh5-UZDjcFd0hCmq6DCU3G-HC94NueLEBjyiBENNNz3F6GJaPWcI84bO_0hGCU3GmbrXthgElY3sMDp78e3DDA-DGclIchL1TMsYXxuKhw5zKAVhzbDDsRBSjdKrAAjlCPmjtQnQPeelY04VrS1KmuR7OZciqhYPql3Qp4JluxH2014sCtKNWJquNgDbNTmZs90-n3gz5HNSjGJMvMQZxSKWDBI9TZgW4qZ0iViPwDJmqQrdjzI2e8JwJ4glJyoIz0MlQRUf9bR4n1-5OzSbZGYy3dQZnuIBCp3ixx1hxAoNj0Uvuh_6ItJt2mjdl7-Pe6oniNEiQqrAwW55ondR4V7dCac7gaSLSfsbYn7w6lanPMYEggKsl5m5naAViUQ4SvCWxTrKGiI1mTumixQvE8YfMEbx6XkUHRSjhuXcGKuL_IWqoblFCW3lS9uoI9_pEO4eaVEXMuZCCMb0DrDdkDfpuxAeF34QpPJbVsoKFKiQgaert2bD2XscoWc3rELqa2OpZ_S4lCZBl8tJyFSDS6-s1wABqkHjLvCevAkfqJEIRLL5pjQtkJOfg7uIVcjvS7Kz5oXguwtMsR6hoDNtdR_UpWwGuvXRAEaTW6l8D2TqSUD7ghdqC_LbFpv4TqHBDqreCiXqtSQME-n6Kd-sC0ptXxK9AAgRbC671Cl2F8A4DrB_8XKXqj4flC0maIInOZX4jijO8IwE0aKFa4bEN4KOmA3P137VP2nDXOklhUXRaK70cR-Yw5lSeSjgkxyBx1dEEnjGzUcEWCmrL1v1Tdsbtvjy4eKoz80uT9ZWDG5z1h1by1wTOuy_WBlRKbcEzPC0W0SqrEgwMnUQCxM9QeRW_29cMN-omeplceMsvwUCK_mhxEsm3trxUrHHRbJbaWKJmVTlH1XNaFVBq3C6EwybtXFFPAAJkrNICorIurJI8kG5kiQiPnIY4IokW7uJ_3Il77-sSh2Rde84DRAofBN5FoR7akIu09YIVlIeNGGBk1vxVx4YOPXEGwomM3gzGvO9gilGvgpUqF3dmyWSWhqcbOnICiSYns10c1vV-73YM05xY--KAt0bR5veev97wINLPWCUkP_m8Km1OIXnCWHEUtY84ngYLstENZr2hO5iy7S9buSc-JcBHcP-2SjPo86vXOpmLMctQ4qRpDJF8L4z_Bg6i_RTp3HF0kJHf0FmZUNaPx9kF_qh5LXrkp5yj21ldHHPUPp9hxNYv0ne75nJuXngfL4kKYhCgjUKee0NWFtN2z88W87AJbzo8NI3MLOeiXlAMwOQQGtO9IC2YMrbpca-SxHWsc80TLiPSmYQhwWw4zrLkQhbvGaWqSsZ9WeQqDCP5R9_664JTRQHf6K_tU0tv_fTa6BAodriWg1DYqnJg7utwqPvQ0Sc-BvG3M45QbklKnJEiSjzpoN7zr8aHk3W6w42L6dqLKzeH5n52eo8pQ1-jyyiobwfV1_EOY564k_Z1lSkfBwgxJIZLgUIf5qYUsZF2tmSgQU-V-vvUe9fAclzQw5KSckoGq3zxIALfaAGpHsjkUA_87KLeGWpKCL5xTEFNuD5zkAhYt-NXy5Jzs2pD4hFTHv-DcVjgknz6y_LMkUtz6oLnxVDzfO_ry5bfe9zBze8LCYyFuxAPCZ2NVM5AXcrrQ9i4cD0qjW1Jo5wMv6FSuKJA3xhyRjzIsB-IdKFIldm6HmbwJ6kUlVoTJ0dTQF1PjbPJ5wyQTtPCo411pzwJVpnCyOsHLNKh37IGfNriTghNuNQA__tv6nUO5zfsI5B2DBRgKOTqd58bCqz40mqYvINdHEC9v23sPDw_EzGXGbgV0WCRGJ-cqFI2VBokC5LBLUp8jzVLgUAv8ihHJpZk-EzMcHVsG0oO-YtCW0QEv5MUX0pArDdFg2M2V8QzxE4r1AIJatHXQiGKhFyS5h5BEFPmNtP97jadYVVLWN7q2VPbuUyObvtSHbvvs7tceBwzu1_0Dq2l0q1NjkPPUzIm-baXxLEX8R8lkyRbLjgoycqh69aNcGHgRbQcmiB6CoooMUEhc4QY9bSE103GiO7CBbmH9XXqCd9o7JWrlyr1tElkk7Ir9z06qURhxw_7JCeXFjo_Tdnxqk3zeHDQZ891Xo2rvNxvQ145_LUYzR52vGapbGMhr70CRei6kIVADwPTCbtuGE8KtpBbEjY_WMN6Kw0nxOghvkDtnmoMZzwgzYHvwtlHyXWzKwFgHe_yTT7n0-lHaO-SbPKgY_HeYEl2QqPT9PCAa-Pg0ybbvj_EzuhUZgMC8hAze7z3-fAdnvd7VVz5m0A1lK_bno4S6uSX5H3lKABvWvAtFaxmHgP8gbUS4-D2Xn3CDF30Saq-WlG0KaGkywsTH1eLXLbtck6J9fVC4KM1vME8PyrSvuGia-NnYRPFg6dlq5It4yze0WZg5NbB7Y7RsD9B827tB9cII4dU4NAtjl5FR_jhs9ed2yWEkHKHPuq_z7nZxTX7085eAOB8flJAt_U0ZpOg97mF0F2jBbObiPxhS7Jp6RsXY-029uet_CImbMAMVSvIK4WE1BbFdasf1BCNisBuAbHL-HARRStKlxH-E6RQQnah-Wpl3Qxj_ZRmBY-JXBdteLOFsGOBtBUrd5uXXjqmfFs7xYdT6Yznj3m9RS_dNLR1VrQXzanL-lf7zsyzWg9f7CoAiivmGnOCWQdYdbSn-JyLQohgENZAjQNO5FRuV1s5kri5tIx8uHp6E76HvTKTIYE-JrGhjuiV_DWVzFso7pBxAIYyyHlBSzI2ZhteI1gop7P5Yh2wtL_up3Km9ZOWnbuu1IIXvRZdmZngHkd1CiDpD4sZnYUM6l4QrWx-Ndt7e6rrLDdKd4N7QspcMLAk0RLyg6eQZyo-iWkL0HgUyWgI50PFyF7Z1q8ymRyA32Zn0qnHN9-wk9SZ14lWWg3oijg1IByEQMCHoiFzBEjJvTv8EV2k1kLrvRRcpw9SqgGwTASRE8ncyNi5iBGFAtelJVV_BL6xtj7Qch9qB6nwygte5179SeBsslNU-lqa9nN5wNz7RdzxI59VV-jfpGXOk0u3JqD-dYB9ie55sob0yZNs340_PWlOYpcVEeZ5WGLW-qU3Qm6JVsqrTzRKA7jQSQ6-SpIRbhcjZj05vUaNYT&cid=CAQSOwDICaaNPnxDvKE3dRWALmtyHjezluMYpzBMLAq-Jm-SyjoZslW0PG-ENDVZlmrYPJBFL6D332hmCErhGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=3448785722896781000&adk=2086295851&idt=161&cac=0&dtd=37
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98112977a0e20278d0cb4a022150173f4c2afd2dbc926787196d8ed26a32b57d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42108
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 928D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=525472522614&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 928D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=525472522614&version=m202309260101&ct=76&x=1&cor=5605769349746788000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 928D 		108 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwOidZ_g5UN5ukQYA3VEpXdPDA7psjsp9gB2oIsrX3AsisuA36ltgiwAYfboY8UO1HCbIgHkoSp_BvqnsoZp5ZIkOiIbnTJY8963cVBTxeP2im-GpBYU9Q01NvV2CbQLEAeEh8QoyLG-ckHQmeyVQcXbYGk0ZkDOpd6rPZvmobLvz08-Y&dbm_d=AKAmf-CX0FcLnrnCQP7PPYb_av6e91tHP-QodDKbTXo626XGpWkSqGETHgFr9pZXhBoC0wV5_EsJ7Bo4B1DiAQQzFv-laX21pcyNZchWOOVKvo8KblPUQ7wLGY8jPcuYA1AmS43e0VtR2q-zxuBSsFC7BftMLeRiWPKvc2n2--v6-jhDkwVJjAB13O8dLpcROVWlq4-_VTkQ1K_mrkCpcT2ce9ir70PndhaLT3vnicvMIkmPZbgXuT25RfRJneOobmKCxA35AAQEnMP98RyqIYsAsmroA4ixTfavk7lwr_E5Qo3n-VPnwsNLKZFs667nzeVOB8fva50NulN36IRU8A69-wPX61ZlrjJ77l9Ng05nF-7eNMucHSDzhZYLVLEEiW8sZV_-risSLK5FsgfIokoIBt7jY7XoSrLAiMFAPYijiOw_rw0KRh3kCDjSC_RT4qVlkpcXMfETQDEu-9OwTH1Ecdt2uPmpOrkJkPucT3HNPITndpuUutbOXJsSttDeduCm4vzbC9GYP4inufFz48Ptjboa2ng9_0ItC0yyIdAYgPYaumAVpkX4GGAxHkPCrrIeeiQvL6gZB3A15Yn0I-Zt6hV6zm20lh1Tn6KNhb9jxeqSzo52dXBOBXlZJohR-o5Anv7DjAVqpgSL9wUPsYuoJYgfbbLpzy_cvIeYFUx7PdVoFPlPvcKc6N8SypKyZhCohkfD0FyEvi6JRxj1ql-M1bRp7rVTTQ0xypfugkN_pgJEBqJ5MPTTGma3iUzo-cwgHGaN9kSIQ4FvS1-uke1GAqY9sCdk16Q4IPmUUjFy2Fpqpm1E9g54F9y6WuhMSKQsY3TUtrgnYSC1krOy2XB6AG6JANXy9LuOiEjcEWwmBk9dAbD0Q_eshRvzEvQGv5ayCwCQh_HE18FW3-YuhyOqUXu1CvTXIQ5Fl_uXaErk7pQHDV3xXEn7Ai_JMLOZYVxPh-EfHtC7o5-jmgDuXRFi0X_hHpX7N2Uq0gg3Kp9SqOqlZLFtcIwbtOCG9qCE9FkBH-KclpouXBMcTxMiTRf7dxlZgRcSuC6rP6ASuQ9IqfIBRxk9vHc5axQE5IEh-ra7CCYvb_OK3lojD_vgIvF560C6m-enWScRFwcUG5FAPr4A97PVpx318D8J6TuxnfooZK8JOlJ7xTnlo96pC8K3DzbuGd-it80iUBrcoybXV7IIMYRS36teugg0eFScwlws69mRGFPhAyZmKSCJxBs7ZR6aPXhufHlAqQf3KtvFs6wSYpjUxCiUapJlIKdnkiYBmxCqgL1_R5dIrZqckB8ziE2bp8uank8Ml4JL6arM69x0cvpyhl3UPYdRQTFJAJwnVfQ5_DCOY-NePIDi8rVtVuhQONMty4rgcSlmVLtZGaa5SPxk4Bf2pLZFayQVd5R0hMzttbq-ScMnLLGZKj9a1stqiBwE1ycxaL8IdHBdHiVrXyyB26R4lAgKbkriH3SDHNktGifCu7SgoMQp_463MxjzZnfDb1zJNsSzlNskjIQa6Oz13JTG3lEBZoFNuOBIdcqQAzpufKrI1DMHKdduw_YOafOsnhbmpkunUhSCy1UAvWq-ry4Th04wqUArlm8lyCfVX5RhJGRIEZO7Wpwrvpp6tEKP3nhBZBU049WL_Afu14prI3_ae_zC-UBa1t8kEgy3HrK0E7g5xOUMJ01LX46KqXw42EeUA2UQEEo88TdPhbsFOxk4W5QTtmJryHFaemrLqg162HYmBXJU5vcz-bCOlkB-Gf8exYoluDn7Y-LSPuHXzrUk1fMbnxkeUefaktPaVQrKPHSucja7R-QHP-vOkbhywTjyTdQuDPpwTXV0nyAPZJH0EoLQB4dVHk0vbn_L16mfFba_s1M3ZlgBTg8XTTXPySvXLP8GhRU-t_pVxPicYQThlrgnA5B3sxBu8kfUiWzgJoXdYDn8hqs3Cgbt2wpUYwA2pyKRG4-f56LUmGzVxJW26TNn35fsoVOxLFih_BfcXOMa6YeOdoMbNGpn9eim475fqZdz0zY29jcZTImwldnZb25djjdns6om5znWZRvFohdYI6tGMretRUgeWDAxdZ2eRuSbVcy4BiQ4g3Urk_rv1VgJ0eeCkvkNIU3-bz2OsBKaMyPdwQxh39oKnyjUUf9Prxzm_bVR6I6FMGtxOj-N-4bY8xuwD8NX_wC1eoP6SIR7uwsdRo1V5uQheqa6nNyQLgVmZqhSql1z937V6NXccqt-EeSj8ZXBASIHkvlJvQFJ5OakCt9Wek-43wfeBogZVVAPMQZjZoZ4a0nRZvX9i18COgxWhlFYRcusTNR7VdH_0C3rFq40erNJwzRf7skHAhX5G-292I0ZTdyuXL8S43Lmn0FgNk39d-lVuNQ-1S9FxfAu8ivqlgs8da64sMDPnzXLZt8iu-kAmhXouTqAZ_B2IoJqiPwAjrZ8fQPN_YoKOa5-8xA9X4aIOlujY-sIi9r54nPO-XUveMzYmZPKPoEKoR_H1shect6oYlPAY78reXUgGZu9Y4lT4UzdXJ5Qys4ektDi5MDO3z-cvAr8spP_ZKDSGPZyD5GsziCJtv17iwl5Jp2k8piKdyMsTQ2mCMomhlXJDQhHz0cKIYd74m_wkhhWd_SWrP6tCe-RwyB4HTb72wc4Q4XVIGmn3_vo63lxxXjxpwdDD4XZJzHEIcZsIG756UC33ahjF1vNOB8PS-0XN8ZWrOGx0UhITsYL0842s4-_57tP70jNFochLCQR4DrEoWQsCA9NKrWZgDAr3gM78PX1wig7hrHyc2mpmSjNVVa8hPt6Ed0s2MPIj5Hp9bgrvmzFWJBZ7wCNXC6zdGUjLYRwAljv6jH-PJa5F3CcN4m-TdbB1qSj0eHi2ux8G1H7G8BjehnsPJVUdXPnlyYpMVDyaFaTtrPGvHqpan9VqjfwsJOYp6PbDevYzbTEZCm24lU3HKdzIZTdpNsFvYfxE-TEWP5l779ZLfbwnf3Z8Tr_pjRCXor90TxNSrYT9rnZquKTfgoG2xcYKflxM4Su18R91Ds7renONDdR0zLmLxfYJQwzUcwemTWs6uSfPTt3fPlZXdjMRFQrPgtm6NSH7mBfYlgA7x-HbLA_iHL17Cr4teqqjgnHeC9lx2E45S2iEdwOllAyidY4WnHR6DmS_lY2bHQfX6zzaMR_t4XHL1kwGJoCI_KWrC8hPv_3o8reWssTu357r8eW4iY8u6tS-KN0Iftw9-NLhWYvJZDLZZYjgEBAmt0ENZMXvkygOHhh0joogMOLvlscL71x4wlZdV8Sqx4FMmDoE1hOQ0_-13GyQtoBRiCnSYZRN3a1IrcaUW_8qaGOHeOumEXwPBDaARCsmf-C-JXaAeHBEEVZMXhrUb8clAYvXhJ5HlEJmWWZNjdGGaU2EcA8k5_nWVAmygX66Nbw582OtgOTfTGT77NvRjGZuQ-8ochX1wLjEHwTfjWgQGUGEdbBV-t_hjo1BGAmEo7Vq-kr1sFlUDaVzPwuBH33UJLI0PPSG1r8Tq_1CDbKdR7xsGbyUstYB7gEro9IlVCvcOEexEqQ3WPNkXzDsk6E9rDdhRWgYcV8TBdnEN8T0eEAyDOrqFi_LQIhMD_EojVl6gzhx7SKQd_Kszxx_0ajT8WsSsfwEL3xlBLn9sHJuh8b6ikgHmFxiHz7tU35f9cvKu6qu7yIt8wEAlxnVGardiOdGZgkWGZnubqS8fjX4cG1-aNtzL3i_mYR_RvXjba2KK0nN61P-3xw9_Fl_wOtSoAXSGHDPdsHs7rkM92EbLQHZh7ErItOKGFUQuYQR7n19h8-c2s7xOtqu4AusuUpFjnlH1i_q2QGLyg0HU8H5iy1lN814zczw70lcrq_tpF9FXzI5mc8Bn6p0mNO1rlmEgbJ2NA&cid=CAQSOwDICaaNPnxDvKE3dRWALmtyHjezluMYpzBMLAq-Jm-SyjoZslW0PG-ENDVZlmrYPJBFL6D332hmCErhGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=5605769349746788000&adk=2857193498&idt=279&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
afa2e46159acec856c2e716de8d4d20fc69f9e5e6fe37ebdff6fd3a912e4e508
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42120
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 62F7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7788644533979&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 62F7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7788644533979&version=m202309260101&ct=76&x=1&cor=16989405773401133000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 62F7 		108 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwwMns5xm1Cf_TEvMjJtlnQYsQzo-Zpdr5NQyFxOJCRE2rWGOQ55WTQ6YrluBJoGJX4HyKp_OAffJAcKtM8n2s9hN6KfpDiEfIUUpWQqX7yq7sr_WAX-lKAfb0-m8egoGVE7QoTvvKJIwpxUJxK0WQJyS30Sbky_UQFEb4zdeSu0mFEKE&dbm_d=AKAmf-CNQ-Hk4S5thd1xHlpTqCGAjE1X-Gxa5MLDcDyGnYLLac1ShWq4zl-hB8n-MQNP2ytxPdDp2uKsCaeqtENIM1bq6doc_1iq_znfOosrXG9a_jtEXA1-1jw2FQ70nf5MsB2yo1nFKd-TXPYPBn6vfL7FFI2IBli_HxNPJ_ln_zjPePCSWteBssvlCTjt1JipU-CtUOs1HmBKMktlHPXdLONkvMwvC5webEesuWJjpda6zan6Nkxcq9lqsUYmtG1wp7eO2O9TFXwM6GwGeFi7n-EaUv5_skloH_NpPv6J5xDEBZZ03YQoA1sDIecA-JyXJQL0kCpSKUBDI5101VDN1_W2f7G9_Wk_vnw2LDuWybgnGIt5Rb1q2PgbVl_lDICwLMc0BtqdeARhbC9sBVH0NK17shKIrzGB79qmnZ74DqGLMZz0mfEyRW-oKft7KaSVh8ffABop3-7cthqQ9tGj-afRBaHnUIVPEp8UidAp7-eJfByjzYxXDQUYqJggB2Uy4y7_xirLuaFyHULJkWbsy_8iWFjqikkcVUpDgWegaPF8SCa-hNC7cEMqqFwauGErLoW2RVhCW8J2iBAq7e_UvwIaDC0LTWYl-SujIs_RgdmyAilGAMYJ0I6um0n9XqqFYMWrg8mX1fw9wE_jz19Wg2MkZUJJ82acgOvspKbeD3qwEWsLcU7rmyaJMn1iLXMZQ2BNCbtCraeZI4Hww_GT8qwMu5xvS93jZJpgS_DjtYeEL8h18YdUpNlIAlIYfrQr9EEnEFoYXhZqNweVSDf58ojCLxa1yRXNXm90FCKPnchyFZoRVnao06DjukDCwNBPWeBnUizRTgY1lGpPNQtORaYbXrwM6-rnLFsiyGiMX2Y2ms-6wwHxgiPXIQorQc2GT9b67ECrQS4O6tuKfn2eJn9WViZ1QmRlRaql7N-VEB7IlYtt37Ck-UU4JUPMNwl47a-mXcMGdMuDZced7qk_g6WaKJDvlbpk0jAgty5Z2GO9bs5LOAu1LlbTl8WBOVPfeB0uHf0Nvjl9bUAXgSnmkkQe-L93M8FimBBmP1HITJD2TomP3E-Bk_vRnXicovMfwtCvUfjpWufRVmrojkQv8FfpIe3adzDNGfNatRgvAq90ej29RtnfARki_q38K3dBKO9896tBNmohaAkgjfi-v9mXxJqQcrm7nJ1XN4kIvT5ziIAblWxL611Ohb-TSTLobCsJM0aesU9yHQzcSFF74ubEbcGVsLQ_tYmE8X0DNN42Yq60arx2y-1IhkRn6Gl5lmXNlEOTp0ZTFtuxmCa0YuoqfVCcS_OQE3Q30Iukkm6Bh9JqS5MUipW4NrVm37ofpWhe0nIlcGnBCwynBSSExgP2VPgHSMdW0ZRrxs06AFgW8T9beuJ3QIKtfN3ho82YmkDfE3qsj7WQE3aqdLrSAVmjDNyH2R2p8wcIh-pW4ezCnAW1FU6h_USs_LU_K2XRfv4Rl_sapgvBSO48ua1IZ7dx_WvPX_Gjp2HDSjpJkL3Mp7YYZZXDjwCh3RAHckV82yfd_2muWrDHDPg4n9qfuCPa5-yN6_7uRTuWKQLJFfNqp3axiSzeKX0EUUsm5jwheHoH1CHXri2W-0E2Q-mDEtGRdsyI8267Rl1NcoUp_zG8ZqJh3MLTlaYGqWpj8NztQQBDHU6gryWdnAWLUqB3tSOSA9z3O9Ms563ARnvrKe_o2DXGQ2Fwe73WolQiYq6lq4SGfC-S5Lc0wY9RqEGwt_odfDv7TkfHJvm0qqMDHiFPT-zL5MMIqBA9cYfx7qork4nPWuo7ruEU3F9B4HKZUvuRgInqbR1gs8ut5LxX4gEs9uG6NON7MGBRNf4CG9XtmUgAvJHuPDgdk2X21pOKKSIpWExPrv0uu8iYj5nW9O6ISy9PJ6RPlLaYC70qJS3eKZy3gRRNKAxWr198wRi00uRn58xOoJkcXi2psNZeJbs34aQ3Vxwif13auZ8XLjma_O1R6V_dp41bcnc8OzvslpBjhVSSk5ibwLZI_0VaZr2hB1NpVB3uCCFoUy1VvJ2gH7HtknYbbA6xVtVwridt2UR7jwWoxO0i13MW5PcQhjShPmFHY7haWKToIohurHGtmJCOk1p4ZQ9A345oeEY-2EFVbwXzepdyhF9eeUa03MLgNS2Z4SQM99PXvLHFIpAGp88OtL0xxWKkmiB9Paiz4H0O9sy2acB3-yfsN0IlReyhtVXfNPcKbsM104mIusfqO0W_D_8I4a-Xz2LTpZPEWZ56yi27izcUACDTJitbeIJrQX1qRYBcg1PvsXpR9ajvq87VOxQuoLqRFNdIU6BQZjej2sWnF9OGobEqDommcfQ_ZMIWYm4galY1REgand2FNZgq_CbWRW6HNLHcOkJWDg0NYLg6acFajVI_81JZnHeDgDPifdIrE3rZGnbDa7ae_prbDCs-t86jOM9gBf-dqn2-VKB-KTd42Gr-yrbD3-6b4pxvYHuW2t8iZOao-4hAIO9cHCXn1Q7a0dRMkdLF902SaNNnjoIbd8jivO9u52bdK3bcKmtULalRB3UIVSkwGtMN4Nt3LWnt0IMF1PYM3LW6CMMlO-0BC43PgHm2ocn9UQnvrVhcZsspY0YQgA1QHytJof8I8S_Tkc2bAJqgzeEYdMEvqzGXPGLocN_ZmbFo-IALdrpJ_D78UpAK7OEePB2BTHl7w1u-SO0Dis1ZP_eSJwjgCj4h2M8ZQ9V3xfuWPCgPkis38EIX6-qHFb1mT58b9gUAg125G-D2_c10Xh6EiK5LlyeUvkdw9mlapCc-NHLjNlcqHgOjLdiIPZ7s14JmjWxitU8EOGULl0Pi13jDLh3wCNA8G5udI7z14YhTLtwpi_cb5OmJfg7uM57B2P9IH0r-jmksv8tJ9eVM5EA4qoMSsDGCh_IY_i1EGX-849METN4dZAbqvu-noOgPj941eMm55RzlBMlH51AnH82-ovUd_btAaT_WCLBZTwA0J6aiHJ3AnsbE1qBaaq9aksvrEGkQOUNNxvqQmpKWXaxvvqsJmB95K_3RVkcp_uvrqdt5krYOApepQtB3LNC4Fxc_3PNnw-EsYOUpPUm8Y1Uxhu92zBQ_pKt8GcuSzNk0ct5W7CnLoJE3dqw2q2r84JV5yxmORUd-PWsxbqDQphbLdA35paldqCcfU5l2hxTIIf3ed3RlsDbz034D9Eu9zJLiE3NkxAs0vDQoKCoqM08iItTam02lwRpsMHg9buzPHCkpXEkv4D_bg5oklte_RGUp99G0iwwupgti7mb5819QmOJ2kX4t8Jw3S07IXX3T3K_aOhIXCIOSo6pr2yepQLWAMrQPHEmbYbGYZZPUf1rYw-jmSgwdccVsa_C_VDoDTbGhGJG_ExtOlNS5TBQ_X8QJ_nQVZGWlY8ma2jhztaiKa5_meZCj5DsVXRPR6EQ_oEv0tvdoVN0578F9EB9gskWQ9eaue6EfjgXW5VRe4E8Rc1TkkblGX-VD3O2YW5CuofTMmhjDQ01uX1g8SlOCtjxKkga4Mm8otOM4LkClujC5TXNqXttx-6nEC4ybPyn8WdMDT2Q5CKYu3n8zqM_ro3U8Ic4wlr_u7JNqVE9PxelcJNbAmE84XpC9IVCrhBMIbdC2NYdxwU3K2KaJMJF1HlJyQqmjw35eRaSmyVR9vEpygtDY-BcuoBhiLTXfr0jc3nO5beWd9dimUUguBOxWaJewbOaKClRXXxOwPi2LVlbeQhqMBIbPAHm-aZYOafjuKrUF3bIMVP4CTjmcFVwoeiJ4LUssKkw9QCsuZA7t442mkSNX7lYs3vGsP7Oa8ubjOTYHSFWr_8A70ZeTOnOcX_na2pGvJRIkHI-n4r03OF9ip8MT5RcxjfY-WEDFvWMd1sp5TneI3l7V80HtSwNyW4tdpFVT&cid=CAQSOwDICaaNPnxDvKE3dRWALmtyHjezluMYpzBMLAq-Jm-SyjoZslW0PG-ENDVZlmrYPJBFL6D332hmCErhGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=16989405773401133000&adk=3944675600&idt=268&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7037729fd82496a672654d7aaed6e602bfd7f3ea680bf0a14b37362d0a5ca613
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41957
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1627455/73523879/ Frame 1616 		251 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1627455/73523879/skeleton.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=20487174429&bidurl=https://www.mlive.com/&ias_dealId=&xsId=ABAjH0iovI6m7najlj5Ri-eDtuJ9&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iovI6m7najlj5Ri-eDtuJ9
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.244.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-244-184.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
037660d5c13687af661d1ce773300f73df2f711476eb73745e32a6972cd5b63d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 1616 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
Origin
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 16:21:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 24 Oct 2023 16:21:57 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/ Frame 1616 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUuUNG_fi5TQ1ySSlTT01qKMxWLQYwfvZIX2grxXR7sJBca3W0JdYoKif-ewLA1pMdy0riLnv7ZOW3QoVYzJeyVH9Ln6YjOa0j7MTmYZmZVSJchtWdGDMCBnfCQEmMzzAyJ9RT8tv80MF8P7-SbtLqDb_l6HLAPWiqk1Rdw7y9DZoazPU&dbm_d=AKAmf-BxYq_NPkBbUDJs5q6aPLcNJtsE1ocHFYqXHnnKa-3mq0eBmH3XTxQ_RvquPU2jiKoAYUWHnirNvDtVlBeRbI_rBEJPlCYlKZnYK-3LiMJLEWE_XIy5KvUfZ3wfRXUub1p9sSaxNXAoLauUf6mZP_qF-Pqmib2-Wrz8P7z2BrX41ERMtn9x7nJhEJP-6WzGq0-S5Y1_covupfH9UofxxDCg8_9dDwP-f549zOxfDiLFPN9n53burUbo9OtrXwMeJ2J5GQE1OS4FTfTy8DT5Tnmh5u3DmwkE3RbhEGdvQv909jws1iLXPs90adXd3aDdH2RD2EpwVpoZVPHxRCk4IWXOyP-iuQummzItSd6qRLOrqjVlAOoAGngGtWHe5Erzq_aKZOu-pv6QUnCU3fW5hG7UvnWXhsYVZJJylLuaIh7wYiv_N8KKMl2rkzj-ba0x2REs1wRE4naN0IvvXw1T82MBIFxzkKaNrpbzF9OgWa6L-Xd9ryhdMs4vAVhFOKlkapycKZ6YXqgN_pcvhReHFbV6BhjWL2R6OaK2vlvYu1IXhSOfH3pTJPg5xP4PuH4EQiIaJ_xDgIHjUeEZyiDvwsD0y1kBpkC4mTsjMr6X1hUn5ftigL4OceFwVXq1E6XUckbxfKdq4wyMSvMq-EH_MwIAwc3PINbVovQejkbasLzRfGr0hKdc8mPoDMZaB3QWbGgB7O9BBYSK7PKxdpxvoODio2S09oN1U95Nbu0jtniEbMnKZp0FLppcuAPWhsh5-UZDjcFd0hCmq6DCU3G-HC94NueLEBjyiBENNNz3F6GJaPWcI84bO_0hGCU3GmbrXthgElY3sMDp78e3DDA-DGclIchL1TMsYXxuKhw5zKAVhzbDDsRBSjdKrAAjlCPmjtQnQPeelY04VrS1KmuR7OZciqhYPql3Qp4JluxH2014sCtKNWJquNgDbNTmZs90-n3gz5HNSjGJMvMQZxSKWDBI9TZgW4qZ0iViPwDJmqQrdjzI2e8JwJ4glJyoIz0MlQRUf9bR4n1-5OzSbZGYy3dQZnuIBCp3ixx1hxAoNj0Uvuh_6ItJt2mjdl7-Pe6oniNEiQqrAwW55ondR4V7dCac7gaSLSfsbYn7w6lanPMYEggKsl5m5naAViUQ4SvCWxTrKGiI1mTumixQvE8YfMEbx6XkUHRSjhuXcGKuL_IWqoblFCW3lS9uoI9_pEO4eaVEXMuZCCMb0DrDdkDfpuxAeF34QpPJbVsoKFKiQgaert2bD2XscoWc3rELqa2OpZ_S4lCZBl8tJyFSDS6-s1wABqkHjLvCevAkfqJEIRLL5pjQtkJOfg7uIVcjvS7Kz5oXguwtMsR6hoDNtdR_UpWwGuvXRAEaTW6l8D2TqSUD7ghdqC_LbFpv4TqHBDqreCiXqtSQME-n6Kd-sC0ptXxK9AAgRbC671Cl2F8A4DrB_8XKXqj4flC0maIInOZX4jijO8IwE0aKFa4bEN4KOmA3P137VP2nDXOklhUXRaK70cR-Yw5lSeSjgkxyBx1dEEnjGzUcEWCmrL1v1Tdsbtvjy4eKoz80uT9ZWDG5z1h1by1wTOuy_WBlRKbcEzPC0W0SqrEgwMnUQCxM9QeRW_29cMN-omeplceMsvwUCK_mhxEsm3trxUrHHRbJbaWKJmVTlH1XNaFVBq3C6EwybtXFFPAAJkrNICorIurJI8kG5kiQiPnIY4IokW7uJ_3Il77-sSh2Rde84DRAofBN5FoR7akIu09YIVlIeNGGBk1vxVx4YOPXEGwomM3gzGvO9gilGvgpUqF3dmyWSWhqcbOnICiSYns10c1vV-73YM05xY--KAt0bR5veev97wINLPWCUkP_m8Km1OIXnCWHEUtY84ngYLstENZr2hO5iy7S9buSc-JcBHcP-2SjPo86vXOpmLMctQ4qRpDJF8L4z_Bg6i_RTp3HF0kJHf0FmZUNaPx9kF_qh5LXrkp5yj21ldHHPUPp9hxNYv0ne75nJuXngfL4kKYhCgjUKee0NWFtN2z88W87AJbzo8NI3MLOeiXlAMwOQQGtO9IC2YMrbpca-SxHWsc80TLiPSmYQhwWw4zrLkQhbvGaWqSsZ9WeQqDCP5R9_664JTRQHf6K_tU0tv_fTa6BAodriWg1DYqnJg7utwqPvQ0Sc-BvG3M45QbklKnJEiSjzpoN7zr8aHk3W6w42L6dqLKzeH5n52eo8pQ1-jyyiobwfV1_EOY564k_Z1lSkfBwgxJIZLgUIf5qYUsZF2tmSgQU-V-vvUe9fAclzQw5KSckoGq3zxIALfaAGpHsjkUA_87KLeGWpKCL5xTEFNuD5zkAhYt-NXy5Jzs2pD4hFTHv-DcVjgknz6y_LMkUtz6oLnxVDzfO_ry5bfe9zBze8LCYyFuxAPCZ2NVM5AXcrrQ9i4cD0qjW1Jo5wMv6FSuKJA3xhyRjzIsB-IdKFIldm6HmbwJ6kUlVoTJ0dTQF1PjbPJ5wyQTtPCo411pzwJVpnCyOsHLNKh37IGfNriTghNuNQA__tv6nUO5zfsI5B2DBRgKOTqd58bCqz40mqYvINdHEC9v23sPDw_EzGXGbgV0WCRGJ-cqFI2VBokC5LBLUp8jzVLgUAv8ihHJpZk-EzMcHVsG0oO-YtCW0QEv5MUX0pArDdFg2M2V8QzxE4r1AIJatHXQiGKhFyS5h5BEFPmNtP97jadYVVLWN7q2VPbuUyObvtSHbvvs7tceBwzu1_0Dq2l0q1NjkPPUzIm-baXxLEX8R8lkyRbLjgoycqh69aNcGHgRbQcmiB6CoooMUEhc4QY9bSE103GiO7CBbmH9XXqCd9o7JWrlyr1tElkk7Ir9z06qURhxw_7JCeXFjo_Tdnxqk3zeHDQZ891Xo2rvNxvQ145_LUYzR52vGapbGMhr70CRei6kIVADwPTCbtuGE8KtpBbEjY_WMN6Kw0nxOghvkDtnmoMZzwgzYHvwtlHyXWzKwFgHe_yTT7n0-lHaO-SbPKgY_HeYEl2QqPT9PCAa-Pg0ybbvj_EzuhUZgMC8hAze7z3-fAdnvd7VVz5m0A1lK_bno4S6uSX5H3lKABvWvAtFaxmHgP8gbUS4-D2Xn3CDF30Saq-WlG0KaGkywsTH1eLXLbtck6J9fVC4KM1vME8PyrSvuGia-NnYRPFg6dlq5It4yze0WZg5NbB7Y7RsD9B827tB9cII4dU4NAtjl5FR_jhs9ed2yWEkHKHPuq_z7nZxTX7085eAOB8flJAt_U0ZpOg97mF0F2jBbObiPxhS7Jp6RsXY-029uet_CImbMAMVSvIK4WE1BbFdasf1BCNisBuAbHL-HARRStKlxH-E6RQQnah-Wpl3Qxj_ZRmBY-JXBdteLOFsGOBtBUrd5uXXjqmfFs7xYdT6Yznj3m9RS_dNLR1VrQXzanL-lf7zsyzWg9f7CoAiivmGnOCWQdYdbSn-JyLQohgENZAjQNO5FRuV1s5kri5tIx8uHp6E76HvTKTIYE-JrGhjuiV_DWVzFso7pBxAIYyyHlBSzI2ZhteI1gop7P5Yh2wtL_up3Km9ZOWnbuu1IIXvRZdmZngHkd1CiDpD4sZnYUM6l4QrWx-Ndt7e6rrLDdKd4N7QspcMLAk0RLyg6eQZyo-iWkL0HgUyWgI50PFyF7Z1q8ymRyA32Zn0qnHN9-wk9SZ14lWWg3oijg1IByEQMCHoiFzBEjJvTv8EV2k1kLrvRRcpw9SqgGwTASRE8ncyNi5iBGFAtelJVV_BL6xtj7Qch9qB6nwygte5179SeBsslNU-lqa9nN5wNz7RdzxI59VV-jfpGXOk0u3JqD-dYB9ie55sob0yZNs340_PWlOYpcVEeZ5WGLW-qU3Qm6JVsqrTzRKA7jQSQ6-SpIRbhcjZj05vUaNYT&cid=CAQSOwDICaaNPnxDvKE3dRWALmtyHjezluMYpzBMLAq-Jm-SyjoZslW0PG-ENDVZlmrYPJBFL6D332hmCErhGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=3448785722896781000&adk=2086295851&idt=161&cac=0&dtd=37
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:06:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
63569
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:06:37 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame 1616 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUuUNG_fi5TQ1ySSlTT01qKMxWLQYwfvZIX2grxXR7sJBca3W0JdYoKif-ewLA1pMdy0riLnv7ZOW3QoVYzJeyVH9Ln6YjOa0j7MTmYZmZVSJchtWdGDMCBnfCQEmMzzAyJ9RT8tv80MF8P7-SbtLqDb_l6HLAPWiqk1Rdw7y9DZoazPU&dbm_d=AKAmf-BxYq_NPkBbUDJs5q6aPLcNJtsE1ocHFYqXHnnKa-3mq0eBmH3XTxQ_RvquPU2jiKoAYUWHnirNvDtVlBeRbI_rBEJPlCYlKZnYK-3LiMJLEWE_XIy5KvUfZ3wfRXUub1p9sSaxNXAoLauUf6mZP_qF-Pqmib2-Wrz8P7z2BrX41ERMtn9x7nJhEJP-6WzGq0-S5Y1_covupfH9UofxxDCg8_9dDwP-f549zOxfDiLFPN9n53burUbo9OtrXwMeJ2J5GQE1OS4FTfTy8DT5Tnmh5u3DmwkE3RbhEGdvQv909jws1iLXPs90adXd3aDdH2RD2EpwVpoZVPHxRCk4IWXOyP-iuQummzItSd6qRLOrqjVlAOoAGngGtWHe5Erzq_aKZOu-pv6QUnCU3fW5hG7UvnWXhsYVZJJylLuaIh7wYiv_N8KKMl2rkzj-ba0x2REs1wRE4naN0IvvXw1T82MBIFxzkKaNrpbzF9OgWa6L-Xd9ryhdMs4vAVhFOKlkapycKZ6YXqgN_pcvhReHFbV6BhjWL2R6OaK2vlvYu1IXhSOfH3pTJPg5xP4PuH4EQiIaJ_xDgIHjUeEZyiDvwsD0y1kBpkC4mTsjMr6X1hUn5ftigL4OceFwVXq1E6XUckbxfKdq4wyMSvMq-EH_MwIAwc3PINbVovQejkbasLzRfGr0hKdc8mPoDMZaB3QWbGgB7O9BBYSK7PKxdpxvoODio2S09oN1U95Nbu0jtniEbMnKZp0FLppcuAPWhsh5-UZDjcFd0hCmq6DCU3G-HC94NueLEBjyiBENNNz3F6GJaPWcI84bO_0hGCU3GmbrXthgElY3sMDp78e3DDA-DGclIchL1TMsYXxuKhw5zKAVhzbDDsRBSjdKrAAjlCPmjtQnQPeelY04VrS1KmuR7OZciqhYPql3Qp4JluxH2014sCtKNWJquNgDbNTmZs90-n3gz5HNSjGJMvMQZxSKWDBI9TZgW4qZ0iViPwDJmqQrdjzI2e8JwJ4glJyoIz0MlQRUf9bR4n1-5OzSbZGYy3dQZnuIBCp3ixx1hxAoNj0Uvuh_6ItJt2mjdl7-Pe6oniNEiQqrAwW55ondR4V7dCac7gaSLSfsbYn7w6lanPMYEggKsl5m5naAViUQ4SvCWxTrKGiI1mTumixQvE8YfMEbx6XkUHRSjhuXcGKuL_IWqoblFCW3lS9uoI9_pEO4eaVEXMuZCCMb0DrDdkDfpuxAeF34QpPJbVsoKFKiQgaert2bD2XscoWc3rELqa2OpZ_S4lCZBl8tJyFSDS6-s1wABqkHjLvCevAkfqJEIRLL5pjQtkJOfg7uIVcjvS7Kz5oXguwtMsR6hoDNtdR_UpWwGuvXRAEaTW6l8D2TqSUD7ghdqC_LbFpv4TqHBDqreCiXqtSQME-n6Kd-sC0ptXxK9AAgRbC671Cl2F8A4DrB_8XKXqj4flC0maIInOZX4jijO8IwE0aKFa4bEN4KOmA3P137VP2nDXOklhUXRaK70cR-Yw5lSeSjgkxyBx1dEEnjGzUcEWCmrL1v1Tdsbtvjy4eKoz80uT9ZWDG5z1h1by1wTOuy_WBlRKbcEzPC0W0SqrEgwMnUQCxM9QeRW_29cMN-omeplceMsvwUCK_mhxEsm3trxUrHHRbJbaWKJmVTlH1XNaFVBq3C6EwybtXFFPAAJkrNICorIurJI8kG5kiQiPnIY4IokW7uJ_3Il77-sSh2Rde84DRAofBN5FoR7akIu09YIVlIeNGGBk1vxVx4YOPXEGwomM3gzGvO9gilGvgpUqF3dmyWSWhqcbOnICiSYns10c1vV-73YM05xY--KAt0bR5veev97wINLPWCUkP_m8Km1OIXnCWHEUtY84ngYLstENZr2hO5iy7S9buSc-JcBHcP-2SjPo86vXOpmLMctQ4qRpDJF8L4z_Bg6i_RTp3HF0kJHf0FmZUNaPx9kF_qh5LXrkp5yj21ldHHPUPp9hxNYv0ne75nJuXngfL4kKYhCgjUKee0NWFtN2z88W87AJbzo8NI3MLOeiXlAMwOQQGtO9IC2YMrbpca-SxHWsc80TLiPSmYQhwWw4zrLkQhbvGaWqSsZ9WeQqDCP5R9_664JTRQHf6K_tU0tv_fTa6BAodriWg1DYqnJg7utwqPvQ0Sc-BvG3M45QbklKnJEiSjzpoN7zr8aHk3W6w42L6dqLKzeH5n52eo8pQ1-jyyiobwfV1_EOY564k_Z1lSkfBwgxJIZLgUIf5qYUsZF2tmSgQU-V-vvUe9fAclzQw5KSckoGq3zxIALfaAGpHsjkUA_87KLeGWpKCL5xTEFNuD5zkAhYt-NXy5Jzs2pD4hFTHv-DcVjgknz6y_LMkUtz6oLnxVDzfO_ry5bfe9zBze8LCYyFuxAPCZ2NVM5AXcrrQ9i4cD0qjW1Jo5wMv6FSuKJA3xhyRjzIsB-IdKFIldm6HmbwJ6kUlVoTJ0dTQF1PjbPJ5wyQTtPCo411pzwJVpnCyOsHLNKh37IGfNriTghNuNQA__tv6nUO5zfsI5B2DBRgKOTqd58bCqz40mqYvINdHEC9v23sPDw_EzGXGbgV0WCRGJ-cqFI2VBokC5LBLUp8jzVLgUAv8ihHJpZk-EzMcHVsG0oO-YtCW0QEv5MUX0pArDdFg2M2V8QzxE4r1AIJatHXQiGKhFyS5h5BEFPmNtP97jadYVVLWN7q2VPbuUyObvtSHbvvs7tceBwzu1_0Dq2l0q1NjkPPUzIm-baXxLEX8R8lkyRbLjgoycqh69aNcGHgRbQcmiB6CoooMUEhc4QY9bSE103GiO7CBbmH9XXqCd9o7JWrlyr1tElkk7Ir9z06qURhxw_7JCeXFjo_Tdnxqk3zeHDQZ891Xo2rvNxvQ145_LUYzR52vGapbGMhr70CRei6kIVADwPTCbtuGE8KtpBbEjY_WMN6Kw0nxOghvkDtnmoMZzwgzYHvwtlHyXWzKwFgHe_yTT7n0-lHaO-SbPKgY_HeYEl2QqPT9PCAa-Pg0ybbvj_EzuhUZgMC8hAze7z3-fAdnvd7VVz5m0A1lK_bno4S6uSX5H3lKABvWvAtFaxmHgP8gbUS4-D2Xn3CDF30Saq-WlG0KaGkywsTH1eLXLbtck6J9fVC4KM1vME8PyrSvuGia-NnYRPFg6dlq5It4yze0WZg5NbB7Y7RsD9B827tB9cII4dU4NAtjl5FR_jhs9ed2yWEkHKHPuq_z7nZxTX7085eAOB8flJAt_U0ZpOg97mF0F2jBbObiPxhS7Jp6RsXY-029uet_CImbMAMVSvIK4WE1BbFdasf1BCNisBuAbHL-HARRStKlxH-E6RQQnah-Wpl3Qxj_ZRmBY-JXBdteLOFsGOBtBUrd5uXXjqmfFs7xYdT6Yznj3m9RS_dNLR1VrQXzanL-lf7zsyzWg9f7CoAiivmGnOCWQdYdbSn-JyLQohgENZAjQNO5FRuV1s5kri5tIx8uHp6E76HvTKTIYE-JrGhjuiV_DWVzFso7pBxAIYyyHlBSzI2ZhteI1gop7P5Yh2wtL_up3Km9ZOWnbuu1IIXvRZdmZngHkd1CiDpD4sZnYUM6l4QrWx-Ndt7e6rrLDdKd4N7QspcMLAk0RLyg6eQZyo-iWkL0HgUyWgI50PFyF7Z1q8ymRyA32Zn0qnHN9-wk9SZ14lWWg3oijg1IByEQMCHoiFzBEjJvTv8EV2k1kLrvRRcpw9SqgGwTASRE8ncyNi5iBGFAtelJVV_BL6xtj7Qch9qB6nwygte5179SeBsslNU-lqa9nN5wNz7RdzxI59VV-jfpGXOk0u3JqD-dYB9ie55sob0yZNs340_PWlOYpcVEeZ5WGLW-qU3Qm6JVsqrTzRKA7jQSQ6-SpIRbhcjZj05vUaNYT&cid=CAQSOwDICaaNPnxDvKE3dRWALmtyHjezluMYpzBMLAq-Jm-SyjoZslW0PG-ENDVZlmrYPJBFL6D332hmCErhGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=3448785722896781000&adk=2086295851&idt=161&cac=0&dtd=37
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:08:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
63482
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:08:04 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 1616 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
472469
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:31:37 GMT
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		588 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf01a9d97059b1dadbb300bca0f2131f8a2af5465cdb10b7d85850408cccd2b4
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Muk413skbOs
pragma
no-cache
wn
prod-dash-10-0-119-136
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.005
cache-control
no-cache, no-store, must-revalidate
cf-ray
81b1a2554a4430ed-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 44FA 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f528f03b7851cf74f3b3178584153f5e69e866fd7ffe522e71492722fa46c754
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
81b1a2552b081981-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Tue, 24 Oct 2023 10:46:07 GMT
expires
Tue, 24 Oct 2023 11:01:07 GMT
last-modified
Tue, 24 Oct 2023 10:46:07 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.001
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-82-155
x-forwarded-https
on
x-request-id
Mvk413ssLMR
x-xss-protection
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metered=1%7C7&metername=Support%20Meter&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=17&tvcfg=all&tid=8e28767b-a9e8-4de5-9343-3a9ce1e7343b&pid=83d2c3d5-37ee-4655-89f6-2e215a361603&dtm=1698144366893&qnm=_matherq&visible=1&tabid=8f8d43eb-d394-4601-9648-7511b187e95a&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x13519&tofa=1698144365&vid=1&lvidt=1698144365&duid=ba341e8a-af0d-433d-85a1-37ccc91294f9&fp=2849720740&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoidGVtcGxhdGUiLCJkYXRhIjp7IjAiOnsidGVtcGxhdGVJZCI6Ik9UQzE3WDMyQkpDSSIsImRpc3BsYXlNb2RlIjoiaW5saW5lIiwiZXhwZXJpZW5jZUFjdGlvbklkIjoic2hvd1RlbXBsYXRlMU9EU0xBR1pYN1dYNzEiLCJleHBlcmllbmNlSWQiOiJFWEtFVTdZWDNaQUwiLCJvZmZlcklkIjoiZmFrZU9mZmVySWQiLCJzaG93Q2xvc2VCdXR0b24iOiIwIn19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTYxODQxMTYxMiIsInJlZlRpbWUiOiIxNjk4MTQ0MzY2ODkyIn1dfQ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.77.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-77-247.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Tue, 24 Oct 2023 10:46:06 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 01E2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
66249
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Oct 2023 16:21:57 GMT
etag
48472445140208031
expires
Tue, 24 Oct 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1616 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ca3635f75f13252564b4682bd1c6f214c0defd5583d015ccec2bf10933560a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
skeleton.js
fw.adsafeprotected.com/rjss/st/1627455/73523879/ Frame 62F7 		251 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1627455/73523879/skeleton.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=20487174429&bidurl=https://www.mlive.com/&ias_dealId=&xsId=ABAjH0hTHxFfkJmVa_Oaa6_y7CT7&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hTHxFfkJmVa_Oaa6_y7CT7
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.244.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-244-184.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
757be9b400bd59cfdbe00696a87b77f0314d29d7a1486e2197b138e59c47fbaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 62F7 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
Origin
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 16:21:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66250
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 24 Oct 2023 16:21:57 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/ Frame 62F7 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwwMns5xm1Cf_TEvMjJtlnQYsQzo-Zpdr5NQyFxOJCRE2rWGOQ55WTQ6YrluBJoGJX4HyKp_OAffJAcKtM8n2s9hN6KfpDiEfIUUpWQqX7yq7sr_WAX-lKAfb0-m8egoGVE7QoTvvKJIwpxUJxK0WQJyS30Sbky_UQFEb4zdeSu0mFEKE&dbm_d=AKAmf-CNQ-Hk4S5thd1xHlpTqCGAjE1X-Gxa5MLDcDyGnYLLac1ShWq4zl-hB8n-MQNP2ytxPdDp2uKsCaeqtENIM1bq6doc_1iq_znfOosrXG9a_jtEXA1-1jw2FQ70nf5MsB2yo1nFKd-TXPYPBn6vfL7FFI2IBli_HxNPJ_ln_zjPePCSWteBssvlCTjt1JipU-CtUOs1HmBKMktlHPXdLONkvMwvC5webEesuWJjpda6zan6Nkxcq9lqsUYmtG1wp7eO2O9TFXwM6GwGeFi7n-EaUv5_skloH_NpPv6J5xDEBZZ03YQoA1sDIecA-JyXJQL0kCpSKUBDI5101VDN1_W2f7G9_Wk_vnw2LDuWybgnGIt5Rb1q2PgbVl_lDICwLMc0BtqdeARhbC9sBVH0NK17shKIrzGB79qmnZ74DqGLMZz0mfEyRW-oKft7KaSVh8ffABop3-7cthqQ9tGj-afRBaHnUIVPEp8UidAp7-eJfByjzYxXDQUYqJggB2Uy4y7_xirLuaFyHULJkWbsy_8iWFjqikkcVUpDgWegaPF8SCa-hNC7cEMqqFwauGErLoW2RVhCW8J2iBAq7e_UvwIaDC0LTWYl-SujIs_RgdmyAilGAMYJ0I6um0n9XqqFYMWrg8mX1fw9wE_jz19Wg2MkZUJJ82acgOvspKbeD3qwEWsLcU7rmyaJMn1iLXMZQ2BNCbtCraeZI4Hww_GT8qwMu5xvS93jZJpgS_DjtYeEL8h18YdUpNlIAlIYfrQr9EEnEFoYXhZqNweVSDf58ojCLxa1yRXNXm90FCKPnchyFZoRVnao06DjukDCwNBPWeBnUizRTgY1lGpPNQtORaYbXrwM6-rnLFsiyGiMX2Y2ms-6wwHxgiPXIQorQc2GT9b67ECrQS4O6tuKfn2eJn9WViZ1QmRlRaql7N-VEB7IlYtt37Ck-UU4JUPMNwl47a-mXcMGdMuDZced7qk_g6WaKJDvlbpk0jAgty5Z2GO9bs5LOAu1LlbTl8WBOVPfeB0uHf0Nvjl9bUAXgSnmkkQe-L93M8FimBBmP1HITJD2TomP3E-Bk_vRnXicovMfwtCvUfjpWufRVmrojkQv8FfpIe3adzDNGfNatRgvAq90ej29RtnfARki_q38K3dBKO9896tBNmohaAkgjfi-v9mXxJqQcrm7nJ1XN4kIvT5ziIAblWxL611Ohb-TSTLobCsJM0aesU9yHQzcSFF74ubEbcGVsLQ_tYmE8X0DNN42Yq60arx2y-1IhkRn6Gl5lmXNlEOTp0ZTFtuxmCa0YuoqfVCcS_OQE3Q30Iukkm6Bh9JqS5MUipW4NrVm37ofpWhe0nIlcGnBCwynBSSExgP2VPgHSMdW0ZRrxs06AFgW8T9beuJ3QIKtfN3ho82YmkDfE3qsj7WQE3aqdLrSAVmjDNyH2R2p8wcIh-pW4ezCnAW1FU6h_USs_LU_K2XRfv4Rl_sapgvBSO48ua1IZ7dx_WvPX_Gjp2HDSjpJkL3Mp7YYZZXDjwCh3RAHckV82yfd_2muWrDHDPg4n9qfuCPa5-yN6_7uRTuWKQLJFfNqp3axiSzeKX0EUUsm5jwheHoH1CHXri2W-0E2Q-mDEtGRdsyI8267Rl1NcoUp_zG8ZqJh3MLTlaYGqWpj8NztQQBDHU6gryWdnAWLUqB3tSOSA9z3O9Ms563ARnvrKe_o2DXGQ2Fwe73WolQiYq6lq4SGfC-S5Lc0wY9RqEGwt_odfDv7TkfHJvm0qqMDHiFPT-zL5MMIqBA9cYfx7qork4nPWuo7ruEU3F9B4HKZUvuRgInqbR1gs8ut5LxX4gEs9uG6NON7MGBRNf4CG9XtmUgAvJHuPDgdk2X21pOKKSIpWExPrv0uu8iYj5nW9O6ISy9PJ6RPlLaYC70qJS3eKZy3gRRNKAxWr198wRi00uRn58xOoJkcXi2psNZeJbs34aQ3Vxwif13auZ8XLjma_O1R6V_dp41bcnc8OzvslpBjhVSSk5ibwLZI_0VaZr2hB1NpVB3uCCFoUy1VvJ2gH7HtknYbbA6xVtVwridt2UR7jwWoxO0i13MW5PcQhjShPmFHY7haWKToIohurHGtmJCOk1p4ZQ9A345oeEY-2EFVbwXzepdyhF9eeUa03MLgNS2Z4SQM99PXvLHFIpAGp88OtL0xxWKkmiB9Paiz4H0O9sy2acB3-yfsN0IlReyhtVXfNPcKbsM104mIusfqO0W_D_8I4a-Xz2LTpZPEWZ56yi27izcUACDTJitbeIJrQX1qRYBcg1PvsXpR9ajvq87VOxQuoLqRFNdIU6BQZjej2sWnF9OGobEqDommcfQ_ZMIWYm4galY1REgand2FNZgq_CbWRW6HNLHcOkJWDg0NYLg6acFajVI_81JZnHeDgDPifdIrE3rZGnbDa7ae_prbDCs-t86jOM9gBf-dqn2-VKB-KTd42Gr-yrbD3-6b4pxvYHuW2t8iZOao-4hAIO9cHCXn1Q7a0dRMkdLF902SaNNnjoIbd8jivO9u52bdK3bcKmtULalRB3UIVSkwGtMN4Nt3LWnt0IMF1PYM3LW6CMMlO-0BC43PgHm2ocn9UQnvrVhcZsspY0YQgA1QHytJof8I8S_Tkc2bAJqgzeEYdMEvqzGXPGLocN_ZmbFo-IALdrpJ_D78UpAK7OEePB2BTHl7w1u-SO0Dis1ZP_eSJwjgCj4h2M8ZQ9V3xfuWPCgPkis38EIX6-qHFb1mT58b9gUAg125G-D2_c10Xh6EiK5LlyeUvkdw9mlapCc-NHLjNlcqHgOjLdiIPZ7s14JmjWxitU8EOGULl0Pi13jDLh3wCNA8G5udI7z14YhTLtwpi_cb5OmJfg7uM57B2P9IH0r-jmksv8tJ9eVM5EA4qoMSsDGCh_IY_i1EGX-849METN4dZAbqvu-noOgPj941eMm55RzlBMlH51AnH82-ovUd_btAaT_WCLBZTwA0J6aiHJ3AnsbE1qBaaq9aksvrEGkQOUNNxvqQmpKWXaxvvqsJmB95K_3RVkcp_uvrqdt5krYOApepQtB3LNC4Fxc_3PNnw-EsYOUpPUm8Y1Uxhu92zBQ_pKt8GcuSzNk0ct5W7CnLoJE3dqw2q2r84JV5yxmORUd-PWsxbqDQphbLdA35paldqCcfU5l2hxTIIf3ed3RlsDbz034D9Eu9zJLiE3NkxAs0vDQoKCoqM08iItTam02lwRpsMHg9buzPHCkpXEkv4D_bg5oklte_RGUp99G0iwwupgti7mb5819QmOJ2kX4t8Jw3S07IXX3T3K_aOhIXCIOSo6pr2yepQLWAMrQPHEmbYbGYZZPUf1rYw-jmSgwdccVsa_C_VDoDTbGhGJG_ExtOlNS5TBQ_X8QJ_nQVZGWlY8ma2jhztaiKa5_meZCj5DsVXRPR6EQ_oEv0tvdoVN0578F9EB9gskWQ9eaue6EfjgXW5VRe4E8Rc1TkkblGX-VD3O2YW5CuofTMmhjDQ01uX1g8SlOCtjxKkga4Mm8otOM4LkClujC5TXNqXttx-6nEC4ybPyn8WdMDT2Q5CKYu3n8zqM_ro3U8Ic4wlr_u7JNqVE9PxelcJNbAmE84XpC9IVCrhBMIbdC2NYdxwU3K2KaJMJF1HlJyQqmjw35eRaSmyVR9vEpygtDY-BcuoBhiLTXfr0jc3nO5beWd9dimUUguBOxWaJewbOaKClRXXxOwPi2LVlbeQhqMBIbPAHm-aZYOafjuKrUF3bIMVP4CTjmcFVwoeiJ4LUssKkw9QCsuZA7t442mkSNX7lYs3vGsP7Oa8ubjOTYHSFWr_8A70ZeTOnOcX_na2pGvJRIkHI-n4r03OF9ip8MT5RcxjfY-WEDFvWMd1sp5TneI3l7V80HtSwNyW4tdpFVT&cid=CAQSOwDICaaNPnxDvKE3dRWALmtyHjezluMYpzBMLAq-Jm-SyjoZslW0PG-ENDVZlmrYPJBFL6D332hmCErhGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=16989405773401133000&adk=3944675600&idt=268&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:06:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
63570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:06:37 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame 62F7 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DwwMns5xm1Cf_TEvMjJtlnQYsQzo-Zpdr5NQyFxOJCRE2rWGOQ55WTQ6YrluBJoGJX4HyKp_OAffJAcKtM8n2s9hN6KfpDiEfIUUpWQqX7yq7sr_WAX-lKAfb0-m8egoGVE7QoTvvKJIwpxUJxK0WQJyS30Sbky_UQFEb4zdeSu0mFEKE&dbm_d=AKAmf-CNQ-Hk4S5thd1xHlpTqCGAjE1X-Gxa5MLDcDyGnYLLac1ShWq4zl-hB8n-MQNP2ytxPdDp2uKsCaeqtENIM1bq6doc_1iq_znfOosrXG9a_jtEXA1-1jw2FQ70nf5MsB2yo1nFKd-TXPYPBn6vfL7FFI2IBli_HxNPJ_ln_zjPePCSWteBssvlCTjt1JipU-CtUOs1HmBKMktlHPXdLONkvMwvC5webEesuWJjpda6zan6Nkxcq9lqsUYmtG1wp7eO2O9TFXwM6GwGeFi7n-EaUv5_skloH_NpPv6J5xDEBZZ03YQoA1sDIecA-JyXJQL0kCpSKUBDI5101VDN1_W2f7G9_Wk_vnw2LDuWybgnGIt5Rb1q2PgbVl_lDICwLMc0BtqdeARhbC9sBVH0NK17shKIrzGB79qmnZ74DqGLMZz0mfEyRW-oKft7KaSVh8ffABop3-7cthqQ9tGj-afRBaHnUIVPEp8UidAp7-eJfByjzYxXDQUYqJggB2Uy4y7_xirLuaFyHULJkWbsy_8iWFjqikkcVUpDgWegaPF8SCa-hNC7cEMqqFwauGErLoW2RVhCW8J2iBAq7e_UvwIaDC0LTWYl-SujIs_RgdmyAilGAMYJ0I6um0n9XqqFYMWrg8mX1fw9wE_jz19Wg2MkZUJJ82acgOvspKbeD3qwEWsLcU7rmyaJMn1iLXMZQ2BNCbtCraeZI4Hww_GT8qwMu5xvS93jZJpgS_DjtYeEL8h18YdUpNlIAlIYfrQr9EEnEFoYXhZqNweVSDf58ojCLxa1yRXNXm90FCKPnchyFZoRVnao06DjukDCwNBPWeBnUizRTgY1lGpPNQtORaYbXrwM6-rnLFsiyGiMX2Y2ms-6wwHxgiPXIQorQc2GT9b67ECrQS4O6tuKfn2eJn9WViZ1QmRlRaql7N-VEB7IlYtt37Ck-UU4JUPMNwl47a-mXcMGdMuDZced7qk_g6WaKJDvlbpk0jAgty5Z2GO9bs5LOAu1LlbTl8WBOVPfeB0uHf0Nvjl9bUAXgSnmkkQe-L93M8FimBBmP1HITJD2TomP3E-Bk_vRnXicovMfwtCvUfjpWufRVmrojkQv8FfpIe3adzDNGfNatRgvAq90ej29RtnfARki_q38K3dBKO9896tBNmohaAkgjfi-v9mXxJqQcrm7nJ1XN4kIvT5ziIAblWxL611Ohb-TSTLobCsJM0aesU9yHQzcSFF74ubEbcGVsLQ_tYmE8X0DNN42Yq60arx2y-1IhkRn6Gl5lmXNlEOTp0ZTFtuxmCa0YuoqfVCcS_OQE3Q30Iukkm6Bh9JqS5MUipW4NrVm37ofpWhe0nIlcGnBCwynBSSExgP2VPgHSMdW0ZRrxs06AFgW8T9beuJ3QIKtfN3ho82YmkDfE3qsj7WQE3aqdLrSAVmjDNyH2R2p8wcIh-pW4ezCnAW1FU6h_USs_LU_K2XRfv4Rl_sapgvBSO48ua1IZ7dx_WvPX_Gjp2HDSjpJkL3Mp7YYZZXDjwCh3RAHckV82yfd_2muWrDHDPg4n9qfuCPa5-yN6_7uRTuWKQLJFfNqp3axiSzeKX0EUUsm5jwheHoH1CHXri2W-0E2Q-mDEtGRdsyI8267Rl1NcoUp_zG8ZqJh3MLTlaYGqWpj8NztQQBDHU6gryWdnAWLUqB3tSOSA9z3O9Ms563ARnvrKe_o2DXGQ2Fwe73WolQiYq6lq4SGfC-S5Lc0wY9RqEGwt_odfDv7TkfHJvm0qqMDHiFPT-zL5MMIqBA9cYfx7qork4nPWuo7ruEU3F9B4HKZUvuRgInqbR1gs8ut5LxX4gEs9uG6NON7MGBRNf4CG9XtmUgAvJHuPDgdk2X21pOKKSIpWExPrv0uu8iYj5nW9O6ISy9PJ6RPlLaYC70qJS3eKZy3gRRNKAxWr198wRi00uRn58xOoJkcXi2psNZeJbs34aQ3Vxwif13auZ8XLjma_O1R6V_dp41bcnc8OzvslpBjhVSSk5ibwLZI_0VaZr2hB1NpVB3uCCFoUy1VvJ2gH7HtknYbbA6xVtVwridt2UR7jwWoxO0i13MW5PcQhjShPmFHY7haWKToIohurHGtmJCOk1p4ZQ9A345oeEY-2EFVbwXzepdyhF9eeUa03MLgNS2Z4SQM99PXvLHFIpAGp88OtL0xxWKkmiB9Paiz4H0O9sy2acB3-yfsN0IlReyhtVXfNPcKbsM104mIusfqO0W_D_8I4a-Xz2LTpZPEWZ56yi27izcUACDTJitbeIJrQX1qRYBcg1PvsXpR9ajvq87VOxQuoLqRFNdIU6BQZjej2sWnF9OGobEqDommcfQ_ZMIWYm4galY1REgand2FNZgq_CbWRW6HNLHcOkJWDg0NYLg6acFajVI_81JZnHeDgDPifdIrE3rZGnbDa7ae_prbDCs-t86jOM9gBf-dqn2-VKB-KTd42Gr-yrbD3-6b4pxvYHuW2t8iZOao-4hAIO9cHCXn1Q7a0dRMkdLF902SaNNnjoIbd8jivO9u52bdK3bcKmtULalRB3UIVSkwGtMN4Nt3LWnt0IMF1PYM3LW6CMMlO-0BC43PgHm2ocn9UQnvrVhcZsspY0YQgA1QHytJof8I8S_Tkc2bAJqgzeEYdMEvqzGXPGLocN_ZmbFo-IALdrpJ_D78UpAK7OEePB2BTHl7w1u-SO0Dis1ZP_eSJwjgCj4h2M8ZQ9V3xfuWPCgPkis38EIX6-qHFb1mT58b9gUAg125G-D2_c10Xh6EiK5LlyeUvkdw9mlapCc-NHLjNlcqHgOjLdiIPZ7s14JmjWxitU8EOGULl0Pi13jDLh3wCNA8G5udI7z14YhTLtwpi_cb5OmJfg7uM57B2P9IH0r-jmksv8tJ9eVM5EA4qoMSsDGCh_IY_i1EGX-849METN4dZAbqvu-noOgPj941eMm55RzlBMlH51AnH82-ovUd_btAaT_WCLBZTwA0J6aiHJ3AnsbE1qBaaq9aksvrEGkQOUNNxvqQmpKWXaxvvqsJmB95K_3RVkcp_uvrqdt5krYOApepQtB3LNC4Fxc_3PNnw-EsYOUpPUm8Y1Uxhu92zBQ_pKt8GcuSzNk0ct5W7CnLoJE3dqw2q2r84JV5yxmORUd-PWsxbqDQphbLdA35paldqCcfU5l2hxTIIf3ed3RlsDbz034D9Eu9zJLiE3NkxAs0vDQoKCoqM08iItTam02lwRpsMHg9buzPHCkpXEkv4D_bg5oklte_RGUp99G0iwwupgti7mb5819QmOJ2kX4t8Jw3S07IXX3T3K_aOhIXCIOSo6pr2yepQLWAMrQPHEmbYbGYZZPUf1rYw-jmSgwdccVsa_C_VDoDTbGhGJG_ExtOlNS5TBQ_X8QJ_nQVZGWlY8ma2jhztaiKa5_meZCj5DsVXRPR6EQ_oEv0tvdoVN0578F9EB9gskWQ9eaue6EfjgXW5VRe4E8Rc1TkkblGX-VD3O2YW5CuofTMmhjDQ01uX1g8SlOCtjxKkga4Mm8otOM4LkClujC5TXNqXttx-6nEC4ybPyn8WdMDT2Q5CKYu3n8zqM_ro3U8Ic4wlr_u7JNqVE9PxelcJNbAmE84XpC9IVCrhBMIbdC2NYdxwU3K2KaJMJF1HlJyQqmjw35eRaSmyVR9vEpygtDY-BcuoBhiLTXfr0jc3nO5beWd9dimUUguBOxWaJewbOaKClRXXxOwPi2LVlbeQhqMBIbPAHm-aZYOafjuKrUF3bIMVP4CTjmcFVwoeiJ4LUssKkw9QCsuZA7t442mkSNX7lYs3vGsP7Oa8ubjOTYHSFWr_8A70ZeTOnOcX_na2pGvJRIkHI-n4r03OF9ip8MT5RcxjfY-WEDFvWMd1sp5TneI3l7V80HtSwNyW4tdpFVT&cid=CAQSOwDICaaNPnxDvKE3dRWALmtyHjezluMYpzBMLAq-Jm-SyjoZslW0PG-ENDVZlmrYPJBFL6D332hmCErhGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=16989405773401133000&adk=3944675600&idt=268&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:08:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
63483
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:08:04 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 62F7 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
472470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:31:37 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1627455/73523879/ Frame 928D 		251 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1627455/73523879/skeleton.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=20496570232&bidurl=https://www.mlive.com/&ias_dealId=&xsId=ABAjH0hRzb1rz0v5eO96gdlc4UBs&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hRzb1rz0v5eO96gdlc4UBs
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.244.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-244-184.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
924e5f15df6b118e9815208ec4d316991218745378c415e470bc773097479df8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 928D 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
Origin
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 16:21:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66250
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 24 Oct 2023 16:21:57 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/ Frame 928D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwOidZ_g5UN5ukQYA3VEpXdPDA7psjsp9gB2oIsrX3AsisuA36ltgiwAYfboY8UO1HCbIgHkoSp_BvqnsoZp5ZIkOiIbnTJY8963cVBTxeP2im-GpBYU9Q01NvV2CbQLEAeEh8QoyLG-ckHQmeyVQcXbYGk0ZkDOpd6rPZvmobLvz08-Y&dbm_d=AKAmf-CX0FcLnrnCQP7PPYb_av6e91tHP-QodDKbTXo626XGpWkSqGETHgFr9pZXhBoC0wV5_EsJ7Bo4B1DiAQQzFv-laX21pcyNZchWOOVKvo8KblPUQ7wLGY8jPcuYA1AmS43e0VtR2q-zxuBSsFC7BftMLeRiWPKvc2n2--v6-jhDkwVJjAB13O8dLpcROVWlq4-_VTkQ1K_mrkCpcT2ce9ir70PndhaLT3vnicvMIkmPZbgXuT25RfRJneOobmKCxA35AAQEnMP98RyqIYsAsmroA4ixTfavk7lwr_E5Qo3n-VPnwsNLKZFs667nzeVOB8fva50NulN36IRU8A69-wPX61ZlrjJ77l9Ng05nF-7eNMucHSDzhZYLVLEEiW8sZV_-risSLK5FsgfIokoIBt7jY7XoSrLAiMFAPYijiOw_rw0KRh3kCDjSC_RT4qVlkpcXMfETQDEu-9OwTH1Ecdt2uPmpOrkJkPucT3HNPITndpuUutbOXJsSttDeduCm4vzbC9GYP4inufFz48Ptjboa2ng9_0ItC0yyIdAYgPYaumAVpkX4GGAxHkPCrrIeeiQvL6gZB3A15Yn0I-Zt6hV6zm20lh1Tn6KNhb9jxeqSzo52dXBOBXlZJohR-o5Anv7DjAVqpgSL9wUPsYuoJYgfbbLpzy_cvIeYFUx7PdVoFPlPvcKc6N8SypKyZhCohkfD0FyEvi6JRxj1ql-M1bRp7rVTTQ0xypfugkN_pgJEBqJ5MPTTGma3iUzo-cwgHGaN9kSIQ4FvS1-uke1GAqY9sCdk16Q4IPmUUjFy2Fpqpm1E9g54F9y6WuhMSKQsY3TUtrgnYSC1krOy2XB6AG6JANXy9LuOiEjcEWwmBk9dAbD0Q_eshRvzEvQGv5ayCwCQh_HE18FW3-YuhyOqUXu1CvTXIQ5Fl_uXaErk7pQHDV3xXEn7Ai_JMLOZYVxPh-EfHtC7o5-jmgDuXRFi0X_hHpX7N2Uq0gg3Kp9SqOqlZLFtcIwbtOCG9qCE9FkBH-KclpouXBMcTxMiTRf7dxlZgRcSuC6rP6ASuQ9IqfIBRxk9vHc5axQE5IEh-ra7CCYvb_OK3lojD_vgIvF560C6m-enWScRFwcUG5FAPr4A97PVpx318D8J6TuxnfooZK8JOlJ7xTnlo96pC8K3DzbuGd-it80iUBrcoybXV7IIMYRS36teugg0eFScwlws69mRGFPhAyZmKSCJxBs7ZR6aPXhufHlAqQf3KtvFs6wSYpjUxCiUapJlIKdnkiYBmxCqgL1_R5dIrZqckB8ziE2bp8uank8Ml4JL6arM69x0cvpyhl3UPYdRQTFJAJwnVfQ5_DCOY-NePIDi8rVtVuhQONMty4rgcSlmVLtZGaa5SPxk4Bf2pLZFayQVd5R0hMzttbq-ScMnLLGZKj9a1stqiBwE1ycxaL8IdHBdHiVrXyyB26R4lAgKbkriH3SDHNktGifCu7SgoMQp_463MxjzZnfDb1zJNsSzlNskjIQa6Oz13JTG3lEBZoFNuOBIdcqQAzpufKrI1DMHKdduw_YOafOsnhbmpkunUhSCy1UAvWq-ry4Th04wqUArlm8lyCfVX5RhJGRIEZO7Wpwrvpp6tEKP3nhBZBU049WL_Afu14prI3_ae_zC-UBa1t8kEgy3HrK0E7g5xOUMJ01LX46KqXw42EeUA2UQEEo88TdPhbsFOxk4W5QTtmJryHFaemrLqg162HYmBXJU5vcz-bCOlkB-Gf8exYoluDn7Y-LSPuHXzrUk1fMbnxkeUefaktPaVQrKPHSucja7R-QHP-vOkbhywTjyTdQuDPpwTXV0nyAPZJH0EoLQB4dVHk0vbn_L16mfFba_s1M3ZlgBTg8XTTXPySvXLP8GhRU-t_pVxPicYQThlrgnA5B3sxBu8kfUiWzgJoXdYDn8hqs3Cgbt2wpUYwA2pyKRG4-f56LUmGzVxJW26TNn35fsoVOxLFih_BfcXOMa6YeOdoMbNGpn9eim475fqZdz0zY29jcZTImwldnZb25djjdns6om5znWZRvFohdYI6tGMretRUgeWDAxdZ2eRuSbVcy4BiQ4g3Urk_rv1VgJ0eeCkvkNIU3-bz2OsBKaMyPdwQxh39oKnyjUUf9Prxzm_bVR6I6FMGtxOj-N-4bY8xuwD8NX_wC1eoP6SIR7uwsdRo1V5uQheqa6nNyQLgVmZqhSql1z937V6NXccqt-EeSj8ZXBASIHkvlJvQFJ5OakCt9Wek-43wfeBogZVVAPMQZjZoZ4a0nRZvX9i18COgxWhlFYRcusTNR7VdH_0C3rFq40erNJwzRf7skHAhX5G-292I0ZTdyuXL8S43Lmn0FgNk39d-lVuNQ-1S9FxfAu8ivqlgs8da64sMDPnzXLZt8iu-kAmhXouTqAZ_B2IoJqiPwAjrZ8fQPN_YoKOa5-8xA9X4aIOlujY-sIi9r54nPO-XUveMzYmZPKPoEKoR_H1shect6oYlPAY78reXUgGZu9Y4lT4UzdXJ5Qys4ektDi5MDO3z-cvAr8spP_ZKDSGPZyD5GsziCJtv17iwl5Jp2k8piKdyMsTQ2mCMomhlXJDQhHz0cKIYd74m_wkhhWd_SWrP6tCe-RwyB4HTb72wc4Q4XVIGmn3_vo63lxxXjxpwdDD4XZJzHEIcZsIG756UC33ahjF1vNOB8PS-0XN8ZWrOGx0UhITsYL0842s4-_57tP70jNFochLCQR4DrEoWQsCA9NKrWZgDAr3gM78PX1wig7hrHyc2mpmSjNVVa8hPt6Ed0s2MPIj5Hp9bgrvmzFWJBZ7wCNXC6zdGUjLYRwAljv6jH-PJa5F3CcN4m-TdbB1qSj0eHi2ux8G1H7G8BjehnsPJVUdXPnlyYpMVDyaFaTtrPGvHqpan9VqjfwsJOYp6PbDevYzbTEZCm24lU3HKdzIZTdpNsFvYfxE-TEWP5l779ZLfbwnf3Z8Tr_pjRCXor90TxNSrYT9rnZquKTfgoG2xcYKflxM4Su18R91Ds7renONDdR0zLmLxfYJQwzUcwemTWs6uSfPTt3fPlZXdjMRFQrPgtm6NSH7mBfYlgA7x-HbLA_iHL17Cr4teqqjgnHeC9lx2E45S2iEdwOllAyidY4WnHR6DmS_lY2bHQfX6zzaMR_t4XHL1kwGJoCI_KWrC8hPv_3o8reWssTu357r8eW4iY8u6tS-KN0Iftw9-NLhWYvJZDLZZYjgEBAmt0ENZMXvkygOHhh0joogMOLvlscL71x4wlZdV8Sqx4FMmDoE1hOQ0_-13GyQtoBRiCnSYZRN3a1IrcaUW_8qaGOHeOumEXwPBDaARCsmf-C-JXaAeHBEEVZMXhrUb8clAYvXhJ5HlEJmWWZNjdGGaU2EcA8k5_nWVAmygX66Nbw582OtgOTfTGT77NvRjGZuQ-8ochX1wLjEHwTfjWgQGUGEdbBV-t_hjo1BGAmEo7Vq-kr1sFlUDaVzPwuBH33UJLI0PPSG1r8Tq_1CDbKdR7xsGbyUstYB7gEro9IlVCvcOEexEqQ3WPNkXzDsk6E9rDdhRWgYcV8TBdnEN8T0eEAyDOrqFi_LQIhMD_EojVl6gzhx7SKQd_Kszxx_0ajT8WsSsfwEL3xlBLn9sHJuh8b6ikgHmFxiHz7tU35f9cvKu6qu7yIt8wEAlxnVGardiOdGZgkWGZnubqS8fjX4cG1-aNtzL3i_mYR_RvXjba2KK0nN61P-3xw9_Fl_wOtSoAXSGHDPdsHs7rkM92EbLQHZh7ErItOKGFUQuYQR7n19h8-c2s7xOtqu4AusuUpFjnlH1i_q2QGLyg0HU8H5iy1lN814zczw70lcrq_tpF9FXzI5mc8Bn6p0mNO1rlmEgbJ2NA&cid=CAQSOwDICaaNPnxDvKE3dRWALmtyHjezluMYpzBMLAq-Jm-SyjoZslW0PG-ENDVZlmrYPJBFL6D332hmCErhGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=5605769349746788000&adk=2857193498&idt=279&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:06:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
63570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:06:37 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/ Frame 928D 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231019/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwOidZ_g5UN5ukQYA3VEpXdPDA7psjsp9gB2oIsrX3AsisuA36ltgiwAYfboY8UO1HCbIgHkoSp_BvqnsoZp5ZIkOiIbnTJY8963cVBTxeP2im-GpBYU9Q01NvV2CbQLEAeEh8QoyLG-ckHQmeyVQcXbYGk0ZkDOpd6rPZvmobLvz08-Y&dbm_d=AKAmf-CX0FcLnrnCQP7PPYb_av6e91tHP-QodDKbTXo626XGpWkSqGETHgFr9pZXhBoC0wV5_EsJ7Bo4B1DiAQQzFv-laX21pcyNZchWOOVKvo8KblPUQ7wLGY8jPcuYA1AmS43e0VtR2q-zxuBSsFC7BftMLeRiWPKvc2n2--v6-jhDkwVJjAB13O8dLpcROVWlq4-_VTkQ1K_mrkCpcT2ce9ir70PndhaLT3vnicvMIkmPZbgXuT25RfRJneOobmKCxA35AAQEnMP98RyqIYsAsmroA4ixTfavk7lwr_E5Qo3n-VPnwsNLKZFs667nzeVOB8fva50NulN36IRU8A69-wPX61ZlrjJ77l9Ng05nF-7eNMucHSDzhZYLVLEEiW8sZV_-risSLK5FsgfIokoIBt7jY7XoSrLAiMFAPYijiOw_rw0KRh3kCDjSC_RT4qVlkpcXMfETQDEu-9OwTH1Ecdt2uPmpOrkJkPucT3HNPITndpuUutbOXJsSttDeduCm4vzbC9GYP4inufFz48Ptjboa2ng9_0ItC0yyIdAYgPYaumAVpkX4GGAxHkPCrrIeeiQvL6gZB3A15Yn0I-Zt6hV6zm20lh1Tn6KNhb9jxeqSzo52dXBOBXlZJohR-o5Anv7DjAVqpgSL9wUPsYuoJYgfbbLpzy_cvIeYFUx7PdVoFPlPvcKc6N8SypKyZhCohkfD0FyEvi6JRxj1ql-M1bRp7rVTTQ0xypfugkN_pgJEBqJ5MPTTGma3iUzo-cwgHGaN9kSIQ4FvS1-uke1GAqY9sCdk16Q4IPmUUjFy2Fpqpm1E9g54F9y6WuhMSKQsY3TUtrgnYSC1krOy2XB6AG6JANXy9LuOiEjcEWwmBk9dAbD0Q_eshRvzEvQGv5ayCwCQh_HE18FW3-YuhyOqUXu1CvTXIQ5Fl_uXaErk7pQHDV3xXEn7Ai_JMLOZYVxPh-EfHtC7o5-jmgDuXRFi0X_hHpX7N2Uq0gg3Kp9SqOqlZLFtcIwbtOCG9qCE9FkBH-KclpouXBMcTxMiTRf7dxlZgRcSuC6rP6ASuQ9IqfIBRxk9vHc5axQE5IEh-ra7CCYvb_OK3lojD_vgIvF560C6m-enWScRFwcUG5FAPr4A97PVpx318D8J6TuxnfooZK8JOlJ7xTnlo96pC8K3DzbuGd-it80iUBrcoybXV7IIMYRS36teugg0eFScwlws69mRGFPhAyZmKSCJxBs7ZR6aPXhufHlAqQf3KtvFs6wSYpjUxCiUapJlIKdnkiYBmxCqgL1_R5dIrZqckB8ziE2bp8uank8Ml4JL6arM69x0cvpyhl3UPYdRQTFJAJwnVfQ5_DCOY-NePIDi8rVtVuhQONMty4rgcSlmVLtZGaa5SPxk4Bf2pLZFayQVd5R0hMzttbq-ScMnLLGZKj9a1stqiBwE1ycxaL8IdHBdHiVrXyyB26R4lAgKbkriH3SDHNktGifCu7SgoMQp_463MxjzZnfDb1zJNsSzlNskjIQa6Oz13JTG3lEBZoFNuOBIdcqQAzpufKrI1DMHKdduw_YOafOsnhbmpkunUhSCy1UAvWq-ry4Th04wqUArlm8lyCfVX5RhJGRIEZO7Wpwrvpp6tEKP3nhBZBU049WL_Afu14prI3_ae_zC-UBa1t8kEgy3HrK0E7g5xOUMJ01LX46KqXw42EeUA2UQEEo88TdPhbsFOxk4W5QTtmJryHFaemrLqg162HYmBXJU5vcz-bCOlkB-Gf8exYoluDn7Y-LSPuHXzrUk1fMbnxkeUefaktPaVQrKPHSucja7R-QHP-vOkbhywTjyTdQuDPpwTXV0nyAPZJH0EoLQB4dVHk0vbn_L16mfFba_s1M3ZlgBTg8XTTXPySvXLP8GhRU-t_pVxPicYQThlrgnA5B3sxBu8kfUiWzgJoXdYDn8hqs3Cgbt2wpUYwA2pyKRG4-f56LUmGzVxJW26TNn35fsoVOxLFih_BfcXOMa6YeOdoMbNGpn9eim475fqZdz0zY29jcZTImwldnZb25djjdns6om5znWZRvFohdYI6tGMretRUgeWDAxdZ2eRuSbVcy4BiQ4g3Urk_rv1VgJ0eeCkvkNIU3-bz2OsBKaMyPdwQxh39oKnyjUUf9Prxzm_bVR6I6FMGtxOj-N-4bY8xuwD8NX_wC1eoP6SIR7uwsdRo1V5uQheqa6nNyQLgVmZqhSql1z937V6NXccqt-EeSj8ZXBASIHkvlJvQFJ5OakCt9Wek-43wfeBogZVVAPMQZjZoZ4a0nRZvX9i18COgxWhlFYRcusTNR7VdH_0C3rFq40erNJwzRf7skHAhX5G-292I0ZTdyuXL8S43Lmn0FgNk39d-lVuNQ-1S9FxfAu8ivqlgs8da64sMDPnzXLZt8iu-kAmhXouTqAZ_B2IoJqiPwAjrZ8fQPN_YoKOa5-8xA9X4aIOlujY-sIi9r54nPO-XUveMzYmZPKPoEKoR_H1shect6oYlPAY78reXUgGZu9Y4lT4UzdXJ5Qys4ektDi5MDO3z-cvAr8spP_ZKDSGPZyD5GsziCJtv17iwl5Jp2k8piKdyMsTQ2mCMomhlXJDQhHz0cKIYd74m_wkhhWd_SWrP6tCe-RwyB4HTb72wc4Q4XVIGmn3_vo63lxxXjxpwdDD4XZJzHEIcZsIG756UC33ahjF1vNOB8PS-0XN8ZWrOGx0UhITsYL0842s4-_57tP70jNFochLCQR4DrEoWQsCA9NKrWZgDAr3gM78PX1wig7hrHyc2mpmSjNVVa8hPt6Ed0s2MPIj5Hp9bgrvmzFWJBZ7wCNXC6zdGUjLYRwAljv6jH-PJa5F3CcN4m-TdbB1qSj0eHi2ux8G1H7G8BjehnsPJVUdXPnlyYpMVDyaFaTtrPGvHqpan9VqjfwsJOYp6PbDevYzbTEZCm24lU3HKdzIZTdpNsFvYfxE-TEWP5l779ZLfbwnf3Z8Tr_pjRCXor90TxNSrYT9rnZquKTfgoG2xcYKflxM4Su18R91Ds7renONDdR0zLmLxfYJQwzUcwemTWs6uSfPTt3fPlZXdjMRFQrPgtm6NSH7mBfYlgA7x-HbLA_iHL17Cr4teqqjgnHeC9lx2E45S2iEdwOllAyidY4WnHR6DmS_lY2bHQfX6zzaMR_t4XHL1kwGJoCI_KWrC8hPv_3o8reWssTu357r8eW4iY8u6tS-KN0Iftw9-NLhWYvJZDLZZYjgEBAmt0ENZMXvkygOHhh0joogMOLvlscL71x4wlZdV8Sqx4FMmDoE1hOQ0_-13GyQtoBRiCnSYZRN3a1IrcaUW_8qaGOHeOumEXwPBDaARCsmf-C-JXaAeHBEEVZMXhrUb8clAYvXhJ5HlEJmWWZNjdGGaU2EcA8k5_nWVAmygX66Nbw582OtgOTfTGT77NvRjGZuQ-8ochX1wLjEHwTfjWgQGUGEdbBV-t_hjo1BGAmEo7Vq-kr1sFlUDaVzPwuBH33UJLI0PPSG1r8Tq_1CDbKdR7xsGbyUstYB7gEro9IlVCvcOEexEqQ3WPNkXzDsk6E9rDdhRWgYcV8TBdnEN8T0eEAyDOrqFi_LQIhMD_EojVl6gzhx7SKQd_Kszxx_0ajT8WsSsfwEL3xlBLn9sHJuh8b6ikgHmFxiHz7tU35f9cvKu6qu7yIt8wEAlxnVGardiOdGZgkWGZnubqS8fjX4cG1-aNtzL3i_mYR_RvXjba2KK0nN61P-3xw9_Fl_wOtSoAXSGHDPdsHs7rkM92EbLQHZh7ErItOKGFUQuYQR7n19h8-c2s7xOtqu4AusuUpFjnlH1i_q2QGLyg0HU8H5iy1lN814zczw70lcrq_tpF9FXzI5mc8Bn6p0mNO1rlmEgbJ2NA&cid=CAQSOwDICaaNPnxDvKE3dRWALmtyHjezluMYpzBMLAq-Jm-SyjoZslW0PG-ENDVZlmrYPJBFL6D332hmCErhGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=5605769349746788000&adk=2857193498&idt=279&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:08:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
63483
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:08:04 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 928D 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
472470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:31:37 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 235B 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
452478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:04:49 GMT
expires
Fri, 18 Oct 2024 05:04:49 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BEFE 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
66250
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Oct 2023 16:21:57 GMT
etag
48472445140208031
expires
Tue, 24 Oct 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 62F7 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f55617f27efcc6f54d2b03593ee36bb48ba9e5703d8b4c0f6d3a944863dcce6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.223.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-223-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 24 Oct 2023 10:46:07 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.223.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-223-97.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 24 Oct 2023 10:46:07 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ud&error=uid%2Fmuid%2Fduid%20not%20found&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=17&tvcfg=all&tid=80ef19e9-198c-4396-abbc-e1e6f37cfb26&pid=83d2c3d5-37ee-4655-89f6-2e215a361603&dtm=1698144366976&qnm=_matherq&visible=1&tabid=8f8d43eb-d394-4601-9648-7511b187e95a&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x13519&tofa=1698144365&vid=1&lvidt=1698144365&duid=ba341e8a-af0d-433d-85a1-37ccc91294f9&fp=2849720740&cid=ma63527&mrk=484602605&cx=eyJ1c2VyREIiOnsic2VnbWVudHMiOltdLCJtZXRlckRhdGEiOnsibWV0ZXJUaHJlc2hvbGQiOiIwIiwicmVzZXRNZXRlciI6IjAifSwicGFnZVZpZXdzIjoiMiIsInVzZXJEQkZldGNoIjoiMSIsImVyciI6InVpZC9tdWlkL2R1aWQgbm90IGZvdW5kIiwibmV4dFVwZGF0ZSI6IjE4MDAwMDAiLCJuZXh0VXBkYXRlVFMiOiIxNjk4MTQ2MTY2NjgxIn19
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.77.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-77-247.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Tue, 24 Oct 2023 10:46:07 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DC7B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
66250
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Oct 2023 16:21:57 GMT
etag
48472445140208031
expires
Tue, 24 Oct 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 928D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d407d720e9c512e03101aed5adf1227721d23b226eda6d8ff2823978abc001e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/12786977581332354964/ Frame 7E57 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36d2279d6bdfd42765a2b279a36a44b84a1d2d849d0872004fe8c6e3fee1b774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
70593
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1918
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Oct 2023 15:09:34 GMT
expires
Tue, 22 Oct 2024 15:09:34 GMT
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1616 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-laTzcS4M0LodrVLLKZSIMB6qHNZFRMvvto0COC78aYKOiJONKNZYdsJwHuSm0Zp22c6hAhWtG7tysmVP8I2CzqkBlUxIORzimZwT3fnyyfOqdd-BwrGzt0qPFw_XBwessdgEE9Y2XxUk_BtiI4MLhcNIpbhiTJX243ElTKPD9ZuYw80fs9SAQHGp9K3DzEnQvmVu9N5tarCBk7ef7dbNYMF7wCCjUR12Co18YqNtvfmMPIJHxX86WIGkwd0cMdQFtsBTfD8hYOLAgSxm639IHfNjT5IkxqrVAUnIwTPNgCXe7mmjUl2Qwyg37Nei9YW7TwttWd31dUGJ5e7DPH1c3asfGZ-vObMPXSAQMkTvNczhj26yL_XR0SnOsunLzotFfdc9jiQKwLAzWjH99sPDuAl8-jd09sTylfSI61SMxl4gfs4fgSf9oKuuXTrw5jmB8vJ0va67Kqel25z8Ga8FwLVnClD9btGV7GBgBwaZfU8p1RtfYqaFJ6yTayhydEp2-_NrDxpecg7ykMREkU0M5gxsBwJIfGmMAi1dS6Q6Bnh3HYILwGi0mV7TKsVUuLR7ZxhkSOOtzN4fEecMwqb2n46lgYbQUPb6mxflLPsJEi3yXJSgxIOFuW875ksmGDVyYAdAa1oVsRzUmjpal7zT1xwCgA236_kxIDwiqmuOnmWfMOoogMtmEN4WTBxDSMZabReoX8bPziHUdHopqKQLlbsHHZPkYyscoqOmVj3IuYnAAx-lZn5j3KtD_uvOB4pw9SwDagJLzlupBO5zycIMbuClVcZVA9yOxUg_iElfO3N6Te1onvQ-3ttT0Qk4-7xMF8XMaB1zzuT89bmta26M1mVWczAvCwoGWRrvKH84DFY8Ay-3zAOkyUuUH2E3BNEqEbudAuoVK6UuLaYTMNF0eL8c4UmlZ64wpH_QYyYlbwDz0ExAkjMR4GTONXkEMzDl5CmU9cfN-pHeRQ3-RZInQ7WNJSWRSWynWTOJ_ZKn3P2XU1CeQ9a8EMoWkDr4Rhe58wob9BCMlF-tX9xpj35fWOP2hFHVpak8gMmx5YABrHCORQTN-WLRnRMqBJ0138KIXmbGtOvhkaStLSG_1yshy2xrkFhnwBEoTm-yZpPM17FG9--7ZI5cehHmYQNsS3uNDN-XwjyWAmPhRXbdXC8_I0dXzm-hKKYPW8eeWEZfze8fEhEu3TpO9yETu8HaZKLtG6UJiHfe0wXOGyrlmZhHvHhu6SQkR0tAmzGIJ6cV-KdzXDjhwyA4S6Ms47fx6YsZF7-BRgViyC4yc13j3iYco1zoA-7qHHeGm4SXzloFYpLeeVyhRrN-0ZDxDaiJC_5ey5Gw1iqC5WdlhXJwZ4sa0Mnv9AFWZVbBNUSMwyVtjYqxNqVxS66TZ2VIQNnrZnTkuWLWs0o&sai=AMfl-YT1V6t3_9u2_plK_EpbMTNL7Nd8djbKZ--_bN5dkFd3p_X3DnFfKehbS10e2_uSslyT2kHa216uTEBph1ynPFBD5oueAytRhr_vgGKdwZ3RfsPMBTy81YAoQZ76F8PovUzll4BORLjjxisie4S_JdT9NLgWE66ZyB957nd3N9DnNmhaaxv--EYHyAlY9hWXvAjnjRFPTA0SueaNeueR039CXLFtHDxjr9Xjbwo-di0FfKHmJgcCbdCux9_cSr37l00-&sig=Cg0ArKJSzBOYkdHQms8REAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=272&cbvp=1&cstd=268&cisv=r20231019.83355&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 10:46:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 01E2
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEDG-S97PMhBHm2fWMr0ORHs&google_cver=1&google_push=AXcoOmS7DX-3VnrFuI4a2mx2YdVPxHI6hfnkp_KjETCiWVpani6x0cj4grP7d86GBgC7ErOYYlaECLFEkKxot-GYh78E27TxvheU
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E5479AC49FFD48A9BACA5E6F7BC2A995&google_push=AXcoOmS7DX-3VnrFuI4a2mx2YdVPxHI6hfnkp_KjETCiWVpani6x0cj4grP7d86GBgC7ErOYYlaECLFEkKxot-G...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E5479AC49FFD48A9BACA5E6F7BC2A995&google_push=AXcoOmS7DX-3VnrFuI4a2mx2YdVPxHI6hfnkp_KjETCiWVpani6x0cj4grP7d86GBgC7ErOYYlaECLFEkKxot-GYh78E27TxvheU
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 24 Oct 2023 10:46:07 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E5479AC49FFD48A9BACA5E6F7BC2A995&google_push=AXcoOmS7DX-3VnrFuI4a2mx2YdVPxHI6hfnkp_KjETCiWVpani6x0cj4grP7d86GBgC7ErOYYlaECLFEkKxot-GYh78E27TxvheU
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 23 Oct 2023 10:46:07 GMT
pixel
cm.g.doubleclick.net/ Frame 01E2
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS_5s...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-zp8ZTCBBErb2yTjJW49NNff_qUoelQDLBD9Z7A&google_push=AXcoOmS_5s1secc3w--C87ro81tHHQDrUtoO9sa-jxi09B7JRpB6S_5Y-LSusm63IwKbD_RJjR3N1XlUhSZ5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-zp8ZTCBBErb2yTjJW49NNff_qUoelQDLBD9Z7A&google_push=AXcoOmS_5s1secc3w--C87ro81tHHQDrUtoO9sa-jxi09B7JRpB6S_5Y-LSusm63IwKbD_RJjR3N1XlUhSZ5IFZ5WJKZE9__t3RE
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:06 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-zp8ZTCBBErb2yTjJW49NNff_qUoelQDLBD9Z7A&google_push=AXcoOmS_5s1secc3w--C87ro81tHHQDrUtoO9sa-jxi09B7JRpB6S_5Y-LSusm63IwKbD_RJjR3N1XlUhSZ5IFZ5WJKZE9__t3RE
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
929215
content-length
0
expires
Tue, 24 Oct 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 01E2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJbyh-g9b5CWXXr7Ge3gKSs&google_cver=1&google_push=AXcoOmTzqHgdJaAqwgSr4GC9oklo9JtEYPVyHfcIdSZEw_nnOLU6SrSw2DykvnXaB2ShwTraUEA...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80N0I2RjUtTC1EME1Q&google_push=AXcoOmTzqHgdJaAqwgSr4GC9oklo9JtEYPVyHfcIdSZEw_nnOLU6SrSw2DykvnXaB2ShwTraUEATdNuXrQqy9-GxPIgOOtP8u9Ql
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80N0I2RjUtTC1EME1Q&google_push=AXcoOmTzqHgdJaAqwgSr4GC9oklo9JtEYPVyHfcIdSZEw_nnOLU6SrSw2DykvnXaB2ShwTraUEATdNuXrQqy9-GxPIgOOtP8u9Ql
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80N0I2RjUtTC1EME1Q&google_push=AXcoOmTzqHgdJaAqwgSr4GC9oklo9JtEYPVyHfcIdSZEw_nnOLU6SrSw2DykvnXaB2ShwTraUEATdNuXrQqy9-GxPIgOOtP8u9Ql
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
pixel
cm.g.doubleclick.net/ Frame 01E2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN0SIY5GvPFZfKgHc_eqvMg&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN0SIY5GvPFZfKgHc_eqvMg&google_hm=ZTegbh883pkn0q5MHzKmaAAADJwAAAIB&google_nid=index&google_push=AXcoOmTEd3Q2LrY0UvQ1aXObb-1HooDTU5u_k...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN0SIY5GvPFZfKgHc_eqvMg&google_hm=ZTegbh883pkn0q5MHzKmaAAADJwAAAIB&google_nid=index&google_push=AXcoOmTEd3Q2LrY0UvQ1aXObb-1HooDTU5u_kkzOLIhXRn_t-X1P1Yu9gEZzU5lKq2ZNU7JMdVH1KO5rqQpUHJHlg8cUoi47F1nq
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hiWian5bZXZHzxciZgPThW1TD6c8c5LedwaVhirYKRC5YlbLF0vkoFag8Wb8SwAR8Nwi6aQiLmQJoO17BbZa5aHKlbmKmHbWRNaJNxxNd6J8dDwI34tMS7bZ1oOi4szJqYfAeUx0mDEoYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN0SIY5GvPFZfKgHc_eqvMg&google_hm=ZTegbh883pkn0q5MHzKmaAAADJwAAAIB&google_nid=index&google_push=AXcoOmTEd3Q2LrY0UvQ1aXObb-1HooDTU5u_kkzOLIhXRn_t-X1P1Yu9gEZzU5lKq2ZNU7JMdVH1KO5rqQpUHJHlg8cUoi47F1nq
cache-control
no-cache
cf-ray
81b1a256bb3330e7-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 01E2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQWUe-BidlNk4eHYajhmsqpqPot2F4Vs032W_ChP6Aouxq4TkTV2xE2NWsfPhKfrqxK7d3ArC61dQE-5La3HJOOPTTfttlA&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-b402c6d9-82b4-466d-adf5-bca8a318a981-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQWUe-BidlNk4eHYajhm...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQWUe-BidlNk4eHYajhmsqpqPot2F4Vs032W_ChP6Aouxq4TkTV2xE2NWsfPhKfrqxK7d3ArC61dQE-5La3HJOOPTTfttlA&google_hm=A7QCxtmCtEZtrfW8qKMYqYE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQWUe-BidlNk4eHYajhmsqpqPot2F4Vs032W_ChP6Aouxq4TkTV2xE2NWsfPhKfrqxK7d3ArC61dQE-5La3HJOOPTTfttlA&google_hm=A7QCxtmCtEZtrfW8qKMYqYE
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQWUe-BidlNk4eHYajhmsqpqPot2F4Vs032W_ChP6Aouxq4TkTV2xE2NWsfPhKfrqxK7d3ArC61dQE-5La3HJOOPTTfttlA&google_hm=A7QCxtmCtEZtrfW8qKMYqYE
date
Tue, 24 Oct 2023 10:46:07 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXb402c6d982b4466dadf5bca8a318a981003
content-type
text/html
sync
ssbsync.smartadserver.com/api/ Frame 01E2 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEP0qqw_uiqUPyAezILEuOb8&google_cver=1&google_push=AXcoOmTR9ga7SQ8pnVtaUwU0NJbpIIffAoJvSGHxaXUP5tVyPpwIcUpo9cYQgMF5za3_WgMIPLETmwGAtdVQAIVrHq_L-QW-CFIl
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
content-length
0
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 01E2 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEGxxBR6rTZNl19j8wwP9CeM&google_cver=1&google_push=AXcoOmQEGTvwf5YU8sz4uz1LMe4sBEYPRfqosgBpMWNRxTDsnU9qpgHC4XZ-7cwaaKlbbLAv2Z-7K5LGs6P-RjhAXrDElwWW2gSP1w
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.97.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-97-229.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 01E2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JMzbnSmBMbUDtf0Y0hNZBI-Aq8EwwRkNmb8VZC4ahB9-mnYxkcAC8Zus4tUo4oHT7RYxYZrA
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
4.js
static.adsafeprotected.com/ Frame 1616
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1627455/73523879/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=20487174429&bidurl=https://www.mlive.com/&i...
  • https://static.adsafeprotected.com/4.js?xsId=ABAjH0iovI6m7najlj5Ri-eDtuJ9&ias_xappb=&adContainerId=brand_safety_bqA3ZdHzMNvpx_APkYid2Ak&cbFunctionName=goog_wrapCb_bqA3ZdHzMNvpx_APkYid2Ak&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?xsId=ABAjH0iovI6m7najlj5Ri-eDtuJ9&ias_xappb=&adContainerId=brand_safety_bqA3ZdHzMNvpx_APkYid2Ak&cbFunctionName=goog_wrapCb_bqA3ZdHzMNvpx_APkYid2Ak&true_pb=
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 16:39:30 GMT
x-amz-version-id
mHBjLsMIuCNNIVpCWDngqGTWDqW4SHoI
content-encoding
gzip
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
65198
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 23 Oct 2023 16:39:28 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
dtpfs3cmWPzSOuiBueOwlh46ZIZtOp_miCsm-VUQypSJvctjXNM1ww==

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
nginx
x-server-name
app02.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?xsId=ABAjH0iovI6m7najlj5Ri-eDtuJ9&ias_xappb=&adContainerId=brand_safety_bqA3ZdHzMNvpx_APkYid2Ak&cbFunctionName=goog_wrapCb_bqA3ZdHzMNvpx_APkYid2Ak&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 9D0B 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2889417
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
i2Dk7pXGQLHAesKPHGlTccrxqO4F289inbPVDuOFu1pKNf6pytwqDA==
style.css
s0.2mdn.net/sadbundle/12786977581332354964/css/ Frame 7E57 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
507a74eb21e9a16396d226f31f5e25345a8208db821d9fc5798284c38bec5e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2009
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 7E57 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
486529
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25267
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-62b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETw41wmf%2BPFXR66HMylWyMqYZggdTzEkbkS%2BMi7eAG8lOHeNNXXVhsy8Kmyzh21Pa%2Fn%2B9ZFwkZoAFcFk0Oj5w%2Fe3tiPVft7VNybTSnCPmiDu5lu7PckFWmA8IGaSrkpk8YrKgfYnboV%2F9jKXilRF6aFK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b1a257acfcbbc8-FRA
expires
Sun, 13 Oct 2024 10:46:07 GMT
CustomEase.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 7E57 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
671309
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3299
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-ce3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8yb5ybAopas2tAAL5dJBavYYtwowgpJ2ayqyHvkKG1O%2FzCgCOeSit8ZCr3pH4KORwB6MjfLvbbyw%2F2JbjohsXa0SAQ4Rw06JJvvTHIu%2FVdZ%2Ba239Um7jKlBShUGq7jCKQPH2CYDIeHwj03vX4UDMStw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b1a257acfdbbc8-FRA
expires
Sun, 13 Oct 2024 10:46:07 GMT
dyson.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 7E57 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/dyson.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 20:29:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224182
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1076
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 20 Oct 2024 20:29:45 GMT
rtbIcon.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 7E57 		2 KB
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/rtbIcon.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 20:56:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395367
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
771
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 20:56:40 GMT
dyson-v15s-submarine-stack.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 7E57 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/dyson-v15s-submarine-stack.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76b6ed760de97f8a40e71c79ce9704e965bb287761bd81fb2fb021b8609c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452450
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2891
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 05:05:17 GMT
1-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 7E57 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/1-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76af1be9c401ef3da16e31401b74f7cb0627154925d8c9fa308fba2e1413c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
x-content-type-options
nosniff
age
70595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26291
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
2-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 7E57 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/2-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372360f6d3fa2133dfbf08ba93b3b55985785cb74106d75839618b7d273dd3c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
x-content-type-options
nosniff
age
70595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25258
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
3-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 7E57 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/3-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca4c3ad9639830e6f8f8e29775549fc24fcab33b4eeec7ae77da27c5c9e6bc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
x-content-type-options
nosniff
age
70595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20858
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
gradient.png
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 7E57 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/gradient.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b67702d4e78a4b6d5981a50298b0989dea48fc7d95b5e593dfafbe96cdbb309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
x-content-type-options
nosniff
age
70595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4218
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
4-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 7E57 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/4-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19dc5f765d51f715497f0eadd0dede8eaa5ee17447a22db60538f60ca7c0a01d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
x-content-type-options
nosniff
age
70595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32615
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
overlay.png
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 7E57 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a72990ce8413aceedbfbf2f1d7ca2231c726b29a4ab1ddbca32b45ad685b4e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
x-content-type-options
nosniff
age
70595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14477
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
arrow.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 7E57 		192 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70561
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
161
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:10:06 GMT
script.js
s0.2mdn.net/sadbundle/12786977581332354964/script/ Frame 7E57 		4 KB
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/script/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a55f386367cbcc30390435806075251b8ef4afb086409bc8e301558223398245
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70561
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
982
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:10:06 GMT
dt
dt.adsafeprotected.com/ Frame 1616 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=9d162533-ad4e-9438-f46f-53a86e034ce9&tv=%7Bc:rXDloh,pingTime:-3,time:133,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:62%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:134,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:62,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B125~0%5D,as:%5B125~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C19*.1627455-73523879%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1b,idMap:19*,rmeas:1,rend:0,renddet:DIV,siq:64%7D&br=c
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 1616 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=9d162533-ad4e-9438-f46f-53a86e034ce9&tv=%7Bc:rXDloj,pingTime:-6,time:135,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:135,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:62,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B127~0%5D,as:%5B127~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C19*.1627455-73523879%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1b,idMap:19*,rmeas:1,rend:0,renddet:DIV,siq:64%7D&tpiLookup=ao:www.mlive.com*&br=c
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel
cm.g.doubleclick.net/ Frame BEFE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIk3gNG57s9X_N2hwv8QFTg&google_push=AXcoOmQX3IAVLP-Cu7gbPtPwsNiXvDtYsBxjfK6d6mX5xUMJqoDYQCE2LK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIk3gNG57s9X_N2hwv8QFTg&google_push=AXcoOmQX3IAVLP-Cu7gbPtPwsNiXvDtYsBxjfK6d6mX5xUMJqoDYQCE2LKxPuQrEc_YUXyZVnf3awdsznLk2TOiO80wCIKrmLImb5w
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230040-FRA
pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1698144367.369034,VS0,VE95
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIk3gNG57s9X_N2hwv8QFTg&google_push=AXcoOmQX3IAVLP-Cu7gbPtPwsNiXvDtYsBxjfK6d6mX5xUMJqoDYQCE2LKxPuQrEc_YUXyZVnf3awdsznLk2TOiO80wCIKrmLImb5w
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame BEFE 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEN56KZ3EuCVVwA8K-XHkc0Q&google_cver=1&google_push=AXcoOmQXU2119v068qsxmAt6s49KZUkXh5Ime8pxYcDU5SoHy3DgkpQ5XWPISYVuCWBem9Kyh6Qh1XHreyDfFGTQZl2V9mYaRYt-
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame BEFE 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJmwjNHo77agvBjFbljovyQ&google_cver=1&google_push=AXcoOmQjNWrfmHa95IA9ZukHwgUjhxRfNSAIU6Tm6g0Yte-NGvHbTNaUGi7Cfm94wEgqwbHOoYGW8h_QIcKW_K4DLXohBHJWj9WKOg
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.97.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-97-229.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame BEFE
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9-Alia0oRAeM1HHBpnN6lg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9-Alia0oRAeM1HHBpnN6lg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmS2s27UESB6mqq1syrefp-YzzCdca1LMOhoiGGHGSC8HhvBufC9FJTpFW_Y2ClfQ9Jv_LhnmkVjmPwQCMnjAyrxJ9fzbqUJog
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9-Alia0oRAeM1HHBpnN6lg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmS2s27UESB6mqq1syrefp-YzzCdca1LMOhoiGGHGSC8HhvBufC9FJTpFW_Y2ClfQ9Jv_LhnmkVjmPwQCMnjAyrxJ9fzbqUJog
date
Tue, 24 Oct 2023 10:46:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame BEFE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJbyh-g9b5CWXXr7Ge3gKSs&google_cver=1&google_push=AXcoOmQT6L7NFi-BnoxF-Um1xp-DTgpjSGroxSiZPr4u4iUuQMD1xxWLYHbGbacF8H5buR_c0JS...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80N0I2RjUtTC1EME1Q&google_push=AXcoOmQT6L7NFi-BnoxF-Um1xp-DTgpjSGroxSiZPr4u4iUuQMD1xxWLYHbGbacF8H5buR_c0JSZFLv_ZWyRc0Fndus_2p7wnoF6pw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80N0I2RjUtTC1EME1Q&google_push=AXcoOmQT6L7NFi-BnoxF-Um1xp-DTgpjSGroxSiZPr4u4iUuQMD1xxWLYHbGbacF8H5buR_c0JSZFLv_ZWyRc0Fndus_2p7wnoF6pw
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80N0I2RjUtTC1EME1Q&google_push=AXcoOmQT6L7NFi-BnoxF-Um1xp-DTgpjSGroxSiZPr4u4iUuQMD1xxWLYHbGbacF8H5buR_c0JSZFLv_ZWyRc0Fndus_2p7wnoF6pw
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
pixel
cm.g.doubleclick.net/ Frame BEFE
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN0SIY5GvPFZfKgHc_eqvMg&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN0SIY5GvPFZfKgHc_eqvMg&google_hm=ZTegbh883pkn0q5MHzKmaAAADJwAAAIB&google_nid=index&google_push=AXcoOmRZq2YcxXmIGbYuajbIeB1pXWKVDU_J6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN0SIY5GvPFZfKgHc_eqvMg&google_hm=ZTegbh883pkn0q5MHzKmaAAADJwAAAIB&google_nid=index&google_push=AXcoOmRZq2YcxXmIGbYuajbIeB1pXWKVDU_J6ILXAe4lLkVhLu6wIT_Gxqte2VzxgPYJNYWFH5mq2aHxw1sAQ52u_etiYB0DUWaHZQ
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyidVO9x9LtsYBC8yTixm1EK7uvQYTrJMuYBuxNRNiipjpXYouboCZp5eObq%2Bf7vYgwc42S5AlXa9ITvCuoQRZ0umcZdhkvl0%2BlAdo%2Fv1asU0wNQGuemTuuAu2LQL6u7R9cnWW8QtUhwBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN0SIY5GvPFZfKgHc_eqvMg&google_hm=ZTegbh883pkn0q5MHzKmaAAADJwAAAIB&google_nid=index&google_push=AXcoOmRZq2YcxXmIGbYuajbIeB1pXWKVDU_J6ILXAe4lLkVhLu6wIT_Gxqte2VzxgPYJNYWFH5mq2aHxw1sAQ52u_etiYB0DUWaHZQ
cache-control
no-cache
cf-ray
81b1a257dc4003d0-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame BEFE
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDhHBXkXWVKXnQjj_de4_GU&google_cver=1&google_push=AXcoOmTKujMJYxqAM69XDpLYy7MHC7gGvAaGGXRlVEOxtF5RiZqlvL0wvkFbQnpXIEFEJpJbbmX8007rTdIBogarq...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDhHBXkXWVKXnQjj_de4_GU&google_cver=1&google_push=AXcoOmTKujMJYxqAM69XDpLYy7MHC7gGvAaGGXRlVEOxtF5RiZqlvL0wvkFbQnpXIEFEJpJbbmX8007rTdIBogarq...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTKujMJYxqAM69XDpLYy7MHC7gGvAaGGXRlVEOxtF5RiZqlvL0wvkFbQnpXIEFEJpJbbmX8007rTdIBogarq8iVJdQ_Glq3aQ&google_hm=HigGvGZHDG6jkl4JT4CN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTKujMJYxqAM69XDpLYy7MHC7gGvAaGGXRlVEOxtF5RiZqlvL0wvkFbQnpXIEFEJpJbbmX8007rTdIBogarq8iVJdQ_Glq3aQ&google_hm=HigGvGZHDG6jkl4JT4CNdStQ
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 24 Oct 2023 10:46:07 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTKujMJYxqAM69XDpLYy7MHC7gGvAaGGXRlVEOxtF5RiZqlvL0wvkFbQnpXIEFEJpJbbmX8007rTdIBogarq8iVJdQ_Glq3aQ&google_hm=HigGvGZHDG6jkl4JT4CNdStQ
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame BEFE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbRzvmjccnuXnSVVtR5bM47Sy-KnDcmax1ojgD2DPVssBldoS75eDaYTPwKsK1mB9iYj6Q
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
4.js
static.adsafeprotected.com/ Frame 62F7
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1627455/73523879/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=20487174429&bidurl=https://www.mlive.com/&i...
  • https://static.adsafeprotected.com/4.js?xsId=ABAjH0hTHxFfkJmVa_Oaa6_y7CT7&ias_xappb=&adContainerId=brand_safety_bqA3ZdiuNbDhx_APj7ya2AQ&cbFunctionName=goog_wrapCb_bqA3ZdiuNbDhx_APj7ya2AQ&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?xsId=ABAjH0hTHxFfkJmVa_Oaa6_y7CT7&ias_xappb=&adContainerId=brand_safety_bqA3ZdiuNbDhx_APj7ya2AQ&cbFunctionName=goog_wrapCb_bqA3ZdiuNbDhx_APj7ya2AQ&true_pb=
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 16:39:30 GMT
x-amz-version-id
mHBjLsMIuCNNIVpCWDngqGTWDqW4SHoI
content-encoding
gzip
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
65198
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 23 Oct 2023 16:39:28 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
VZhfE4wKKBSKgkVefc8Rvb8-fsfwDCM8HuMLU34EbVzUK8nKQlPPwg==

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
nginx
x-server-name
app04.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?xsId=ABAjH0hTHxFfkJmVa_Oaa6_y7CT7&ias_xappb=&adContainerId=brand_safety_bqA3ZdiuNbDhx_APj7ya2AQ&cbFunctionName=goog_wrapCb_bqA3ZdiuNbDhx_APj7ya2AQ&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame BD5D 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2889417
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
0gar8UTvB8QjHgYoCx2vMDoQDKclTL97mGZqYsHM2lMxAKOBrrDjLg==
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame DC7B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJFgXuAQ7ibJ7_on04YSMdI&google_cver=1&google_push=AXcoOmTpkeO3wwTEcKl1u1sToUQYEOI4dHeXLx8KXWp0xg4Q9OH6ci_Wh8vgt-SVBQ3_1kfgA4bB-KwOvK0ebTpt3NdCL627fgRu
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMyODU2NzQ3MDYwNDQxNjQ3Nw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJFgXuAQ7ibJ7_on04YSMdI&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJFgXuAQ7ibJ7_on04YSMdI&google_cver=1
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJFgXuAQ7ibJ7_on04YSMdI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame DC7B 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGDQtLQLoXbThLwEOK5cMB4&google_cver=1&google_push=AXcoOmSUJpyX2c7a8abXdESt2BWfJZ50C2NgV4F3FMUrr_K837mSDykAHzm2Deu2joCq4pGR7iFgV1mSx5WL-F-rKaR-sU9Cm2uU
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame DC7B 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEN56KZ3EuCVVwA8K-XHkc0Q&google_cver=1&google_push=AXcoOmQLG87kN8w3NmQ7k09GgenmOzt2J-En6ODsQoit4n3gbIkCShkePDdTvYZw-NOrrdUHV1Voif2P0s4l6EBtwZqszmoPFT04
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame DC7B
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENw3HL_wh-ZjoKmZIPjSkbc&google_cver=1&google_push=AXcoOmQ9lPhaLMe5CTMNxGZkmKlGZMutpiHt83ZFWtz7j42IcqdgxRUEhojEiRPdB3LPREISs2zC0aVGPGp...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ9lPhaLMe5CTMNxGZkmKlGZMutpiHt83ZFWtz7j42IcqdgxRUEhojEiRPdB3LPREISs2zC0aVGPGpym3Pl7gHVVOFCkFW5&google_hm=ufXTKJwwTVe1G9-uMMB5D4Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ9lPhaLMe5CTMNxGZkmKlGZMutpiHt83ZFWtz7j42IcqdgxRUEhojEiRPdB3LPREISs2zC0aVGPGpym3Pl7gHVVOFCkFW5&google_hm=ufXTKJwwTVe1G9-uMMB5D4Q
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ9lPhaLMe5CTMNxGZkmKlGZMutpiHt83ZFWtz7j42IcqdgxRUEhojEiRPdB3LPREISs2zC0aVGPGpym3Pl7gHVVOFCkFW5&google_hm=ufXTKJwwTVe1G9-uMMB5D4Q
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DC7B
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEE6xrDsCjtPBxkgnfpWAsLg&google_cver=1&google_push=AXcoOmSlULO_Vu0vng9jy59HMb-4W56NLdWmKmX9aJlJcv_JjUj-7ZyTy235By9QCt7GFTAGH_ZoMPelKIUknKj9...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GYCETvqhTBQgUYEUTQIc2Q&google_push=AXcoOmSlULO_Vu0vng9jy59HMb-4W56NLdWmKmX9aJlJcv_JjUj-7ZyTy235By9QCt7GFTAGH_ZoMPelKIUknKj988iB6PnH9_g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GYCETvqhTBQgUYEUTQIc2Q&google_push=AXcoOmSlULO_Vu0vng9jy59HMb-4W56NLdWmKmX9aJlJcv_JjUj-7ZyTy235By9QCt7GFTAGH_ZoMPelKIUknKj988iB6PnH9_g
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 24 Oct 2023 10:46:07 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GYCETvqhTBQgUYEUTQIc2Q&google_push=AXcoOmSlULO_Vu0vng9jy59HMb-4W56NLdWmKmX9aJlJcv_JjUj-7ZyTy235By9QCt7GFTAGH_ZoMPelKIUknKj988iB6PnH9_g
x-host
tde-deliveryengine-production-69ffdcd588-7xb9v
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame DC7B 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHY-ou6G1Fg4NcBtXbBVBHw&google_cver=1&google_push=AXcoOmTN10y8FcX4SEidXILWb7jbTtmMvaeKirhoOWd7b_aN00QtuxrhxsbZQeqqXcfRTIVtuVn32JySQFpqlPrdlI6qUOllP-mq
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame DC7B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJbyh-g9b5CWXXr7Ge3gKSs&google_cver=1&google_push=AXcoOmQ-5xEWtNMi3WuIBsDWbHf92JIKFaaz05RymzuUcaiZKUnWq9eoQRDhngl85ebBZRBe_cc...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80N0I2RjUtTC1EME1Q&google_push=AXcoOmQ-5xEWtNMi3WuIBsDWbHf92JIKFaaz05RymzuUcaiZKUnWq9eoQRDhngl85ebBZRBe_ccHaLr3lcsp6cy8n4tJ7stPEtDo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80N0I2RjUtTC1EME1Q&google_push=AXcoOmQ-5xEWtNMi3WuIBsDWbHf92JIKFaaz05RymzuUcaiZKUnWq9eoQRDhngl85ebBZRBe_ccHaLr3lcsp6cy8n4tJ7stPEtDo
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE80N0I2RjUtTC1EME1Q&google_push=AXcoOmQ-5xEWtNMi3WuIBsDWbHf92JIKFaaz05RymzuUcaiZKUnWq9eoQRDhngl85ebBZRBe_ccHaLr3lcsp6cy8n4tJ7stPEtDo
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame DC7B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JpJ5cjhQLM4nHzffZa1ntV6UZkVJN_QXVlieC1P0pC8WYF-ctuta8VvTG0VQ32hre7Zh-i
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
4.js
static.adsafeprotected.com/ Frame 928D
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1627455/73523879/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=20496570232&bidurl=https://www.mlive.com/&i...
  • https://static.adsafeprotected.com/4.js?xsId=ABAjH0hRzb1rz0v5eO96gdlc4UBs&ias_xappb=&adContainerId=brand_safety_bqA3ZbaBNZPpx_AP6sqg2AQ&cbFunctionName=goog_wrapCb_bqA3ZbaBNZPpx_AP6sqg2AQ&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?xsId=ABAjH0hRzb1rz0v5eO96gdlc4UBs&ias_xappb=&adContainerId=brand_safety_bqA3ZbaBNZPpx_AP6sqg2AQ&cbFunctionName=goog_wrapCb_bqA3ZbaBNZPpx_AP6sqg2AQ&true_pb=
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 16:39:30 GMT
x-amz-version-id
mHBjLsMIuCNNIVpCWDngqGTWDqW4SHoI
content-encoding
gzip
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
65198
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 23 Oct 2023 16:39:28 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
wTVTe7OfK_Bgnjnr9C-ERRrP7ywy0JwgOU-YZUb3tkD_GfrkvR2gwQ==

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
nginx
x-server-name
app25.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?xsId=ABAjH0hRzb1rz0v5eO96gdlc4UBs&ias_xappb=&adContainerId=brand_safety_bqA3ZbaBNZPpx_AP6sqg2AQ&cbFunctionName=goog_wrapCb_bqA3ZbaBNZPpx_AP6sqg2AQ&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 7C48 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2889417
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
SLJUe9fjaJ2bUA8Vs3sufQk17n30p-0F0S2MvSPqsgyjf1URAhUaOA==
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 44FA 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
3635
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 23 Oct 2023 01:57:00 GMT
wn
prod-dash-10-0-82-155
server
cloudflare
etag
W/"26850-1698026220000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
81b1a258bffc1981-FRA
expires
Tue, 24 Oct 2023 12:46:07 GMT
piano-frame.css
static.advance.net/static/common/css/ Frame 44FA 		153 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.advance.net/static/common/css/piano-frame.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
22b700401468decf0bfd85a0995166a82d99f4a365c25efffb402769dad37cba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Tue, 24 Oct 2023 10:46:07 GMT
x-shield-cache-expires
10
x-amz-request-id
M0BWPK58J5YX8SQT
age
267
x-cache
HIT, HIT
x-host
static.advance.net
content-length
23872
x-served-by
cache-iad-kcgs7200076-IAD, cache-fra-eddf8230116-FRA
last-modified
Mon, 23 Oct 2023 22:01:12 GMT
x-timer
S1698144368.819419,VS0,VE1
etag
"25140bd83275946e8c5d4a05ca8f06d0"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 44FA 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1004882
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyGsw1uBuecpcvzv8BQNPp0ap96ec8jw4xke29yrg3oxgxsBweuDGYr0HsCYRT2zPb2EoGTfhW6WenxO8P%2FvvohKUxlBeSjl%2BARN87JPKJves5VtfYjdzh3UbgRNv44HhgsPwZvkelLqViXhP0DGheor"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b1a258be31bbc8-FRA
expires
Sun, 13 Oct 2024 10:46:07 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 44FA 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
10649125
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6gkM6Dr%2Fd%2Fh2zitdJFLlRlMy4zPbx9zu9V8bB5yBfSe5Z6ShpULlDOJq0%2FEShbWNmGHEBZkiZc%2BaCt81OkZmMlEdxThBZv6pTUuUro9PDhRkLYlBhBOxE57Ju7Leif%2Few7YQiwc09B0v7AKwdMsKEcZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b1a258be34bbc8-FRA
expires
Sun, 13 Oct 2024 10:46:07 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 44FA 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7659565
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
34999
last-modified
Thu, 22 Jun 2023 10:45:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942631-88b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcF1RHfA7mRyMdjejjLoAs6voL8g29b%2B1TGC%2BS%2Bj4TT9aYBdJjgtWtAozUMkpi304INJLG%2BKgWv1Dj%2BTZWpm1MIwRZ9VxQE86u0zCImuL36IItkD5J8T%2Fg9nOfMc%2BnmRfLTf7ULk3Uit0QXBcx0PVlg%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b1a258be36bbc8-FRA
expires
Sun, 13 Oct 2024 10:46:07 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 44FA 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
486336
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HUir8FhsvpZ45uMqnkBdtVCUCXQ6H026JE6%2B9wo4fXS97vxsoIpsHuJQBI58bKucACJqB7dPdKtRwrxDKFErrtkng%2FVE9FhIw9BYmMRhQp5mhSI8JVUk4xdXjofmxFDvojJouYCfDoHJ2faBrSN58wW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b1a258be37bbc8-FRA
expires
Sun, 13 Oct 2024 10:46:07 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 44FA 		825 B
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
492983
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWhkY3Wv1pHcR2u2xWaqC6YGUpdakzjFGCSDL%2FcgTjfrEDqt%2Fbd3x3D4G9JNpmp%2Fj9j55FKQtS7eTnaHCqspAipmBtyGdqLYeRrec92SVrkCeSJZCGFQMeCVcxdaJdbOaaXQyI8fm%2BSluRNzlxD78drn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b1a258be38bbc8-FRA
expires
Sun, 13 Oct 2024 10:46:07 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 44FA 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2198838
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qGXvy0XqJvOKnB1BBsgQXE81vfuBAWwtbz85d57cG6pZdiCcWJL9G%2BTAo0xEquS6xaDSOV31nzkgG9cQkmKFwmN%2B%2F7ixzQ%2F4Vm1zMXIAAfpfvbTZOlGJXtHA9pHdR2hkZyjxg1D8RNVLMoe4Hpqmp73"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b1a258be39bbc8-FRA
expires
Sun, 13 Oct 2024 10:46:07 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 44FA 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
19135175
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WP493j9%2BMnNYPgDSelEvAPgb59A2KHGRXEpX9CmHOC9v%2Bs%2BoZXQHWqZFTB%2F93QrPN7hwiKQcmMjEJAM8jZHaszeppQP%2B%2B6PAPbLUu7LpPzaxYN3nUS0w3NcI2DDdOMZrchLfrJQjPHSMqoDgbY4ZUfUA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b1a258be3abbc8-FRA
expires
Sun, 13 Oct 2024 10:46:07 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 44FA 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
15172066
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mp30Yr%2B8GZPwFuCcxSRe6qu02PnPRHbf6HPQ03uT%2BIdPo31XkObSsGDwfXLg3X0Yu8UTrAkiaILacix%2F%2Fi38LzpgrPsAr0HzMiYzhw5P1VwHkFwdq089bt0IMRNfkhyAGlUczVZ1Pba1P%2F2mIwFQtK%2Bb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b1a258be3bbbc8-FRA
expires
Sun, 13 Oct 2024 10:46:07 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 44FA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
671999
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBIHELJmaUgJn%2BkYYZQc0CnzzYrhkEGvZTY8E5eLgy05we5sFeC8tcZ23xVJaqh2AklQaJ1B8pKc9xaW7fdrisipa8HhdaW4rBwgfbDdepJVMh2y7CNaHYbwjgJAKH%2BQ7pYz%2BqAdQh5p6k3gHZ%2FlFM2g"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b1a258be3cbbc8-FRA
expires
Sun, 13 Oct 2024 10:46:07 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 44FA 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
69783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VNJoA5vgLUQLDmt%2BWYiLUiYRRCCDkDoASwKKIZZadn55MfEXME884hrxtrXrvWB1Zp4h%2BU016QkpDu5bhBN8y9qiLaWTGJvXH3yZY4jFIr1RDZq7FY8DLfGzD9OauibiHEl%2B4rNhCT0lOT6t1fUB9L8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b1a258be3ebbc8-FRA
expires
Sun, 13 Oct 2024 10:46:07 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame 44FA 		62 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=8Gu2Z8RCvZ&version=1691000262000&language=en_US
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b78bc5c07f038b149515d8a5cadf1533dd1cc438ee4a587fd2770c526304279a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mvk413shvro
pragma
wn
prod-dash-10-0-143-92
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
server-time
0.003
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
81b1a258b8011981-FRA
expires
Wed, 25 Oct 2023 06:46:07 EDT
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame 44FA 		66 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=16.26.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59feea7bc720ddcf41f4c1b173ebaeb9409eac62674546b140fd11adc04708a0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
3635
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 23 Oct 2023 01:57:00 GMT
wn
prod-dash-10-0-127-138
server
cloudflare
etag
W/"68027-1698026220000"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
server-time
0.006
cache-control
public, max-age=86400
cf-ray
81b1a258b8021981-FRA
expires
Wed, 25 Oct 2023 10:46:07 GMT
H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 44FA 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=16.26.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb0a6c5c8f27c1778bfacba261127aae3c093ac45d0a822cd590d635c215bfe4
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
34
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 23 Oct 2023 17:49:14 GMT
wn
prod-dash-10-0-143-92
server
cloudflare
optimized-by
_sam
vary
Accept-Encoding
content-type
text/javascript
server-time
0.000
cache-control
public, max-age=604766
cf-ray
81b1a258b8041981-FRA
expires
Tue, 31 Oct 2023 10:45:33 GMT
close-icon-black.svg
static.advance.net/static/common/img/piano/ Frame 44FA 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/close-icon-black.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eef57151e6646e4f59ca6a1d749631ee2f89bf4d1b736fb4620b784cedbe0de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Tue, 24 Oct 2023 10:46:07 GMT
x-shield-cache-expires
10
x-amz-request-id
KPF0FT0HVBJE018C
age
1531
x-cache
HIT, HIT
x-host
static.advance.net
content-length
610
x-served-by
cache-iad-kjyo7100168-IAD, cache-fra-eddf8230116-FRA
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1698144368.819470,VS0,VE0
etag
"35ec888ec074218ee36fea53d51653a8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
dt
dt.adsafeprotected.com/ Frame 1616 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=9d162533-ad4e-9438-f46f-53a86e034ce9&tv=%7Bc:rXDlqQ,pingTime:-2,time:292,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:709,beZ:711,mfA:714,cmA:715,inA:716,inZ:721,prA:722,prZ:764,si:773,poA:775,poZ:803,cmZ:803,mfZ:803,loA:845,loZ:848,ltA:1001,ltZ:1001%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:62%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:292,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:62,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B283~0%5D,as:%5B283~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C19*.1627455-73523879%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1b,idMap:19*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,siq:64,sinceFw:227,readyFired:true%7D&br=c
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:08 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 3B54 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
452478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:04:49 GMT
expires
Fri, 18 Oct 2024 05:04:49 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/12786977581332354964/ Frame BD23 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36d2279d6bdfd42765a2b279a36a44b84a1d2d849d0872004fe8c6e3fee1b774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
70593
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1918
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Oct 2023 15:09:34 GMT
expires
Tue, 22 Oct 2024 15:09:34 GMT
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 62F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssPz4LkNtd_rRVo89T9BLDCtdkDV-5eV4nAllg2gw8VLq3TVwV5tLScZmrydUfH71hYMVVqs_lNrpaL-A9QPBew8xWcKhWvL_49-GO_7SPpwoSeT1Vq9yNO9ZRW9ZFd0PMwiCcK5UkElfno59VFTQz9eJsOxBS15MClFXX-K7evrV3VIVMMrxOUYYzJfYTFRN1faa8crouYaXaZ83da5zLTeKHg4unscB4WUS0tMhTIvXVb6KPWEykR78kI1K6o22fGgqKNoWc_GBa-cRpjA-eYzPacvU3qj7da6rThR1t-0SWJbi-6EiBH8mjW7u9884Ri-DmGV8xQenPrKGknBA5B3CKD3bDrYCSOrBI340Rg0eW5PXaIh3SBxVyu9v-I51VZEG5OdWDLqfw1iez4tRppduH_TuUa_1hWa5Tr6G9d9wxc3ycc9yjHsfAettZXSWMUXJ3Yoe2q3fL1jCigoVuTAVqmdfCiWBsnSex2kogR_Q9yFui9uNYuFFZifKzpob6D-87uEZTRI3dJ3lEIfZ-IpIMqc8zfUPhcaZ-fyC_meoCfeQCTMrftoqib1oLy1gXTVBO4U-4FHhOk6150HclxFYUm6V9XxurbiSsYz1v5lCxwtOcjVKgh2MrkqbYqgg69QhH3y6938M-q8voWxnTd39o6uvRLgekDJaesgvR4I4Z5j6-_pQOxd7Fz9RoD3AS0H3cRPUEJ-19kJb2NrANmABbw7nP2kMlfLIp6W5Icd8hlTGesYkL4mzDl04QmUjsuy1jF2cFzQas9APPbrTKZ6UtVeFvhhx7r3qePUT6vh81wEHTBUnIDUbY0XPYUTGIjitJ5_xsmQ8Lo3eFbyToByagVAlNT869DbyBcEYSwxWnx-vKJXFm-nau03ySZGybsTg6-zbAFKyfxFzqp_jyGRcq8-8ZwzYynfU2B9cbAy2H0X7-1J1HmbE21vd30LbVB6hbCqmo-krz3hVTVVIFUw29lEJ2RQDZay2NwCXjfU2Dy2tssJkh0FPgLeKIusbS1c02a2LzvWgg8k6W8HEDBJKfwfaoTuWAI8L0gQaq-_dvUgD0JkoUwMu7jvpRN4xt2dcy86pU65_lQNoQDjWWWvv1d303qxIg2CLqUbdofYXfEAc1ADuxzeLYNgWTYQdSqetbM8cazBRv17QK46zujyR9fAkoYsBN2SS_YFsgZNd5d0NQcB6P3R-HUpLjw59BpUxADXlT70TtEbZMuUo5VLBhSpc0wxjCe5hU3amraG3efujVAIIu1MU6QCQPItrmTv-glIfiQMsYkCM9g5Lhjddxq-jvuXHnHORw-BT748r7lyPQ5Fm_s46wWNzegq3CHzyhZLxPk_d2U8IVdAR4oCobVi8QGsPM9hpI4AcEt7GJCty5CYt8LMOPgoy5uO3MYASnWbS8&sai=AMfl-YQCv2wt4hA7pD5jhi3zzMDtmrUSJK_OP9Q56l7g-ihSMnbOOEEww7FEBgm8492QhQtpee-pnSiQLwB1ZARD9yd1-VHzI4Ht9BM7ngF8L-pQuCmf6CBNPTpC66cELG-72KkdCZYByJa7VyFtnlaJhpKxQAqNcL3W7v5Zr_9bdTJ4WAg3UQxycXbpp8crwK6BRETPHQ5ZkyYSubDhWQ6W9RzxNoojiEXIaQe_YClIv3zJeOcgH7HVLpAq4jk5KnWljaY0&sig=Cg0ArKJSzDK0SKO0VXzREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=480&cbvp=1&cstd=478&cisv=r20231019.75875&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 10:46:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js
pagead2.googlesyndication.com/bg/ Frame 235B 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f10c59ce6b91ec9f367f3dd1152fa1583b63ae3d52b7e71f2db97e856442644a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 07:40:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
11140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15035
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Oct 2024 07:40:27 GMT
dt
dt.adsafeprotected.com/ Frame 62F7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=a0cf9363-36ec-21dc-ede7-a460499e5455&tv=%7Bc:rXDlrd,pingTime:-3,time:167,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:27%7D,%7Br:r,w:300,h:250,t:162%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:167,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B158~0%5D,as:%5B153~0.0,5~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTBeHRq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192%7C193%7C194%7C195%7C1a*.1627455-73523879%7C1a1%7C1a2%7C1b,idMap:1a*,rmeas:1,rend:0,renddet:svg.us,siq:33%7D&br=c
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:08 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 62F7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=a0cf9363-36ec-21dc-ede7-a460499e5455&tv=%7Bc:rXDlrf,pingTime:-6,time:169,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:169,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B160~0%5D,as:%5B153~0.0,7~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTBeHRq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192%7C193%7C194%7C195%7C1a*.1627455-73523879%7C1a1%7C1a2%7C1b,idMap:1a*,rmeas:1,rend:0,renddet:svg.us,siq:33%7D&tpiLookup=ao:www.mlive.com*&br=c
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 457B 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
452478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:04:49 GMT
expires
Fri, 18 Oct 2024 05:04:49 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 928D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=1df311bb-60bd-5c17-1c99-12f3a40b6bb7&tv=%7Bc:rXDlrx,pingTime:-3,time:118,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:118,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B110~0%5D,as:%5B110~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTBeHRq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1627455-73523879%7C181%7C182%7C191%7C192%7C193%7C194%7C195%7C1a.1627455-73523879%7C1a1%7C1a2%7C1a3%7C1b,idMap:18*,rmeas:1,rend:0,renddet:svg.us,siq:26%7D&br=c
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:08 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 928D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=1df311bb-60bd-5c17-1c99-12f3a40b6bb7&tv=%7Bc:rXDlrz,pingTime:-6,time:120,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:120,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B112~0%5D,as:%5B112~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTBeHRq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1627455-73523879%7C181%7C182%7C191%7C192%7C193%7C194%7C195%7C1a.1627455-73523879%7C1a1%7C1a2%7C1a3%7C1b,idMap:18*,rmeas:1,rend:0,renddet:svg.us,siq:26%7D&tpiLookup=ao:www.mlive.com*&br=c
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
index.html
s0.2mdn.net/sadbundle/12786977581332354964/ Frame 8294 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36d2279d6bdfd42765a2b279a36a44b84a1d2d849d0872004fe8c6e3fee1b774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
70593
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1918
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Oct 2023 15:09:34 GMT
expires
Tue, 22 Oct 2024 15:09:34 GMT
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 928D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvgRLCeIK-xl-IjPyNZoVPOFcF9eJv603VI9ZuxsgxVzu0qGutYRcnq0XARQVxDsHfsi-RgE6OZr-0moxUi7Sn0YJSbQQVxr5QMRRDihJSRCb0HxnzYnCnsTGDiH4xFYJne8bCr1wcmsx1p78xTef1Z0Z4Vu8u-9y4bjDddpAKTOmIXJ6xkfKo3YpUJOt8SW6DE0eVA1OanRRt4VBMbaUK1O3y4nv8RaJy8MJ1Of47YdUhtyhWlkvLl8cev2pyShdIlSZ95gho81H6D3H67b3k6RPcRTWyCflw6CUOgYghdccSZQznystbcEhVax9mg-CrfvUgbOQ4ldCRQtGjBZ5Z7oJv-qtSUJg2U7u770f5UO8xSvWymxOraZ8QE-dLPJqQlmOVHr9qEZYOAiw_cHCq1gjA2cC6r-TjM1KDudpoKau3-fH23x_j9SdFSh5aI4tRFi4q7fcHK5Qjo4chSjCW-RlBa-YFNibt-KjVsAtu0lgq9D9IL4Y2eSmZWEPK5wBvKp0BLvgDU4G5Lo3kHCdvaUv7XLxNuQoyWSqvpS_8sQSSaSJtjY0Doqs3QZrkyGWBOALZBkuvVV8Oxzjci_60PwnDp8vGn4Xg5VVmiozJlswMJh_6bf2vc3XaYWJ1vcDooYvZ8_0fU5lBF1jltX2FtUk1B2d2o4FMw10Sd2dsHvyxOIc98UfOOo-xwuUuXK0jhwPRbY5zYoCN0_dCtYZNFq8dl8T0Wk8S-b8781GpTMR_x4FZJliLsPNOBX6_Gt_Rf3C_m_J2Otn13PLkQuaUUXHSqz5PuSuG9taCrSclHrLEioAMlE-LxWDvzslLF4eI1j691KXuyacw2ik1lHbLeoNcJ9xy8uD6bHr_clSRSpjiDKSBb91FXzcfrb85l3LlXT8jFKLk1TGYNO_g_Sbu4nlwsxJcrhTKI4eY0sCM1l8_Fx78ArJdzDdIIVNzVl2b6NTn6mhW6wTWec0VfBGjObUc4wI1XcFE23TecPTasROUqQSxYYL0156QxqeOZ48F7FSHONPSEPpjtrNxNvVGRFtWoGxfWzNPq-mkCiSDzCTXfy2_np1RbZN0aZSlnE9q70uU8D21Pe6L51eTMIm1q4Bg1lEIhQISb5n7nEZ7W0xw3qCGYoSdaQT611CZK_9fjNLk4x9PLb4aFK7IKpRQk24tGmlmULAy532LirPLqVFsxHrMApoMOWh2B02_2XOTou5hCJqEcp6XNyeZnym9JshI8AivxEEYlRWlQR0Y0tTpE9R_cVPirml7Yez3cJm_JjOJcbzMMeLHfcmaj9SwwAXy1BVAPJHDmnTg0_oPfw8RmqAHVhmdOAhvFfT2XwwvljpuuGbV2dg6C2jeSaiMbO_fUFaI8zNzoeNhOOMvlPS0ltnEm9_NhK4O0nNQaMMMP5w&sai=AMfl-YRqRaB9ezlODp8jMA7wJZYjaUBFBWZtHEto4YeClp1VHtxIIfAPCkGzsVY1SJzAjwQKJN9qyOVes5JXF51XSK1QK4yM8zyYgCrKgqtIgxmjfhWW-_uLiQf4qelkHBVY7cCIer0HI6od2UPvIFhpXZrZXFcN8Mo4cx1CngCpt9hGXz5qokc1iSiWfBxIk8roT0CpD_1tAcZHf9bsM92IsKcJMNhscjJD9YezohoKbw9pokpXTUC3SAbUNwzeAY3H815z&sig=Cg0ArKJSzGh_1pCVXjTwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=505&cbvp=1&cstd=503&cisv=r20231019.87829&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 24 Oct 2023 10:46:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 62F7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=a0cf9363-36ec-21dc-ede7-a460499e5455&tv=%7Bc:rXDlrZ,pingTime:-2,time:215,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:844,beZ:846,mfA:849,cmA:851,inA:851,inZ:856,prA:856,prZ:865,si:872,poA:878,poZ:905,cmZ:905,mfZ:905,loA:1012,loZ:1016,ltA:1058,ltZ:1058%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:27%7D,%7Br:r,w:300,h:250,t:162%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:215,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B206~0%5D,as:%5B153~0.0,53~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.1627455-73523879%7C181%7C182%7C19.1627455-73523879%7C191%7C192%7C193%7C194%7C195%7C1a*.1627455-73523879%7C1a1%7C1a2%7C1b,idMap:1a*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,siq:33,sinceFw:180,readyFired:true%7D&br=c
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 928D 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=1df311bb-60bd-5c17-1c99-12f3a40b6bb7&tv=%7Bc:rXDls3,pingTime:-2,time:150,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:939,beZ:941,mfA:943,cmA:945,inA:945,inZ:950,prA:950,prZ:957,si:964,poA:965,poZ:993,cmZ:993,mfZ:993,loA:1058,loZ:1061,ltA:1088,ltZ:1089%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:150,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B142~0%5D,as:%5B142~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1627455-73523879%7C181%7C182%7C19.1627455-73523879%7C191%7C192%7C193%7C194%7C195%7C1a.1627455-73523879%7C1a1%7C1a2%7C1a3%7C1b,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,siq:26,sinceFw:123,readyFired:true%7D&br=c
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dysonfutura-book.woff
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 7E57 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/dysonfutura-book.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:41:10 GMT
x-content-type-options
nosniff
age
497097
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7928
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Oct 2024 16:41:10 GMT
dt
dt.adsafeprotected.com/ Frame 1616 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=9d162533-ad4e-9438-f46f-53a86e034ce9&tv=%7Bc:rXDlsP,time:415,type:e,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:415,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:62,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B406~0%5D,as:%5B406~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.1627455-73523879%7C181%7C182%7C19*.1627455-73523879%7C191%7C192%7C193%7C194%7C1a.1627455-73523879%7C1a1%7C1a2%7C1b,idMap:19*,rmeas:1,rend:0,renddet:DIV,siq:64,sis:374%7D&br=c
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 62F7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=a0cf9363-36ec-21dc-ede7-a460499e5455&tv=%7Bc:rXDlsQ,time:268,type:e,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:268,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B259~0%5D,as:%5B153~0.0,106~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.1627455-73523879%7C181%7C182%7C19.1627455-73523879%7C191%7C192%7C193%7C194%7C195%7C1a*.1627455-73523879%7C1a1%7C1a2%7C1b,idMap:1a*,rmeas:1,rend:0,renddet:svg.us,siq:33,sis:230%7D&br=c
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:07 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 928D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=1df311bb-60bd-5c17-1c99-12f3a40b6bb7&tv=%7Bc:rXDlsR,time:200,type:e,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:200,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B192~0%5D,as:%5B151~0.0,41~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1627455-73523879%7C181%7C182%7C19.1627455-73523879%7C191%7C192%7C193%7C194%7C195%7C1a.1627455-73523879%7C1a1%7C1a2%7C1a3%7C1b,idMap:18*,rmeas:1,rend:0,renddet:svg.us,siq:26%7D&br=c
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:08 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
googleads4.g.doubleclick.net/pcs/ Frame 1616 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-laTzcS4M0LodrVLLKZSIMB6qHNZFRMvvto0COC78aYKOiJONKNZYdsJwHuSm0Zp22c6hAhWtG7tysmVP8I2CzqkBlUxIORzimZwT3fnyyfOqdd-BwrGzt0qPFw_XBwessdgEE9Y2XxUk_BtiI4MLhcNIpbhiTJX243ElTKPD9ZuYw80fs9SAQHGp9K3DzEnQvmVu9N5tarCBk7ef7dbNYMF7wCCjUR12Co18YqNtvfmMPIJHxX86WIGkwd0cMdQFtsBTfD8hYOLAgSxm639IHfNjT5IkxqrVAUnIwTPNgCXe7mmjUl2Qwyg37Nei9YW7TwttWd31dUGJ5e7DPH1c3asfGZ-vObMPXSAQMkTvNczhj26yL_XR0SnOsunLzotFfdc9jiQKwLAzWjH99sPDuAl8-jd09sTylfSI61SMxl4gfs4fgSf9oKuuXTrw5jmB8vJ0va67Kqel25z8Ga8FwLVnClD9btGV7GBgBwaZfU8p1RtfYqaFJ6yTayhydEp2-_NrDxpecg7ykMREkU0M5gxsBwJIfGmMAi1dS6Q6Bnh3HYILwGi0mV7TKsVUuLR7ZxhkSOOtzN4fEecMwqb2n46lgYbQUPb6mxflLPsJEi3yXJSgxIOFuW875ksmGDVyYAdAa1oVsRzUmjpal7zT1xwCgA236_kxIDwiqmuOnmWfMOoogMtmEN4WTBxDSMZabReoX8bPziHUdHopqKQLlbsHHZPkYyscoqOmVj3IuYnAAx-lZn5j3KtD_uvOB4pw9SwDagJLzlupBO5zycIMbuClVcZVA9yOxUg_iElfO3N6Te1onvQ-3ttT0Qk4-7xMF8XMaB1zzuT89bmta26M1mVWczAvCwoGWRrvKH84DFY8Ay-3zAOkyUuUH2E3BNEqEbudAuoVK6UuLaYTMNF0eL8c4UmlZ64wpH_QYyYlbwDz0ExAkjMR4GTONXkEMzDl5CmU9cfN-pHeRQ3-RZInQ7WNJSWRSWynWTOJ_ZKn3P2XU1CeQ9a8EMoWkDr4Rhe58wob9BCMlF-tX9xpj35fWOP2hFHVpak8gMmx5YABrHCORQTN-WLRnRMqBJ0138KIXmbGtOvhkaStLSG_1yshy2xrkFhnwBEoTm-yZpPM17FG9--7ZI5cehHmYQNsS3uNDN-XwjyWAmPhRXbdXC8_I0dXzm-hKKYPW8eeWEZfze8fEhEu3TpO9yETu8HaZKLtG6UJiHfe0wXOGyrlmZhHvHhu6SQkR0tAmzGIJ6cV-KdzXDjhwyA4S6Ms47fx6YsZF7-BRgViyC4yc13j3iYco1zoA-7qHHeGm4SXzloFYpLeeVyhRrN-0ZDxDaiJC_5ey5Gw1iqC5WdlhXJwZ4sa0Mnv9AFWZVbBNUSMwyVtjYqxNqVxS66TZ2VIQNnrZnTkuWLWs0o&sai=AMfl-YT1V6t3_9u2_plK_EpbMTNL7Nd8djbKZ--_bN5dkFd3p_X3DnFfKehbS10e2_uSslyT2kHa216uTEBph1ynPFBD5oueAytRhr_vgGKdwZ3RfsPMBTy81YAoQZ76F8PovUzll4BORLjjxisie4S_JdT9NLgWE66ZyB957nd3N9DnNmhaaxv--EYHyAlY9hWXvAjnjRFPTA0SueaNeueR039CXLFtHDxjr9Xjbwo-di0FfKHmJgcCbdCux9_cSr37l00-&sig=Cg0ArKJSzBOYkdHQms8REAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=939&vt=11&dtpt=667&dett=3&cstd=268&cisv=r20231019.83355&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 1616 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=9d162533-ad4e-9438-f46f-53a86e034ce9&tv=%7Bc:rXDlxt,pingTime:-10,time:703,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My44OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1698144367878%7C%7C5c989930f8c5b4c53f859a7b2d1a99f7%7C%7Cafe098ab9930c31009b81b3a08e6b29a%7C%7Ccd7099651e15d4c417f15ee9ed091637%7C%7Ccef8366d63cf13c137c6b74ba7c77b4d%7C%7C9bbcb8b69ca4b5b0a5fe0a2348b7cc5e%7C%7C895e0214a3db08da59995a16524517ce%7C%7C1c160dff08978efef8ca68d3b0de6f30%7C%7C1663701684%7D
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:08 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
style.css
s0.2mdn.net/sadbundle/12786977581332354964/css/ Frame BD23 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
507a74eb21e9a16396d226f31f5e25345a8208db821d9fc5798284c38bec5e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2009
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame BD23 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7016578
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25267
last-modified
Tue, 01 Aug 2023 16:39:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64c93531-62b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lJdW2qTGkqFaj3jw2%2By3A60goHuM9%2B%2F5iECJThmxNAOwskcZ2YOLd5Jp%2B02Kpl4bPTJR54wPxqdd4p6VDLdzaDQwIgH9A5GQFsbBm5hXNBKpaAPh310djbA07CecR8Cx9EFM%2Fifyn%2FH1qov0l9%2FZDCW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b1a25b98cd3a9c-FRA
expires
Sun, 13 Oct 2024 10:46:07 GMT
CustomEase.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame BD23 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
667983
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3299
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-ce3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqPfJaWatqqMjHHauJPCWiMNo8M58H5T%2Biap%2FPzwXNAZGGS0%2B%2FxhXAYDugVsHC0cKuC%2F1tTcUVDqfngTibsTyn1lp9071iSx%2BgRPg83bgEQhatqmPPTYrgjyW84cBEQZyjdwSO9FgkoIBoe8YMguXktC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b1a25b98cf3a9c-FRA
expires
Sun, 13 Oct 2024 10:46:07 GMT
dyson.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame BD23 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/dyson.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 20:29:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224182
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1076
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 20 Oct 2024 20:29:45 GMT
rtbIcon.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame BD23 		2 KB
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/rtbIcon.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 20:56:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395367
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
771
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 20:56:40 GMT
dyson-v15s-submarine-stack.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame BD23 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/dyson-v15s-submarine-stack.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76b6ed760de97f8a40e71c79ce9704e965bb287761bd81fb2fb021b8609c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452450
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2891
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 05:05:17 GMT
1-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame BD23 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/1-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76af1be9c401ef3da16e31401b74f7cb0627154925d8c9fa308fba2e1413c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
x-content-type-options
nosniff
age
70595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26291
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
2-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame BD23 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/2-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372360f6d3fa2133dfbf08ba93b3b55985785cb74106d75839618b7d273dd3c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
x-content-type-options
nosniff
age
70596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25258
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
3-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame BD23 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/3-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca4c3ad9639830e6f8f8e29775549fc24fcab33b4eeec7ae77da27c5c9e6bc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
x-content-type-options
nosniff
age
70596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20858
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
gradient.png
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame BD23 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/gradient.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b67702d4e78a4b6d5981a50298b0989dea48fc7d95b5e593dfafbe96cdbb309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
x-content-type-options
nosniff
age
70596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4218
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
4-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame BD23 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/4-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19dc5f765d51f715497f0eadd0dede8eaa5ee17447a22db60538f60ca7c0a01d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
x-content-type-options
nosniff
age
70596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32615
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
overlay.png
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame BD23 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a72990ce8413aceedbfbf2f1d7ca2231c726b29a4ab1ddbca32b45ad685b4e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
x-content-type-options
nosniff
age
70596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14477
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
arrow.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame BD23 		192 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70562
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
161
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:10:06 GMT
script.js
s0.2mdn.net/sadbundle/12786977581332354964/script/ Frame BD23 		4 KB
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/script/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a55f386367cbcc30390435806075251b8ef4afb086409bc8e301558223398245
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70562
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
982
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:10:06 GMT
style.css
s0.2mdn.net/sadbundle/12786977581332354964/css/ Frame 8294 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
507a74eb21e9a16396d226f31f5e25345a8208db821d9fc5798284c38bec5e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2009
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 8294 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7016578
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25267
last-modified
Tue, 01 Aug 2023 16:39:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64c93531-62b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDkYXkVk2jFyTlylJ6OCmRGTf21Nl2ZrL0HREcYa4tWYi4rUDNfmYKDXfK7qmXe6B%2BTwWlN7IasfHxKrsoJM40rkq2PauRqkQvUBOaMlU8scQDd1sfIGLdO7O4whWD7Zdgk2IlBsDPEFQeIJYyVkrsNV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b1a25bb8ed3a9c-FRA
expires
Sun, 13 Oct 2024 10:46:07 GMT
CustomEase.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 8294 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
667983
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3299
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-ce3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2p0kUt3kvcIBXAHL9NHBcGFITNYMK2QqbrMlQ6nsNf0%2BOFPN0Cqrd5O7ESLRdi1OeTzI0MGjXcss47L2usXtzBZyiH1z2ofpSME7vwT8QNPCXupToau9TrDO5LN4x4ai1ze1BLFXzL%2BC40E5kRngyzfa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81b1a25bb8f03a9c-FRA
expires
Sun, 13 Oct 2024 10:46:07 GMT
dyson.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 8294 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/dyson.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 20:29:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224182
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1076
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 20 Oct 2024 20:29:45 GMT
rtbIcon.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 8294 		2 KB
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/rtbIcon.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 20:56:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395367
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
771
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 20:56:40 GMT
dyson-v15s-submarine-stack.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 8294 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/dyson-v15s-submarine-stack.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76b6ed760de97f8a40e71c79ce9704e965bb287761bd81fb2fb021b8609c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452451
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2891
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 05:05:17 GMT
1-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 8294 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/1-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76af1be9c401ef3da16e31401b74f7cb0627154925d8c9fa308fba2e1413c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
x-content-type-options
nosniff
age
70596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26291
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
2-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 8294 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/2-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372360f6d3fa2133dfbf08ba93b3b55985785cb74106d75839618b7d273dd3c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
x-content-type-options
nosniff
age
70596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25258
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
3-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 8294 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/3-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca4c3ad9639830e6f8f8e29775549fc24fcab33b4eeec7ae77da27c5c9e6bc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
x-content-type-options
nosniff
age
70596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20858
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
gradient.png
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 8294 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/gradient.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b67702d4e78a4b6d5981a50298b0989dea48fc7d95b5e593dfafbe96cdbb309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
x-content-type-options
nosniff
age
70596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4218
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
4-min.jpg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 8294 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/4-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19dc5f765d51f715497f0eadd0dede8eaa5ee17447a22db60538f60ca7c0a01d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
x-content-type-options
nosniff
age
70596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32615
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
overlay.png
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 8294 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a72990ce8413aceedbfbf2f1d7ca2231c726b29a4ab1ddbca32b45ad685b4e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:09:32 GMT
x-content-type-options
nosniff
age
70596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14477
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:09:32 GMT
arrow.svg
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 8294 		192 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70562
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
161
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:10:06 GMT
script.js
s0.2mdn.net/sadbundle/12786977581332354964/script/ Frame 8294 		4 KB
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/script/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a55f386367cbcc30390435806075251b8ef4afb086409bc8e301558223398245
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70562
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
982
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 15:10:06 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1616 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYXXJv5hsEWtXSOYlrd5xK-tvgbp5p0J8zRqv0rieY7SFYYYlXzKPf7rjcHoP-x-e4cN7wACjR5a7Nci3c7qJO2YE3HO7OBUB9fOmthc9Uq_js7fbDI5N76TjGO2oL8zUmz52Zd2bCx6Nk&sai=AMfl-YRZTbcq7Mwnnu8AjVo_Q5_MC2qMIa7OPxdCocQUHvSJG0cv4QdHtJiKmHpr3dPZ8zIy2EisyGEh72gffFYVcwTnY7RhyE4arifj9K3rBPr7YE9VfpEZpP3tlhI&sig=Cg0ArKJSzI0oFZYsnB0CEAE&cid=CAQSOwDICaaNPnxDvKE3dRWALmtyHjezluMYpzBMLAq-Jm-SyjoZslW0PG-ENDVZlmrYPJBFL6D332hmCErhGAE&id=lidar2&mcvt=1051&p=957,165,1207,465&mtos=0,1051,1051,1051,1051&tos=0,1051,0,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=20&adk=1117919391&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698144366467&rpt=483&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js
pagead2.googlesyndication.com/bg/ Frame 3B54 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f10c59ce6b91ec9f367f3dd1152fa1583b63ae3d52b7e71f2db97e856442644a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 07:40:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
11141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15035
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Oct 2024 07:40:27 GMT
115
check.analytics.rlcdn.com/check/ 		25 B
384 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 24 Oct 2023 10:46:08 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amzn-trace-id
Root=1-6537a070-36be4a350e12047d64eb8c8c
x-amzn-requestid
53425181-7b5c-4f15-bae4-2face011b82d
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
NTYBkFT8joEEtsQ=
content-length
25
x-amz-cf-id
FEPgOOXhpV_btnhobGsDWe8xSr3qS9nl0gz1HhKaFR1jTx-9a5jHXw==
8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js
pagead2.googlesyndication.com/bg/ Frame 457B 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/8QxZzmuR7J82fz3RFS-hWDtjrj1St-cfLbl-hWRCZEo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f10c59ce6b91ec9f367f3dd1152fa1583b63ae3d52b7e71f2db97e856442644a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 07:40:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
11141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15035
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Oct 2024 07:40:27 GMT
dysonfutura-book.woff
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame BD23 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/dysonfutura-book.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:41:10 GMT
x-content-type-options
nosniff
age
497098
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7928
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Oct 2024 16:41:10 GMT
dysonfutura-book.woff
s0.2mdn.net/sadbundle/12786977581332354964/assets/ Frame 8294 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786977581332354964/assets/dysonfutura-book.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786977581332354964/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12786977581332354964/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:41:10 GMT
x-content-type-options
nosniff
age
497098
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7928
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Oct 2024 16:41:10 GMT
piano-frame.js
static.advance.net/static/common/js/ Frame 44FA 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.advance.net/static/common/js/piano-frame.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
66fd57ba72d90085943ad028bb0a99da56ab6daba1a9030929e9504dc8ec12b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Tue, 24 Oct 2023 10:46:08 GMT
x-shield-cache-expires
10
x-amz-request-id
90D1S54BPTSR1B5E
age
194
x-cache
HIT, HIT
x-host
static.advance.net
content-length
3628
x-served-by
cache-iad-kcgs7200148-IAD, cache-fra-eddf8230116-FRA
last-modified
Tue, 18 Apr 2023 13:28:23 GMT
x-timer
S1698144368.189588,VS0,VE1
etag
"491a0b3bf098d18871981579ae670ba7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
logo-mlive.svg
static.advance.net/static/common/img/paywall/lmg/ Frame 44FA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/paywall/lmg/logo-mlive.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Tue, 24 Oct 2023 10:46:08 GMT
x-shield-cache-expires
10
x-amz-request-id
674H5GK1WJRBAW70
age
6647
x-cache
HIT, HIT
x-host
static.advance.net
content-length
879
x-served-by
cache-iad-kcgs7200092-IAD, cache-fra-eddf8230116-FRA
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1698144368.194559,VS0,VE0
etag
"eddae84ef46240dace31d24e6e3f4dae"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
dt
dt.adsafeprotected.com/ Frame 62F7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=a0cf9363-36ec-21dc-ede7-a460499e5455&tv=%7Bc:rXDlD3,pingTime:-10,time:901,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My44OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1698144367878%7C%7C5c989930f8c5b4c53f859a7b2d1a99f7%7C%7Cafe098ab9930c31009b81b3a08e6b29a%7C%7Ccd7099651e15d4c417f15ee9ed091637%7C%7Ccef8366d63cf13c137c6b74ba7c77b4d%7C%7C9bbcb8b69ca4b5b0a5fe0a2348b7cc5e%7C%7C895e0214a3db08da59995a16524517ce%7C%7C1c160dff08978efef8ca68d3b0de6f30%7C%7C1663701684,sca:%7Bspg:9d162533-ad4e-9438-f46f-53a86e034ce9%7D%7D
Requested by
Host: 663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
URL: https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:08 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 62F7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6rBNTDSC4GfW3JOrT0PuevOVmyR2ibwywOEzY3hAjSiE5zEsW7E9vlxPk2wHt11BtlWvAiiltIQQWxKfH55iXEt8Irr7gO5Zn3CfAkncCk60AMohf2ERKxYNsReNC8dIdoXcaX0Hv2gIk&sai=AMfl-YSU4J2uuuySU4AqWj8ei8HruPsoYY_siGHb4hEhKHBnSZYc5_gLNoGFCUryBSKX8jtWbqBhpwW4iYk4NZfaKVMWuOftCjXgCLwKUPJoocV7S96_yKd6NZgE3hw&sig=Cg0ArKJSzCCkHrJzzAEdEAE&cid=CAQSOwDICaaNPnxDvKE3dRWALmtyHjezluMYpzBMLAq-Jm-SyjoZslW0PG-ENDVZlmrYPJBFL6D332hmCErhGAE&id=lidar2&mcvt=1118&p=883,1135,1133,1435&mtos=1118,1118,1118,1118,1118&tos=1118,0,0,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3501067380&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698144366480&rpt=590&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 928D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrqSwGLRkxA1VMDAknCdFhwbSEbdGFFcCDyDfjmDkHsXho6k69q5xOYGnxRAPcjCnN4XlUqttC5sMn8HSrNDUmpkk8CAcdw5rXyTxPKxbyVurNj_8XPjX--Jod-GuiioQNY9UeefdIkDRk&sai=AMfl-YQzIuJE7KudnPggUFWIMLaNXMEd5XNur6uAle_gcSQu0O9YPDWAy11Rx9yEc5eKCh-3nPL4vy9mNr5ZQ9RPcPpCYN7p0RcutM5dDuuQxcqWWijvb4BDSrqTh6w&sig=Cg0ArKJSzG455ZDTHAttEAE&cid=CAQSOwDICaaNPnxDvKE3dRWALmtyHjezluMYpzBMLAq-Jm-SyjoZslW0PG-ENDVZlmrYPJBFL6D332hmCErhGAE&id=lidar2&mcvt=1121&p=165,1135,415,1435&mtos=1121,1121,1121,1121,1121&tos=1121,0,0,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1117919376&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698144366455&rpt=660&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 62F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssPz4LkNtd_rRVo89T9BLDCtdkDV-5eV4nAllg2gw8VLq3TVwV5tLScZmrydUfH71hYMVVqs_lNrpaL-A9QPBew8xWcKhWvL_49-GO_7SPpwoSeT1Vq9yNO9ZRW9ZFd0PMwiCcK5UkElfno59VFTQz9eJsOxBS15MClFXX-K7evrV3VIVMMrxOUYYzJfYTFRN1faa8crouYaXaZ83da5zLTeKHg4unscB4WUS0tMhTIvXVb6KPWEykR78kI1K6o22fGgqKNoWc_GBa-cRpjA-eYzPacvU3qj7da6rThR1t-0SWJbi-6EiBH8mjW7u9884Ri-DmGV8xQenPrKGknBA5B3CKD3bDrYCSOrBI340Rg0eW5PXaIh3SBxVyu9v-I51VZEG5OdWDLqfw1iez4tRppduH_TuUa_1hWa5Tr6G9d9wxc3ycc9yjHsfAettZXSWMUXJ3Yoe2q3fL1jCigoVuTAVqmdfCiWBsnSex2kogR_Q9yFui9uNYuFFZifKzpob6D-87uEZTRI3dJ3lEIfZ-IpIMqc8zfUPhcaZ-fyC_meoCfeQCTMrftoqib1oLy1gXTVBO4U-4FHhOk6150HclxFYUm6V9XxurbiSsYz1v5lCxwtOcjVKgh2MrkqbYqgg69QhH3y6938M-q8voWxnTd39o6uvRLgekDJaesgvR4I4Z5j6-_pQOxd7Fz9RoD3AS0H3cRPUEJ-19kJb2NrANmABbw7nP2kMlfLIp6W5Icd8hlTGesYkL4mzDl04QmUjsuy1jF2cFzQas9APPbrTKZ6UtVeFvhhx7r3qePUT6vh81wEHTBUnIDUbY0XPYUTGIjitJ5_xsmQ8Lo3eFbyToByagVAlNT869DbyBcEYSwxWnx-vKJXFm-nau03ySZGybsTg6-zbAFKyfxFzqp_jyGRcq8-8ZwzYynfU2B9cbAy2H0X7-1J1HmbE21vd30LbVB6hbCqmo-krz3hVTVVIFUw29lEJ2RQDZay2NwCXjfU2Dy2tssJkh0FPgLeKIusbS1c02a2LzvWgg8k6W8HEDBJKfwfaoTuWAI8L0gQaq-_dvUgD0JkoUwMu7jvpRN4xt2dcy86pU65_lQNoQDjWWWvv1d303qxIg2CLqUbdofYXfEAc1ADuxzeLYNgWTYQdSqetbM8cazBRv17QK46zujyR9fAkoYsBN2SS_YFsgZNd5d0NQcB6P3R-HUpLjw59BpUxADXlT70TtEbZMuUo5VLBhSpc0wxjCe5hU3amraG3efujVAIIu1MU6QCQPItrmTv-glIfiQMsYkCM9g5Lhjddxq-jvuXHnHORw-BT748r7lyPQ5Fm_s46wWNzegq3CHzyhZLxPk_d2U8IVdAR4oCobVi8QGsPM9hpI4AcEt7GJCty5CYt8LMOPgoy5uO3MYASnWbS8&sai=AMfl-YQCv2wt4hA7pD5jhi3zzMDtmrUSJK_OP9Q56l7g-ihSMnbOOEEww7FEBgm8492QhQtpee-pnSiQLwB1ZARD9yd1-VHzI4Ht9BM7ngF8L-pQuCmf6CBNPTpC66cELG-72KkdCZYByJa7VyFtnlaJhpKxQAqNcL3W7v5Zr_9bdTJ4WAg3UQxycXbpp8crwK6BRETPHQ5ZkyYSubDhWQ6W9RzxNoojiEXIaQe_YClIv3zJeOcgH7HVLpAq4jk5KnWljaY0&sig=Cg0ArKJSzDK0SKO0VXzREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1261&vt=11&dtpt=781&dett=3&cstd=478&cisv=r20231019.75875&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 928D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvgRLCeIK-xl-IjPyNZoVPOFcF9eJv603VI9ZuxsgxVzu0qGutYRcnq0XARQVxDsHfsi-RgE6OZr-0moxUi7Sn0YJSbQQVxr5QMRRDihJSRCb0HxnzYnCnsTGDiH4xFYJne8bCr1wcmsx1p78xTef1Z0Z4Vu8u-9y4bjDddpAKTOmIXJ6xkfKo3YpUJOt8SW6DE0eVA1OanRRt4VBMbaUK1O3y4nv8RaJy8MJ1Of47YdUhtyhWlkvLl8cev2pyShdIlSZ95gho81H6D3H67b3k6RPcRTWyCflw6CUOgYghdccSZQznystbcEhVax9mg-CrfvUgbOQ4ldCRQtGjBZ5Z7oJv-qtSUJg2U7u770f5UO8xSvWymxOraZ8QE-dLPJqQlmOVHr9qEZYOAiw_cHCq1gjA2cC6r-TjM1KDudpoKau3-fH23x_j9SdFSh5aI4tRFi4q7fcHK5Qjo4chSjCW-RlBa-YFNibt-KjVsAtu0lgq9D9IL4Y2eSmZWEPK5wBvKp0BLvgDU4G5Lo3kHCdvaUv7XLxNuQoyWSqvpS_8sQSSaSJtjY0Doqs3QZrkyGWBOALZBkuvVV8Oxzjci_60PwnDp8vGn4Xg5VVmiozJlswMJh_6bf2vc3XaYWJ1vcDooYvZ8_0fU5lBF1jltX2FtUk1B2d2o4FMw10Sd2dsHvyxOIc98UfOOo-xwuUuXK0jhwPRbY5zYoCN0_dCtYZNFq8dl8T0Wk8S-b8781GpTMR_x4FZJliLsPNOBX6_Gt_Rf3C_m_J2Otn13PLkQuaUUXHSqz5PuSuG9taCrSclHrLEioAMlE-LxWDvzslLF4eI1j691KXuyacw2ik1lHbLeoNcJ9xy8uD6bHr_clSRSpjiDKSBb91FXzcfrb85l3LlXT8jFKLk1TGYNO_g_Sbu4nlwsxJcrhTKI4eY0sCM1l8_Fx78ArJdzDdIIVNzVl2b6NTn6mhW6wTWec0VfBGjObUc4wI1XcFE23TecPTasROUqQSxYYL0156QxqeOZ48F7FSHONPSEPpjtrNxNvVGRFtWoGxfWzNPq-mkCiSDzCTXfy2_np1RbZN0aZSlnE9q70uU8D21Pe6L51eTMIm1q4Bg1lEIhQISb5n7nEZ7W0xw3qCGYoSdaQT611CZK_9fjNLk4x9PLb4aFK7IKpRQk24tGmlmULAy532LirPLqVFsxHrMApoMOWh2B02_2XOTou5hCJqEcp6XNyeZnym9JshI8AivxEEYlRWlQR0Y0tTpE9R_cVPirml7Yez3cJm_JjOJcbzMMeLHfcmaj9SwwAXy1BVAPJHDmnTg0_oPfw8RmqAHVhmdOAhvFfT2XwwvljpuuGbV2dg6C2jeSaiMbO_fUFaI8zNzoeNhOOMvlPS0ltnEm9_NhK4O0nNQaMMMP5w&sai=AMfl-YRqRaB9ezlODp8jMA7wJZYjaUBFBWZtHEto4YeClp1VHtxIIfAPCkGzsVY1SJzAjwQKJN9qyOVes5JXF51XSK1QK4yM8zyYgCrKgqtIgxmjfhWW-_uLiQf4qelkHBVY7cCIer0HI6od2UPvIFhpXZrZXFcN8Mo4cx1CngCpt9hGXz5qokc1iSiWfBxIk8roT0CpD_1tAcZHf9bsM92IsKcJMNhscjJD9YezohoKbw9pokpXTUC3SAbUNwzeAY3H815z&sig=Cg0ArKJSzGh_1pCVXjTwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1263&vt=11&dtpt=758&dett=3&cstd=503&cisv=r20231019.87829&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logAutoMicroConversion
api-v3.tinypass.com/api/v3/conversion/ 		49 B
279 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-v3.tinypass.com/api/v3/conversion/logAutoMicroConversion?page_title=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&url=https%3A%2F%2Fwww.mlive.com%2F&page_view_id=lo47b64amt0etsmf&referrer=&content_author=&tags=null&content_type=website&tracking_id=%7Bkpdx%7DAAABA0Bbb4rw9AoKOEd1Mlo4UkN2WhIQbG80N2I2NGFtdDBldHNtZhoMRVhLRVU3WVgzWkFMIiUxODA1c2lvMDk0LTAwMDAzMnIxOWFvY280a3NtNjJrYWJ1bnA4KhpzaG93VGVtcGxhdGUxT0RTTEFHWlg3V1g3MTABOgxPVEMxN1gzMkJKQ0lCDU9UVllRRUxKTExWUU9SS3YtMjAyMy0xMC0yNC0xMi00Ni0wNS0yNjAtYzJrYlNWc2JEd0NyWWFEay1iZmM1ZmY2YjlkOTZlMGRiNWZkZThkZTNhOTA3YjFkMVoXMmEwMDpjOTg6MjA1MDphMDA3OjI6OjRiA2R3Y2ju4-OpBnAQeAQ&browser_id=lo47b64affinkf6j&event_type=EXTERNAL_EVENT&event_group_id=config&custom_params=%7B%22config%22%3A%22%7B%5C%22type%5C%22%3A%5C%22bottomfixed%5C%22%2C%5C%22version%5C%22%3A%5C%22cta%5C%22%2C%5C%22placement%5C%22%3A%5C%22bottom-fixed%5C%22%2C%5C%22newsletterId%5C%22%3A%5C%22%5C%22%2C%5C%22closable%5C%22%3A%5C%22true%5C%22%2C%5C%22scrollLock%5C%22%3A%5C%22true%5C%22%7D%22%7D&cookie_consents=null&previous_user_segments=null&callback=jsonp7158
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c79d175cf32f3dc60aa9bb646344039e786e6198c441bbf54d19fbdaedf025d3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:08 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
81b1a25eaee91981-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
4edf1b154e79487d00f4fc911ce8d7cf
expires
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1921934849&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=nonblocking&ea=bottomfixed_shown&el=var%3A%22OTVYQELJLLVQO%22%7Cexp%3A%22EXKEU7YX3ZAL%22%7Cver%3A%22cta%22%7Cmet%3A%22Support%20Meter%22%7Ctot%3A%221%22%7Cmax%3A%227%22%7Cterm%3A%22%22&ev=0&_u=aDDAAEABAAQCACgFKAC~&jid=&gjid=&cid=1618411612.1698144365&tid=UA-16643585-16&_gid=816436110.1698144365&gtm=45He3an0n81TLXFLCR&cd1=undefined&cd2=1---&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=GA%20-%20event%20call&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd64=undefined&cd65=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-c&cd99=undefined&cd102=undefined&cd103=undefined&cd61=1618411612.1698144365&cd98=meterName%3A%20%22Support%20Meter%22%7C%7CtotalViews%3A%201%7C%7CmaxViews%3A%207&z=107830362
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 00:26:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37178
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metername=Support%20Meter&metered=1%7C7&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=17&tvcfg=all&tid=76c547ff-611f-402e-9554-ee42ae894ed5&pid=83d2c3d5-37ee-4655-89f6-2e215a361603&dtm=1698144368457&qnm=_matherq&visible=1&tabid=8f8d43eb-d394-4601-9648-7511b187e95a&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x1200&tofa=1698144365&vid=1&lvidt=1698144365&duid=ba341e8a-af0d-433d-85a1-37ccc91294f9&fp=2849720740&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJjdXN0b21fZXZlbnQiLCJhY3Rpb24iOiJjb25maWciLCJkYXRhIjp7ImV2ZW50TmFtZSI6ImNvbmZpZyIsInBhcmFtcyI6eyJjb25maWciOiJ7XCJ0eXBlXCI6XCJib3R0b21maXhlZFwiLFwidmVyc2lvblwiOlwiY3RhXCIsXCJwbGFjZW1lbnRcIjpcImJvdHRvbS1maXhlZFwiLFwibmV3c2xldHRlcklkXCI6XCJcIixcImNsb3NhYmxlXCI6XCJ0cnVlXCIsXCJzY3JvbGxMb2NrXCI6XCJ0cnVlXCJ9In19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTYxODQxMTYxMiIsInJlZlRpbWUiOiIxNjk4MTQ0MzY4NDU2In1dfQ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.77.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-77-247.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Tue, 24 Oct 2023 10:46:08 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
farnhamheadline-semi-bold.woff
fonts.advance.net/fonts/v1/farnham-headline-semi-bold/ Frame 44FA 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/v1/farnham-headline-semi-bold/farnhamheadline-semi-bold.woff
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 24 Oct 2023 10:46:08 GMT
x-shield-cache-expires
10
x-amz-request-id
6RJM7ZGC70MCBMAP
age
11461
x-cache
HIT, HIT
x-host
fonts.advance.net
content-length
37160
x-served-by
cache-iad-kiad7000038-IAD, cache-fra-eddf8230098-FRA
last-modified
Wed, 19 Sep 2018 19:27:30 GMT
x-timer
S1698144369.506042,VS0,VE4
etag
"c9a8222fbabe6b700baacd21dd7a1f61"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
s-maxage-ignore=86400, no-store
Inter-Regular.woff2
fonts.advance.net/fonts/inter/ Frame 44FA 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/inter/Inter-Regular.woff2
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 24 Oct 2023 10:46:08 GMT
x-shield-cache-expires
10
x-amz-request-id
BFTJBMVY6VG8SZEX
age
2572
x-cache
HIT, HIT
x-host
fonts.advance.net
content-length
98868
x-served-by
cache-iad-kjyo7100054-IAD, cache-fra-eddf8230098-FRA
last-modified
Mon, 17 Jul 2023 14:21:52 GMT
x-timer
S1698144369.506463,VS0,VE2
etag
"dc131113894217b5031000575d9de002"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
Inter-SemiBold.woff2
fonts.advance.net/fonts/inter/ Frame 44FA 		103 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/inter/Inter-SemiBold.woff2
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 24 Oct 2023 10:46:08 GMT
x-shield-cache-expires
10
x-amz-request-id
BFTY2FVC866NHJJ7
age
3084
x-cache
HIT, HIT
x-host
fonts.advance.net
content-length
105804
x-served-by
cache-iad-kcgs7200165-IAD, cache-fra-eddf8230098-FRA
last-modified
Mon, 17 Jul 2023 14:21:52 GMT
x-timer
S1698144369.506463,VS0,VE1
etag
"007ad31a53f4ab3f58ee74f2308482ce"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_HEADER1&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&t=1698144364605&de=467810186840&rx=496530464378&m=0&ar=0c7a73c5c3d-clean&iw=568cc09&q=1&cb=0&cu=1698144364605&ll=2&lm=0&ln=0&em=0&en=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=advanceddigitalheader640552616592&fd=1&it=500&ti=0&ih=2&pe=1%3A1220%3A1220%3A0%3A1730&fs=205668&na=895160220&cs=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:08 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 24 Oct 2023 10:46:08 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b16c50b0f88a5c222134e12886abff1ecb0f432f3c0a3a01fa4ba2b5c6106ec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12140
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 235B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BM3Y_bqA3ZdHzMNvpx_APkYid2AkAAAAAOAHgBAI&bg=!7u2l7aLNAAao7_3LiO87ADQBe5WfOFLDlf6jSCHYu-lCMi-rExJDtsz57_Z0LGY6RsCZTw_qE5GUTflhj0k0NOKgQg5lAgAAAwJSAAAABGgBB5kC_eBhMvMkl5xG9rNypfsbUNygN6P0QIeQ69j1iW9MWikY85Rsq8vS2Sfwdhv9PZVNIP7bLGRTA2ixwBZ0ZnY5n9zjy7BeMtVRItCwp49FVt1ttoEtswYmjy-SrJne7jOVkhzz-jJhUeEKAld5chnOh8XYrPZuQseuyKqzLU3maXNc9kob6JdkHYIJ2KCdIhoO3yven705CXc3ol-3aEJkur8iSF488zm5C6kooHvq2lNcoGlvgeEjkz5sNiqUtesFDf2sm5_VN87zMu-p2uufMN5PiCeTk8HqLMcPLpz86y95iBQFJ8U1ViQ0f-wPrFl1ZJbJqRSpcBSmwqXsfrj0gwNEY5LD4Tdfnz8xX6TUr63GFJzusfKoAIY9Mnj-Ml9KpSbzcMyWSh0m8iEuwun5Atra0V0T31DSUKisD2Cj_aLUodzkg298-IXfFkfhIbYBDypzMUdn2SK1L8LzoludU-DJj7CHpFDrD3OZSXNV01YzfUw4w0DIwesHVUinxXXnjbBJMOECqI2aoN5CGu8Wym8zNC3Q4JIXaovEglopUS4yQlwsXE0KUjLLtvZhIoBmgl3BWtrs5kswF4DMqajV5EUhZRhtzIJXHqH8UBd9scxqostVNKwThbecEcJMocA9IGhlH7VcGWq8PTcMeXkAi6AItGK9dV7Hf2dBPVDUMSX_qDkKIdUGRcm_IP5m0LsdYgp9wddsXc43NVkHjYdLi2gFv6WeSzy2yrG_hpb7GTx6CW9evPNmfu9BTG3JFXThn39jb5KS-t6paA68GVKOuluyF4k5QSgaHKpB9sFjWjymXLZjMIWPQVjEFhxvU7alBUeWyHBP6McsgddtpRnXGx88DNNsLpL3bQslidlqvnR7D_ijsRYXTRPdgdWPXTKiz8xgrifxc3epQaigGLMHmi5F0H5-Fkgkp9I38mPZAalQndkHgAHBNX5gJdG91C-49Zmiec4LKfgagEtFOYfg9bJi5jTJ_2G0OatdXuIzOLuPWGqxz7IOWAJv-GdwqA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 62F7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=a0cf9363-36ec-21dc-ede7-a460499e5455&tv=%7Bc:rXDlKE,time:1372,type:e,im:%7Bpci:%7Btdr:918%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:85,o:1288,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1279~0,1~100%5D,as:%5B153~0.0,1127~300.250%5D%7D%7D,%7Bsl:i,t:1288,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B84~100%5D,as:%5B84~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:277,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.1627455-73523879%7C181%7C182%7C19.1627455-73523879%7C191%7C192%7C193%7C194%7C195%7C1a*.1627455-73523879%7C1a1%7C1a2%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:33,sis:230%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:08 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.mlive.com%2F-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2Ba%24%3D!!t%2BxBk_lLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-P35B1BNzs6uFgA%3D%3D&sc=1&os=1-0g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1698144364605&de=467810186840&rx=496530464378&cu=1698144364605&m=4051&ar=0c7a73c5c3d-clean&iw=568cc09&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=13519&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1220%3A1220%3A0%3A1730&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205668&na=686692730&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:08 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 24 Oct 2023 10:46:08 GMT
dt
dt.adsafeprotected.com/ Frame 928D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=1df311bb-60bd-5c17-1c99-12f3a40b6bb7&tv=%7Bc:rXDlKR,time:1316,type:e,im:%7Bpci:%7Btdr:869%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:98,o:1218,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1210~0,1~100%5D,as:%5B151~0.0,1060~300.250%5D%7D%7D,%7Bsl:i,t:1218,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B97~100%5D,as:%5B97~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:762,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1627455-73523879%7C181%7C182%7C19.1627455-73523879%7C191%7C192%7C193%7C194%7C195%7C1a.1627455-73523879%7C1a1%7C1a2%7C1a3%7C1b,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:26,sis:596%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:08 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 1616 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=9d162533-ad4e-9438-f46f-53a86e034ce9&tv=%7Bc:rXDlKS,time:1534,type:e,im:%7Bpci:%7Btdr:1061%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:174,o:1360,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:62,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1351~0,0~75%5D,as:%5B1351~300.250%5D%7D%7D,%7Bsl:i,t:1360,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:97,obst:0,th:0,reas:,bkn:%7Bpiv:%5B174~75%5D,as:%5B174~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:393,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.1627455-73523879%7C181%7C182%7C19*.1627455-73523879%7C191%7C192%7C193%7C194%7C1a.1627455-73523879%7C1a1%7C1a2%7C1b,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:64,sis:374%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:08 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B54 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BuRE0bqA3ZdiuNbDhx_APj7ya2AQAAAAAOAHgBAI&bg=!8vGl8b7NAAao7_3LiO87ADQBe5WfODgQyKOwtSM7nboZsA7E-8RX7p8bZ-z522yIwlXr-5knBK9r_9k6pOSoS06wUaupAgAAAiVSAAAABmgBB5kDAOL3aWv_GWl_ZAqKnoAgxzVQLqgOCoSu-b7e8soRVeSD37_HB7SuCue5nHk9A4BGu7C6FF5zycIsVg4hud2W9xSQ4YlVXklst61BwZSQXE3a7KWRglQVjyHEFPeQfBDrZlBFbLr8uqegTAvSj_SaHviyYhYSnE3NCvqo4q13rkbsmQWTuiEKnnLUelGIr-lXq20m6HeRIsEChhU-nEQlXtpkOdLc6ZvdOQyB4clASB1vv1qi0V6cjbUPo6e-ux0czP3WfiG4JmIYqF6_zzqE19RZgiqONG-15Eo__m1LZHZb6TfHfxFnIkdPdn37jrqupYuZMbe6FI1fARfhWEgK01saFChMgvoI9jMvQ8cmTo3hl7LVeDQRoqOjx_hsnj7arFrBeaUnEIlgtioJyxLkZRZTNptAumoh6h1eh8txJuuHxxfhtrJ5tyFKWOVtgwCjHTVTCZ-3dMkUdHCDlcVidCjoKMEqhJYsimY0YlNnaK0OEnnAXKybyw3XYI7eiL4VoIx5D_BVwFxW48sDUH69DzNJqUezEtvFFBwMrlnxsrApAHi0NMiYAEYNQ3-DkXi3HA-jLifcQVGIXSZFsL_X0HIFYWPgihx7Af-9_Y-O2MjA8IPboWiFOYvLdVoWeXztiNUh7dzEN1WK71wav0fbu4tgrCnfOs2LfdHUjq91Au6o_udss863z8Ouqe7cv0WiOpgR3XR6kgDm0Po2R5Pop5xk4C8Pbt2GWaFNUtYKM4sQdo7aMh68SqrVD-REC6tfKD_l5OSxa_AZxXGbNcP1bqTlfquFKeoQwLDUWe1eImkvtAuoMLZwfs5mBNUYnl49Me2KKYPUAumuIqPel1j4K4I8qZhm3a37fpkOQVfzmd0JXUu9WCXOPCt8QfhJVdBPUPcskkUgNfWofJD_Iuh0S-fnjB0DBCtSu_nwb2LyCyBMSEz-cB6vSha7SGDL6kyFIrJBZ5lnIa4-WAPCsL9YNULfrjE4mGkorEVp0JRv5v4JOgFWZUC-2w63iei_-0XRqw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 457B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BD5xJbqA3ZbaBNZPpx_AP6sqg2AQAAAAAOAHgBAI&bg=!RUalRgnNAAao7_3LiO87ADQBe5WfOJoPUtGbskR5aOPtGCdb2XP7gU71-XavmDE04xP3z_yrM5Nb27qsPJSu56mBR9dKAgAAAc9SAAAABmgBBwoAEwAeC3LojcS0mER7FAPEywCgjoGZAwpSL5WwxTaN_cetLpcm-9TW5Cl_74dreD1oQ60_XFeFsHLTct1teVMnwu6BMACxZGCb5dXli_doLETn4fr49CQUBD3PkSyxv7l37iD6jKCPUq-m9MJwtN38R8Hq1JF5wHMj3E0lZW3ixH8R5Jz7K9g_XCvq0GjP4VmvigbLjx7CYaER1atTIwypqg7RM-QmS0o3Wv_OR6rkpMPiWEDLVVMCjMC_iXZuNDIoNYkx24kr1e6lw3BTzlVuXw8cwEDMKwA71qoSfiadKftSI72egt7CNT4WMsm3eQvS6CtaPbHsra8whiQ94aKUSnbASIpZQeCnXmW6KZzfznZW-xZEEczydNaKZdrhuHrz1zPnZm6-cAdpfcvTaUCmcmpPUgwu7B1OVhc5Jkk7QER7J28l2iYvS68dbMOcoKOm802RxEtLmWGaLo1-7K1JTdAWwZjDQobaoeb2ifkxmHZqrjuBUPsLMdw3_nODiS0k5x9aXKKrj0dA4YhXfkWVKhmdYzmDySrQ_WMD-aWDMlMBIaLnBoPjcLd6iV-9O_8_iji-zo1q41N1Hkn8W1QfVJyFphKZDU9PETJiM4niudQILbkByET4myiT5EY-mQ3y14sxEddglvSe5n_VQn_XWgunJHVJ02ODYpIEtBHvjg1XXz4cd4t_8zv8F4HO5HOkw4NxP_WB6BxsE4egM-XcHcmtc2v7icacuIdIo2qjPYuUDaTjGOXEHCcJfbFt42wAsEysMYG5-oyrqMgyIXuM_g7wHjvxlFttcs8vxNFO0VS6y9_HYNBHIeMGqsAdvEC_s5sFqeEixGUhwb8d8B1eXmj48SlN_aT7gCtwCj3Q0n0mxyXzLGq8aT_H9kYaDYC4LDWAtFdhLxjM2D_Y5M2sdPxi6tAP-Qqeo6uMii29l16tPAyF2e3S0IN_T7m-lTRyxKbjRHu9S03uIAU6cdtUXwlhdEgFip5-D63gvbp9T9K5dqOwID4J13jQTej2ENmFCkrKMJAUJwg4SvGi7S87UdhAYqW6BUj9hqT2ZuoFEeLm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 928D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=1df311bb-60bd-5c17-1c99-12f3a40b6bb7&tv=%7Bc:rXDlP0,pingTime:-10,time:1573,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My44OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1698144367878%7C%7C5c989930f8c5b4c53f859a7b2d1a99f7%7C%7Cafe098ab9930c31009b81b3a08e6b29a%7C%7Ccd7099651e15d4c417f15ee9ed091637%7C%7Ccef8366d63cf13c137c6b74ba7c77b4d%7C%7C9bbcb8b69ca4b5b0a5fe0a2348b7cc5e%7C%7C895e0214a3db08da59995a16524517ce%7C%7C1c160dff08978efef8ca68d3b0de6f30%7C%7C1663701684,sca:%7Bspg:9d162533-ad4e-9438-f46f-53a86e034ce9%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:09 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 24 Oct 2023 10:46:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 72B3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6229
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 09:02:20 GMT
expires
Wed, 23 Oct 2024 09:02:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7F57 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7f2ce54fb5c5050c90d1cc013eb2c768e2ba5885635d2bbfe1c0975eb89551a4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LErtH0-e0Np4DY3yCJEJwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-LErtH0-e0Np4DY3yCJEJwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 10:46:09 GMT
expires
Tue, 24 Oct 2023 10:46:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame 72B3 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 07:40:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
11140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Oct 2024 07:40:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7F57 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310180101&jk=2398668466386247&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 72B3 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ztEXOg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1616 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3635101480928&version=m202309260101&ct=76&x=1&cor=3448785722896781000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 928D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=525472522614&version=m202309260101&ct=76&x=1&cor=5605769349746788000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 62F7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7788644533979&version=m202309260101&ct=76&x=1&cor=16989405773401133000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 1616 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=9d162533-ad4e-9438-f46f-53a86e034ce9&tv=%7Bc:rXDlYg,pingTime:1,time:2364,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:62%7D,%7Bpiv:97,vs:i,r:,t:1360%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1004,o:1360,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:62,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1351~0,0~75%5D,as:%5B1351~300.250%5D%7D%7D,%7Bsl:i,t:1360,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:97,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1004~75%5D,as:%5B1004~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:185,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.1627455-73523879%7C181%7C182%7C19*.1627455-73523879%7C191%7C192%7C193%7C194%7C1a.1627455-73523879%7C1a1%7C1a2%7C1b,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:64,sis:374%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:09 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 928D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=1df311bb-60bd-5c17-1c99-12f3a40b6bb7&tv=%7Bc:rXDlZq,pingTime:1,time:2219,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D,%7Br:r,w:300,h:250,t:159%7D,%7Bpiv:100,vs:i,r:,t:1218%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1218,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1210~0,1~100%5D,as:%5B151~0.0,1060~300.250%5D%7D%7D,%7Bsl:i,t:1218,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:195,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1627455-73523879%7C181%7C182%7C19.1627455-73523879%7C191%7C192%7C193%7C194%7C195%7C1a.1627455-73523879%7C1a1%7C1a2%7C1a3%7C1b,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:26,sis:596%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:09 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 928D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=1df311bb-60bd-5c17-1c99-12f3a40b6bb7&tv=%7Bc:rXDlZr,pingTime:1,time:2220,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D,%7Br:r,w:300,h:250,t:159%7D,%7Bpiv:100,vs:i,r:,t:1218%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1218,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1210~0,1~100%5D,as:%5B151~0.0,1060~300.250%5D%7D%7D,%7Bsl:i,t:1218,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:195,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1627455-73523879%7C181%7C182%7C19.1627455-73523879%7C191%7C192%7C193%7C194%7C195%7C1a.1627455-73523879%7C1a1%7C1a2%7C1a3%7C1b,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:26,sis:596%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:09 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 62F7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=a0cf9363-36ec-21dc-ede7-a460499e5455&tv=%7Bc:rXDlZs,pingTime:1,time:2290,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:27%7D,%7Br:r,w:300,h:250,t:162%7D,%7Bpiv:100,vs:i,r:,t:1288%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1288,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1279~0,1~100%5D,as:%5B153~0.0,1127~300.250%5D%7D%7D,%7Bsl:i,t:1288,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:183,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.1627455-73523879%7C181%7C182%7C19.1627455-73523879%7C191%7C192%7C193%7C194%7C195%7C1a*.1627455-73523879%7C1a1%7C1a2%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:33,sis:230%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:09 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 62F7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=a0cf9363-36ec-21dc-ede7-a460499e5455&tv=%7Bc:rXDlZt,pingTime:1,time:2291,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:27%7D,%7Br:r,w:300,h:250,t:162%7D,%7Bpiv:100,vs:i,r:,t:1288%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1003,o:1288,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1279~0,1~100%5D,as:%5B153~0.0,1127~300.250%5D%7D%7D,%7Bsl:i,t:1288,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:183,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.1627455-73523879%7C181%7C182%7C19.1627455-73523879%7C191%7C192%7C193%7C194%7C195%7C1a*.1627455-73523879%7C1a1%7C1a2%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:33,sis:230%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:09 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
clientConfigurations.js
buy.tinypass.com/api/v3/anon/assets/ 		266 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/clientConfigurations.js?aid=8Gu2Z8RCvZ&tbc=%7Bkpex%7DTBd2oiLY2PJ91GXlIB_n2LkI993BTOPkSczvzpXpBY-eHqX2PJilglda91ubTy3t&user_provider=piano_id_lite&user_token=
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99b0e34615279026f36c9dde4b1dfa30b78f15801b1c817e5624ddc3fe7d0814
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:09 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
MISS
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mxk413seLWg
wn
prod-dash-10-0-89-151
last-modified
Tue, 24 Oct 2023 10:46:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.006
cache-control
public, max-age=14400
cf-ray
81b1a267caa630ed-FRA
expires
Tue, 24 Oct 2023 14:46:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310180101&jk=2398668466386247&bg=!a2ilaCfNAAaMkNwkrJA7ADQBe5WfOJm-GHh1nI7GFOq5sgTUZn7YJfntyIij0bD5-hN4lXF7yoWkZLgM5ScvvHsTvc8tAgAAAJhSAAAABGgBB5kCtJPP7JPdcfogwXtApWS2-vhAYJT26n_dlacyeBRmbJUTyvXZAzviXKj7RqFX6zgE-RyJZzFPOrW3IPg5salMYoU3r2IIiRc1lN_yiBU9S9upX6SYU1FbRR0ekLmd-46MzbBCrPaLz1uth5ch-tnGHj-XYX3vK2zxHnByzOKoQirjOO7ZMt9qktctyXD3R_6Odt-OoY1FcbwxILJtYjD7xqNssZucqGnLH6ZNfNkvfOEvAq2wtYKuyZay-OeHp6_1ahuMXjqx46NZbRsunUU8Y1c82IVR6Z4K8C4y0kJonzxX9eRGk8iJxyZCKAXGBTIH16-glu9408BxXQJ-wlDcj12-9poZqmC-iPUvdH3R8jn-J6PMUl9ljl4O5bwAcaSyRYR3Oj2rkjE2ejoKxTqmi63loXoLccfK2_DsIdMECpABrQru8m7UP_PBBt-B2_2LGBUmkljBUi2Bu24d8aktJQjKvJ_ZRaKOaXqUVi6JY0alru6oE-4godclVbr9Jv79EPW36swXL_ougSNe5g4W-_oUT478JmftbYoEhVN0M0FZxcwLAoFCSVBg0HvzQ4B6VJiUFEUhVw_5rJWKIbGUpAjYwlMnopCWeJbNNvgBle7xsonLQO98RC-lbeggT0peQ45BOcvwIcP3D8GbWWz9-0ET6oRmclLqFs6-WjjDRDeoaz-RRL__6mg_mgS4vUX5YK_aw0220zkT0YrZSAK8coWI8pGiGYsw7a1N4l_Ris_VRbRmTaqBnM_3cw-2n2_Fm5PDT3MqxE0aFJFm0tktAE8613HzztroOFj9SZ4dDT6Jv4tyP-c4FQBZ41H4RSGUiBWdtqLcZGE9NH1Mp_v7GJtrUplwUbuV-QSVY4ehBMtR36EkN1mOGNptqMM3mkwljucwJTitEJz0OTyD0NAQAzzStiyT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
envelope
lexicon.33across.com/v1/ 		49 B
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000001PAW0LAAX&gdpr=0&src=pbjs&ver=8.17.0&coppa=0&us_privacy=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 24 Oct 2023 10:46:10 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
prebid
id5-sync.com/api/config/ 		135 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Tue, 24 Oct 2023 10:46:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
3723
idx.liadm.com/idex/prebid/ 		0
310 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/3723?duid=94c49eadf2ac--01hdgmna95jtpzaanmc19emtt7&resolve=nonId&resolve=uid2&resolve=index&resolve=magnite&resolve=medianet&resolve=bidswitch
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.156.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-156-171.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Tue, 24 Oct 2023 10:46:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
trace-id
62947dc0e9ae960a
vary
Origin
request-time
0
id
id.crwdcntrl.net/ 		43 B
314 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.195.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-195-217.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:10 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.2.8
access-control-allow-credentials
true
content-length
43
expires
0
envelope
api.rlcdn.com/api/identity/ 		0
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 24 Oct 2023 10:46:11 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6FA3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=49855
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 24 Oct 2023 10:46:11 GMT
expires
Wed, 25 Oct 2023 00:37:06 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 06CF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2212ff38ecc4a2368410712b5020074179a1a580d38d99e5b315deebafbc80a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=85721
content-encoding
gzip
content-length
8021
content-type
text/html; charset=UTF-8
date
Tue, 24 Oct 2023 10:46:11 GMT
expires
Wed, 25 Oct 2023 10:34:52 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame F2D5 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
79
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81b1a26ebcd1697b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 24 Oct 2023 10:46:11 GMT
expires
Tue, 24 Oct 2023 14:46:11 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 19BC 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Oct 2023 10:46:11 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cm
trc.taboola.com/sg/prebidJS/1/ 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/prebidJS/1/cm?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
12
date
Tue, 24 Oct 2023 10:46:11 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
10523
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230057-FRA
pragma
no-cache
server
nginx
x-timer
S1698144371.209533,VS0,VE12
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
usersync
match.adsrvr.org/track/ 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:10 GMT
server
Kestrel
content-length
70
content-type
image/gif
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
7c43dbd339fa29c64002ce5d60b9b52ea3df1a9019fa9d514d1b862ffaa0ef83
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Tue, 24 Oct 2023 10:46:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
392.json
id5-sync.com/g/v2/ 		276 B
554 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/392.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
02b0fb2b258353469f6cbfd93c79494f01e0c6dabf636f19e44c2045ab14d8fa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Tue, 24 Oct 2023 10:46:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 19BC 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 10:46:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2023 15:57:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18654
Connection
keep-alive
Content-Length
11097
Expires
Tue, 24 Oct 2023 15:57:05 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 6FA3 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=67971308&p=159879&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f85495311ca8d17b645cabbc66e3697d4411cdadb040c14f8d02009a9d52d1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 24 Oct 2023 10:46:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame 3770 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e5acdcbf1715ebd5afa5e15137232ccbdcb8356f080832a4b4516b9d5f0f309

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81b1a26fce3303d0-FRA
content-encoding
br
content-type
text/html
date
Tue, 24 Oct 2023 10:46:11 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUozHPRDLnSMIXKxUpfP45ff7dxLIqln9sa9GRo8Mspcqsqs%2F3%2FmpUbP5OdDeGHx%2Fujm25jQTfDuFq5zLRDfu%2Fct862NZDCRNMI%2B9kCvOhG37RC%2BYuxBywYvJIlX2Qv6nBVTdhOw5KzQGw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame 19BC 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 798A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 10:46:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 10:46:10 GMT
expires
Tue, 24 Oct 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
521559
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 82F4
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F7E02589-AD28-4407-8CD4-71C1A6737A96&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F7E02589-AD28-4407-8CD4-71C1A6737A96&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F7E02589-AD28-4407-8CD4-71C1A6737A96&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 24 Oct 2023 10:46:11 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
BKHP43Q19B1JXFSQ94ZX

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 24 Oct 2023 10:46:11 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F7E02589-AD28-4407-8CD4-71C1A6737A96&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
QGFGKQBQ75V3GWADQ98Q
Pug
image2.pubmatic.com/AdServer/ Frame 1216
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MnhZvWV9Xbkpfly-PX5H62B_We8pfFO_Nn6atMG_
42 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MnhZvWV9Xbkpfly-PX5H62B_We8pfFO_Nn6atMG_
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 10:46:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 24 Oct 2023 10:46:11 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MnhZvWV9Xbkpfly-PX5H62B_We8pfFO_Nn6atMG_
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6FA3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9-Alia0oRAeM1HHBpnN6lg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:11 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=49855
accept-ranges
bytes
content-length
5606
expires
Wed, 25 Oct 2023 00:37:06 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 6FA3 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F7E02589-AD28-4407-8CD4-71C1A6737A96&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.194.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-194-117.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:11 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.19.239
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 6FA3
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3178064303
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F7E02589-AD28-4407-8CD4-71C1A6737A96
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F7E02589-AD28-4407-8CD4-71C1A6737A96
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:10 GMT
via
1.1 google
last-modified
Tue, 24 Oct 2023 10:46:11 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F7E02589-AD28-4407-8CD4-71C1A6737A96
date
Tue, 24 Oct 2023 10:46:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 6FA3
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F7E02589-AD28-4407-8CD4-71C1A6737A96
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OGdkM3liUkJNMHlTYUd5TlNjNkt0Y2lRUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=495642018782524576&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
54.172.79.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-79-116.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Tue, 24 Oct 2023 10:46:12 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 24 Oct 2023 10:46:11 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 6FA3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjdFMDI1ODktQUQyOC00NDA3LThDRDQtNzFDMUE2NzM3QTk2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 10:46:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 6FA3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDHniUyDtLRPK-TxJixtnAk&google_cver=1
42 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDHniUyDtLRPK-TxJixtnAk&google_cver=1
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 10:46:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDHniUyDtLRPK-TxJixtnAk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 6FA3 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 23 Oct 2023 10:46:11 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6FA3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2209110177565714097
42 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2209110177565714097
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 10:46:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2209110177565714097
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 6FA3 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:11 GMT
server
Kestrel
content-length
70
content-type
image/gif
F7E02589-AD28-4407-8CD4-71C1A6737A96
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6FA3 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/F7E02589-AD28-4407-8CD4-71C1A6737A96?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:865d:cd9c:e13b:6712 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 6FA3 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F7E02589-AD28-4407-8CD4-71C1A6737A96&redir=true&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:11 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dcm
s.amazon-adsystem.com/ Frame 3770
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTegbh883pkn0q5MHzKmaAAADJwAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTegbh883pkn0q5MHzKmaAAADJwAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTegbh883pkn0q5MHzKmaAAADJwAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 24 Oct 2023 10:46:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M6F17G7FX6AT24H1XWC5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 24 Oct 2023 10:46:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y6KYNZET4WKF5NVGVB2E
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTegbh883pkn0q5MHzKmaAAADJwAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 3770 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:11 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 3770
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTegbh883pkn0q5MHzKmaAAADJwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN0SIY5GvPFZfKgHc_eqvMg&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN0SIY5GvPFZfKgHc_eqvMg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPdIPu1KeO4xqrDr%2B2ADTb1HQuwFN7hv1Ao8VCqmxSu%2F0WXndhyoqCsgh%2Fp0xSDLFhaVLlQZx4G10PNp5Ep1JWDhV3db4L0h5cOhusZLbzkf66tKlrGaq7T6PuHRuQpHXu8WNWMXJ%2FyWEg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81b1a2703ee403d0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN0SIY5GvPFZfKgHc_eqvMg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
501709.gif
idsync.rlcdn.com/ Frame 3770
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTegbh883pkn0q5MHzKmaAAA%263228&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4328567470604416477
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e61cab99-4f36-41e8-af29-a4ab000e8c11
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=97445181-b32e-464d-866c-6ddf387b6f27%3A1698144371.967899&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D97445181-b32e-464d-866c-6ddf387b...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336725915444250&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D97445181-b32e-464d-86...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=97445181-b32e-464d-866c-6ddf387b6f27%3A1698144371.967899&_=1698144371.9708557
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=97445181-b32e-464d-866c-6ddf387b6f27%3A1698144371.967899&_=1698144371.9708557
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:12 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Tue, 24 Oct 2023 10:46:12 GMT
via
1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA56-C2
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=97445181-b32e-464d-866c-6ddf387b6f27%3A1698144371.967899&_=1698144371.9708557
content-length
445
x-amz-cf-id
PF7w6aZMJBygZ-yBclXfAoIlz-ely1LBRnH-wMVpRIzx69cf7KXMSQ==
crum
dsum-sec.casalemedia.com/ Frame 3770
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=495642018782524576&expiration=1699353971
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=495642018782524576&expiration=1699353971
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmiyjjDzl67NZwzDx8IgNxovI5r4OR6QVVQdn%2F87sNm%2BBno7OhgU4612d6lYeyEU7RBlgUGDY5%2FxIjDt8lgU3WoslkVQy0W49Z2BFdAewci14E7fvF8gafWIOpV2aIggnKKUo%2BqXoQMSkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81b1a27158b403d0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=495642018782524576&expiration=1699353971
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
bridge
cm.adgrx.com/ Frame 3770 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:11 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-3
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 3770
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336725915444250
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336725915444250
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oaoks6xMxnRwKXb61GOosacWA1%2B6YxI66vgDQV%2BetpBMUpaY9wvPHp5Z1LuBpc6yFOTqGU0fgzegZe1%2Bc5I80MjQu0R%2BQsoQ%2FINmYovGsuM4ofHtO7me%2BmwZGeSR8zbl%2BHZ5fk34Ya%2BzGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81b1a271388203d0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336725915444250
Date
Tue, 24 Oct 2023 10:46:11 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame 3770
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4328567470604416477
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4328567470604416477
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFrPcfQz%2BsumGrto05bGUdCVV5IJmqK%2BeSZTkH80Nza%2FW05cEv35Pd6TnDiHo5MOVuVdSIRCjqVqFzkUSm2jCnKT%2FvlPU8rU6t%2FSypQQDsliKZkklGiS4%2BoTcGx59O6PyCdiqH8kbR6DAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81b1a2703eda03d0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4328567470604416477
pragma
no-cache
date
Tue, 24 Oct 2023 10:46:10 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
htw-pixel.gif
cdn.indexww.com/ht/ Frame 3770 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZTegbh883pkn0q5MHzKmaAAA%263228
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:11 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
44986
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
81b1a2702e3b697b-FRA
content-length
43
expires
Wed, 25 Oct 2023 10:46:11 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=45je3an0&_p=1921934849&gdid=dYWJhMj&cid=1618411612.1698144365&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dp=%2F&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1698144364&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 6FA3 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159879&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ Frame 1616 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=9d162533-ad4e-9438-f46f-53a86e034ce9&tv=%7Bc:rXDn0J,pingTime:5,time:6361,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:62%7D,%7Bpiv:97,vs:i,r:,t:1360%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1360,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:62,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1351~0,0~75%5D,as:%5B1351~300.250%5D%7D%7D,%7Bsl:i,t:1360,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:97,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~75%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:181,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.1627455-73523879%7C181%7C182%7C19*.1627455-73523879%7C191%7C192%7C193%7C194%7C1a.1627455-73523879%7C1a1%7C1a2%7C1b,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:64,sis:374%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:13 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 928D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=1df311bb-60bd-5c17-1c99-12f3a40b6bb7&tv=%7Bc:rXDn1Y,pingTime:5,time:6221,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D,%7Br:r,w:300,h:250,t:159%7D,%7Bpiv:100,vs:i,r:,t:1218%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5003,o:1218,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1210~0,1~100%5D,as:%5B151~0.0,1060~300.250%5D%7D%7D,%7Bsl:i,t:1218,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:188,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1627455-73523879%7C181%7C182%7C19.1627455-73523879%7C191%7C192%7C193%7C194%7C195%7C1a.1627455-73523879%7C1a1%7C1a2%7C1a3%7C1b,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:26,sis:596%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:13 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 928D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=1df311bb-60bd-5c17-1c99-12f3a40b6bb7&tv=%7Bc:rXDn1Y,pingTime:5,time:6221,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D,%7Br:r,w:300,h:250,t:159%7D,%7Bpiv:100,vs:i,r:,t:1218%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5003,o:1218,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1210~0,1~100%5D,as:%5B151~0.0,1060~300.250%5D%7D%7D,%7Bsl:i,t:1218,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:188,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18*.1627455-73523879%7C181%7C182%7C19.1627455-73523879%7C191%7C192%7C193%7C194%7C195%7C1a.1627455-73523879%7C1a1%7C1a2%7C1a3%7C1b,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:26,sis:596%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:13 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 62F7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=a0cf9363-36ec-21dc-ede7-a460499e5455&tv=%7Bc:rXDn20,pingTime:5,time:6292,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:27%7D,%7Br:r,w:300,h:250,t:162%7D,%7Bpiv:100,vs:i,r:,t:1288%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5004,o:1288,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1279~0,1~100%5D,as:%5B153~0.0,1127~300.250%5D%7D%7D,%7Bsl:i,t:1288,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5003~100%5D,as:%5B5003~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:188,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.1627455-73523879%7C181%7C182%7C19.1627455-73523879%7C191%7C192%7C193%7C194%7C195%7C1a*.1627455-73523879%7C1a1%7C1a2%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:33,sis:230%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:13 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 62F7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=a0cf9363-36ec-21dc-ede7-a460499e5455&tv=%7Bc:rXDn21,pingTime:5,time:6293,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:27%7D,%7Br:r,w:300,h:250,t:162%7D,%7Bpiv:100,vs:i,r:,t:1288%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5005,o:1288,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1279~0,1~100%5D,as:%5B153~0.0,1127~300.250%5D%7D%7D,%7Bsl:i,t:1288,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5004~100%5D,as:%5B5004~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:188,fm:tTBeHP2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18.1627455-73523879%7C181%7C182%7C19.1627455-73523879%7C191%7C192%7C193%7C194%7C195%7C1a*.1627455-73523879%7C1a1%7C1a2%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:33,sis:230%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:dc6d:1d37:b6db:4601 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:13 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2Ba%24%3D!!t%2BxBk_lLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xSErBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-P35B1BNzs6uFgA%3D%3D&sc=1&os=1-0g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=13519&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=13519&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1698144364605&de=467810186840&rx=496530464378&cu=1698144364605&m=9199&ar=0c7a73c5c3d-clean&iw=568cc09&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1220%3A1220%3A6504%3A1730&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5095&cd=0&ah=5095&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205668&na=333192287&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 24 Oct 2023 10:46:13 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 6FA3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70218230&p=159879&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
86f1ea4f76a7ffca0e9c0761bd162d9de9be861557d1756c5d69713796cdc9ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 24 Oct 2023 10:46:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 5F18 		35 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=F7E02589-AD28-4407-8CD4-71C1A6737A96&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 24 Oct 2023 10:46:14 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 2E02
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7935742583793311957&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7935742583793311957&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 10:46:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
58bbbe76-993c-46dc-a42e-2ce1f3433db9
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 24 Oct 2023 10:46:14 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7935742583793311957&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
178.162.209.132; 178.162.209.132; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9CBE
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293474550224189585&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293474550224189585&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 24 Oct 2023 10:46:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 24 Oct 2023 10:46:14 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7293474550224189585&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
pool.admedo.com/ Frame 8271
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=87a34052-4fb4-4a84-9718-66424af25c95
0
0
sync
sync.srv.stackadapt.com/ Frame 1943 		0
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 66D3 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 24 Oct 2023 10:46:14 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230040-FRA
x-timer
S1698144374.212834,VS0,VE94
pixel
cm.g.doubleclick.net/ Frame B3D3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFETW5FN0tiMEVBQUJpeUVEMFB3dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame BEB5
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 24 Oct 2023 10:46:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 24 Oct 2023 10:46:14 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
mw
mwzeom.zeotap.com/ Frame 6FA3 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=F7E02589-AD28-4407-8CD4-71C1A6737A96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 10:46:14 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
81b1a2830f4a2bd3-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 6FA3
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F7E02589-AD28-4407-8CD4-71C1A6737A96&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F7E02589-AD28-4407-8CD4-71C1A6737A96&sInitiator=external&gdpr=0&gdpr_consent=
0
0
/
pixel.onaudience.com/ Frame 6FA3 		0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6FA3 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 -, , ASN (),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 24 Oct 2023 10:46:14 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6FA3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4328567470604416477&gdpr=0&gdpr_consent=&us_privacy=
1 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4328567470604416477&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 24 Oct 2023 10:46:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4328567470604416477&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 24 Oct 2023 10:46:13 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 6FA3 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F7E02589-AD28-4407-8CD4-71C1A6737A96&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Oct 2023 10:46:14 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pool.admedo.com
URL
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=87a34052-4fb4-4a84-9718-66424af25c95
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFETW5FN0tiMEVBQUJpeUVEMFB3dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F7E02589-AD28-4407-8CD4-71C1A6737A96&sInitiator=external&gdpr=0&gdpr_consent=
Domain
pixel.onaudience.com
URL
https://pixel.onaudience.com/?partner=214&mapped=F7E02589-AD28-4407-8CD4-71C1A6737A96&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

675 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 function| admiral object| googletag object| sophi number| a object| sophiSegments object| BOOMR_mq string| BOOMR_API_key object| BOOMR string| environment object| adiData object| dataLayer function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| OneTrustStub function| 4dm1r11545242527 object| $OPHI_GN function| sophiTag object| Snowplow object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| Fusion object| idl object| teads_analytics string| bcHostname object| pArray function| adiGetLotameValue number| times function| waitFor object| lotameSegments object| atsScript boolean| isOriginalIDL undefined| revgenDebug string| bcAffiliateProp string| logStyle function| handleProfileProperties function| debouncedHandleProfileProperties function| loadValuesFromBlueConic function| debounce function| storeIDLInfo function| setOriginalIDL function| retry function| retryGetProfileProps function| emitIDLInfo function| retryEmitIDLInfo function| setLiveRampsIDL function| waitForBcPageView function| waitForATS function| waitForAuth0 function| waitForWall function| waitForBC function| pathValue object| IDLExists object| isIDLReportingPending object| isProfileUpdatePending object| atsPromise object| profilePromise object| loginAuth0Promise object| emailWallPromise object| pianoScript object| otStubData object| react object| React function| setImmediate function| clearImmediate object| ReactDOM object| PropTypes object| StyledComponents object| adiTrackPromise object| adiTrack object| regeneratorRuntime function| iFrameResize function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| otCcpaOptOut function| dnsfeed string| GoogleAnalyticsObject function| ga object| PARSELY object| ntv undefined| debug function| removeHash function| debugLog function| backfillNativo object| clientScript object| _comscore function| fbq function| _fbq string| meterContentType function| twq object| _linkedin_data_partner_ids boolean| _already_called_lintrk object| CDP object| apstag object| pbjs boolean| bcDFPCallbackCalled function| bcDFPCallback object| lotame_963 object| AdManager function| setAdiDataAffiliateMarket function| adhesionInit object| Advance object| tp object| SWG object| __otccpaooLocation object| blueConicPreListeners function| BCClass object| blueConicClient object| SUBSCRIPTIONS object| atsenvelopemodule object| fbcapimodule object| ats undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| gaplugins object| COMSCORE object| ns_p object| twttr object| process object| ggeac object| google_js_reporting_queue object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadedadvanceddigitalheader640552616592 function| lotameIsCompatible function| lt963_ba function| lt963_b undefined| lt963_c undefined| lt963_ca undefined| lt963_da function| lt963_ea object| lt963_e function| lt963_fa function| lt963_g function| lt963_ha object| lt963_ object| lt963_na object| lt963_oa object| lt963_Oa object| lt963_Ya object| lt963_Za object| lt963_7 function| lt963_aa function| lt963_a function| lt963_d function| lt963_f function| lt963_h function| lt963_ga function| lt963_ia function| lt963_i function| lt963_ja function| lt963_j function| lt963_k function| lt963_l function| lt963_m function| lt963_n function| lt963_la function| lt963_ka function| lt963_o function| lt963_p function| lt963_ma function| lt963_q function| lt963_r function| lt963_s function| lt963_t function| lt963_u function| lt963_sa function| lt963_pa function| lt963_qa function| lt963_w function| lt963_ra function| lt963_x function| lt963_y function| lt963_z function| lt963_A function| lt963_v function| lt963_B function| lt963_C function| lt963_ta function| lt963_D function| lt963_E function| lt963_ua function| lt963_F function| lt963_G function| lt963_va function| lt963_H function| lt963_I function| lt963_J function| lt963_wa function| lt963_L function| lt963_M function| lt963_K function| lt963_xa function| lt963_ya function| lt963_N function| lt963_za function| lt963_Aa function| lt963_Ba function| lt963_Ca function| lt963_Da function| lt963_Ea function| lt963_Fa function| lt963_Ja function| lt963_Ga function| lt963_Ha function| lt963_Ia function| lt963_Ka function| lt963_Ma function| lt963_La function| lt963_Na function| lt963_O function| lt963_Pa function| lt963_Qa function| lt963_Ra function| lt963_Sa function| lt963_Ta function| lt963_Ua function| lt963_Va function| lt963_Wa function| lt963_Xa function| lt963_P function| lt963__a function| lt963_0a function| lt963_1a function| lt963_Q function| lt963_R function| lt963_2a function| lt963_S function| lt963_T function| lt963_3a function| lt963_4a function| lt963_5a function| lt963_U function| lt963_V function| lt963_W function| lt963_X function| lt963_Y function| lt963_6a function| lt963_9a function| lt963_8a function| lt963_7a function| lt963_Z function| lt963__ function| lt963_0 function| lt963_1 function| lt963_4 function| lt963_ab function| lt963_cb function| lt963_bb function| lt963_eb function| lt963_db function| lt963_2 function| lt963_gb function| lt963_ib function| lt963_hb function| lt963_3 function| lt963_$a function| lt963_fb function| lt963_jb function| lt963_kb function| lt963_lb function| lt963_mb function| lt963_5 function| lt963_6 function| lt963_nb function| lt963_ob function| lt963_pb function| lt963_qb function| lt963_rb function| lt963_sb function| lt963_tb function| lt963_ub function| lt963_vb function| lt963_wb function| lt963_8 function| lt963_zb function| lt963_Ab function| lt963_yb function| lt963_xb function| lt963_Cb function| lt963_Bb function| lt963_Eb function| lt963_Db function| lt963_Fb function| lt963_Gb function| lt963_Hb function| lt963_Ib function| lt963_Jb function| lt963_Kb function| lt963_Mb function| lt963_Pb function| lt963_Ob function| lt963_Lb function| lt963_Sb function| lt963_Nb function| lt963_Qb function| lt963_Ub function| lt963_Tb function| lt963_Vb function| lt963_Rb function| lt963_Wb function| lt963_Xb function| lt963_Yb function| lt963_9 function| lt963_Zb function| lt963__b function| lt963_0b function| lt963_1b function| lt963_2b function| lt963_$ function| lt963_3b function| lt963_4b function| lt963_5b function| lt963_6b function| lt963_7b function| lt963_8b function| lt963_9b function| lt963_$b function| lt963_bc function| lt963_cc function| lt963_dc function| lt963_ac number| BOOMR_configt object| pbjsChunk object| _pbjsGlobals object| mnet object| liQ_instances object| _aps boolean| apstagLOADED object| apscustom function| onYouTubeIframeAPIReady object| gaGlobal undefined| nQuery number| ntvLoadStart object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| _mather number| _zid object| _matherq object| tid object| default_gsi object| _F_toggles object| google object| closure_lm_814766 object| __G_ID_CLIENT__ object| lotame_sync_16576 object| Optanon object| OneTrust function| gtag string| OnetrustActiveGroups string| OptanonActiveGroups function| lintrk object| gaData function| _typeof string| url string| ptitle object| bc_json579 boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion function| ___tp undefined| google_measure_js_timing number| google_unique_id function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| PublisherCommonId object| ID5 object| __id5_instances function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_143 object| Criteo object| Criteo_identitytag_143 object| ox_esp object| _33across object| currentSegments object| segmentWhiteList object| filteredSegments object| filteredAudGov object| filteredAudIndividual object| filteredAudVoter object| filteredAudMVD object| filteredAudMayoral object| filteredAudMidterm2022 function| $ object| _bcp function| RuleService function| BlueConicEngagement object| justDetectAdblock object| bcConnectionUtil function| BlueConicDataLayerUtility function| md5 string| _contentURL string| _title object| bcSegmentsArray number| bcchunkSize number| num string| chunkString object| bcGASegment string| bcGASegmentName undefined| dcrSegmentsMI object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| bc_json580 object| PianoESPConfig number| BOOMR_onload object| GoogleGcLKhOms object| google_image_requests

129 Cookies

Domain/Path Name / Value
h312.mlive.com/DG/DEFAULT Name: BCSessionID
Value: f7fa1be7-402c-4871-96a8-88c4d258ed1e
advancelocal.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: f7fa1be7-402c-4871-96a8-88c4d258ed1e
.liadm.com/j Name: lidid
Value: e61cab99-4f36-41e8-af29-a4ab000e8c11
i.liadm.com/s Name: _li_ss
Value: ChAKBgjSARCqFgoGCKIBEKoW
sign-verifyaccountamazonqupctex.duckdns.org/ Name: PHPSESSID
Value: d8709633153cfc8b8f8b5bf05c8b3f8e
.mlive.com/ Name: AKA_A2
Value: A
.mlive.com/ Name: sophiTagses.073a
Value: *
.mlive.com/ Name: sophiTagid.073a
Value: 601e7fea-479f-4b39-a0cb-bc094e6ab23f.1698144364.1.1698144364.1698144364.55ffa257-e5b0-4337-a601-c57cff978c75
.mlive.com/ Name: _sp_duid
Value: 601e7fea-479f-4b39-a0cb-bc094e6ab23f
.mlive.com/ Name: _gcl_au
Value: 1.1.1962999585.1698144364
.mlive.com/ Name: utag_vnum
Value: 1700736364046&vn=1
.mlive.com/ Name: utag_invisit
Value: true
.mlive.com/ Name: utag_dslv_s
Value: Less than 1 day
www.mlive.com/ Name: last_visit_bc
Value: 1698144364579
.mlive.com/ Name: lotame_domain_check
Value: mlive.com
.t.co/ Name: muc_ads
Value: 46c851bc-ab69-444a-8a68-5211402d8fe3
.twitter.com/ Name: guest_id_marketing
Value: v1%3A169814436477280393
.twitter.com/ Name: guest_id_ads
Value: v1%3A169814436477280393
.twitter.com/ Name: personalization_id
Value: "v1_CGrZn0Hm8yJN2SLPSrV3NA=="
.twitter.com/ Name: guest_id
Value: v1%3A169814436477280393
.mlive.com/ Name: _li_dcdm_c
Value: .mlive.com
.mlive.com/ Name: _lc2_fpi
Value: 94c49eadf2ac--01hdgmna95jtpzaanmc19emtt7
.mlive.com/ Name: pbjs_sharedId
Value: f298be92-ef5d-4a36-97d8-ddb0f3b74bca
.mlive.com/ Name: _ml_ses
Value: *
.mlive.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.mlive.com/ Name: _ga
Value: GA1.2.1618411612.1698144365
.mlive.com/ Name: _gid
Value: GA1.2.816436110.1698144365
.mlive.com/ Name: _gat_UA-16643585-16
Value: 1
.mlive.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.mlive.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1698144365186%2C%22slts%22:0}
.mlive.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=336843c63610af2fcd7a72c371fc146e%22%2C%22session_count%22:1%2C%22last_session_ts%22:1698144365186}
www.mlive.com/ Name: usprivacy
Value: 1---
www.mlive.com/ Name: _lr_geo_location_state
Value: BW
www.mlive.com/ Name: _lr_geo_location
Value: DE
www.mlive.com/ Name: authsource_origin
Value: false
.linkedin.com/ Name: li_sugr
Value: bba2df62-5bf8-4bfc-8344-2da664a3cc84
.linkedin.com/ Name: bcookie
Value: "v=2&4be1329f-ece0-4555-87c6-d69f335c0af7"
.linkedin.com/ Name: lidc
Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2856:u=1:x=1:i=1698144365:t=1698230765:v=2:sig=AQF4EQ7ohPipthdiLcyg2qk18Hv-TOzx"
.postrelease.com/ Name: opt_out
Value: 1
.mlive.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Oct+24+2023+12%3A46%3A05+GMT%2B0200+(Central+European+Summer+Time)&version=202309.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=a63fb69c-cf1d-4774-a519-50d41c716ef3&interactionCount=0&landingPath=https%3A%2F%2Fwww.mlive.com%2F&groups=1912%3A0%2CC0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0
.mlive.com/ Name: _fbp
Value: fb.1.1698144365516.591892973
.linkedin.com/ Name: UserMatchHistory
Value: AQICeDQfSbRbeQAAAYthSqudu1WnVWtU4QVO7qgeJUAt6opXv1sl8s3G8UjraO7Kfd37bfysaqHrzA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJvmgygZkP51wAAAYthSqudEv7vKAjReX9lYk4Ht514bkmK2cL3vHFXfAxaDE0oiCpR-UbTsmCGF5uwHDbgTQ
.mlive.com/ Name: __gads
Value: ID=3e7347e3a79fb19c:T=1698144365:RT=1698144365:S=ALNI_MaFnZgL5sj14GK7nrxAn0E_faY4dQ
.mlive.com/ Name: __gpi
Value: UID=00000ca19d086579:T=1698144365:RT=1698144365:S=ALNI_MaeUuIkOCPGhqQm4pPPBicv3U1LBg
www.mlive.com/ Name: ntvSession
Value: {"id":689486,"placementID":773533,"lastInteraction":1698144365577,"sessionStart":1698144365577,"sessionEndDate":1698184800000,"experiment":""}
.criteo.com/ Name: uid
Value: d2c0f724-5077-4db2-91fa-4c5329485248
.www.linkedin.com/ Name: bscookie
Value: "v=1&20231024104605ee39afaf-9093-4467-897a-53579d95ef06AQGAtQvhg6kpvfQiYtSq8-mmaFzoU_uX"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTgxNDQzNjU7MjswMjEFXPL7NuWW8Z/XY1prrw+BHVSyzK8aNa8NmEhDlljrfQ==
.liadm.com/ Name: lidid
Value: e61cab99-4f36-41e8-af29-a4ab000e8c11
.mlive.com/ Name: _awl
Value: 2.1698144365.5-c859b8fa53d78b549f803115952d1ccc-6763652d6575726f70652d7765737431-0
.openx.net/ Name: i
Value: b7eaa448-0b70-4a66-82fe-c6c7227c361c|1698144365
.mlive.com/ Name: cto_bundle
Value: 8IWl6l9BSW0zbiUyQlFoWHZJVm1nQ3FTNE1yS0lRYzZ1Q2NEM2E5NlF5VUclMkIzdGRTYkNCMm8lMkYxS3FUa2N6YkNHd203ZU5pQmUwQkNkQkxxVGtYMlFHZWcwcW16ZElhMlBJb3V2V1JGUzlZNk1vTzBCaTN1JTJGVUhnVXZnTXBDQXhtcER6YyUyRktBcXpzVXNNazklMkY2RzJTZWFUemwyYlElM0QlM0Q
.rubiconproject.com/ Name: khaos
Value: LO47B6F5-L-D0MP
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoT2/BAlprQHC+IXqvPVzt4X6LBWwGzep07cZe5xyGZWUf6d9LakhokdMjVyH5gNUvWNsmdfkbiHcxuhZpbWKLtxl5Kj60wWhy+xUA9sgf/4eNEKcfJxgEB
.postrelease.com/ Name: visitor
Value: ""
.postrelease.com/ Name: status
Value: 0
.postrelease.com/ Name: ver
Value: 1
www.mlive.com/ Name: BCSessionID
Value: f7fa1be7-402c-4871-96a8-88c4d258ed1e
advancelocal.blueconic.net/ Name: AWSALBCORS
Value: RCrsqi2fo4ZYbTaO9aWtE5qIdA/Q7fiiSlukB7TuqGxN0u6byK9XOHDeeUuevD2gPzs/M1MFRAYvyKQqnGImk0gmc1f0gNMtgxzJO6IzCBf3O1i1ytAitmJKRqAB
.doubleclick.net/ Name: IDE
Value: AHWqTUnlvsWXt2TVtOOqkkK_YKoWmCM14Htb6U3cxO5duDsjE_KJ-0SSs3jbFihMKF4
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: APC
Value: AfxxVi7TwLmo1xGKu4QsRFdRBinAx83H7zmDbOqquK_6qJk9Og8cxg
.casalemedia.com/ Name: CMID
Value: ZTegbh883pkn0q5MHzKmaAAA
.casalemedia.com/ Name: CMPS
Value: 3228
.casalemedia.com/ Name: CMPRO
Value: 3228
.adnxs.com/ Name: uuid2
Value: 7935742583793311957
.mlive.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lo47b64affinkf6j%22%7D
.mlive.com/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>yIYVL`!@wnfH8K6pQK`!5=E<*L5?%K@4$2aVjOHw97B[eajP?zjfo'wK:/_rTLVrgu*bpRz*qF1`*b_hu*2^(6
.piano.io/ Name: __cf_bm
Value: FbikChQMes5wmU.taFFzrzhTvXe0F7oWTkebBxHi1VQ-1698144366-0-ARi8a28V1ucQQ8YBnThCHfCqiQP3pDD66pq3Lhs1ASS5fLrnDiHpqs+PCSz95j93oUz7WxbyZ/JKVcjyRQ+ggxc=
.mlive.com/ Name: __tbc
Value: %7Bkpex%7DTBd2oiLY2PJ91GXlIB_n2LkI993BTOPkSczvzpXpBY-eHqX2PJilglda91ubTy3t
.mlive.com/ Name: __pat
Value: -14400000
.mlive.com/ Name: __pvi
Value: eyJpZCI6InYtMjAyMy0xMC0yNC0xMi00Ni0wNS0yNjAtYzJrYlNWc2JEd0NyWWFEay1iZmM1ZmY2YjlkOTZlMGRiNWZkZThkZTNhOTA3YjFkMSIsImRvbWFpbiI6Ii5tbGl2ZS5jb20iLCJ0aW1lIjoxNjk4MTQ0MzY2ODcxfQ%3D%3D
.mlive.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXQF8g
h312.mlive.com/ Name: AWSALB
Value: tN9MVTqSV246OhXYTpbJET55CUq0rA0opbQYf8cI0O5uu3YVozweKVEbxwRITWxMpUjdjenvoU7cN14UGbIOaPJ2K5xwqvQhWLdR0UErVDVYnNH3ESCwlYJGxiM9
h312.mlive.com/ Name: AWSALBCORS
Value: tN9MVTqSV246OhXYTpbJET55CUq0rA0opbQYf8cI0O5uu3YVozweKVEbxwRITWxMpUjdjenvoU7cN14UGbIOaPJ2K5xwqvQhWLdR0UErVDVYnNH3ESCwlYJGxiM9
.mlive.com/ Name: xbc
Value: %7Bkpex%7DQJCQ-sRxoD2BWfY8oc2kRMezgJzTv0Ur5egnXmgKlOtgCtL6HpdZNR1IlKTkL9zw67T0h3a78KKQgtmKX3sxL0FlyDd8Yz0o89DqFXdRNplp2Q_p2LRJdYglc0tJT8FXs9pP778i0JzRlMERgfOTpaHDkTE0KfvrVfkxudfNjg_Mzcp8ctvH3PgCk2SarmzFKCfmkt3FfU0g6RSTObgVBc80dXo18u1IhvesNB24Huln2kPluh36_EvIDulDAgOUbB4RGi7nlGFuFnkYJZ6WOGwQTGhUdx3zWHTfJ0B2W4Kf01h2g4lX3h5cBZKbPpkDfuzVe1K6kAcEQv465X9Z2XrUB3bt7yvn6ZBmkakW0-ddAq8fAUiz_6r6wQ6N9bRxNCKcRl61JomkIefjZLvePnoFv9OWAs2__o4cDObrTTuWDAdhdytfnSscKdSyEvAuDrANhG9HyxGCTfgvxLQsC_OLx286oVhBKeecMxlYdgMvCrOEGpwRWwcaWU_sslcUF5weJY722hCyOVN781VlIkRpS8lbaLLHM3-n4ONOcEa_bSAXuIvVpODOdZnKS-6ewTJtp9BHMoIfWrxAcKHaAbxzr5nQ2rAk4EJoxOareEf3LaUpMBzVTiEAGxXN2Vk3rqWkNEeLPSJUPjza82J_Own9Im8V7cSvHJ9qPsI_RhPuxBbIleODA0yJvWs2yztscyKzFJQ1rqBvP6w7X0SFJObOsWsJNzLeaIZJQlCelczq2VhhMBTTz-rRsmi5Y-GW0OukiFd9bBqK_sCj_IQZ-b2wwXxhK0qodF5DC1Wp5DwZgYfzBmIsV3C5vVbE4nwKGRkXwHDrC4_GQUeFdyMXK1pk5UaZee_7i5TkvADVpSrj3IRMU1SZoXAXTqdGxRaPfOlUqqB2CvTbdLcciqEfojfcXwwG88p2Tgd5S2QLjvhql8Hu7TfFN-Gduk5lNvabms2h5bAnAmNDc6EDhUYSYA6phyfgVqC71m9OlRYLyf1e4Az_7AQF1mlxJtMmBwbz3fxcdrjV5iZZqaX5REZRzsI5OjauR3By7VPexWnxJh1UGGUsvU-jKNKiDrg13bdKjys1HKuTCIzVLSFFwRpQtFnZADgkCPakbFyKa7XtkTCtNvMCUPM0EXdG1bllIuYYYm_wfMO1sBH3NsA-klF046ILJG90SW09Z840Vv-yblQ
.www.mlive.com/ Name: _pc_sup_support_acq-sup2
Value: 10
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b402c6d9-82b4-466d-adf5-bca8a318a981-003%22%7D
.simpli.fi/ Name: suid
Value: E5479AC49FFD48A9BACA5E6F7BC2A995
.tinypass.com/ Name: LANG
Value: en_US
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b402c6d9-82b4-466d-adf5-bca8a318a981-003%22%7D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZTegbwAABqP9OAAM
.lijit.com/ Name: ljt_reader
Value: HigGvGZHDG6jkl4JT4CNdStQ
.turn.com/ Name: uid
Value: 4328567470604416477
.ctnsnet.com/ Name: gid_CAESENw3HL_wh-ZjoKmZIPjSkbc
Value: 1
.ctnsnet.com/ Name: cid_b9f5d3289c304d57b51bdfae30c0790f
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%221980844E-FAA1-4C14-2051-81144D021CD9%22%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F7E02589-AD28-4407-8CD4-71C1A6737A96
.tinypass.com/ Name: LANG_CHANGED
Value: en_US
www.mlive.com/ Name: _lr_sampling_rate
Value: 100
.mlive.com/ Name: utag_vs
Value: 5
.mlive.com/ Name: utag_dslv
Value: 1698144368434
www.mlive.com/ Name: offer_config
Value: %257B%2522type%2522%253A%2522bottomfixed%2522%252C%2522version%2522%253A%2522cta%2522%252C%2522placement%2522%253A%2522bottom-fixed%2522%252C%2522newsletterId%2522%253A%2522%2522%252C%2522closable%2522%253A%2522true%2522%252C%2522scrollLock%2522%253A%2522true%2522%257D
.mlive.com/ Name: _ml_id
Value: ba341e8a-af0d-433d-85a1-37ccc91294f9.1698144365.1.1698144368.1698144365
.mlive.com/ Name: _ga_GG8B674XK4
Value: GS1.1.1698144364.1.0.1698144368.0.0.0
.www.mlive.com/ Name: RT
Value: "z=1&dm=www.mlive.com&si=cc33aa5a-507d-4219-8748-0a8753d06710&ss=lo47b3qr&sl=1&tt=50o&rl=1&ld=50r"
.mlive.com/ Name: pbjs_sharedId_cst
Value: VyxHLMwsHQ%3D%3D
www.mlive.com/ Name: _lr_retry_request
Value: true
www.mlive.com/ Name: _lr_env_src_ats
Value: false
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 159879:3
.pubmatic.com/ Name: DPSync3
Value: 1699315200%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1699315200%3A251_71_220_56_54_8_21_13%7C1698710400%3A223%7C1699401600%3A35
.quantserve.com/ Name: d
Value: EMsBCwGhKvijAA
.quantserve.com/ Name: mc
Value: 6537a073-36493-ad23e-19523
.mlive.com/ Name: __li_idex_cache_e30
Value: %7B%7D
www.mlive.com/ Name: pbjs_li_nonid
Value: %7B%7D
www.mlive.com/ Name: pbjs_li_nonid_cst
Value: VyxHLMwsHQ%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-MnhZvWV9Xbkpfly-PX5H62B_We8pfFO_Nn6atMG_&KRTB&19420-MnhZvWV9Xbkpfly-PX5H62B_We8pfFO_Nn6atMG_&KRTB&22979-MnhZvWV9Xbkpfly-PX5H62B_We8pfFO_Nn6atMG_&KRTB&23403-MnhZvWV9Xbkpfly-PX5H62B_We8pfFO_Nn6atMG_
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEDHniUyDtLRPK-TxJixtnAk&KRTB&23025-CAESEDHniUyDtLRPK-TxJixtnAk&KRTB&23386-CAESEDHniUyDtLRPK-TxJixtnAk
.pubmatic.com/ Name: PugT
Value: 1698144370
.weborama.fr/ Name: AFFICHE_W
Value: GTOdzeVZUrUZ95
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2209110177565714097&KRTB&23263-2209110177565714097&KRTB&23481-2209110177565714097
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MrU0NDUxMTEyNRDiM9RNDPBPzQl0c3dz9s0DABIvTeAlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MrU0NDUxMTEyNRDiM9RNDPBPzQl0c3dz9s0DABIvTeAlAAAA
.adform.net/ Name: uid
Value: 495642018782524576
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A8OTXBMB50kyg0zbLQorwRg
.audrte.com/ Name: arcki2
Value: 8gd3ybRBM0ySaGyNSc6KtciQQ!20220908!1698144371583!ip#178.162.209.132
.audrte.com/ Name: arcki2_pubmatic
Value: F7E02589-AD28-4407-8CD4-71C1A6737A96!20220908!1698144371586
.audrte.com/ Name: arcki2_ddp2
Value: 8gd3ybRBM0ySaGyNSc6KtciQQ!20220908!1698144371729
.audrte.com/ Name: arcki2_adform
Value: 495642018782524576!20220908!1698144371904
.rezync.com/ Name: zync-uuid
Value: 97445181-b32e-464d-866c-6ddf387b6f27:1698144371.967899
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XMsRGAIAxG4XMAK-aIZ0j4kzAOIgNZWjqmlSVn-YrvvcvKCGdVMRbnKyFMtbAzNcknKbSTAweh9yFuDSNbnWgLmEfcaY7yXuz5t39iqB3ZaQAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4MyF84CUk2AKsXJ3v0sV5IOELR-vUWxLaZu6j2csnRETqgTpgbsUWfUDylBg9jkAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNylEOgyAMANC79FuWFUpLuYyZUhOyyRZxPzPefX6-5B0wfmxbH83aDnnfvjbA_KqXOuQDev2t9oQMEcmHwOKjYiQiH-9wDtCt9_puYy3XUSGKmNBNwZsjpuIS8-y4lCUkmXjxkpE1IVEQvClLUoXzD3ABJQA.ZTegdA.ERmBEvesi-bo0uTn8H0RcJijiAM

3 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=115
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F7E02589-AD28-4407-8CD4-71C1A6737A96&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=97445181-b32e-464d-866c-6ddf387b6f27%3A1698144371.967899&_=1698144371.9708557
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

663bbfc5554b569e76c4e43a48090f5e.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.google.com
ad.turn.com
ads.pubmatic.com
ads.rubiconproject.com
ads.travelaudience.com
advancelocal.blueconic.net
ampcid.google.com
ampcid.google.de
analytics.twitter.com
ap.lijit.com
api-v3.tinypass.com
api.rlcdn.com
app.matheranalytics.com
apps.sophi.io
at.teads.tv
ats-wrapper.privacymanager.io
bcp.crwdcntrl.net
buy.tinypass.com
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
c2.piano.io
cdn-ima.33across.com
cdn.ampproject.org
cdn.cookielaw.org
cdn.id5-sync.com
cdn.indexww.com
cdn.parsely.com
cdn.prod.uidapi.com
cdn.sophi.io
cdn.tinypass.com
cdnjs.cloudflare.com
check.analytics.rlcdn.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
cr.frontend.weborama.fr
csync.loopme.me
d.turn.com
d1z2jf7jlzjs58.cloudfront.net
dclk-match.dotomi.com
direct.adsrvr.org
dis.criteo.com
display.bidder.taboola.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
ead.mlive.com
ecollector-us-east.sophi.io
eus.rubiconproject.com
exchange.postrelease.com
experience.tinypass.com
fastlane.rubiconproject.com
fonts.advance.net
fw.adsafeprotected.com
gcm.ctnsnet.com
geo.privacymanager.io
geolocation.onetrust.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
h312.mlive.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image6.pubmatic.com
jadserve.postrelease.com
js-sec.indexww.com
js.matheranalytics.com
lb.eu-1-id5-sync.com
lexicon.33across.com
live.rezync.com
match.adsrvr.org
micro.rubiconproject.com
mlive.com
mug.criteo.com
mwzeom.zeotap.com
news.google.com
oa.openxcdn.net
oajs.openx.net
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.media.net
privacy.crwdcntrl.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
r.turn.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
rtb.openx.net
s.amazon-adsystem.com
s.go-mpulse.net
s.ntv.io
s0.2mdn.net
satisfycork.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sign-verifyaccountamazonqupctex.duckdns.org
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.advance.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.co
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.linkedin.com
www.mlive.com
x.bidswitch.net
z.moatads.com
cm.g.doubleclick.net
pixel.onaudience.com
pool.admedo.com
sync.srv.stackadapt.com
uipglob.semasio.net
104.18.24.18
104.18.26.193
104.18.27.193
104.244.42.197
104.244.42.3
107.178.250.234
108.138.1.25
108.138.7.41
108.138.9.235
13.107.42.14
13.32.121.95
13.32.27.83
13.32.99.122
141.95.98.65
142.250.74.194
143.204.102.18
143.204.98.19
143.204.98.66
146.75.116.157
151.101.130.133
151.101.2.133
151.101.65.44
151.101.66.49
162.19.138.82
162.240.155.157
172.217.16.194
172.64.152.89
173.231.181.122
178.250.1.11
178.250.7.11
18.245.86.71
18.66.100.58
185.64.189.112
185.64.190.78
185.64.190.81
185.64.191.210
185.86.139.101
185.89.211.12
193.0.160.130
198.47.127.205
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
209.54.182.161
216.52.2.39
23.201.255.110
23.212.213.167
23.212.222.245
23.215.22.18
23.32.185.35
23.35.236.201
23.35.237.151
2600:1901:0:328a::1
2600:1901:0:8344::
2600:1f13:800:7782:dc6d:1d37:b6db:4601
2600:1f18:730:b130:4ca3:4a50:1ce1:678d
2600:9000:223f:a00:8:48e:53c0:93a1
2600:9000:2250:2000:a:e047:753:6381
2602:803:c003:200::43
2606:4700:10::6816:1957
2606:4700:10::6816:3556
2606:4700:4400::ac40:9b77
2606:4700::6811:180e
2606:4700::6811:c376
2606:4700::6812:83ec
2606:4700::6812:a07e
2606:4700::6812:b07e
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:813::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::200d
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9b
2a02:2638:d::2
2a02:2638:d::d
2a02:26f0:3500:12::1730:17b4
2a02:26f0:3500:16::215:1484
2a02:26f0:480:18d::11a6
2a02:26f0:480:9a4::11a6
2a02:fa8:8806:16::1370
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::300
2a05:d018:d29:3601:865d:cd9c:e13b:6712
3.124.223.97
3.75.62.37
34.102.146.192
34.111.129.221
34.111.131.239
34.120.133.55
34.120.135.53
34.120.63.153
34.205.227.76
34.91.62.186
34.98.64.218
35.156.97.229
35.168.210.0
35.186.193.173
35.186.255.72
35.190.0.66
35.214.243.32
35.227.252.103
35.244.174.68
35.71.130.31
37.157.4.29
46.228.174.117
50.17.156.171
52.222.236.26
52.223.40.198
52.223.6.21
52.48.43.143
54.155.244.184
54.172.79.116
54.174.77.247
54.204.183.119
54.211.72.119
54.217.195.217
63.34.81.234
65.9.66.122
67.220.228.203
69.173.144.138
69.173.144.165
75.101.156.217
75.2.53.215
85.114.159.118
95.101.148.20
95.101.149.233
95.101.149.35
98.98.134.241
99.81.194.117
99.86.4.71
00f178763295f250aefd3f02bd0861e3c49241ad1d4b381f17db391e428285eb
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02b0fb2b258353469f6cbfd93c79494f01e0c6dabf636f19e44c2045ab14d8fa
037660d5c13687af661d1ce773300f73df2f711476eb73745e32a6972cd5b63d
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
056b40c49cad6d3706eeacfa89dc5cda157e2b2f9117c347d1aadd51708d5dfb
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0709e11f34bb1e47193a170bc8baf94732a32a867443b29be840c550cc03981d
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
117bd1d2c6b893c4d694d03852fe39549668ded1d36058fc26cbb4213b3b7771
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
15b928b17d6e9bc5ff8a6d5f7d3ee66bdbd2bf2379e4b076781364ca131346ed
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17c3dab99f83d00fa510dcb7428bc4f045768515e29d825ca53dbb678dbdb05b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
198e362fd4a64c0f1397b4ef5b7559f3ca19ef05c521ee6afad62a208ceb9255
19dc5f765d51f715497f0eadd0dede8eaa5ee17447a22db60538f60ca7c0a01d
1a3a3246ee8a8d270ddb3f00c5ad7ca24ac25f062094f28522b6acba2185119b
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b22433fbaac7094ba76d12050dc8e49317a9dc73932d14bff18a185fc13c6bc
1bde6baf726e0854f4ced185413392b59f59e699f60766a3f2c59a00e4009c0c
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d0175c02ca6a826f8fefe8161e9723fe268f41e6eff29ba738b7c95c5993289
1dc7e458129149cd831f90a7904e2609fb204432fe4de02d547cea2101b3e3ac
1e4d38de62c8382d0c6085804ed1d77beb15e15e93d7a71ffac4a095c4099877
2212ff38ecc4a2368410712b5020074179a1a580d38d99e5b315deebafbc80a4
22b700401468decf0bfd85a0995166a82d99f4a365c25efffb402769dad37cba
23e3d6ce021e460c3125f3a7b58c71b9ec0df69b2760e9d97ea977e8ebc34e48
24bcc5ed9bdd0c9aee18cdde9c798a4b939d9918e46d2b2ba32739e643256ada
2582a31bc0a88f7a04a4f119d4ba35e5762198cf5338632d29c6c4d47997d016
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
268a7aa9d7e11e42b950e5c96764671e23c8effec20959bbe8cf4ca1a8a331da
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
28445ab5a58bac3609ddba4d1200c1797a766b538fd6b0bdb0926fbe386f327c
28a669c7ee4519c5c60a775a5c32da42e3288e5277ed89318e5f1658b97aefbf
296be36e260dedaaf7a6cadd800abc5bdfaf2873f8dfcef7f350862aae28c311
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b67702d4e78a4b6d5981a50298b0989dea48fc7d95b5e593dfafbe96cdbb309
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e6fae990ae5cbc43b4c4d9bd9c5de290d4a8fbf36cce1505c442062675d1985
2f13e75c70e708e1d02806877d8ac794d0a5072c747f485a44a8a59d466237e7
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fc7f40fe3b6fca4d842274e5c319024864535325c7484e201b7c53257209809
30c19660e83a69b962ac0ed57f98bc1ddfb75d048534723749edfbb066b23307
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33fd6d83a3006e2210608c9046d1ea08cc8b768bb901235403b64a933f4e83d3
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36d2279d6bdfd42765a2b279a36a44b84a1d2d849d0872004fe8c6e3fee1b774
36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90
372360f6d3fa2133dfbf08ba93b3b55985785cb74106d75839618b7d273dd3c6
38953fb39e1de00aaf22489fdfb8518c3afc70707b31a8a7f2f2f90842df5f0e
3a55969ec3a6e3cadee975e296740782f8ddd01a9f4f8931d582d1c9a960e7c5
3bcd3711271d04002a10d20f649e90fba21f214cdb1ae9d1a334b94f89c9f5e0
3d62e1858381186e1b10205fd3e920dacca549a3719c6f25d132fae609fed9c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f5684bf5aa4a6eb5c9015394c8739dff39377a73adf72c30ba511d0ab5b50f3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c9e3a6f6597f00d484d2c96b7922c1eb151f0c16496f040ef855c8fc5f392a
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441d0436504637abe57f12cfc25ff757b42b340169e87c5ade8cd9987278420b
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46e6dd073230308cfae9b03e4fb191de8938029dd2d6f40cad8ae908e09e1ee7
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49b1485a151b82944796c5a354059e9678e19256d30d5ecea984550fc05a5845
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c5f80cce6889f5bd1236ae540178efed729c20bf20c5afaeed6e2fa02d50323
4ca3635f75f13252564b4682bd1c6f214c0defd5583d015ccec2bf10933560a1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
4f36d629bc21caef49ede1b322f5e2683f5b2493155d2a778d1c12b5d195ce27
4fb1d13154b4b396d3ce77eb8294a859bef473d7d991624d266b0247c419a9ef
507a74eb21e9a16396d226f31f5e25345a8208db821d9fc5798284c38bec5e1b
51f361716f7032e7456f1032326fdc3881a9462a0e8539ee3b02ad3f8316e0c5
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559b79592091b9928dc188dd8acbb61979b39f617a8521b83b3500d386731f9e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59feea7bc720ddcf41f4c1b173ebaeb9409eac62674546b140fd11adc04708a0
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5b810dbbeedea4c5880519da41c3237a8bd008da8640e24699b020101411b98c
5ba86813c2f8c836d52722a88a63de130aa006799e180ab3649adf02d1a4a0cc
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628
5d407d720e9c512e03101aed5adf1227721d23b226eda6d8ff2823978abc001e
5e949e0ba546cccd944b7fc64ebc3f97123638dd1b3af8eec5732cd599c2ed46
5f26dfc3f5d603822dd5eb17c772720fd8d984f3fa596f757973dabe24ebda6e
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fe498f984078cc4039385dc4a4befa8cbd53ae03eb24187cac828668ca60415
60332d6bc2bf41f5babe6d3883fba2bb9bb200721e6b70e05ecb66fe3fc5f5e8
604b2b92648ad81f3bb7b5740928559c0594df2817f6e33ca69556a53bc01583
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
639b2621a9e32e0b717cc9c14bd7e3d9b9cb3d0682f221bf97720163f1ddfa27
6538803b246937100aaca47264912ef3b13903c1bc63b071f12001968fa1714f
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66c51321a7606c0399942fc34e958cffdeb5f2d5e3aacdaadcffad36414e290d
66fd57ba72d90085943ad028bb0a99da56ab6daba1a9030929e9504dc8ec12b7
68d79f4d7674297fa3aa66abda97390ad3da8e1c8c97f835316302b045b6bfcf
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bfe280c501d01dc9b39511ab8b8f9346efdf243c3db60a935f108c8e36b56d9
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6c9aa617b3e2571426a52c5b918fb4dbdb6ddf49c87a966a9e3f82a7e03eeec7
6f55617f27efcc6f54d2b03593ee36bb48ba9e5703d8b4c0f6d3a944863dcce6
702c805fec65a8cc8c6c40aed34123b021e5ed6107cc6dfdebc4b0fc2e229887
7037729fd82496a672654d7aaed6e602bfd7f3ea680bf0a14b37362d0a5ca613
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
757be9b400bd59cfdbe00696a87b77f0314d29d7a1486e2197b138e59c47fbaf
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
7c43dbd339fa29c64002ce5d60b9b52ea3df1a9019fa9d514d1b862ffaa0ef83
7f2ce54fb5c5050c90d1cc013eb2c768e2ba5885635d2bbfe1c0975eb89551a4
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
81d96c2c7c2e932a708503820d985a2cec124fb641787b758321ffae78359ce8
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86f1ea4f76a7ffca0e9c0761bd162d9de9be861557d1756c5d69713796cdc9ff
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8b545845a2273d287b89de2dad629d30137ceb38d1ce78fa423e6980c00b368f
8bb76af1be9c401ef3da16e31401b74f7cb0627154925d8c9fa308fba2e1413c
8bb76b6ed760de97f8a40e71c79ce9704e965bb287761bd81fb2fb021b8609c5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e5acdcbf1715ebd5afa5e15137232ccbdcb8356f080832a4b4516b9d5f0f309
8f29d409d4db465dde9aadeac085fc363d04614edebdc060e3a490d74020acaa
900058dffaf216c9a853e2d7e4109bfa2a58994237b2d4e5793734e4c2ecb4ac
924e5f15df6b118e9815208ec4d316991218745378c415e470bc773097479df8
92bbb712a1f3adc759f8344e17d3557ab2543e6b5170f0bd296f8e4d5992091b
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
98112977a0e20278d0cb4a022150173f4c2afd2dbc926787196d8ed26a32b57d
989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99b0e34615279026f36c9dde4b1dfa30b78f15801b1c817e5624ddc3fe7d0814
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
a55f386367cbcc30390435806075251b8ef4afb086409bc8e301558223398245
a72990ce8413aceedbfbf2f1d7ca2231c726b29a4ab1ddbca32b45ad685b4e26
a79f00e0930c3c99dbebf0a0f79384a8ab93dc88bb87e04b572f51a3b4b8367e
a7e702f15b65f58d32945e27b8416dac2811afad1a828a9a617d5c0c1cc85b21
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad3d55b21fbaf47b2cb671bbae5cb7b142446aaa3d6cb9b05bf9b3017bf0d28b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa2e46159acec856c2e716de8d4d20fc69f9e5e6fe37ebdff6fd3a912e4e508
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16c50b0f88a5c222134e12886abff1ecb0f432f3c0a3a01fa4ba2b5c6106ec5
b333a33f794194adaf94287fb06c6529010aade13c0574140ea03f4bd9f433bf
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b68cefe0d6395da7ca1493f2a1f3c76b0bdda80ec175d1e3828ba598e4b5883b
b78bc5c07f038b149515d8a5cadf1533dd1cc438ee4a587fd2770c526304279a
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
b9afeb90db17ffa772a8bbc38f8ae37524ac4c0660dfc228f528cfe36a38d53d
bb162b437e41d76ecb9dc749fd4a635ae3857b129262136902a168de203f41b7
bb5e59be9d91ab09c743760da7054e15b0651ff22256c268c6b715a2d5f3ccf9
bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc
bc2406b2176025b949ef983c74399c618b679f5f951a2c9083be7bc7c5244c04
bc5cbc8ceaba960343c07ebec234d697813d9da28f218ea3ab6fa0fcaf35f180
bcbc708657f35c221e95dc2b142ea95a0c45653489b7823f29284b18afe92785
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2269d597806253cbcc55661ee4149440503675d928525e17955465c94e196d7
c39132857ba1f8dce335c6f2c350d01ff1e6864bb04b15150ce52f0f46d8c3f3
c44f2686cfd1d6280909ea9aa4e4d65e48e999161a24cf16cbf06c30e71ceef6
c50ffbb0d5049173748e6468980ae6811d8c7effecb8c7428984ea00734545fa
c53a295dad24e8de144c2eb5875d35601237d511150fcb2f220717ca9e14c186
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7
c6aeff368d58d8ebd95dd9a7c0040097dcf00b30f7029f44014b92df01e54914
c79d175cf32f3dc60aa9bb646344039e786e6198c441bbf54d19fbdaedf025d3
c8164ab49ff3d32ffbe7e6ad17e8b16e8765b94ab42088494bfad6ce09be8893
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
c8e5b46d3a5bc1349ccbf785e56779ad8215435e7854e96c34ae330ca9e0b81f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca4c3ad9639830e6f8f8e29775549fc24fcab33b4eeec7ae77da27c5c9e6bc80
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
cf01a9d97059b1dadbb300bca0f2131f8a2af5465cdb10b7d85850408cccd2b4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2041d1c4ead2fa086aea675a6b7c67e6c2aa8389ff36931d96d78817d89369f
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d4ed98afdf07c26938026bc4321a292270ab5e88543721eb3742bdee15e7e522
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d8096f85a2d3078e12cac5d2b3efbb21a12158e173b70999d65f411d8eabb275
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df8576ab056877de430c23b755e5a7e51362dd8a143f49df4b39795c25da78b5
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
e2b149f0b2858055b10eae7a4c175df95da1d7e5d8aa4a4bed6b08330d4de66b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5696a4c04cb9236e69390a6a84619091cfe6ce887e5747c74f3214a69419484
e5c74e4b4a531ebddffe40e7d140c441807d26ffc57ae9a48a1208dc9c977858
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e89bff6c6b3074cd07c3aae54e650faa65d21ef5da83d3929e42609fe6c8bd77
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee9d11c373870aee4391c291c71c32919add23f19e67b5da86421d8d067c60a8
eef57151e6646e4f59ca6a1d749631ee2f89bf4d1b736fb4620b784cedbe0de6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10c59ce6b91ec9f367f3dd1152fa1583b63ae3d52b7e71f2db97e856442644a
f2f1d763c9ce0f5402cff7335c0a42d0354b9692717b6464df33fd16179e6bb1
f4c0870e7f0d953d864c90b9a23f0d3374b658a9bdf11b12942e4931ca774722
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
f528f03b7851cf74f3b3178584153f5e69e866fd7ffe522e71492722fa46c754
f8532f376b717cca04d77b38868520a1f7ae50a6e2a2f429915021c3042124a9
f85495311ca8d17b645cabbc66e3697d4411cdadb040c14f8d02009a9d52d1de
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804
fb0a6c5c8f27c1778bfacba261127aae3c093ac45d0a822cd590d635c215bfe4
fb8649309a46f38bb19e2a3db6295552482cd6eb8cd2af14e3765e047926c398
fd5ca384bc60b15c9c3a495c3bb71a8cb251aeb915d4005738bf972018522d44
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
fe0ff712027539a1129eb9f36c3b81dee4acaf304ba22032f7a17815d4ff6cb9
fe1b470a249dc18677bf8072fdf0befec818a47f146984010a4d62dc3cfba98b