urlscan.io logo urlscan.io
SecurityTrails logo

www.mlive.com Open in urlscan Pro
42.99.140.176  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://reschedule.delivery.evri.nn-lb.com/
Effective URL: https://www.mlive.com/
Submission: On January 06 via automatic, source certstream-suspicious — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 122 IPs in 11 countries across 116 domains to perform 475 HTTP transactions. The main IP is 42.99.140.176, located in Japan and belongs to ASN-TELSTRA-GLOBAL Telstra Global, HK. The main domain is www.mlive.com. The Cisco Umbrella rank of the primary domain is 74108.
TLS certificate: Issued by R3 on November 3rd 2023. Valid for: 3 months.
This is the only time www.mlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.104.51.122 63949 (AKAMAI-LI...)
1 1 75.2.53.215 16509 (AMAZON-02)
33 42.99.140.176 4637 (ASN-TELST...)
12 104.18.131.236 13335 (CLOUDFLAR...)
2 34.110.181.170 396982 (GOOGLE-CL...)
1 13.33.33.26 16509 (AMAZON-02)
1 18.155.68.84 16509 (AMAZON-02)
1 23.207.180.137 16625 (AKAMAI-AS)
2 142.251.175.97 15169 (GOOGLE)
4 52.223.1.76 16509 (AMAZON-02)
2 172.64.155.119 13335 (CLOUDFLAR...)
5 142.251.10.157 15169 (GOOGLE)
1 3 23.9.116.188 16625 (AKAMAI-AS)
3 52.84.228.19 16509 (AMAZON-02)
4 13.224.250.125 16509 (AMAZON-02)
3 64.233.170.84 15169 (GOOGLE)
1 4 23.203.109.118 20940 (AKAMAI-ASN1)
15 52.84.251.45 16509 (AMAZON-02)
5 23.207.193.230 20940 (AKAMAI-ASN1)
1 52.84.251.101 16509 (AMAZON-02)
2 64.233.170.113 15169 (GOOGLE)
8 104.18.223.248 13335 (CLOUDFLAR...)
6 142.251.175.101 15169 (GOOGLE)
1 13.35.21.79 16509 (AMAZON-02)
1 104.81.16.97 16625 (AKAMAI-AS)
1 3 18.155.68.11 16509 (AMAZON-02)
3 157.240.15.13 32934 (FACEBOOK)
1 151.101.108.157 54113 (FASTLY)
1 23.47.190.130 20940 (AKAMAI-ASN1)
1 2 107.178.250.234 15169 (GOOGLE)
1 52.84.45.86 16509 (AMAZON-02)
1 18.140.225.254 16509 (AMAZON-02)
1 13.226.120.90 16509 (AMAZON-02)
7 52.74.150.191 16509 (AMAZON-02)
2 44.208.76.193 14618 (AMAZON-AES)
1 104.81.29.52 16625 (AKAMAI-AS)
1 172.67.38.106 13335 (CLOUDFLAR...)
1 3.160.188.30 16509 (AMAZON-02)
1 35.244.193.51 15169 (GOOGLE)
1 4 162.19.138.83 16276 (OVH)
1 34.225.182.250 14618 (AMAZON-AES)
1 34.120.155.137 396982 (GOOGLE-CL...)
1 13.227.255.71 16509 (AMAZON-02)
1 13.33.35.24 16509 (AMAZON-02)
4 172.253.118.132 15169 (GOOGLE)
9 44.238.24.58 16509 (AMAZON-02)
2 6 35.244.154.8 396982 (GOOGLE-CL...)
1 52.57.24.26 16509 (AMAZON-02)
13 21 69.173.158.64 26667 (RUBICONPR...)
3 4 151.101.130.49 54113 (FASTLY)
9 13 103.43.89.4 29990 (ASN-APPNEX)
1 64.233.170.102 15169 (GOOGLE)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
1 69.173.158.65 26667 (RUBICONPR...)
3 8 104.18.36.155 13335 (CLOUDFLAR...)
1 207.65.33.78 62713 (AS-PUBMATIC)
1 3.33.241.113 16509 (AMAZON-02)
1 34.120.63.153 396982 (GOOGLE-CL...)
2 151.101.1.44 54113 (FASTLY)
1 54.155.18.159 16509 (AMAZON-02)
1 23.199.80.177 20940 (AKAMAI-ASN1)
4 7 13.107.42.14 8068 (MICROSOFT...)
5 54.208.84.171 14618 (AMAZON-AES)
2 22 52.46.130.91 16509 (AMAZON-02)
4 157.240.15.35 32934 (FACEBOOK)
1 2 44.212.199.220 14618 (AMAZON-AES)
2 162.19.138.120 16276 (OVH)
1 74.125.68.100 15169 (GOOGLE)
1 74.125.68.155 15169 (GOOGLE)
1 4 23.203.108.27 20940 (AKAMAI-ASN1)
6 6 35.78.136.80 16509 (AMAZON-02)
2 2 13.227.254.99 16509 (AMAZON-02)
1 1 35.208.249.213 15169 (GOOGLE)
1 1 35.213.89.133 15169 (GOOGLE)
5 5 64.74.236.127 19024 (INTERNAP-...)
1 6 34.98.64.218 396982 (GOOGLE-CL...)
1 1 23.105.12.143 30633 (LEASEWEB-...)
5 54.151.179.52 16509 (AMAZON-02)
3 23.207.192.249 20940 (AKAMAI-ASN1)
1 54.251.138.68 16509 (AMAZON-02)
6 23.203.109.78 20940 (AKAMAI-ASN1)
3 74.125.200.154 15169 (GOOGLE)
21 172.217.194.148 15169 (GOOGLE)
17 142.251.175.154 15169 (GOOGLE)
15 142.251.12.132 15169 (GOOGLE)
4 142.251.175.105 15169 (GOOGLE)
3 74.125.200.156 15169 (GOOGLE)
12 12 15.197.193.217 16509 (AMAZON-02)
2 2 54.175.254.208 14618 (AMAZON-AES)
4 4 50.116.239.135 6336 (TURN-US-ASN)
2 2 216.137.52.106 16509 (AMAZON-02)
3 3 198.8.71.131 54312 (ROCKETFUEL)
24 55 142.251.175.156 15169 (GOOGLE)
1 15 172.64.151.101 13335 (CLOUDFLAR...)
1 1 45.137.176.88 60350 (VP)
2 2 23.106.127.165 59253 (LEASEWEB-...)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 104.81.31.93 16625 (AKAMAI-AS)
2 52.194.94.90 16509 (AMAZON-02)
8 8 35.213.12.39 15169 (GOOGLE)
3 4 185.84.60.23 198622 (ADFORM)
1 192.132.33.68 18568 (BIDTELLECT)
1 1 211.120.53.200 4694 (IDCF IDC ...)
2 2 13.33.88.98 16509 (AMAZON-02)
7 7 74.118.186.107 6336 (TURN-US-ASN)
1 5 54.255.135.85 16509 (AMAZON-02)
1 1 8.43.72.97 26667 (RUBICONPR...)
3 6 52.74.217.47 16509 (AMAZON-02)
1 52.95.125.22 16509 (AMAZON-02)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
3 5 34.111.113.62 396982 (GOOGLE-CL...)
1 2 63.251.14.14 32475 (SINGLEHOP...)
1 1 52.54.170.5 14618 (AMAZON-AES)
6 6 89.207.22.76 399104 (CNVR-APAC)
2 2 202.232.238.37 2497 (IIJ Inter...)
2 4 51.79.154.9 16276 (OVH)
3 7 67.199.150.81 3257 (GTT-BACKB...)
2 4 182.161.73.146 55569 (CRITEO-AS...)
1 34.95.81.88 396982 (GOOGLE-CL...)
3 54.192.150.16 16509 (AMAZON-02)
6 142.251.10.148 15169 (GOOGLE)
1 1 216.200.232.253 30419 (MEDIAMATH...)
13 67.199.150.86 62713 (AS-PUBMATIC)
1 2 119.9.108.191 45187 (RACKSPACE...)
7 207.65.33.82 62713 (AS-PUBMATIC)
1 1 35.230.38.116 396982 (GOOGLE-CL...)
1 13.227.254.17 16509 (AMAZON-02)
2 2 20.127.253.7 8075 (MICROSOFT...)
1 35.186.255.72 15169 (GOOGLE)
1 104.17.194.118 13335 (CLOUDFLAR...)
2 104.18.160.126 13335 (CLOUDFLAR...)
4 151.101.194.133 54113 (FASTLY)
10 104.17.24.14 13335 (CLOUDFLAR...)
4 207.65.33.76 62713 (AS-PUBMATIC)
3 151.101.130.133 54113 (FASTLY)
1 1 103.254.153.160 59253 (LEASEWEB-...)
1 1 18.138.18.111 16509 (AMAZON-02)
2 2 103.229.10.192 16509 (AMAZON-02)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
2 2 13.228.126.19 16509 (AMAZON-02)
2 172.64.149.180 13335 (CLOUDFLAR...)
11 104.83.196.24 16625 (AKAMAI-AS)
3 5 52.35.107.54 16509 (AMAZON-02)
1 1 34.160.19.107 396982 (GOOGLE-CL...)
1 23.36.48.24 16625 (AKAMAI-AS)
1 182.161.73.136 55569 (CRITEO-AS...)
3 3 13.250.171.168 16509 (AMAZON-02)
1 34.199.73.116 14618 (AMAZON-AES)
2 2 18.156.93.131 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 2 35.186.193.173 ()
1 1 54.146.46.22 ()
1 1 82.145.213.8 ()
1 1 139.162.23.100 ()
1 3.1.14.27 ()
1 54.168.28.98 ()
1 2 104.18.25.173 ()
1 38.91.45.7 ()
1 195.5.165.20 ()
1 1 35.214.204.214 ()
475 122
1    172.104.51.122 (Singapore, Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: s1092.sgp7.mysecurecloudhost.com
reschedule.delivery.evri.nn-lb.com
1    75.2.53.215 (United States)

ASN16509 (AMAZON-02, US)
PTR: a135022da78f12244.awsglobalaccelerator.com
mlive.com
33    42.99.140.176 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-176.pacnet.net
www.mlive.com
12    104.18.131.236 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    34.110.181.170 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 170.181.110.34.bc.googleusercontent.com
luminouscatalyst.com
1    13.33.33.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-26.sin2.r.cloudfront.net
cdn.sophi.io
1    18.155.68.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-84.sin52.r.cloudfront.net
apps.sophi.io
1    23.207.180.137 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-137.deploy.static.akamaitechnologies.com
s.go-mpulse.net
2    142.251.175.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f97.1e100.net
www.googletagmanager.com
4    52.223.1.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8fd921d2017b5f79.awsglobalaccelerator.com
ecollector-us-east.sophi.io
2    172.64.155.119 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
5    142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
securepubads.g.doubleclick.net
3    23.9.116.188 (Hyderabad, India)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-116-188.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
3    52.84.228.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-228-19.sin2.r.cloudfront.net
c.amazon-adsystem.com
4    13.224.250.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-125.sin52.r.cloudfront.net
tags.crwdcntrl.net
3    64.233.170.84 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f84.1e100.net
accounts.google.com
4    23.203.109.118 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-203-109-118.deploy.static.akamaitechnologies.com
a.teads.tv
at.teads.tv
sync.teads.tv
15    52.84.251.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-45.sin5.r.cloudfront.net
h312.mlive.com
5    23.207.193.230 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-207-193-230.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    52.84.251.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-101.sin5.r.cloudfront.net
ats-wrapper.privacymanager.io
2    64.233.170.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f113.1e100.net
news.google.com
8    104.18.223.248 (None, )

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
api-v3.tinypass.com
6    142.251.175.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f101.1e100.net
www.google-analytics.com
1    13.35.21.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-21-79.sin5.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1    104.81.16.97 (Hyderabad, India)

ASN16625 (AKAMAI-AS, US)
PTR: a104-81-16-97.deploy.static.akamaitechnologies.com
s.ntv.io
3    18.155.68.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-11.sin52.r.cloudfront.net
sb.scorecardresearch.com
3    157.240.15.13 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-03-sin6.fbcdn.net
connect.facebook.net
1    151.101.108.157 (Tokyo, Japan)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    23.47.190.130 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-47-190-130.deploy.static.akamaitechnologies.com
snap.licdn.com
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
1    52.84.45.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-86.mrs52.r.cloudfront.net
static.adsafeprotected.com
1    18.140.225.254 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
privacy.crwdcntrl.net
1    13.226.120.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-120-90.hkg62.r.cloudfront.net
config.aps.amazon-adsystem.com
7    52.74.150.191 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-150-191.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
2    44.208.76.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-76-193.compute-1.amazonaws.com
advancelocal.blueconic.net
1    104.81.29.52 (Hyderabad, India)

ASN16625 (AKAMAI-AS, US)
PTR: a104-81-29-52.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    3.160.188.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-188-30.mrs52.r.cloudfront.net
geo.privacymanager.io
1    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
4    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
1    34.225.182.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-182-250.compute-1.amazonaws.com
idx.liadm.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
1    13.227.255.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-255-71.sin52.r.cloudfront.net
cdn.parsely.com
1    13.33.35.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-35-24.sin2.r.cloudfront.net
aax.amazon-adsystem.com
4    172.253.118.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f132.1e100.net
bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
9    44.238.24.58 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-24-58.us-west-2.compute.amazonaws.com
jadserve.postrelease.com
6    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
1    52.57.24.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-24-26.eu-central-1.compute.amazonaws.com
sync.sharethis.com
21    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
4    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
13    103.43.89.4 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
secure.adnxs.com
ib.adnxs.com
1    64.233.170.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f102.1e100.net
ampcid.google.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
8    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    207.65.33.78 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    3.33.241.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae69789f15ba8a942.awsglobalaccelerator.com
direct.adsrvr.org
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
2    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
display.bidder.taboola.com
trc.taboola.com
1    54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
p1.parsely.com
1    23.199.80.177 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-199-80-177.deploy.static.akamaitechnologies.com
c.go-mpulse.net
7    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
5    54.208.84.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-84-171.compute-1.amazonaws.com
www.i.matheranalytics.com
22    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    157.240.15.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-03-sin6.facebook.com
www.facebook.com
2    44.212.199.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-199-220.compute-1.amazonaws.com
rp.liadm.com
2    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    74.125.68.100 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f100.1e100.net
ampcid.google.com.sg
1    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
stats.g.doubleclick.net
4    23.203.108.27 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-203-108-27.deploy.static.akamaitechnologies.com
cs.media.net
c21lg-d.media.net
6    35.78.136.80 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-78-136-80.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
2    13.227.254.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-99.sin52.r.cloudfront.net
s.ad.smaato.net
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    35.213.89.133 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 133.89.213.35.bc.googleusercontent.com
trace.popin.cc
5    64.74.236.127 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
6    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
jp-u.openx.net
1    23.105.12.143 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
5    54.151.179.52 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-179-52.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
3    23.207.192.249 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-207-192-249.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    54.251.138.68 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-138-68.ap-southeast-1.compute.amazonaws.com
sync-amz.ads.yieldmo.com
6    23.203.109.78 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-203-109-78.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    74.125.200.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f154.1e100.net
googleads.g.doubleclick.net
21    172.217.194.148 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f148.1e100.net
s0.2mdn.net
17    142.251.175.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f154.1e100.net
pagead2.googlesyndication.com
15    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
tpc.googlesyndication.com
4    142.251.175.105 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f105.1e100.net
www.google.com
3    74.125.200.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f156.1e100.net
www.googletagservices.com
12    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    54.175.254.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-254-208.compute-1.amazonaws.com
i.liadm.com
4    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
ad.turn.com
2    216.137.52.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-216-137-52-106.mrs52.r.cloudfront.net
live.rezync.com
3    198.8.71.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
55    142.251.175.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f156.1e100.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
15    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
2    23.106.127.165 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    104.81.31.93 (Hyderabad, India)

ASN16625 (AKAMAI-AS, US)
PTR: a104-81-31-93.deploy.static.akamaitechnologies.com
ead.mlive.com
2    52.194.94.90 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-94-90.ap-northeast-1.compute.amazonaws.com
prebid-a.rubiconproject.com
8    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
4    185.84.60.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    192.132.33.68 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.68.bidtellect.com
bttrack.com
1    211.120.53.200 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    13.33.88.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-98.sin2.r.cloudfront.net
cr-p3.ladsp.com
7    74.118.186.107 (Serangoon New Town, Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
sync.targeting.unrulymedia.com
5    54.255.135.85 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-135-85.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
6    52.74.217.47 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-217-47.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    63.251.14.14 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: 14.14.251.63.unassigned.ord.singlehop.net
ce.lijit.com
1    52.54.170.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-170-5.compute-1.amazonaws.com
sync.ipredictive.com
6    89.207.22.76 (Singapore, Singapore)

ASN399104 (CNVR-APAC, US)
PTR: sin01-nessy-float2.dotomi.com
dclk-match.dotomi.com
medianet-match.dotomi.com
pubmatic-match.dotomi.com
2    202.232.238.37 (Tokyo, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
4    51.79.154.9 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip9.ip-51-79-154.net
onetag-sys.com
7    67.199.150.81 (Singapore, Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
4    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    34.95.81.88 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 88.81.95.34.bc.googleusercontent.com
s-cs.rmp.rakuten.com
3    54.192.150.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-16.sin2.r.cloudfront.net
a.svtrd.com
6    142.251.10.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f148.1e100.net
ad.doubleclick.net
1    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
13    67.199.150.86 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    119.9.108.191 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
7    207.65.33.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    35.230.38.116 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.38.230.35.bc.googleusercontent.com
um.simpli.fi
1    13.227.254.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-17.sin52.r.cloudfront.net
check.analytics.rlcdn.com
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    35.186.255.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.255.186.35.bc.googleusercontent.com
app.matheranalytics.com
1    104.17.194.118 (None, )

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
2    104.18.160.126 (None, )

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
4    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
static.advance.net
10    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    207.65.33.76 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
3    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
fonts.advance.net
1    103.254.153.160 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
sync.aralego.com
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
2    103.229.10.192 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    13.228.126.19 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
11    104.83.196.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-24.deploy.static.akamaitechnologies.com
contextual.media.net
5    52.35.107.54 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-107-54.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    34.160.19.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
1    23.36.48.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-48-24.deploy.static.akamaitechnologies.com
hbx.media.net
1    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
3    13.250.171.168 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-171-168.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
1    34.199.73.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-73-116.compute-1.amazonaws.com
dmp.adblade.com
2    18.156.93.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-93-131.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    54.146.46.22 (None, )

ASN- ()
sync.srv.stackadapt.com
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
1    139.162.23.100 (None, )

ASN- ()
gocm.c.appier.net
1    3.1.14.27 (None, )

ASN- ()
cm.adgrx.com
1    54.168.28.98 (None, )

ASN- ()
dps.jp.cinarra.com
2    104.18.25.173 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    38.91.45.7 (None, )

ASN- ()
match.deepintent.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    35.214.204.214 (None, )

ASN- ()
csync.loopme.me
Apex Domain
Subdomains		 Transfer
62 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
ad.doubleclick.net — Cisco Umbrella Rank: 199
261 KB
50 mlive.com
mlive.com — Cisco Umbrella Rank: 67285
www.mlive.com — Cisco Umbrella Rank: 74108
h312.mlive.com — Cisco Umbrella Rank: 124024
ead.mlive.com — Cisco Umbrella Rank: 170396
2 MB
44 googlesyndication.com
bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
243 KB
35 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 766
ads.pubmatic.com — Cisco Umbrella Rank: 811
image6.pubmatic.com — Cisco Umbrella Rank: 1215
simage2.pubmatic.com — Cisco Umbrella Rank: 1499
image2.pubmatic.com — Cisco Umbrella Rank: 1555
simage4.pubmatic.com — Cisco Umbrella Rank: 1864
image4.pubmatic.com — Cisco Umbrella Rank: 2201
43 KB
34 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 4062
ads.rubiconproject.com — Cisco Umbrella Rank: 2896
token.rubiconproject.com — Cisco Umbrella Rank: 744
fastlane.rubiconproject.com — Cisco Umbrella Rank: 791
eus.rubiconproject.com — Cisco Umbrella Rank: 951
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 4039
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 2017
pixel.rubiconproject.com — Cisco Umbrella Rank: 620
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1520
219 KB
28 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 359
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925
aax.amazon-adsystem.com — Cisco Umbrella Rank: 464
s.amazon-adsystem.com — Cisco Umbrella Rank: 398
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 923
93 KB
23 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 757
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
dsum.casalemedia.com — Cisco Umbrella Rank: 2867
15 KB
21 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 407
266 KB
17 media.net
prebid.media.net — Cisco Umbrella Rank: 1682
cs.media.net — Cisco Umbrella Rank: 1972
contextual.media.net — Cisco Umbrella Rank: 1093
hbx.media.net — Cisco Umbrella Rank: 1982
c21lg-d.media.net — Cisco Umbrella Rank: 3665
35 KB
13 adsrvr.org
direct.adsrvr.org — Cisco Umbrella Rank: 3904
match.adsrvr.org — Cisco Umbrella Rank: 594
5 KB
13 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 793
ib.adnxs.com — Cisco Umbrella Rank: 356
12 KB
12 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1411
privacy.crwdcntrl.net — Cisco Umbrella Rank: 49468
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431
sync.crwdcntrl.net — Cisco Umbrella Rank: 1419
41 KB
12 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 625
264 KB
10 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 395
94 KB
10 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 11211
cdn.tinypass.com — Cisco Umbrella Rank: 8727
buy.tinypass.com — Cisco Umbrella Rank: 9223
api-v3.tinypass.com — Cisco Umbrella Rank: 27135
261 KB
10 google.com
accounts.google.com — Cisco Umbrella Rank: 65
news.google.com — Cisco Umbrella Rank: 8103
ampcid.google.com — Cisco Umbrella Rank: 3299
www.google.com — Cisco Umbrella Rank: 6
147 KB
9 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1607
exchange.postrelease.com Failed
7 KB
8 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
4 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
4 KB
8 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1474
idsync.rlcdn.com — Cisco Umbrella Rank: 764
check.analytics.rlcdn.com — Cisco Umbrella Rank: 5570
id.rlcdn.com — Cisco Umbrella Rank: 1360
2 KB
8 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 19579
www.i.matheranalytics.com — Cisco Umbrella Rank: 19286
app.matheranalytics.com — Cisco Umbrella Rank: 34527
45 KB
7 advance.net
static.advance.net — Cisco Umbrella Rank: 68913
fonts.advance.net — Cisco Umbrella Rank: 85030
266 KB
7 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
www.linkedin.com — Cisco Umbrella Rank: 944
5 KB
6 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5728
medianet-match.dotomi.com — Cisco Umbrella Rank: 21295
pubmatic-match.dotomi.com
2 KB
6 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 11303
ads.yieldmo.com — Cisco Umbrella Rank: 1057
4 KB
6 openx.net
u.openx.net — Cisco Umbrella Rank: 1108
us-u.openx.net — Cisco Umbrella Rank: 930
jp-u.openx.net — Cisco Umbrella Rank: 10572
2 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 972
3 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
6 sophi.io
cdn.sophi.io — Cisco Umbrella Rank: 31301
apps.sophi.io — Cisco Umbrella Rank: 64632
ecollector-us-east.sophi.io — Cisco Umbrella Rank: 56411
38 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 313
3 KB
5 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 943
gum.criteo.com — Cisco Umbrella Rank: 597
2 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 845
2 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 857
3 KB
5 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 797
2 KB
5 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 994
3 KB
5 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 3327
rp.liadm.com — Cisco Umbrella Rank: 2334
i.liadm.com — Cisco Umbrella Rank: 979
2 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1218
id5-sync.com — Cisco Umbrella Rank: 658
37 KB
5 moatads.com
z.moatads.com — Cisco Umbrella Rank: 986
px.moatads.com — Cisco Umbrella Rank: 799
87 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1105
1 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 1001
2 KB
4 turn.com
d.turn.com — Cisco Umbrella Rank: 2160
ad.turn.com — Cisco Umbrella Rank: 1449
2 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
278 B
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1396
1 KB
4 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1674
at.teads.tv — Cisco Umbrella Rank: 5198
sync.teads.tv — Cisco Umbrella Rank: 2019
5 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1620
2 KB
3 svtrd.com
a.svtrd.com — Cisco Umbrella Rank: 52242
5 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1485
3 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
194 KB
3 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 13277
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167
990 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
126 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 274
3 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 ctnsnet.com
ipac.ctnsnet.com
664 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 809
932 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1932
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1067
cdn.indexww.com — Cisco Umbrella Rank: 2632
2 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 1480
880 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1348
1 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2616
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2396
856 B
2 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 43256
1 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1432
1 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1732
534 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2399
1 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 16443
1 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2302
1 KB
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1035
862 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1338
545 B
2 taboola.com
display.bidder.taboola.com — Cisco Umbrella Rank: 7242
trc.taboola.com — Cisco Umbrella Rank: 960
878 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 4472
p1.parsely.com — Cisco Umbrella Rank: 3579
21 KB
2 blueconic.net
advancelocal.blueconic.net — Cisco Umbrella Rank: 49480
2 KB
2 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 3237
geo.privacymanager.io — Cisco Umbrella Rank: 2674
51 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 950
530 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
223 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1998
c.go-mpulse.net — Cisco Umbrella Rank: 850
50 KB
2 luminouscatalyst.com
luminouscatalyst.com
25 KB
1 loopme.me
csync.loopme.me
225 B
1 iprom.net
core.iprom.net
277 B
1 deepintent.com
match.deepintent.com
44 B
1 cinarra.com
dps.jp.cinarra.com
38 B
1 adgrx.com
cm.adgrx.com
230 B
1 appier.net
gocm.c.appier.net
436 B
1 opera.com
t.adx.opera.com
552 B
1 stackadapt.com
sync.srv.stackadapt.com
1 KB
1 adblade.com
dmp.adblade.com — Cisco Umbrella Rank: 14488
229 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2988
349 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 7397
406 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 16688
655 B
1 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 3673
473 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 7648
4 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1428
659 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 2123
738 B
1 rakuten.com
s-cs.rmp.rakuten.com — Cisco Umbrella Rank: 9076
302 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1536
509 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 2129
853 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1566
305 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2957
424 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 2147
680 B
1 popin.cc
trace.popin.cc — Cisco Umbrella Rank: 4174
359 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1925
787 B
1 google.com.sg
ampcid.google.com.sg — Cisco Umbrella Rank: 120921
367 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1200
726 B
1 t.co
t.co — Cisco Umbrella Rank: 751
377 B
1 sharethis.com
sync.sharethis.com — Cisco Umbrella Rank: 4415
549 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 2501
249 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1623
17 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 988
491 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1877
15 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1184
15 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 5818
175 KB
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1 KB
1 nn-lb.com
reschedule.delivery.evri.nn-lb.com
445 B
0 ad-m.asia Failed
sync-dsp.ad-m.asia Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
0 cauly.co.kr Failed
app.cauly.co.kr Failed
475 116
Domain Requested by
47 cm.g.doubleclick.net 24 redirects u.openx.net
sync-amz.ads.yieldmo.com
googleads.g.doubleclick.net
s.amazon-adsystem.com
bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
www.mlive.com
33 www.mlive.com www.mlive.com
25 pagead2.googlesyndication.com www.mlive.com
bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
22 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
match.sharethrough.com
u.openx.net
sync-amz.ads.yieldmo.com
ads.pubmatic.com
21 s0.2mdn.net www.mlive.com
s0.2mdn.net
17 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
15 tpc.googlesyndication.com www.mlive.com
bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
15 h312.mlive.com www.mlive.com
h312.mlive.com
13 simage2.pubmatic.com ads.pubmatic.com
s.amazon-adsystem.com
13 pixel.rubiconproject.com 8 redirects s.amazon-adsystem.com
12 match.adsrvr.org 12 redirects
12 cdn.cookielaw.org www.mlive.com
cdn.cookielaw.org
11 contextual.media.net micro.rubiconproject.com
contextual.media.net
10 cdnjs.cloudflare.com buy.tinypass.com
10 ib.adnxs.com 6 redirects googleads.g.doubleclick.net
s.amazon-adsystem.com
9 jadserve.postrelease.com bcp.crwdcntrl.net
s.ntv.io
www.mlive.com
s.amazon-adsystem.com
8 x.bidswitch.net 8 redirects
8 token.rubiconproject.com 5 redirects bcp.crwdcntrl.net
eus.rubiconproject.com
7 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
7 image2.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
7 image6.pubmatic.com 3 redirects ads.pubmatic.com
6 ad.doubleclick.net www.mlive.com
6 pr-bh.ybp.yahoo.com 3 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
6 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
micro.rubiconproject.com
contextual.media.net
6 match.prod.bidr.io 6 redirects
6 px.ads.linkedin.com 3 redirects snap.licdn.com
www.mlive.com
s.amazon-adsystem.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.mlive.com
5 dpm.demdex.net 3 redirects www.mlive.com
ssum-sec.casalemedia.com
5 pixel.tapad.com 3 redirects s.amazon-adsystem.com
5 ads.yieldmo.com 1 redirects sync-amz.ads.yieldmo.com
5 sync.1rx.io 5 redirects
5 match.sharethrough.com s.amazon-adsystem.com
match.sharethrough.com
5 b1sync.zemanta.com 5 redirects
5 www.i.matheranalytics.com www.mlive.com
5 idsync.rlcdn.com 2 redirects bcp.crwdcntrl.net
ssum-sec.casalemedia.com
s.amazon-adsystem.com
5 securepubads.g.doubleclick.net www.mlive.com
securepubads.g.doubleclick.net
4 static.advance.net buy.tinypass.com
www.mlive.com
4 dis.criteo.com 2 redirects bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
4 onetag-sys.com 2 redirects bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 www.google.com bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
4 www.facebook.com www.mlive.com
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 id5-sync.com 1 redirects micro.rubiconproject.com
cdn.id5-sync.com
4 bcp.crwdcntrl.net tags.crwdcntrl.net
4 tags.crwdcntrl.net www.mlive.com
tags.crwdcntrl.net
4 ecollector-us-east.sophi.io cdn.sophi.io
3 px.moatads.com www.mlive.com
3 pm.w55c.net 3 redirects
3 fonts.advance.net static.advance.net
3 simage4.pubmatic.com ads.pubmatic.com
3 a.svtrd.com s0.2mdn.net
3 ad.turn.com 3 redirects
3 p.rfihub.com 3 redirects
3 www.googletagservices.com bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
3 googleads.g.doubleclick.net bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
3 ads.pubmatic.com s.amazon-adsystem.com
micro.rubiconproject.com
3 cs.media.net 1 redirects contextual.media.net
3 secure.adnxs.com 3 redirects
3 sync.crwdcntrl.net bcp.crwdcntrl.net
s.amazon-adsystem.com
3 connect.facebook.net www.mlive.com
connect.facebook.net
3 sb.scorecardresearch.com 1 redirects www.mlive.com
3 accounts.google.com www.mlive.com
accounts.google.com
3 c.amazon-adsystem.com www.mlive.com
c.amazon-adsystem.com
2 pubmatic-match.dotomi.com 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 creativecdn.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 medianet-match.dotomi.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 pippio.com 2 redirects
2 cms.quantserve.com 2 redirects
2 sync.teads.tv 1 redirects bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
2 sync.inmobi.com 2 redirects
2 uipglob.semasio.net 1 redirects s.amazon-adsystem.com
2 sync.fout.jp 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 ce.lijit.com 1 redirects s.amazon-adsystem.com
2 capi.connatix.com 1 redirects s.amazon-adsystem.com
2 sync.targeting.unrulymedia.com 2 redirects ads.pubmatic.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 us-u.openx.net u.openx.net
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 ssbsync.smartadserver.com 2 redirects
2 live.rezync.com 2 redirects
2 i.liadm.com 2 redirects
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 s.ad.smaato.net 2 redirects
2 lb.eu-1-id5-sync.com micro.rubiconproject.com
cdn.id5-sync.com
2 rp.liadm.com 1 redirects www.mlive.com
2 advancelocal.blueconic.net h312.mlive.com
2 js.matheranalytics.com 1 redirects www.mlive.com
2 news.google.com www.googletagmanager.com
news.google.com
2 z.moatads.com www.mlive.com
z.moatads.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 www.googletagmanager.com www.mlive.com
www.googletagmanager.com
2 luminouscatalyst.com www.mlive.com
luminouscatalyst.com
1 csync.loopme.me 1 redirects
1 core.iprom.net ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 dps.jp.cinarra.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 t.adx.opera.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 c21lg-d.media.net contextual.media.net
1 id.rlcdn.com contextual.media.net
1 dmp.adblade.com contextual.media.net
1 secure-assets.rubiconproject.com 1 redirects
1 gum.criteo.com contextual.media.net
1 hbx.media.net contextual.media.net
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 trc.taboola.com www.mlive.com
1 js-sec.indexww.com micro.rubiconproject.com
1 image4.pubmatic.com s.amazon-adsystem.com
1 tags.rd.linksynergy.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 sync.aralego.com 1 redirects
1 api-v3.tinypass.com cdn.tinypass.com
1 c2.piano.io cdn.tinypass.com
1 app.matheranalytics.com js.matheranalytics.com
1 check.analytics.rlcdn.com micro.rubiconproject.com
1 um.simpli.fi 1 redirects
1 sync.mathtag.com 1 redirects
1 s-cs.rmp.rakuten.com bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
1 sync.ipredictive.com 1 redirects
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 tg.socdm.com 1 redirects
1 bttrack.com match.sharethrough.com
1 ead.mlive.com www.mlive.com
1 s.company-target.com 1 redirects
1 sync.adotmob.com 1 redirects
1 d.turn.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 ssbsync-us.smartadserver.com 1 redirects
1 trace.popin.cc 1 redirects
1 trace.mediago.io 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 ampcid.google.com.sg www.google-analytics.com
1 www.linkedin.com 1 redirects
1 c.go-mpulse.net s.go-mpulse.net
1 p1.parsely.com www.mlive.com
1 cdn.tinypass.com experience.tinypass.com
1 display.bidder.taboola.com micro.rubiconproject.com
1 prebid.media.net micro.rubiconproject.com
1 direct.adsrvr.org micro.rubiconproject.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 htlb.casalemedia.com micro.rubiconproject.com
1 fastlane.rubiconproject.com micro.rubiconproject.com
1 analytics.twitter.com www.mlive.com
1 t.co www.mlive.com
1 ampcid.google.com www.google-analytics.com
1 sync.sharethis.com bcp.crwdcntrl.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 api.rlcdn.com micro.rubiconproject.com
1 idx.liadm.com micro.rubiconproject.com
1 lexicon.33across.com micro.rubiconproject.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 geo.privacymanager.io ats-wrapper.privacymanager.io
1 cdn.id5-sync.com www.mlive.com
1 secure.cdn.fastclick.net www.mlive.com
1 at.teads.tv a.teads.tv
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 privacy.crwdcntrl.net tags.crwdcntrl.net
1 static.adsafeprotected.com www.mlive.com
1 snap.licdn.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 s.ntv.io www.mlive.com
1 d1z2jf7jlzjs58.cloudfront.net www.mlive.com
1 experience.tinypass.com www.mlive.com
1 ats-wrapper.privacymanager.io www.mlive.com
1 a.teads.tv www.googletagmanager.com
1 micro.rubiconproject.com www.mlive.com
1 s.go-mpulse.net www.mlive.com
1 apps.sophi.io www.mlive.com
1 cdn.sophi.io www.mlive.com
1 mlive.com 1 redirects
1 reschedule.delivery.evri.nn-lb.com 1 redirects
0 sync-dsp.ad-m.asia Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 cs.chocolateplatform.com Failed bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
0 app.cauly.co.kr Failed bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
0 exchange.postrelease.com Failed micro.rubiconproject.com
475 192
Subject Issuer Validity Valid
advancelocal.web.arc-cdn.net
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
luminouscatalyst.com
R3		 2024-01-05 -
2024-04-04		 3 months crt.sh
cdn.sophi.io
Amazon RSA 2048 M01		 2023-09-17 -
2024-10-15		 a year crt.sh
apps.sophi.io
Amazon RSA 2048 M01		 2023-03-18 -
2024-04-15		 a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.sophi.io
Amazon RSA 2048 M01		 2023-04-11 -
2024-05-10		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
w723.lonestarlive.com
Amazon RSA 2048 M01		 2023-07-07 -
2024-08-04		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-13 -
2024-08-12		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-28 -
2024-08-28		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-15 -
2024-01-13		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.blueconic.net
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-06		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-08-30 -
2024-09-28		 a year crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-07-03 -
2024-07-31		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-05 -
2024-12-04		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-14 -
2024-09-12		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.bidder.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-12 -
2024-12-12		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
www.i.matheranalytics.com
Amazon RSA 2048 M03		 2023-11-15 -
2024-12-14		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.google.com.sg
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-09-23 -
2024-10-20		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
li.lisecurelink.com
R3		 2023-11-14 -
2024-02-12		 3 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-04 -
2024-04-21		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
a.svtrd.com
Amazon RSA 2048 M03		 2023-09-23 -
2024-10-21		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2023-06-27 -
2024-07-24		 a year crt.sh
app.matheranalytics.com
GTS CA 1D4		 2023-12-05 -
2024-03-05		 3 months crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
advancelocal.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-11-07 -
2024-12-08		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
dmp.adblade.com
R3		 2023-12-26 -
2024-03-25		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-17 -
2024-06-16		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh

This page contains 66 frames:

Primary Page: https://www.mlive.com/
Frame ID: 55A4B29D05B542767B4B5E563A0CD9DB
Requests: 181 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 4CA2FCD8409E5E74A00BCDCAE0B95B7E
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=963
Frame ID: 7CA455783D3A3C59054F02D6004929EA
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=86%2C14%2C81%2C31%2C26%2C2&c=963&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 43725D97C3FE10BCF3ED177D27091223
Requests: 7 HTTP requests in this frame

Frame: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F0FEFBAC3116170B38502BE4A1B77635
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&dcc=t
Frame ID: ADC342868EA927F4D53DF1A6FFCDA5B7
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 4A156BB9C5DAF5D74D0C4ACA3AD232E3
Requests: 7 HTTP requests in this frame

Frame: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CC5995C75F9B3F97BD8E90AD4C506C09
Requests: 15 HTTP requests in this frame

Frame: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 22503AA6F0DDC87AEFEEE0749253B6DE
Requests: 15 HTTP requests in this frame

Frame: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D2BFF7EB92D6A82B35C97BD247BA6F91
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 70860CAC949BD2B77B1A0BB15555B46E
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 41A7DA3206DACC0BDE9C63C4EEE5B542
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4474198923207602825&gdpr=0&gdpr_consent=
Frame ID: 3A758F8671734B0CD450D0F5EB2F3A3A
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 1737673780657EE690557B40370382A1
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 7371211CE3ADDC4DEFFF509E6E425551
Requests: 17 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 3B1B9C3584DF80EB6D53D1CA03C60C04
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 2A1063210ADD671448A8C8DE8E31BF06
Requests: 20 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=4048876994717771444&ex=appnexus.com
Frame ID: F48BC01EF193B796841F84F39B28DD58
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGJHXsaABMAE&v=APEucNXY4P4owaDXDbDzq1KaRj7K8kqyBSnbPfJecaG77TNtBVjEX2WPFmyy1NgDj5XVoWV0KsJ5a9MOcyxeDgh_3bDm9gcbIg
Frame ID: 0BE41E8655ED7F748D459A37A62E6439
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F2D81031A8C9234FED14CBF4AD4C610A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGJHXsaABMAE&v=APEucNVYVggnP45gzwHIbm1dHboUwb4fXz8V927PTmqgNzWEOhXA0V48CTb2klLuxdhmQ3_CntZNRTGaIe80aSOKY4vsyriipQ
Frame ID: 3451C16C310AD879020069CF1BDF9E78
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7F955CBAD6ADDF1210E85AAF4B6D834D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGJHXsaABMAE&v=APEucNXOMVvaAkVgn-up4m8WPgb_wqHoqO5VeOUYxraWnE31l4b0btnPtOkiVXVjJkJJvFrv-p8-fQMitOFzBhdxfxqmE_rX5w
Frame ID: AA849DA25AD0906BEF27C9158EB8124D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B8D1E4F2DD261A851A0B0EB94E1F5510
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 28A64D1944B5FA8C0A120290DEC515E2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Frame ID: A141B1200C6A393920859DC788F44D95
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9F4203BFDA69ED62E44BC6B007F9D055
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 08A2DD34B627A5F5C49168A8B80B8188
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d9786599-57d6-4f00-b556-cf5f21b767d8&gdpr=0&gdpr_consent=
Frame ID: EE6BA3E9179B0DB8BDC426E4497C67DA
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDB1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70
Frame ID: 20CAB51CCC09A349D61E5331D5A5AF14
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Frame ID: F7F3A27D0E7590B54EC7D02F8A8DF70D
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Frame ID: 829F020222BB4B475487F54843E7802F
Requests: 6 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Frame ID: EBED2107053627B71D891E4BC4AF0C1E
Requests: 22 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70&gdpr=0&gdpr_consent=
Frame ID: 2AEE5B3F6C55F7EB58002F56F396AB70
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4048876994717771444&gdpr=0&gdpr_consent=
Frame ID: 9C22D1268FBB870AE8170637B5A33E70
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 16C16CE6B95DBCA709CE554BDA3C0667
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12zpt1m9f2qf
Frame ID: 3EDC60C56F1FA2005ECE10030FF8BBAA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=t6f_2LSlotmspfTQsKTr1Of0_4CsoffWs_NcPClL
Frame ID: E825D900AB9FCF9BDA7053818B471B32
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDB1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70
Frame ID: 81252F2991271A184E11C3EDB8D07CAD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Frame ID: 2E48DCF98B65702EC34FBDED1A5C10B3
Requests: 6 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3BBF37A7893A1C005FD8C8D5ADCD33DF
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 6B46A8FD033AB93C826BCB36AC60C4F3
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 79A1056109DE39C04F8F08024F269733
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: C2AA52F8A54E45EE69BD779F1871F4F7
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 23D69D2F191D2E90CBC48F618C62A0D6
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3475499083845877000V10&type=rkt&refUrl=&vid=45483125053475499083845877000V10&axid_e=&ovsid=2018527442084423065
Frame ID: 7CB2AABE428A3F6033B4250A5734F80D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 236E130845F6A830C45DFAB85A24C74C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0CC8790DCB53009287E9DB3FFA8DDE22
Requests: 2 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 4B1E7D95A28FF5E13D7A3F50BFFB1E77
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=10b7309f62c448c0ab8b11d51ea91f40
Frame ID: 5166B5675835BDA8EE2F9841C3042198
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 9C4AE7B6E2DE0D2E7C0B138CEBE4ADE8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kSnZhaUdU0Zi-dFxxHQND2V_QLo&gdpr=0&gdpr_consent=
Frame ID: 28D0102B2784436810EA4D1717CCB175
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 98695FCC49C062FAD0557C6A8579A2CD
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 9874924F19B06A3D16749499BB5D5312
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU7317efbc45b941baa4ddc943a66fefa6
Frame ID: 69989CCB103DE263E37313815B99DB2D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=2O9sOZO-D--6meGJ21eZZQ
Frame ID: 8D5362F924B350783DC8F278565B3356
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: ED8318E883A0EFD4238997BB5F0C4B75
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 010A7463FD892C893C84559046D5C098
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70
Frame ID: 532934554AE1C989DACAEAB9CE8714B9
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 1B83CB37A846BA19BDA57192AB9C5B77
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 34C480ADEFF892CD44204B80846D2CE7
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: C97AEE0DD7EC5A4798A5556CE08F6A9E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 676BAF26D969608F0A76EC6F0EE18541
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FLwNzbTm1Rm6SI5&gdpr=0&gdpr_consent=
Frame ID: 2F38E59B9DB0BFED6E207F1D09FA1D3A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018527442084423065
Frame ID: 8540D27871FABF07F9DEC53146CDC030
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004
Frame ID: B6AEE675321164287787FA825255CEB0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Michigan Local News, Breaking News, Sports & WeatherLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. https://reschedule.delivery.evri.nn-lb.com/ HTTP 307
    https://mlive.com/ HTTP 301
    https://www.mlive.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

475
Requests

77 %
HTTPS

0 %
IPv6

116
Domains

192
Subdomains

122
IPs

11
Countries

5107 kB
Transfer

14705 kB
Size

237
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://reschedule.delivery.evri.nn-lb.com/ HTTP 307
    https://mlive.com/ HTTP 301
    https://www.mlive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1644 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma63527/all/17/ml.br.js
Request Chain 86
  • https://sb.scorecardresearch.com/b?c1=2&c2=6034988&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704548306036&ns_c=UTF-8&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&c7=https%3A%2F%2Fwww.mlive.com%2F&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6034988&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704548306036&ns_c=UTF-8&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&c7=https%3A%2F%2Fwww.mlive.com%2F&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&c9=
Request Chain 98
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZZlX0gAMY8sAPgAM HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZlX0gAMY8sAPgAM/gdpr=0&_test=ZZlX0gAMY8sAPgAM
Request Chain 99
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=620650288 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D281%252Ftp%253DANXS%252Ftpid%253D%2524UID%252Fgdpr%253D0%252Frand%3D620650288 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4048876994717771444/gdpr=0/rand=620650288
Request Chain 117
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1704548306433&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1704548306433&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1704548306433%26url%3Dhttps%253A%252F%252Fwww.mlive.com%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1704548306433&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&liSync=true
Request Chain 119
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&dcc=t
Request Chain 125
  • https://rp.liadm.com/j?dtstmp=1704548306522&se=e30&duid=94c49eadf2ac--01hkffy32ebq330pp5cnv5fb47&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid HTTP 302
  • https://rp.liadm.com/j?se=e30&duid=94c49eadf2ac--01hkffy32ebq330pp5cnv5fb47&dtstmp=1704548306522&n3pc=true&wpn=prebid&pu=https%3A%2F%2Fwww.mlive.com%2F
Request Chain 155
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3475499083845877000V10
Request Chain 156
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AAXZdk7LMrAAABQjMFa4Qw&ex=beeswax.com
Request Chain 157
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=d34a1aaedb
Request Chain 158
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID HTTP 302
  • https://trace.popin.cc/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded22c75d8a9c21loli00lr241x69
Request Chain 160
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=NXByjL8KU7r9ann9wqC0
Request Chain 164
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 165
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 166
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4474198923207602825&gdpr=0&gdpr_consent=
Request Chain 171
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=4048876994717771444&ex=appnexus.com
Request Chain 207
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=98f33047-6206-44a9-9367-ebdba8f53da3&expiration=1707140308&gdpr=0&gdpr_consent=
Request Chain 208
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZlX1MaY56wGe4C-uYiXYQAA%265336&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4569115504333617179 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=25589b6a-66e1-45af-88b2-d7906ddb9058 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=08a08027-7b06-4f5a-bda9-6b2ebd482197%3A1704548311.523232&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D08a08027-7b06-4f5a-bda9-6b2ebd482197%253A1704548311.523232%26_%3D1704548311.5255115&cb=1704548311.5255513 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2018527442084423031&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D08a08027-7b06-4f5a-bda9-6b2ebd482197%253A1704548311.523232%26_%3D1704548311.5255115 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=08a08027-7b06-4f5a-bda9-6b2ebd482197%3A1704548311.523232&_=1704548311.5255115 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEA4xZIg-4807-m3vrBYnOGw&google_cver=1
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZlX1MaY56wGe4C_uYiXYQAAFNgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJZxi5NBM0wZuTafCET3RCo&google_cver=1
Request Chain 211
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 212
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1135824000551318125&gdpr=0&gdpr_consent=
Request Chain 213
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720273108&external_user_id=479f0357-cb15-4471-a53c-773f7b9731fe
Request Chain 214
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAL_lU7LMrAAABNzhLXmVA&expiration=1705757908
Request Chain 222
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=MWJlOWMxMDktZGE4NS00ZWFkLWE3MmUtYzllMjhkNWVjNmJm HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 223
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=98f33047-6206-44a9-9367-ebdba8f53da3&gdpr=0&gdpr_consent=
Request Chain 224
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=1be9c109-da85-4ead-a72e-c9e28d5ec6bf&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sharethrough&user_id=1be9c109-da85-4ead-a72e-c9e28d5ec6bf&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=sharethrough HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=sharethrough HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7660733452243284982&ssp=sharethrough HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 227
  • https://match.adsrvr.org/track/cmf/openx?oxid=1979d88a-c04f-36f7-554d-2bf55aa2cd45&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=98f33047-6206-44a9-9367-ebdba8f53da3&ttd_puid=1979d88a-c04f-36f7-554d-2bf55aa2cd45&gdpr=0&gdpr_consent=
Request Chain 228
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZZlX1MCo5swAAPrQcxIAAAAA
Request Chain 229
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdvvROS3RoY-ks8AEDxkHmLQWM8AAAGM3v8YyQ
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBqHhkccryhBxtvuWNKsdxY&google_cver=1
Request Chain 235
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1704548309346 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6556567175 HTTP 302
  • https://sync.1rx.io/usersync/turn/3210515956384444875?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004
Request Chain 236
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=4048876994717771444&pn_id=an
Request Chain 237
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=VEhtIll55Zl9IW58q2lx HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=98f33047-6206-44a9-9367-ebdba8f53da3
Request Chain 238
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEIMaHrHo-RjNMZPru5Cl1aw&google_cver=1
Request Chain 239
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
Request Chain 240
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZlX1MaY56wGe4C-uYiXYQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
Request Chain 241
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOUREEUqxhP-OaGyYkU3R6s&google_cver=1
Request Chain 242
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA0ODg3Njk5NDcxNzc3MTQ0NA%3D%3D
Request Chain 243
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---&khaos=LR241UYY-18-GEDC HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LR241UYY-18-GEDC&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
Request Chain 245
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZlX1MaY56wGe4C-uYiXYQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOUREEUqxhP-OaGyYkU3R6s&google_cver=1
Request Chain 247
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA0ODg3Njk5NDcxNzc3MTQ0NA%3D%3D
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECeSzpQrqRk_h4-9Xdyn2JQ&google_cver=1
Request Chain 252
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=C7Ae-mDQS_mntY_H9B9Lzg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=C7Ae-mDQS_mntY_H9B9Lzg
Request Chain 253
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=98f33047-6206-44a9-9367-ebdba8f53da3&gdpr=0&gdpr_consent=&expires=30
Request Chain 254
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5Z3QwE9TwfHmW0dcQkExSMn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ItIY_9xE2oLZokU5gNpOt.lzklvbeA3Z3CGyfA--~A
Request Chain 255
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR241UYY-18-GEDC&us_privacy=1---
Request Chain 256
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LR241UYY-18-GEDC&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Request Chain 257
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODA0NTgyNTQyOThlYjE1MWMwMmIwYmZjMGM2MTFjMTJlNWZmOGZkMA&us_privacy=1---
Request Chain 259
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFIyNDFVWVktMTgtR0VEQw==&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJhrK3d75YTFXo24Z-XRTpA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFIyNDFVWVktMTgtR0VEQw==&google_push=
Request Chain 260
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1--- HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1---&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAXZdk7LMrAAABQjMFa4Qw&expires=30
Request Chain 261
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1--- HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LR241UYY-18-GEDC&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1--- HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LR241UYY-18-GEDC&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
Request Chain 262
  • https://token.rubiconproject.com/token?pid=37556&a=1&us_privacy=1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR241UYY-18-GEDC&us_privacy=1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LR241UYY-18-GEDC&us_privacy=1---
Request Chain 263
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1--- HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR241UYY-18-GEDC&us_privacy=1---
Request Chain 264
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&us_privacy=1--- HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LR241UYY-18-GEDC&us_privacy=1--- HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LR241UYY-18-GEDC&us_privacy=1---&dnr=1
Request Chain 265
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=aadb8592-82e3-4ab1-b1ef-bab4a9a1eeeb&expires=30&us_privacy=1---
Request Chain 266
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&us_privacy=1--- HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR241UYY-18-GEDC&us_privacy=1---
Request Chain 267
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELRXhynvaJDfFibvvP377cw&google_cver=1&google_push=AXcoOmQux-244c8Fihuq_8RB22c_kqo4lzQbvVV_VLNQd0O82mxvTYlF5XzGcnQ2RV2TbkGkkx8LE8QDnWSvLpeZ-kBH3eGuu1kinkcK0GVfroW1KImPH0Ia54lhcRR6DtXu7pylZnuh7XrFao6wNMa5maY HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=343c2466e26b1ef4&is_secure=true&networkId=14000&version=1&google_gid=CAESELRXhynvaJDfFibvvP377cw&google_cver=1&google_push=AXcoOmQux-244c8Fihuq_8RB22c_kqo4lzQbvVV_VLNQd0O82mxvTYlF5XzGcnQ2RV2TbkGkkx8LE8QDnWSvLpeZ-kBH3eGuu1kinkcK0GVfroW1KImPH0Ia54lhcRR6DtXu7pylZnuh7XrFao6wNMa5maY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALTyHy_Z-2KANyWtRkAAAAAAA&expiration=1704634709&google_cver=1&is_secure=true&google_gid=CAESELRXhynvaJDfFibvvP377cw&google_push=AXcoOmQux-244c8Fihuq_8RB22c_kqo4lzQbvVV_VLNQd0O82mxvTYlF5XzGcnQ2RV2TbkGkkx8LE8QDnWSvLpeZ-kBH3eGuu1kinkcK0GVfroW1KImPH0Ia54lhcRR6DtXu7pylZnuh7XrFao6wNMa5maY
Request Chain 268
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJoZj86_fkpmSyeA_4fF8NI&google_cver=1&google_push=AXcoOmQqQqVw4vGA_lM8pQ1_QVh3OD9P0wx0y61r5xecNCjJa_vxBj9ldnzsy9PH3ZoF4Kaaw61Ii1Kl8ZP-SEG0l7PounXXRlnUhIdr6_YwFCmHjLZJDWKNHpwklHTU_HzioCvC7RYy-fU1SG-8T0HjDuo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlpsWDBnQU1ZOHNBUGdBTQ==&google_gid=CAESEJoZj86_fkpmSyeA_4fF8NI&google_cver=1&google_push=AXcoOmQqQqVw4vGA_lM8pQ1_QVh3OD9P0wx0y61r5xecNCjJa_vxBj9ldnzsy9PH3ZoF4Kaaw61Ii1Kl8ZP-SEG0l7PounXXRlnUhIdr6_YwFCmHjLZJDWKNHpwklHTU_HzioCvC7RYy-fU1SG-8T0HjDuo
Request Chain 269
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEJNAg_cVKfJcNRd4dHB3GwA&google_cver=1&google_push=AXcoOmSSNbKWWs0zzDS_qXL1l_ZzA76qacXRj8m5T7_Bq3rIVfA56dDr0j_HTudNLMJ-Z-Jndye7KOlQkaDKHyeg73gDyA8Ops1Ntzs_R3B3VuWOvuEbFOLrMNse3NxyWQQuU5Ev9OrqmeqDwCu2VmDgDQA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmSSNbKWWs0zzDS_qXL1l_ZzA76qacXRj8m5T7_Bq3rIVfA56dDr0j_HTudNLMJ-Z-Jndye7KOlQkaDKHyeg73gDyA8Ops1Ntzs_R3B3VuWOvuEbFOLrMNse3NxyWQQuU5Ev9OrqmeqDwCu2VmDgDQA&google_hm=MkpSRm01MXpNYU1pQk03ZHJNT0V0X18wQWNz&from_google=pc1
Request Chain 270
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEJnS5q2kQuBZNo5eCzY0Ha0&google_cver=1&google_push=AXcoOmRsndnX6pH5Z3cYn3_l9C_DRISBEfTLv7dPVZAp_d0K1iBI8L2y1oeexYDg3pu3SMsIbAqGrOktKg1OcrILQ5I12JRvmguFcEd2ARmx48WWL_ovdYakCYbSpkw96Tm36g3K1Ca2H8stjR7BTUVk_po HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmRsndnX6pH5Z3cYn3_l9C_DRISBEfTLv7dPVZAp_d0K1iBI8L2y1oeexYDg3pu3SMsIbAqGrOktKg1OcrILQ5I12JRvmguFcEd2ARmx48WWL_ovdYakCYbSpkw96Tm36g3K1Ca2H8stjR7BTUVk_po&google_hm=
Request Chain 272
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEGrRchH8sv7Meq2wEAYD7qU&google_cver=1&google_push=AXcoOmREcNWDDD8D46JneczMnyptBEjmmBnkxUl_Z-i8wX_twYicJiESG996_4CZG2RWAvb2RXrnujepaW2mdeXk0Ec8bAve-RJdTG-v8hsyl7Fch1E-Oj7Fxo8sW3yNe8U8vczVwmAXtVEeNiyvuoTDvuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmREcNWDDD8D46JneczMnyptBEjmmBnkxUl_Z-i8wX_twYicJiESG996_4CZG2RWAvb2RXrnujepaW2mdeXk0Ec8bAve-RJdTG-v8hsyl7Fch1E-Oj7Fxo8sW3yNe8U8vczVwmAXtVEeNiyvuoTDvuA&google_hm=VkVodElsbDU1Wmw5SVc1OHEybHg=
Request Chain 273
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFgookkdnwl-XenqiFo1FrA&google_cver=1&google_push=AXcoOmSKKp-UTxj33OFAc1ZmBF1ATlFwSdeCuQrN_7AZHXtP2O-X_86Zv-tryahLrwSMRv72qRm7w3gDWFCidxUhsu-e7U-ZgvMWlTfKLbZDFg-0eBYJP70Gd4XeUs2pcu-oaKqfWWzn1tcVyof3AzM8kQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSKKp-UTxj33OFAc1ZmBF1ATlFwSdeCuQrN_7AZHXtP2O-X_86Zv-tryahLrwSMRv72qRm7w3gDWFCidxUhsu-e7U-ZgvMWlTfKLbZDFg-0eBYJP70Gd4XeUs2pcu-oaKqfWWzn1tcVyof3AzM8kQ HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
Request Chain 277
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZlX1MaY56wGe4C-uYiXYQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOUREEUqxhP-OaGyYkU3R6s&google_cver=1
Request Chain 279
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA0ODg3Njk5NDcxNzc3MTQ0NA%3D%3D
Request Chain 291
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMz58IqXpc-3ReBP9HEOG1I&google_cver=1&google_push=AXcoOmRHQrbb88IAxvtjA2CBwWjly18QSN84qqnoyDdH6qNOf0pvl4Hl97C2UCUrXoCstGUSNx8Je-6SwZbEtfXX_aklQtl6zufxonOii4uyO79KwCA58C6K8GMfWMmvXgktkJZmAeFEf8-4yIlsOuXiVls HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRHQrbb88IAxvtjA2CBwWjly18QSN84qqnoyDdH6qNOf0pvl4Hl97C2UCUrXoCstGUSNx8Je-6SwZbEtfXX_aklQtl6zufxonOii4uyO79KwCA58C6K8GMfWMmvXgktkJZmAeFEf8-4yIlsOuXiVls&google_hm=eS04clhvY0c1RTJwSDhFclVDZGRIMnp0djA2UXdDa2NHV35B
Request Chain 293
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGeDJwtXd1i-YDGmVv5wBp0&google_cver=1&google_push=AXcoOmRi61JSbGseTD-m9GfnrmoIUkyTPvPJWAtxLgbLHfj2Ez05lPPN--IwS3iyYKdqjwe6d9Wm07Tz51WVBaGNKi6q-I5S_M1bxst6wZxnGdEckLTovsHyyn9K38-y5cjHoeRrtBz98zfS50fWgeos6Mg HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGeDJwtXd1i-YDGmVv5wBp0&google_push=AXcoOmRi61JSbGseTD-m9GfnrmoIUkyTPvPJWAtxLgbLHfj2Ez05lPPN--IwS3iyYKdqjwe6d9Wm07Tz51WVBaGNKi6q-I5S_M1bxst6wZxnGdEckLTovsHyyn9K38-y5cjHoeRrtBz98zfS50fWgeos6Mg&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRi61JSbGseTD-m9GfnrmoIUkyTPvPJWAtxLgbLHfj2Ez05lPPN--IwS3iyYKdqjwe6d9Wm07Tz51WVBaGNKi6q-I5S_M1bxst6wZxnGdEckLTovsHyyn9K38-y5cjHoeRrtBz98zfS50fWgeos6Mg&google_hm=ZlVaYkdNYkh6SGdvdWNTVjIzbmo=
Request Chain 294
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJsHqjPLWfGGdOd87XHkruo&google_cver=1&google_push=AXcoOmRHVNPCI1L_sfzisUFA5GEEuDraVIJMzZlhSdGPm8XyINr1YnbmrE9DWerEnHrYhzp4h2fC3RJLOYr13BnqfbZh0o1-tElfy0F8w2JJEILEuqPXqayNNbMSZRela3G2HcSkhrxPmvICDTJcbqwYig HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJsHqjPLWfGGdOd87XHkruo&google_cver=1&google_push=AXcoOmRHVNPCI1L_sfzisUFA5GEEuDraVIJMzZlhSdGPm8XyINr1YnbmrE9DWerEnHrYhzp4h2fC3RJLOYr13BnqfbZh0o1-tElfy0F8w2JJEILEuqPXqayNNbMSZRela3G2HcSkhrxPmvICDTJcbqwYig&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sfLFzJ8aRPSH9G_O5oX8cA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRHVNPCI1L_sfzisUFA5GEEuDraVIJMzZlhSdGPm8XyINr1YnbmrE9DWerEnHrYhzp4h2fC3RJLOYr13BnqfbZh0o1-tElfy0F8w2JJEILEuqPXqayNNbMSZRela3G2HcSkhrxPmvICDTJcbqwYig
Request Chain 295
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEoPd_tdUGoWY2EeJbLZifk&google_cver=1&google_push=AXcoOmSRBlQCwVaz110RnCnAAwYq2JPrjSmlpDuqaLKG-a5ob8BCR4putugjpPBTht-zQdwWhmzS_DatOg_-ZxG8KiTblTjxdtRaHQucUqG1h6ZMOdg0SRMpnMh8O6mU5f9ojJQw6QZjTMmfkP02PNRm5dw HTTP 302
  • https://s-cs.rmp.rakuten.com/?d=50&uid=d34a1aaedb
Request Chain 297
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEE3XIRBAG4yKx7DhGcUXLYM&google_cver=1&google_push=AXcoOmTYJmSbsoT6BDaRGTS8nsSS-UYABGtytmlzhucwBBUmRDcfIrOqTbDi35eGl2p_HVNvJukUghabTjefAYxvdci9A5E-1GUOt23n4Q3cUz800vjKgT7lUynjPLNQNePl4_3GmpazgB7cYBpBJzX_Fr4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTYJmSbsoT6BDaRGTS8nsSS-UYABGtytmlzhucwBBUmRDcfIrOqTbDi35eGl2p_HVNvJukUghabTjefAYxvdci9A5E-1GUOt23n4Q3cUz800vjKgT7lUynjPLNQNePl4_3GmpazgB7cYBpBJzX_Fr4&google_hm=NDQ3NDE5ODkyMzIwNzYwMjgyNQ%3D%3D
Request Chain 305
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d9786599-57d6-4f00-b556-cf5f21b767d8&gdpr=0&gdpr_consent=
Request Chain 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sfLFzJ8aRPSH9G_O5oX8cA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 308
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9d8cee36-f085-4f3e-b59d-502b6bde50ee%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=98f33047-6206-44a9-9367-ebdba8f53da3&ttd_puid=9d8cee36-f085-4f3e-b59d-502b6bde50ee%2C%2C
Request Chain 310
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjFGMkM1Q0MtOUYxQS00NEY0LTg3RjQtNkZDRUU2ODVGQzcw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 312
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIDE14QCV_QRPG4CaATyUWU&google_cver=1
Request Chain 313
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:57F94EE4CDA843F8863F34610C0CE531
Request Chain 315
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=98f33047-6206-44a9-9367-ebdba8f53da3&gdpr=0&gdpr_consent=
Request Chain 326
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJAiAnlTmhhemyRGCLfMnXk&google_cver=1&google_push=AXcoOmTmA0k-TlGb54xde32-3jY-2wI3Jags-ipNuIRo5tl2q8B-NSLVv6zcEoVy7EepoFr68jw5hgEUaTaKHbdspl3rjIySpx5tDrxhFIFUbejR9Vgi5cMNV-JaX0FiQG42grKIWLOfJOiqG31El4Ho9Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTmA0k-TlGb54xde32-3jY-2wI3Jags-ipNuIRo5tl2q8B-NSLVv6zcEoVy7EepoFr68jw5hgEUaTaKHbdspl3rjIySpx5tDrxhFIFUbejR9Vgi5cMNV-JaX0FiQG42grKIWLOfJOiqG31El4Ho9Q
Request Chain 327
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEJNAg_cVKfJcNRd4dHB3GwA&google_cver=1&google_push=AXcoOmSGSQUk5w8jvzZWrP0lbAfzDkKJ5ypx7mt-1YuOZXA7L1IUp-ZhPSsH8YHpVLFR8jWLJuA4NL1oX467HHoUYA3XKccyJgPiNZm-X_3ghoC4H7kbGhYxZKADVS6MEBqutdqcA220aHLkrkvIDPfU1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmSGSQUk5w8jvzZWrP0lbAfzDkKJ5ypx7mt-1YuOZXA7L1IUp-ZhPSsH8YHpVLFR8jWLJuA4NL1oX467HHoUYA3XKccyJgPiNZm-X_3ghoC4H7kbGhYxZKADVS6MEBqutdqcA220aHLkrkvIDPfU1g&google_hm=MkpSRm01MXpNYU1pQk03ZHJNT0V0X18wQWNz&from_google=sp1
Request Chain 329
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJsHqjPLWfGGdOd87XHkruo&google_cver=1&google_push=AXcoOmQIdZG6Gg0NiTSmAGX-RBKFbxiNJrkgxh89N1by46bDlk_tDVnbK2IPK8RyKR17ty-zKkQqTQTzaleEDkFXJZKRtEk6dT4TZTG5-2zJI7SgLlrAaP4u5z9c-30XlBO-zmB8qgfBku54j-ZVsjoDhzA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sfLFzJ8aRPSH9G_O5oX8cA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQIdZG6Gg0NiTSmAGX-RBKFbxiNJrkgxh89N1by46bDlk_tDVnbK2IPK8RyKR17ty-zKkQqTQTzaleEDkFXJZKRtEk6dT4TZTG5-2zJI7SgLlrAaP4u5z9c-30XlBO-zmB8qgfBku54j-ZVsjoDhzA
Request Chain 330
  • https://sync.inmobi.com/gob?google_gid=CAESEAjo38sJ6wM98dL-qJEa8No&google_cver=1&google_push=AXcoOmQiwtLuMXF1YFu5GiUoqN3YyxRVW-ZqJmxpaNnh-cq9exM9kG9v7x8dYACGoJZ_FDJ9FQSZMQVLq-tATh3KUma2xfGROEqLpj1yKdXtWeDXCwFblgUf9dHIKPL5cacqSfC1MWRCU1cZeo68bgMqQ1k2 HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQiwtLuMXF1YFu5GiUoqN3YyxRVW-ZqJmxpaNnh-cq9exM9kG9v7x8dYACGoJZ_FDJ9FQSZMQVLq-tATh3KUma2xfGROEqLpj1yKdXtWeDXCwFblgUf9dHIKPL5cacqSfC1MWRCU1cZeo68bgMqQ1k2 HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-d9eeDVbj4bSPsLxTmNTaVmc0LARxQVeleqMGFjSj_g&google_push=AXcoOmQiwtLuMXF1YFu5GiUoqN3YyxRVW-ZqJmxpaNnh-cq9exM9kG9v7x8dYACGoJZ_FDJ9FQSZMQVLq-tATh3KUma2xfGROEqLpj1yKdXtWeDXCwFblgUf9dHIKPL5cacqSfC1MWRCU1cZeo68bgMqQ1k2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=RNJ5a3PimfAdLFgcX5y3&google_push=AXcoOmQiwtLuMXF1YFu5GiUoqN3YyxRVW-ZqJmxpaNnh-cq9exM9kG9v7x8dYACGoJZ_FDJ9FQSZMQVLq-tATh3KUma2xfGROEqLpj1yKdXtWeDXCwFblgUf9dHIKPL5cacqSfC1MWRCU1cZeo68bgMqQ1k2&google_nid=inmobi_new_eb
Request Chain 331
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFgookkdnwl-XenqiFo1FrA&google_cver=1&google_push=AXcoOmT4gotkhsFM1WiptbQlVLpid3GAnVZDUfTbN_0r-8oc5It6qb7ile8eLyvC2R2b6AcTKkA3wrBUwJW6bDRWIDtjs5OgHWmeeCuSt-InOBJoSpM91aRRsWUUKJh68dcGMqkBGIQcbbh-tsUgMeQcKnwL HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT4gotkhsFM1WiptbQlVLpid3GAnVZDUfTbN_0r-8oc5It6qb7ile8eLyvC2R2b6AcTKkA3wrBUwJW6bDRWIDtjs5OgHWmeeCuSt-InOBJoSpM91aRRsWUUKJh68dcGMqkBGIQcbbh-tsUgMeQcKnwL HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 332
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENrsh9AjXQT1IEh2vGcrMMA&google_cver=1&google_push=AXcoOmQTI0gC8gfKlfpDoqI_0ZtTB_JPZ_Ko9jxWvcGD_IiNsJqYqD_SOCjMJcz16LZ7NZQbQ4BwDxYMZ-kh5uYhwxs4ndy07DKsCwuOafTckjyPs8oihsPpb98EnsTDtXz1i2CDBhREtRGwRg8oltA-jDhr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MjI2NTE4MDAtYmFiYi00YmFiLTg4OGMtMjg4MzM1ZmI3ODU5&google_push=AXcoOmQTI0gC8gfKlfpDoqI_0ZtTB_JPZ_Ko9jxWvcGD_IiNsJqYqD_SOCjMJcz16LZ7NZQbQ4BwDxYMZ-kh5uYhwxs4ndy07DKsCwuOafTckjyPs8oihsPpb98EnsTDtXz1i2CDBhREtRGwRg8oltA-jDhr HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 392
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4048876994717771444&gdpr=0&gdpr_consent=
Request Chain 393
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=af3c3f0a-bfed-3b95-8e8d-28bb76527378&ssp=pubmatic&bsw_param=d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 394
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12zpt1m9f2qf
Request Chain 395
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=t6f_2LSlotmspfTQsKTr1Of0_4CsoffWs_NcPClL
Request Chain 397
  • https://idsync.rlcdn.com/420486.gif?partner_uid=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=43299a7fe409d8a7130c99bf804bee8b457bf2023798c5f6d5b91718265678e2791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA0MzI5OWE3ZmU0MDlkOGE3MTMwYzk5YmY4MDRiZWU4YjQ1N2JmMjAyMzc5OGM1ZjZkNWI5MTcxODI2NTY3OGUyNzkxNDI2YjU0MTdkY2UyMRAAGgwI2K_lrAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA0MzI5OWE3ZmU0MDlkOGE3MTMwYzk5YmY4MDRiZWU4YjQ1N2JmMjAyMzc5OGM1ZjZkNWI5MTcxODI2NTY3OGUyNzkxNDI2YjU0MTdkY2UyMRAAGgwI2K_lrAYSBAgCEABCAEoA&google_gid=CAESEDzpu-tW28ERMz9KI67XIIc&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=379b54b0-111a-4997-b9c4-8b28343be5dc
Request Chain 398
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4569115504333617179&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 399
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2FdtZztE2uWVavlsOXVM3MFHpgHijms-~A&gdpr=0
Request Chain 405
  • https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=98f33047-6206-44a9-9367-ebdba8f53da3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=98f33047-6206-44a9-9367-ebdba8f53da3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=98f33047-6206-44a9-9367-ebdba8f53da3
Request Chain 409
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4048876994717771444
Request Chain 410
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=oW4hH6JsfB66bClA8m41FaFsLRK6Pn4WoD-j4zVZ
Request Chain 411
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZZlX1MaY56wGe4C_uYiXYQAAFNgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZZlX1MaY56wGe4C_uYiXYQAAFNgAAAAB
Request Chain 412
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZZlX1MaY56wGe4C-uYiXYQAA%265336?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZZlX1MaY56wGe4C-uYiXYQAA%265336
Request Chain 413
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4569115504333617179
Request Chain 415
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3867dc02-312d-2278-e58afac8
Request Chain 419
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 420
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3475499083845877000V10%26type%3Drkt%26refUrl%3D%26vid%3D45483125053475499083845877000V10%26axid_e%3D%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3475499083845877000V10&type=rkt&refUrl=&vid=45483125053475499083845877000V10&axid_e=&ovsid=2018527442084423065
Request Chain 421
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3475499083845877000V10%26type%3Dcon%26refUrl%3D%26vid%3D45483125053475499083845877000V10%26axid_e%3D%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=bfa728642e21eff&is_secure=true&version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3475499083845877000V10%26type%3Dcon%26refUrl%3D%26vid%3D45483125053475499083845877000V10%26axid_e%3D%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3475499083845877000V10&type=con&refUrl=&vid=45483125053475499083845877000V10&axid_e=&ovsid=AAALTyHy_Z-3UQNCMqrfAAAAAAA&expiration=1704634712&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 422
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3475499083845877000V10%26type%3Dr1%26refUrl%3D%26vid%3D45483125053475499083845877000V10%26axid_e%3D%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5646801149 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/98f33047-6206-44a9-9367-ebdba8f53da3 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3475499083845877000V10%26type%3Dr1%26refUrl%3D%26vid%3D45483125053475499083845877000V10%26axid_e%3D%26ovsid%3DRX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3475499083845877000V10&type=r1&refUrl=&vid=45483125053475499083845877000V10&axid_e=&ovsid=RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004
Request Chain 423
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQ3NTQ5OTA4Mzg0NTg3NzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEFQRkoOWOjuTyawm8qFpQU4&google_cver=1
Request Chain 424
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3475499083845877000V10%26type%3Ddxu%26refUrl%3D%26vid%3D45483125053475499083845877000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3475499083845877000V10%26type%3Ddxu%26refUrl%3D%26vid%3D45483125053475499083845877000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3475499083845877000V10&type=dxu&refUrl=&vid=45483125053475499083845877000V10&axid_e=&ovsid=FLwNzbTm1Rm6SI5
Request Chain 425
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=05340985-a6fd-48ca-847a-263c57f46abd&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 426
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-eNkkv71E2pmOKuALllXP8T2RXI6dTYl.FjjIow--~A&expires=5&ssp=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 427
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__ HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=fUZbGMbHzHgoucSV23nj
Request Chain 429
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3475499083845877000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3475499083845877000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=3032bcfc-64f1-4f57-94be-d207d34718d1&cs=1
Request Chain 431
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=98f33047-6206-44a9-9367-ebdba8f53da3
Request Chain 432
  • https://creativecdn.com/cm-notify?pi=medianet HTTP 302
  • https://creativecdn.com/cm-notify?pi=medianet&tc=1 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=LE0BBioQlieMnwfs_Qa1F2_4guAxir_H1uYpGq4trPY&pi=medianet&tc=1
Request Chain 435
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&us_privacy=1---&khaos=LR241UYY-18-GEDC HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LR241UYY-18-GEDC&us_privacy=1---
Request Chain 454
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=10b7309f62c448c0ab8b11d51ea91f40
Request Chain 456
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kSnZhaUdU0Zi-dFxxHQND2V_QLo&gdpr=0&gdpr_consent=
Request Chain 457
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 459
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU7317efbc45b941baa4ddc943a66fefa6
Request Chain 460
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=2O9sOZO-D--6meGJ21eZZQ
Request Chain 462
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7660733452243284982
Request Chain 468
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 471
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 472
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FLwNzbTm1Rm6SI5&gdpr=0&gdpr_consent=
Request Chain 473
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018527442084423065
Request Chain 474
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/unruly?rndcb=502219177 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-5FAuMsJE2oWI0KZynbWmoWPMD188ALeqflBu~A HTTP 302
  • https://sync.1rx.io/usersync/verizon/y-5FAuMsJE2oWI0KZynbWmoWPMD188ALeqflBu~A HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004
Request Chain 475
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=52a25224f3651eff&is_secure=true&networkId=17100&version=1&nuid=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMNKNOkZS54AMmycqWAAAAAAA&expiration=1704634718&nuid=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70&is_secure=true&gdpr_consent=&gdpr=0

475 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mlive.com/
Redirect Chain
  • https://reschedule.delivery.evri.nn-lb.com/
  • https://mlive.com/
  • https://www.mlive.com/
470 KB
89 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
26f59c7ff784ea03c69b44aa4f8496d8b7452217bbac5d9b18626203462bf00a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

akamai-true-ttl
-1
cache-control
private, max-age=60
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Sat, 06 Jan 2024 13:38:24 GMT
etag
W/"743d8-CV1AWGZcO/Kz/WnhwKJhVX/ZtPk"
expires
Sat, 06 Jan 2024 13:39:24 GMT
last-modified
Sat, 06 Jan 2024 13:38:24 GMT
link
<https://www.mlive.com/pf/resources/fonts/Inter/Inter-Bold.woff2?d=1195>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.mlive.com/pf/resources/fonts/Inter/Inter-Regular.woff2?d=1195>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.mlive.com/pf/resources/fonts/Inter/Inter-SemiBold.woff2?d=1195>;rel="preload";as="font";type="font/woff2";crossorigin,<https://www.mlive.com/pf/resources/fonts/farnhamheadline-medium.woff?d=1195>;rel="preload";as="font";type="font/woff";crossorigin,<https://www.mlive.com/pf/resources/fonts/farnhamheadline-semi-bold.woff?d=1195>;rel="preload";as="font";type="font/woff";crossorigin,<https://www.mlive.com/pf/resources/fonts/Inter/Inter-Italic.woff2?d=1195>;rel="preload";as="font";type="font/woff2";crossorigin <https://cdn.sophi.io>;rel="preconnect",<https://apps.sophi.io>;rel="preconnect",<https://micro.rubiconproject.com>;rel="preconnect",<https://c.amazon-adsystem.com>;rel="preconnect",<https://a.teads.tv>;rel="preconnect",<https://z.moatads.com>;rel="preconnect",<https://s.ntv.io>;rel="preconnect",<https://connect.facebook.net>;rel="preconnect",<https://static.ads-twitter.com>;rel="preconnect" <https://cdn.cookielaw.org>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://securepubads.g.doubleclick.net>;rel="preconnect",<https://tags.crwdcntrl.net>;rel="preconnect",<https://h312.mlive.com>;rel="preconnect",<https://news.google.com>;rel="preconnect",<https://ats-wrapper.privacymanager.io>;rel="preconnect",<https://www.google-analytics.com>;rel="preconnect"
prerender-cache-tag
prerender-advancelocal-mlive-prod-b308edcd
referrer-policy
no-referrer-when-downgrade
server
openresty
server-timing
cdn-cache; desc=MISS edge; dur=5502 origin; dur=1404 ak_p; desc="1704548297783_711167148_15482660_690696_8212_6_17_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 86523 0 pmb=mRUM,2
x-amz-cf-id
mh4bHg1jvP-6tw2K5m5fb0g4MKpOunAOH0r5fhAziPZ1O5iSGfzgbQ==
x-amz-cf-pop
SIN52-P1
x-arc-pb-request-id
d932cd4c-c397-4484-b630-59baf1265430 54e36069-cab0-44de-988d-7cef01916863
x-arc-request-id
0.ac8c632a.1704548297.ec3f24

Redirect headers

content-length
134
content-type
text/html
date
Sat, 06 Jan 2024 13:38:16 GMT
location
https://www.mlive.com:443/
server
awselb/2.0
Inter-Bold.woff2
www.mlive.com/pf/resources/fonts/Inter/ 		104 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/Inter/Inter-Bold.woff2?d=1195
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Sat, 06 Jan 2024 13:38:24 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548304.ec6d64
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1704548304800_711167148_15494500_253_6237_15_0_219";dur=1
content-length
106140
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:14 GMT
server
openresty
etag
"444a7284663a3bc886683eb81450b294"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
cGHqXg2zFkZS5_dLUFmHmFwhVr1tQ8oMkJxMIC6OG_8cvEOI_ZvfaA==
expires
Sun, 05 Jan 2025 13:38:24 GMT
Inter-Regular.woff2
www.mlive.com/pf/resources/fonts/Inter/ 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/Inter/Inter-Regular.woff2?d=1195
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Sat, 06 Jan 2024 13:38:24 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548304.ec6d65
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704548304800_711167148_15494501_29_6697_15_0_219";dur=1
content-length
98868
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:14 GMT
server
openresty
etag
"dc131113894217b5031000575d9de002"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
hX-xnM7-5reoWNkKyc32T-7E4d4w1EK3OUcK3JSAS2zjQAuV7E47fw==
expires
Sun, 05 Jan 2025 13:38:24 GMT
Inter-SemiBold.woff2
www.mlive.com/pf/resources/fonts/Inter/ 		103 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/Inter/Inter-SemiBold.woff2?d=1195
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 06 Jan 2024 13:38:24 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL58-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548304.ec6d66
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704548304800_711167148_15494502_48_6612_15_0_219";dur=1
content-length
105804
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:14 GMT
server
openresty
etag
"007ad31a53f4ab3f58ee74f2308482ce"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
knhwUwK97P-Y6aDTHEIUH2PsKVS9wAQqgNLelts7od6wV731pJIZug==
expires
Sun, 05 Jan 2025 13:38:24 GMT
farnhamheadline-medium.woff
www.mlive.com/pf/resources/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/farnhamheadline-medium.woff?d=1195
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 06 Jan 2024 13:38:24 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
MIA3-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548304.ec6d67
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704548304800_711167148_15494503_42_6491_15_0_219";dur=1
content-length
36831
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:14 GMT
server
openresty
etag
W/"05b85684cbf3bc11490297c50cfd67c3"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
I2qa1wCTmS2ZZYpEzXyf6rw1jIfLdjcNoqzaK1asZinPdyV_ZW5wzQ==
expires
Sun, 05 Jan 2025 13:38:24 GMT
farnhamheadline-semi-bold.woff
www.mlive.com/pf/resources/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/farnhamheadline-semi-bold.woff?d=1195
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Sat, 06 Jan 2024 13:38:24 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL58-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548304.ec6d68
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704548304800_711167148_15494504_37_6615_15_0_219";dur=1
content-length
37066
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:14 GMT
server
openresty
etag
W/"c9a8222fbabe6b700baacd21dd7a1f61"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
jeYUov1rh9zlVvejlGjUymrJjFTB768qTcpabUYcMUaOwg4MSFD1Sw==
expires
Sun, 05 Jan 2025 13:38:24 GMT
Inter-Italic.woff2
www.mlive.com/pf/resources/fonts/Inter/ 		104 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/Inter/Inter-Italic.woff2?d=1195
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
900058dffaf216c9a853e2d7e4109bfa2a58994237b2d4e5793734e4c2ecb4ac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 06 Jan 2024 13:38:24 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548304.ec6d69
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704548304800_711167148_15494505_43_6452_15_0_219";dur=1
content-length
106876
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:14 GMT
server
openresty
etag
"fd26ff23f831db9ae85a805386529385"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
-f_KxgBTvJPRg8TtDICg9VTOrDtA1Ge4KQc63VCtB7rrkHJytF5Z1Q==
expires
Sun, 05 Jan 2025 13:38:24 GMT
default.css
www.mlive.com/pf/dist/components/output-types/ 		45 B
607 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/output-types/default.css?d=1195
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 06 Jan 2024 13:38:24 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL58-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548304.ec6d6a
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704548304800_711167148_15494506_36_6520_15_0_255";dur=1
content-length
57
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:15 GMT
server
openresty
etag
"534bb0614e61e484cae7d5dc8ecc424c"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
O7n4gMShV7BjlOhMtMYTsuJXOqeNunfJdXHDDwXE3-Yk4cL6hNCowQ==
expires
Sun, 05 Jan 2025 13:38:24 GMT
default.css
www.mlive.com/pf/dist/components/combinations/ 		454 KB
68 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1195
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
f29b257a3de129765fa546474230d7f016cf770544f4a55327b8b947c6aa58b9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 06 Jan 2024 13:38:24 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD56-P6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548304.ec6d6b
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704548304801_711167148_15494507_141_6418_15_0_255";dur=1
content-length
68806
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:14 GMT
server
openresty
etag
W/"07f17ea46e1c22c31c6bcd50e2fed735"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
Y7FNLWt-Rj8At-38FQaXRZCIgu9qV3xFFvd6GXn4ObzJ-vNMfB-zuw==
expires
Sun, 05 Jan 2025 13:38:24 GMT
style.css
www.mlive.com/pf/resources/dist/mlive/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1195
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
ec27429b92840173d570438ca448f932353e4ee729c74cfaeb307dbc0893336a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
date
Sat, 06 Jan 2024 13:38:24 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548304.ec6d6c
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704548304800_711167148_15494508_44_6490_15_0_255";dur=1
content-length
522
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:13 GMT
server
openresty
etag
W/"dc42da9562e1a5a0f025e383e683d907"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
pM7W4WC_mMvyErbhMQZxDruXGG926cKlhpsf-lLs5WsLcD1AWujC_g==
expires
Sun, 05 Jan 2025 13:38:24 GMT
react.js
www.mlive.com/pf/dist/engine/ 		374 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/engine/react.js?d=1195
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
bfcc23462136af97c7b17c5143ae4ad78ae1779ecebcc3692120c8af9bb8abd8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 06 Jan 2024 13:38:24 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548304.ec6e5c
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704548304929_711167148_15494748_2596_6206_3_0_146";dur=1
content-length
110455
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:15 GMT
server
openresty
etag
W/"3284bff5866b1db3eb627a405f8bc49f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
jZ2qcAQ97g1dJT7lq3X9h44mBkA-PtxGCGV5EzKJLvUdOxN7VdNruw==
expires
Sun, 05 Jan 2025 13:38:24 GMT
default.js
www.mlive.com/pf/dist/components/combinations/ 		2 MB
529 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/combinations/default.js?d=1195
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
59dcb4a586677f8eaae8c4bf0123f4248e34bd62367f5b90c84127d98c219dc5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
date
Sat, 06 Jan 2024 13:38:24 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548304.ec6e5d
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704548304929_711167148_15494749_2623_5959_3_0_146";dur=1
content-length
541154
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:15 GMT
server
openresty
etag
W/"17c540ed4ba11d0ed459cf3a0ccd90c3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
XBb10D3PWyq5D04NsnW7DyuVMuPSbNG7tdr_GcN1sFnYgc2SryRwtA==
expires
Sun, 05 Jan 2025 13:38:24 GMT
BIOD5B5DLRDRDPGIVEFNZ76NYE.png
www.mlive.com/resizer/0kGY06SsZ4LSB63w9A-Uvk3l1UA=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/0kGY06SsZ4LSB63w9A-Uvk3l1UA=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/BIOD5B5DLRDRDPGIVEFNZ76NYE.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
Akamai Image Manager /
Resource Hash
6aa559f239655277f2e115d885d2eff1ce567d1d5e6e6d7cdfeb53645156212d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 06 Jan 2024 13:38:25 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Jan 2024 16:58:01 GMT
server
Akamai Image Manager
etag
"375f775f8de29681158b0369dc8c9e527095f28c"
x-arc-request-id
0.ac8c632a.1704548304.ec6e59
content-type
image/avif
cache-control
private, no-transform, max-age=31461578
server-timing
cdn-cache; desc=HIT, edge; dur=197, ak_p; desc="1704548304929_711167148_15494745_22325_7783_5_0_182";dur=1
content-length
26145
expires
Sat, 04 Jan 2025 16:58:03 GMT
iabCcpaIntegrationScript-noGAM.js
cdn.cookielaw.org/opt-out/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 13:38:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ZkLmnzyu8aoAQNwZHm6Yqw==
age
53395
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bf9deafd-201e-0065-58ff-2197c7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
84145c7b9c1940eb-SIN
logo_main.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_main.svg?d=1195
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 06 Jan 2024 13:38:24 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548304.ec6d6d
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704548304800_711167148_15494509_47_6409_15_0_182";dur=1
content-length
660
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:14 GMT
server
openresty
etag
W/"351c57e1a77c618772f5966a7f2094ee"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
CaBVvpi6rD62gdF-E8AC8L7ZqucCXFdNlp4fjRzghNNw3oVrILadAQ==
expires
Sun, 05 Jan 2025 13:38:24 GMT
logo_main_sm.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_main_sm.svg?d=1195
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 06 Jan 2024 13:38:24 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
MIA3-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548304.ec6d6e
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704548304800_711167148_15494510_54_6328_15_0_182";dur=1
content-length
902
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:14 GMT
server
openresty
etag
W/"cb98cda61d359616349bbc2a92540ddb"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
PVsMslKG2WiPe3RWhIo3ffjEUnIIiXX0P8sBhfW2Ee_7VyxkLRAteQ==
expires
Sun, 05 Jan 2025 13:38:24 GMT
social-monochrome.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/social-monochrome.svg?d=1195
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date
Sat, 06 Jan 2024 13:38:24 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548304.ec6e5a
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704548304929_711167148_15494746_2646_6663_3_0_182";dur=1
content-length
603
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:14 GMT
server
openresty
etag
W/"7819fa78e2e7770bb40587187d83cb87"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
UBY_8esEbm3dlO3Yje1RkaiwWNtiQTR_EvXPCFszntnz-bcYOtfUyw==
expires
Sun, 05 Jan 2025 13:38:24 GMT
logo_footer.png
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_footer.png?d=1195
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
Akamai Image Manager /
Resource Hash
0c1194491324f0e5b99036c8ae0ad83d12f0f21d841cc31eae81caf10c05d76b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 06 Jan 2024 13:38:24 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:28:53 GMT
server
Akamai Image Manager
etag
W/"be8042e858f0c6b5cd87834c8aafe76d"
x-arc-request-id
0.ac8c632a.1704548304.ec6e5e
content-type
image/avif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31200539
server-timing
cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1704548304929_711167148_15494750_3030_6693_3_0_146";dur=1
content-length
1398
expires
Wed, 01 Jan 2025 16:27:23 GMT
AdvanceLocal_horizontal.svg
www.mlive.com/pf/resources/images/common/logos/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/logos/AdvanceLocal_horizontal.svg?d=1195
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
702c805fec65a8cc8c6c40aed34123b021e5ed6107cc6dfdebc4b0fc2e229887
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 06 Jan 2024 13:38:24 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
MIA3-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548304.ec6e5b
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704548304929_711167148_15494747_2595_6201_3_0_182";dur=1
content-length
3554
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:14 GMT
server
openresty
etag
W/"3770993da506fb6d4bbccfcdcc3a4800"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
jjhcv1WvbYcgDxFrXysXWEkGjILnBYVP9kYiN1XPnSjpviEfNnB6GQ==
expires
Sun, 05 Jan 2025 13:38:24 GMT
privacyoptions29x14.png
www.mlive.com/pf/resources/images/common/icons/ 		572 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/privacyoptions29x14.png?d=1195
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
Akamai Image Manager /
Resource Hash
2a70c011ae2744e9d6486d31e25e621e6d7c5334224c69f04409012afba00c2b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 06 Jan 2024 13:38:24 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:28:47 GMT
server
Akamai Image Manager
etag
W/"3becc0b0069622544a1ffb2da90eebe3"
x-arc-request-id
0.ac8c632a.1704548304.ec6e5f
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31200592
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704548304929_711167148_15494751_2641_6971_3_0_146";dur=1
content-length
572
expires
Wed, 01 Jan 2025 16:28:16 GMT
ad-choices-arrow.png
www.mlive.com/pf/resources/images/common/logos/ 		184 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/logos/ad-choices-arrow.png?d=1195
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
Akamai Image Manager /
Resource Hash
000875f535d3c8342137670778185a66af35c904fd6d5e5f19fb57438eea12db
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 06 Jan 2024 13:38:24 GMT
x-check-cacheable
YES
x-arc-request-id
0.ac8c632a.1704548304.ec6e60
server-timing
cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1704548304930_711167148_15494752_3007_9159_3_0_146";dur=1
content-length
184
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:28:58 GMT
server
Akamai Image Manager
x-serial
1957
etag
W/"c6e75cc6be8dcb2f2d1ab36209f3c3b7"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31200512
expires
Wed, 01 Jan 2025 16:26:56 GMT
35f01c6515d5c9c30bbab5.js
luminouscatalyst.com/fd1aec2a8f5faf/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://luminouscatalyst.com/fd1aec2a8f5faf/35f01c6515d5c9c30bbab5.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.181.170 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.181.110.34.bc.googleusercontent.com
Software
/
Resource Hash
1f0b2b7a9ed8dff75946a5d1e80ff3a83cd4609274a71f4af7ddae9191e1bcac
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Sat, 06 Jan 2024 13:38:25 GMT
x-datacenter
gce-asia-east1
etag
"9ede4e0a589d5b02c3310c872b3a2fd884ec83aab431633f9103ced28b42d9a1"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-9f87
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sophi.min.js
cdn.sophi.io/advancelocal/ 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sophi.io/advancelocal/sophi.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-26.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b9afeb90db17ffa772a8bbc38f8ae37524ac4c0660dfc228f528cfe36a38d53d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 07:09:20 GMT
x-amz-version-id
.qZXsiAWjTa0yWFLcXE5U.grm2eEgIL7
content-encoding
br
last-modified
Mon, 27 Feb 2023 17:38:35 GMT
server
AmazonS3
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
x-amz-server-side-encryption
AES256
etag
W/"0915af152c652f927c398faa26e9904b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
23345
x-amz-cf-id
GGd2hh8v8oUoEwWRW9hPo-OCNQgi_e22e6E2edM7wgOTNJlK70ahmQ==
al-mlive.segments.min.js
apps.sophi.io/latest/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.sophi.io/latest/al-mlive.segments.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-84.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0709e11f34bb1e47193a170bc8baf94732a32a867443b29be840c550cc03981d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
5x.gfjtiZoE7IFt5eELjKuStLmrI5ZXL
content-encoding
gzip
via
1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront)
date
Sat, 06 Jan 2024 13:38:26 GMT
last-modified
Thu, 09 Feb 2023 19:54:03 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
x-amz-server-side-encryption
AES256
etag
W/"25a09f4745cf7bc62917c4a8bea2a575"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=0
x-amz-cf-id
9FDe4gGVXpQO4a_yi4Ee5mS5s7-aN9SboFR0rIRfJQR5BfpTqBXXzg==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 13:38:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
FWT01iLvZ++xUAz3aesSug==
age
59736
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6841
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 21:06:28 GMT
server
cloudflare
etag
0x8DC0D69051ECA4A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
cdf020d4-701e-0068-5a84-3f5f13000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84145c7b9c1140eb-SIN
SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.207.180.137 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:25 GMT
content-encoding
br
last-modified
Thu, 21 Dec 2023 07:48:58 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
x-n
S
timing-allow-origin
*
content-length
50393
gtm.js
www.googletagmanager.com/ 		489 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
f551a0b8d7f4c2bdd5b94af090c24b43a03a29c20d841e639799aa38493cc51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
137206
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jan 2024 13:38:25 GMT
chevron-white.svg
www.mlive.com/pf/resources/images/common/arrows/ 		864 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/arrows/chevron-white.svg?d=1195
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1195
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1195
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Sat, 06 Jan 2024 13:38:24 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548304.ec6e61
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1704548304930_711167148_15494753_2903_6179_3_0_146";dur=1
content-length
486
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:14 GMT
server
openresty
etag
W/"691552a6377a1dfc9eeae87d6aeb8931"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
YSi0Zfvr5lyjMbYGoLk9UuPaOJZ5t7sgF7EvgyAFlBRHYY37-pssBw==
expires
Sun, 05 Jan 2025 13:38:24 GMT
podcast.svg
www.mlive.com/pf/resources/images/mlive/promo/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/promo/podcast.svg?d=1195
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1195
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
b396ae4c9dc4cec9c79931da5c8993ffb15d5d6ed98a14fc00bb4d159c7dd739
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1195
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 06 Jan 2024 13:38:24 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD56-P6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548304.ec6e62
server-timing
cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1704548304929_711167148_15494754_2802_6280_3_0_146";dur=1
content-length
2589
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:14 GMT
server
openresty
etag
W/"562343e31998148153bc8be55796e6e1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
MBKVRZB_cUwcNYa2K-sGMBdSpGBOQ1XPOEttrTQuJSzKiMjhml9c9w==
expires
Sun, 05 Jan 2025 13:38:24 GMT
chevron-black-right.svg
www.mlive.com/pf/resources/images/common/arrows/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/arrows/chevron-black-right.svg?d=1195
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1195
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1195
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 06 Jan 2024 13:38:25 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548304.ec6e63
server-timing
cdn-cache; desc=HIT, edge; dur=77, ak_p; desc="1704548304929_711167148_15494755_10224_6176_4_0_219";dur=1
content-length
746
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:14 GMT
server
openresty
etag
W/"4347be806f2c6a630a5407afb75ab920"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
3JkIGUo2E4LZwCBzcuiONweMG7z7FyBNOOJ-FWnkS-FEjrrrk1E-TQ==
expires
Sun, 05 Jan 2025 13:38:25 GMT
G4ZQWF2ATJHIRB6IMGWWXKXGYA.JPG
www.mlive.com/resizer/YXqO37EsIJV8alGxrkFnCtQvsxM=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/YXqO37EsIJV8alGxrkFnCtQvsxM=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/G4ZQWF2ATJHIRB6IMGWWXKXGYA.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
Akamai Image Manager /
Resource Hash
e7e045a8603cecff41b38e87c8ed6e3f5e8920b8f002c5466a352b87306481ae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 06 Jan 2024 13:38:25 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Jan 2024 20:17:44 GMT
server
Akamai Image Manager
x-serial
1133
x-check-cacheable
YES
etag
"c4d2a4cf0c5738572aba1911880e27f6667d1546"
x-arc-request-id
0.ac8c632a.1704548304.ec6ed4
content-type
image/avif
cache-control
private, no-transform, max-age=31473532
server-timing
cdn-cache; desc=HIT, edge; dur=893, origin; dur=0, ak_p; desc="1704548304993_711167148_15494868_90692_6617_3_0_219";dur=1
content-length
37434
expires
Sat, 04 Jan 2025 20:17:17 GMT
E4QLTWRNX5CLPNHG454FGMD4KQ.jpg
www.mlive.com/resizer/UD0KhUn6YQbKMQ7HU0eHCdIh1iY=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/UD0KhUn6YQbKMQ7HU0eHCdIh1iY=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/E4QLTWRNX5CLPNHG454FGMD4KQ.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
Akamai Image Manager /
Resource Hash
91ceaaf6d83a6fe14565186dc45f495c27633ec9fac3bfd633ba5162f04c4c0d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 06 Jan 2024 13:38:26 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 06 Jan 2024 06:22:05 GMT
server
Akamai Image Manager
x-serial
1495
x-check-cacheable
YES
etag
"819f5c2d6575e7d448c08f6dc8536fb64939d795"
x-arc-request-id
0.ac8c632a.1704548304.ec6ed5
content-type
image/avif
cache-control
private, no-transform, max-age=31509751
server-timing
cdn-cache; desc=HIT, edge; dur=1542, origin; dur=0, ak_p; desc="1704548304993_711167148_15494869_155513_7426_3_0_146";dur=1
content-length
19273
expires
Sun, 05 Jan 2025 06:20:57 GMT
SPE2MD2P5ZGM5D4J7A3TWNEQ5E.JPG
www.mlive.com/resizer/antad6TuDtVVePNdq754cQLQOew=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/antad6TuDtVVePNdq754cQLQOew=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/SPE2MD2P5ZGM5D4J7A3TWNEQ5E.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
Akamai Image Manager /
Resource Hash
421984feec8064b5c04fc4b0b39790fb7a8c7f029f7fe066cb368289e37508f6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 06 Jan 2024 13:38:25 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 23 Dec 2023 04:19:41 GMT
server
Akamai Image Manager
etag
"7884c2acbf35ea301f45510d0626d5f61fb7724c"
x-arc-request-id
0.ac8c632a.1704548304.ec6ed6
content-type
image/avif
cache-control
private, no-transform, max-age=30292757
server-timing
cdn-cache; desc=HIT, edge; dur=825, origin; dur=0, ak_p; desc="1704548304993_711167148_15494870_83878_6706_3_0_146";dur=1
content-length
23231
expires
Sun, 22 Dec 2024 04:17:42 GMT
R7Y2DEWHJBBINCWLVAEDPCXOOU.png
www.mlive.com/resizer/IbciywyFHtlF6_ttfSQXp2zaPo0=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/IbciywyFHtlF6_ttfSQXp2zaPo0=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/R7Y2DEWHJBBINCWLVAEDPCXOOU.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
Akamai Image Manager /
Resource Hash
189c7fe10b370e1646bce8dd3f0639b844d5e0702cd5631b982f4b4507ea66a0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 06 Jan 2024 13:38:25 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Jan 2024 19:40:57 GMT
server
Akamai Image Manager
etag
"138f4bb715824db67715cec183575746c4b833f8"
x-arc-request-id
0.ac8c632a.1704548304.ec6ed7
content-type
image/avif
cache-control
private, no-transform, max-age=31471330
server-timing
cdn-cache; desc=HIT, edge; dur=788, origin; dur=0, ak_p; desc="1704548304993_711167148_15494871_80139_7400_4_0_146";dur=1
content-length
11385
expires
Sat, 04 Jan 2025 19:40:35 GMT
7ZMLJJHSCBAU3JC5HWXJNUBFSY.jpg
www.mlive.com/resizer/76T3kgcAoNgYGLiO_-yTpZ9tFY0=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/76T3kgcAoNgYGLiO_-yTpZ9tFY0=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/7ZMLJJHSCBAU3JC5HWXJNUBFSY.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
Akamai Image Manager /
Resource Hash
8b0a66ebf5f8d14ae79bd8ef9787cd1640c331927b7549bc7ca762d3c2eddca3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 06 Jan 2024 13:38:26 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Jan 2024 21:49:45 GMT
server
Akamai Image Manager
etag
"90ef9efb2fa5b093afd02c33d83706860780de1c"
x-arc-request-id
0.ac8c632a.1704548304.ec6ed8
content-type
image/avif
cache-control
private, no-transform, max-age=31479107
server-timing
cdn-cache; desc=HIT, edge; dur=1166, origin; dur=0, ak_p; desc="1704548304993_711167148_15494872_117813_9658_3_0_146";dur=1
content-length
12158
expires
Sat, 04 Jan 2025 21:50:13 GMT
OWXVYSX3BNAP7PJ5QPK4YBU34U.jpg
www.mlive.com/resizer/UzCrrTva1vIt6DGcBo7IaTR7Bkw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/UzCrrTva1vIt6DGcBo7IaTR7Bkw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/OWXVYSX3BNAP7PJ5QPK4YBU34U.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
Akamai Image Manager /
Resource Hash
b4aab23f2abdbef0e01780c8e11567a9a7c7a5e425d57540e5b24115ff38508f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 06 Jan 2024 13:38:25 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 15 Nov 2023 08:44:25 GMT
server
Akamai Image Manager
x-serial
326
x-check-cacheable
YES
etag
"85691b3a4c2549295453557168234b02a88b5525"
x-arc-request-id
0.ac8c632a.1704548304.ec6ed9
content-type
image/avif
cache-control
private, no-transform, max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=848, origin; dur=0, ak_p; desc="1704548304993_711167148_15494873_86138_7299_3_0_146";dur=1
content-length
8888
expires
Sun, 05 Jan 2025 13:38:25 GMT
6PWAWGTKTFHOZF4VJALHFHE3VU.png
www.mlive.com/resizer/E_SBdBwDTPmFzW1W9Ys3p6soZmc=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/E_SBdBwDTPmFzW1W9Ys3p6soZmc=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/6PWAWGTKTFHOZF4VJALHFHE3VU.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
Akamai Image Manager /
Resource Hash
61c6d55944664ea05fc63a29cba6ef737c7a961f22e616cd2b7e9dc6139aa5fd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 06 Jan 2024 13:38:26 GMT
x-check-cacheable
YES
x-arc-request-id
0.ac8c632a.1704548304.ec6eda
server-timing
cdn-cache; desc=HIT, edge; dur=1131, origin; dur=0, ak_p; desc="1704548304993_711167148_15494874_114402_7219_3_0_146";dur=1
content-length
7619
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 08 Nov 2023 21:33:21 GMT
server
Akamai Image Manager
x-serial
332
etag
"b063eca7a2bb6a72c86a58e25b50ed32efb5ddaa"
x-edgeconnect-cache-status
1
content-type
image/avif
cache-control
private, no-transform, max-age=29458553
expires
Thu, 12 Dec 2024 12:34:19 GMT
F463MR4P65A3FMZEEUBUU5VE6A.jpg
www.mlive.com/resizer/86FWoRHfT4ywAJxQ-rc-ea3F_Yw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/86FWoRHfT4ywAJxQ-rc-ea3F_Yw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/F463MR4P65A3FMZEEUBUU5VE6A.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
Akamai Image Manager /
Resource Hash
278c594fb1e8381410e079777ccd31fa020a6c6c602e4679409935b70ad0706d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 06 Jan 2024 13:38:26 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 08 Nov 2023 21:28:07 GMT
server
Akamai Image Manager
x-serial
1993
x-check-cacheable
YES
etag
"19175296a3f72581b5259861233d9779d8aa9ceb"
x-arc-request-id
0.ac8c632a.1704548304.ec6edb
content-type
image/avif
cache-control
private, no-transform, max-age=29419823
server-timing
cdn-cache; desc=HIT, edge; dur=1176, origin; dur=0, ak_p; desc="1704548304993_711167148_15494875_118886_7173_3_0_146";dur=1
content-length
13064
expires
Thu, 12 Dec 2024 01:48:49 GMT
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
600
content-length
0
date
Sat, 06 Jan 2024 13:38:25 GMT
server
nginx
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/advancelocal/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Sat, 06 Jan 2024 13:38:26 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		68 B
235 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd6d77b168d8f2f86001448f752d85c3109a2430a5aeaaaec957d1c5ab9dba1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
84145c7e4ea387c6-SIN
vary
Accept-Encoding
content-type
text/javascript
92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd4831ce5e4604e3554bea94ceb387ef7d7bad029a81853464e741211a5e5f23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 13:38:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
53494
content-md5
FJZTKvfUq+KQjAWVwn5ytw==
content-length
1959
x-ms-lease-status
unlocked
last-modified
Tue, 02 Jan 2024 21:54:28 GMT
server
cloudflare
etag
0x8DC0BDD64FB9152
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7513a50d-901e-003d-63c6-3d4f98000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84145c7e4f919f74-SIN
expires
Sun, 07 Jan 2024 13:38:25 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
d115b4a70f5c60653dc5977257bfd5af45373de3c7369411fbf797a0d1ea32d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29091
x-xss-protection
0
server
cafe
etag
376 / 19728 / m202401020101 / config-hash: 2026918608723226553
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 06 Jan 2024 13:38:25 GMT
10071.js
micro.rubiconproject.com/prebid/dynamic/ 		544 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/10071.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1195
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.116.188 Hyderabad, India, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-116-188.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
2170db8df6f2531ee5b7d8ed31fa09fc5209dcd18e18a7091161dc4e9fd32aee

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:25 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-10071_MI_Desktop_Mobile.js
content-type
text/javascript;charset=UTF-8
cache-control
public, must-revalidate, max-age=14400
content-length
156194
expires
Sat, 06 Jan 2024 15:41:41 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-19.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 12:43:46 GMT
content-encoding
gzip
via
1.1 73a569eafe77b39b17f3e8ef76c14c7c.cloudfront.net (CloudFront), 1.1 e8cd61c9b2a785e4fc8167b0177016b8.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:11 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2, SIN2-C1
age
3280
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
Gs40HXumeGML7BOAIQtnKHm2MR14U_Ou_6o-U9T_PKSUh2DlnZgSlg==
lt.min.js
tags.crwdcntrl.net/lt/c/963/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-125.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fb1d13154b4b396d3ce77eb8294a859bef473d7d991624d266b0247c419a9ef

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 01:19:43 GMT
content-encoding
gzip
via
1.1 dd1d744d35431de55502bf3c7c1efcc6.cloudfront.net (CloudFront)
last-modified
Fri, 27 Oct 2023 11:15:30 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
age
44322
x-amz-server-side-encryption
AES256
etag
W/"acf40b9beb60ff814c409d1a2b654497"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
cr8E6y3CvFmNiz06WP_ceexoPNfy1TnODyOYadv13E8zUWQ4WFSO8A==
icon-menu-outline.svg
www.mlive.com/pf/resources/images/common/icons/ 		523 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/icon-menu-outline.svg?d=1195
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1195
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
3f5684bf5aa4a6eb5c9015394c8739dff39377a73adf72c30ba511d0ab5b50f3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1195
Origin
https://www.mlive.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Sat, 06 Jan 2024 13:38:25 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD56-P6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548305.ec726b
server-timing
cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="1704548305520_711167148_15495787_505_6997_4_0_219";dur=1
content-length
278
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:14 GMT
server
openresty
etag
W/"ef41b0e325b0902f9a8781e21cc20457"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
image/svg+xml
access-control-allow-origin
*, *
cache-control
public, max-age=31536000
x-amz-cf-id
sdkfCNg3HvXfCvyVHPmzLh_rhn5I2CuiZZ7_8TRWV0CQEn1GJjjuqw==
expires
Sun, 05 Jan 2025 13:38:25 GMT
client
accounts.google.com/gsi/ 		207 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f84.1e100.net
Software
ESF /
Resource Hash
cfbda9c93a684a4cda34db0352c7b6d6c42f58b513a1e0ed8f82b4a7ec6b67e8
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-BGv5_RtV0umMsYwetgSoPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-BGv5_RtV0umMsYwetgSoPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Sat, 06 Jan 2024 13:38:25 GMT
user-white.svg
www.mlive.com/pf/resources/images/common/icons/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/user-white.svg?d=1195
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1195
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.176 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-176.pacnet.net
Software
openresty /
Resource Hash
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1195
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Sat, 06 Jan 2024 13:38:25 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL58-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.ac8c632a.1704548305.ec72e2
server-timing
cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1704548305597_711167148_15495906_385_8099_4_0_219";dur=1
content-length
2508
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2024 16:23:14 GMT
server
openresty
etag
W/"fdc13d9553130cf8463df06e8ba5682d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
gFZaUWTTOhHTF9REGx3brOT7h_vT-S0zm7_3z3onIA3SuEXOXA55ag==
expires
Sun, 05 Jan 2025 13:38:25 GMT
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.109.118 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-203-109-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
q9b9clsZLLfdBtwdmheOfdbmJj61AqqK
date
Sat, 06 Jan 2024 13:38:25 GMT
content-encoding
br
last-modified
Wed, 16 Aug 2023 09:22:55 GMT
x-amz-request-id
J2MK6EJVDCX74T6V
etag
"ee3af1e29ac1607ef3d41c515d1e05ad"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3418
x-amz-id-2
NOupREv0Yem/MRBaqXmaNqzvW1pHI2dJF3wdI4xk5sHIvHnHkMD4oAwQ3TT9F4+seOWsmrliTlXJ21ClXUw9CQ==
script.js
h312.mlive.com/ 		139 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/script.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-45.sin5.r.cloudfront.net
Software
- /
Resource Hash
ee9d11c373870aee4391c291c71c32919add23f19e67b5da86421d8d067c60a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:34:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
age
246
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
42761
x-xss-protection
1; mode=block
last-modified
Sat, 06 Jan 2024 13:33:16 GMT
server
-
etag
5c45f35780f8bb4bd55c5b3f4f0e65a0
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
U1JqNPnHUDx6fd7gyBCeAjefyErh-OirxQ59eOiUWwjKKkswU5QKfA==
expires
Sat, 06 Jan 2024 13:44:19 GMT
moatheader.js
z.moatads.com/advanceddigitalheader640552616592/ 		242 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.193.230 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-207-193-230.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
76a1f0ea6b737ffd1815e0baedeceede870ba1fc24b378db27924cb8ddc10f08

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:25 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:35:26 GMT
server
AmazonS3
x-amz-request-id
V17WCSMJ2T6DA0YX
etag
"135011daa471e972dc08d174e8340632"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=11302
accept-ranges
bytes
content-length
86416
x-amz-id-2
XmP7GwNAI0avAZPNwTKV6AtfYkmzuZewMqGXqY+DCy3eY+DF3w8cH5F9Ofy/f+V8dSwsna64v3o=
ats.js
ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ 		157 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-101.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fcef857804b8d1cf1fa3a19dc80b9b2d92f344332538b39585706b228534a3f4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
16lvTSFUApQaXENO5lQT92wT39YBTdKZ
content-encoding
gzip
via
1.1 1728256c36c9016e0b9379e91a1c2e68.cloudfront.net (CloudFront)
date
Sat, 06 Jan 2024 12:59:22 GMT
last-modified
Thu, 14 Dec 2023 12:38:19 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
2347
x-amz-server-side-encryption
AES256
etag
W/"f670b565db91584d0a525e0851d49a56"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
PLackDJLniZXAMzABlVOe9PBD_n9WmaZjR9QS3uCBlac6PTVmSfJww==
swg.js
news.google.com/swg/js/v1/ 		206 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f113.1e100.net
Software
sffe /
Resource Hash
18706969485372141ee0b1278ac2ea411ed8d714a5e0c24a45ede1b125b7fa16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:03:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60594
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 21:19:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 06 Jan 2024 13:53:33 GMT
load
experience.tinypass.com/xbuilder/experience/ 		338 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.223.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
date
Sat, 06 Jan 2024 13:38:26 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 06 Jan 2024 12:43:37 GMT
server
cloudflare
age
3289
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
84145c811d4d9ff1-SIN
alt-svc
h3=":443"; ma=86400
x-request-id
uma44exebi
expires
Sat, 06 Jan 2024 14:08:26 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 Jan 2024 11:42:46 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6940
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 06 Jan 2024 13:42:46 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.21.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-21-79.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
public
Date
Fri, 05 Jan 2024 14:31:03 GMT
Via
1.1 80a9a66193c3e6350d12faf1c397c974.cloudfront.net (CloudFront)
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
X-Amz-Cf-Pop
SIN5-C1
Age
83244
ETag
"5eb31be4-3a2"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Connection
keep-alive
Content-Length
930
X-Amz-Cf-Id
tTcFPucXh_mHfzb9PcqMXN3DwzV1_mbono3gfjMml7EzlrZ0DgdrHw==
Expires
Sat, 06 Jan 2024 14:31:01 GMT
load.js
s.ntv.io/serve/ 		654 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.81.16.97 Hyderabad, India, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-16-97.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
07d0084f1697727f6f7f9d76c00d2ef5bdfea6824dc3c4e481fa1cb33bc6c4c7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 13:38:26 GMT
Content-Encoding
gzip
x-amz-request-id
ZC2YP1FJXVKKVHMZ
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
TkAGv9KYjnNwS4iIsOqLbcbXZTD5idpprc2Zo8dYYpZ4Ye5OzTwr8gYGj9L0hA9am5JZUyQIv+Y=
Last-Modified
Thu, 04 Jan 2024 21:58:11 GMT
Server
AmazonS3
ETag
"ca860bb913967c129a86f12155f1d1dd"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-11.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 00:03:36 GMT
content-encoding
gzip
via
1.1 f7caf16a2d753babfb1d264f0586f374.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
57832
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
1Q22PBzveB0xylp3tCWx6hFC7R9w3Sg5kk9Oddstx1bUshgQai5MXg==
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Jan 2024 13:38:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54345
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
sTBe67IXLW4AdlU+WJEJUWc6l2OVdOoLAXXrLQOlY+kcFdTX+0s0nLEk2toh9iOuamRCizjRDAn8q29b011QwA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.108.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:26 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption
AES256
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100147-IAD, cache-tyo11977-TYO
insight.min.js
snap.licdn.com/li.lms-analytics/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.190.130 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-47-190-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Dec 2023 13:09:33 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=39959
accept-ranges
bytes
content-length
15541
ml.br.js
js.matheranalytics.com/static/ltm/ma63527/all/17/
Redirect Chain
  • https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1644
  • https://js.matheranalytics.com/static/ltm/ma63527/all/17/ml.br.js
149 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma63527/all/17/ml.br.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
6bfe280c501d01dc9b39511ab8b8f9346efdf243c3db60a935f108c8e36b56d9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:52:04 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 13 Oct 2023 19:41:13 GMT
server
nginx
age
35182
etag
"d57e309468cdb5833b84963f20429014"
vary
Accept-Encoding
x-cache
HIT Fri, 13 Oct 2023 19:49:16 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44099

Redirect headers

date
Sat, 06 Jan 2024 13:38:26 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma63527/all/17/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-served-by
3-gc-uswest1-fhdg1034
destination
www.googletagmanager.com/gtag/ 		261 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-GG8B674XK4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
efcd7b0fbc8fc88625d0610c979dc72aff5c4f5b1aa5dd661ba228fe52efef13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90401
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jan 2024 13:38:25 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adunitid=lmixf&adnum=8646402
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 54ba4737103cb6263e414e602fbbe752.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
2232523
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
Gd2bqwlb5h6tr_uOPoZpf0UuGwsXuZyK1udtUXEtNn0E4K_TPJeW5A==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a32c5b076142770db05105a79a7fceba65ac31a29277e3f7247fec57e3ee2b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
84145c812e4f878d-SIN
access-control-allow-headers
Content-Type
set
privacy.crwdcntrl.net/consent/ 		301 B
847 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy.crwdcntrl.net/consent/set?ct=skip&ca=1&ccd=1&cds=1&cta=1&c=963&src=LTJS
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
7e29d6c2b0ad820dd8f947266b198f1b2a8f8095f7c8150556e159ab93dc2124

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:25 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.42.14.8
access-control-allow-credentials
true
content-length
301
expires
0
3178
config.aps.amazon-adsystem.com/configs/ 		532 B
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3178
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.120.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-120-90.hkg62.r.cloudfront.net
Software
CloudFront /
Resource Hash
0256ac69ffaae638ffb56855a0f47b40e4cd001ba903c43cc0402beb29391303

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:34:08 GMT
via
1.1 e65b689f7dfd671452b5d6aa170bc3f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
HKG62-C1
age
258
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
RSXd865-yEXuwDbjzkEpp4kH-pjRUZ_NbD40a5W1tC9py-KjpSyDQQ==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3178&u=https%3A%2F%2Fwww.mlive.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-19.sin2.r.cloudfront.net
Software
Server /
Resource Hash
e5696a4c04cb9236e69390a6a84619091cfe6ce887e5747c74f3214a69419484

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 09:46:27 GMT
via
1.1 e8cd61c9b2a785e4fc8167b0177016b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-C1
age
13917
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1692
x-amz-cf-id
SejFbAy0d63uRBS2Ax4JyhRWJ2GUGxHG7XFnXBrcAjK9coGXfHflJA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-19.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 c795828dd110eb9881b0d985e479eaac.cloudfront.net (CloudFront)
date
Sat, 06 Jan 2024 04:36:43 GMT
x-amz-cf-pop
SIN2-C1
age
32503
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
74TKSVaOFdcFhY8CBCjBQY4A9l6mV3k84GgmxlcvW4_mSW_r5f7aqQ==
data
bcp.crwdcntrl.net/6/ 		618 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.150.191 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-150-191.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2dd35ea485e6d027cd5eef09499dbb790b2c16ffa80189476877362ebfc1f70d

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:25 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.42.12.221
access-control-allow-credentials
true
content-length
618
expires
0
fpc
at.teads.tv/ 		56 B
240 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_11014&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=471b531&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.109.118 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-203-109-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e4e4cdf8ed42abda5a5d8dabe90433777be1b35d8d4ba74da7a5c1d7aee7950d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:25 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
56
expires
Sat, 06 Jan 2024 13:38:25 GMT
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		16 B
697 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?&callback=bc_json292
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.208.76.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-76-193.compute-1.amazonaws.com
Software
- /
Resource Hash
2109fef047b2cdb546bfe714738d6e0fcbd276b16773bcd43d2be960931370da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.81.29.52 Hyderabad, India, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-29-52.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:26 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sat, 06 Jan 2024 13:53:26 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-125.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 00:52:00 GMT
content-encoding
gzip
via
1.1 dd1d744d35431de55502bf3c7c1efcc6.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
age
45985
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
2oOCbX5cXNXo9I_TTtjJnWyh8aJ78ETTAH2r83g9OWJGg6bmQh5mFw==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
8JMXTSAXTD94PZB4
age
74
x-amz-server-side-encryption
AES256
x-amz-id-2
6AZJw1sH7Qt4SEh6R12b4jcX6yv08bdj+/UkA3ohDRdCtD4YQtaOYhyzDf4Z75DN7QYNBHDeFC/Y8aHRBSeDvA==
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
etag
W/"7229163a9092e2cee472ddee92dcb6ba"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
84145c83a95e3f58-SIN
expires
Sat, 06 Jan 2024 14:38:26 GMT
collect
www.google-analytics.com/g/ 		0
170 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=45je4130v875661087z878133989&_p=1704548304856&gcd=11l1l1l1l1&dma=0&cid=1072478933.1704548306&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1704548305&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&en=page_view&_fv=1&_nsi=1&_ss=1&ep.headline=undefined&ep.author=undefined&ep.entry_id=undefined&ep.page_type=homepage&ep.product=homepage-beta&ep.platform=desktop&ep.user_subscription_status=undefined&ep.ab_test_group_user=undefined&ep.search_term=undefined&ep.targeting_codes=undefined&ep.targeting_codes2=undefined&ep.targeting_codes3=undefined&ep.targeting_codes4=undefined&ep.targeting_codes5=undefined&ep.targeting_codes6=undefined&ep.entry_tags=undefined&ep.referring_subdomain=undefined&ep.browser_cookie_region=undefined&ep.monthly_visit_number=1&ep.content_region=undefined&ep.content_topics=undefined&ep.blog_category=undefined&ep.section=Home%20Page&ep.article_date_original=undefined&ep.article_date_updated=undefined&ep.entity_type=undefined&ep.entity_value=undefined&ep.auxiliaries=undefined&ep.gigya_user_id=undefined&ep.usprivacy_cookie=undefined&ep.userid_flag=false&ep.targeting_codes7=undefined&ep.targeting_codes8=undefined&ep.targeting_codes9=undefined&tfd=14336
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe.html
z.moatads.com/hd09824092/ Frame 4CA2 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.193.230 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-207-193-230.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=2497
content-length
1374
content-type
text/html
date
Sat, 06 Jan 2024 13:38:25 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
unused62
8096267
x-amz-id-2
du19HpptLYrYdeoVvCMAgusgidOpTsicX8CxRbK4J/7luux0JBHfoDNJ8bNvuf6jMx+A0OP6EqA=
x-amz-request-id
BS2R3G3KDM0K8H3T
/
geo.privacymanager.io/ 		28 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.188.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-188-30.mrs52.r.cloudfront.net
Software
/
Resource Hash
9b421b9b77fb6b30849932d7538f2f051debd7d5c8c36dd9521f8e65a32df895

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 17:30:11 GMT
via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront), 1.1 e3dbec42cd15573654eebd0dfddc01fe.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, MRS52-P5
age
72495
x-amzn-requestid
0ff0cf56-0b56-4d7b-9754-e31dc11ee639
x-amzn-trace-id
Root=1-65983ca3-0a5bf03d1e310ebc1fd4d44c;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
RE5phE4HDoEEUXg=
content-length
28
x-amz-cf-id
1J3zgZXcaN1kjOB4blqfZRLNfSS5td5iI417LhadefbrilYAX8CBLQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 7CA4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=963
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-125.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
57643
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Fri, 05 Jan 2024 21:37:42 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 dd1d744d35431de55502bf3c7c1efcc6.cloudfront.net (CloudFront)
x-amz-cf-id
LiwIn6ZDoDdf7hje3yvlJz-6IWgb4pm_Ew13H5-445fO9V5wfOH4lw==
x-amz-cf-pop
SIN52-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 07:32:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
21952
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140253
x-xss-protection
0
server
cafe
etag
11435206252018266965
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 05 Jan 2025 07:32:33 GMT
10071-pbjs-floors.json
ads.rubiconproject.com/floors/ 		66 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/10071-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.116.188 Hyderabad, India, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-116-188.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
86a1e1067e7006d30f97a6a2e5f38794fab13056dc9e8730aafc745783b56899

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 13:38:26 GMT
content-encoding
gzip
last-modified
Sat, 06 Jan 2024 12:40:36 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
6605
envelope
lexicon.33across.com/v1/ 		49 B
249 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000001PAW0LAAX&gdpr=0&src=pbjs&ver=8.23.0&coppa=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 13:38:25 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
prebid
id5-sync.com/api/config/ 		135 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Sat, 06 Jan 2024 13:38:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
3723
idx.liadm.com/idex/prebid/ 		0
370 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/3723?duid=94c49eadf2ac--01hkffy32ebq330pp5cnv5fb47&resolve=nonId&resolve=uid2&resolve=index&resolve=magnite&resolve=medianet&resolve=bidswitch
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.182.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-182-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 13:38:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
1
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=3599, private
access-control-allow-credentials
true
trace-id
db9e384906b84ed4
expires
Sat, 06 Jan 2024 14:38:26 GMT
envelope
api.rlcdn.com/api/identity/ 		0
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 13:38:26 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
p.js
cdn.parsely.com/keys/mlive.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/mlive.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.255.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-255-71.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
public
date
Sat, 06 Jan 2024 05:10:43 GMT
content-encoding
gzip
via
1.1 2ba2ffa46f6a4bf7dd5bd07c9a0879ce.cloudfront.net (CloudFront)
last-modified
Wed, 29 Jun 2022 14:34:05 GMT
server
nginx
x-amz-cf-pop
SIN52-C3
age
37204
etag
W/"62bc62dd-df3e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
_Xt8bVliAhO1mSZsnk3Rmckls5SXZf_vHG4CuY3CurmgTPWh8cirbw==
expires
Sun, 07 Jan 2024 03:18:22 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6034988&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704548306036&ns_c=UTF-8&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&c7=https%3A%2F%2Fwww.mlive.com%2F&c8=Michigan%...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6034988&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704548306036&ns_c=UTF-8&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&c7=https%3A%2F%2Fwww.mlive.com%2F&c8=Michigan...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6034988&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704548306036&ns_c=UTF-8&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&c7=https%3A%2F%2Fwww.mlive.com%2F&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&c9=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
18.155.68.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-11.sin52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:26 GMT
via
1.1 f7caf16a2d753babfb1d264f0586f374.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SIN52-P1
x-amz-cf-id
1Yv18SmLy7vOQzMJEPA8CDkgB33vA2zBGHB6eiAiDB-Zv0Rz8jHT7A==
x-cache
Miss from cloudfront

Redirect headers

date
Sat, 06 Jan 2024 13:38:26 GMT
via
1.1 f7caf16a2d753babfb1d264f0586f374.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6034988&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704548306036&ns_c=UTF-8&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&c7=https%3A%2F%2Fwww.mlive.com%2F&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&c9=
content-length
0
x-amz-cf-id
6dzqie1HIE5Js9aFGRNmuzTijyL0m6u2JpeC4RD_ENupAdLI0oWINA==
style
accounts.google.com/gsi/ 		533 B
607 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f84.1e100.net
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-QyFiv3VuarmuiYlyaV39AA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-QyFiv3VuarmuiYlyaV39AA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Sat, 06 Jan 2024 13:38:26 GMT
status
accounts.google.com/gsi/ 		40 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=339703812340-kido2ms26ssegr4jpn27vo7ro7hgkjme.apps.googleusercontent.com&as=mMY8hVg3pBk3tGdbEJvfGA
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f84.1e100.net
Software
ESF /
Resource Hash
c2c29ef79bb4f8d316dd0ea33a8ac3d91fb8a54592f5ada1d796792124721c11
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-W6TgJbo76Y7H3cFJP3gKEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-W6TgJbo76Y7H3cFJP3gKEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f113.1e100.net
Software
sffe /
Resource Hash
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5195
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 21:19:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 06 Jan 2024 14:03:03 GMT
pixels
bcp.crwdcntrl.net/ Frame 4372 		976 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?src=LTJS&s=86%2C14%2C81%2C31%2C26%2C2&c=963&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.150.191 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-150-191.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ad958dae8a1b5be06730926b4b27000aea178e1f5cd62b2e666c4144bff477a2

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-cache
content-length
976
content-type
text/html
date
Sat, 06 Jan 2024 13:38:26 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.42.24.0
bid
aax.amazon-adsystem.com/e/dtb/ 		249 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.mlive.com%2F&pid=d01OXDtaxWzHM&cb=0&ws=1600x1200&v=23.1211.1645&t=1500&slots=%5B%7B%22sd%22%3A%22ad-small-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22desktop-InFeed_Right%22%7D%2C%7B%22sd%22%3A%22ad-small-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22desktop-InFeed_Left%22%7D%2C%7B%22sd%22%3A%22ad-large-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22desktop-InFeed_Right%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22lotame%22%3A%22b946fd47a12f78bb55ed1b2f2818185ca02c630dbfbce5eea49ba188f569c833%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.35.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-35-24.sin2.r.cloudfront.net
Software
Server /
Resource Hash
d2eb94caefed2b3b1b85445bb432e2341b103f48ae9153db5b127585847219eb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:25 GMT
via
1.1 daab5b369e744b6004b3b934cdef659c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
249
x-amz-cf-id
DQBKyD7QiDLqlQ0RQEftkK7UXSaOQ-E_DYEpcUly3KHDSM8TM7Z3cQ==
ads
securepubads.g.doubleclick.net/gampad/ 		691 B
711 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=840887029304336&correlator=970181507717221&eid=31077978%2C31080122&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x91%7C970x91&ifi=1&sfv=1-0-40&fsbs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704548306161&lmt=1704548304&adxs=0&adys=13920&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mlive.com%2F&vis=1&psz=728x4&msz=728x0&fws=4&ohw=728&ga_vid=1072478933.1704548306&ga_sid=1704548306&ga_hid=1923479956&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJDY5Zjg5NGZhLWJmNDItNDQ4NC05Njk0LWZkMWRkMGU0ZWJlNFgB&dlt=1704548304727&idt=1355&prev_scp=rg_adslot%3DInFeed_Center_Wide_Adhesion%26rg_atf%3Dtrue%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Center_Wide_Adhesion%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3Ddesktop-InFeed_Center_Wide_Adhesion%26rg_a9%3DAdvance_MI_ATF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta&cust_params=ccaud%3Dall%252Cc2976%252Cc0333%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop&adks=2024654923&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
12c18b0df739a4d7a005b5f008753db68f086e697149f7b633af20d547aff6ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
340
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F0FE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 13:38:26 GMT
expires
Sun, 05 Jan 2025 13:38:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
5
jadserve.postrelease.com/dmp/ Frame 4372 		43 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/dmp/5?vk=fbfabb1e89960b7979ccb67a1ecd04d7/gdpr=0&ntv_r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D8157%2Ftp%3DNLDN%2Ftpid%3DNTV_USER_ID%2Fgdpr%3D0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=86%2C14%2C81%2C31%2C26%2C2&c=963&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.24.58 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-24-58.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:27 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
382416.gif
idsync.rlcdn.com/ Frame 4372 		42 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/382416.gif?partner_uid=fbfabb1e89960b7979ccb67a1ecd04d7&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=86%2C14%2C81%2C31%2C26%2C2&c=963&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:26 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
lotame
sync.sharethis.com/ Frame 4372 		42 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/lotame?uid=fbfabb1e89960b7979ccb67a1ecd04d7&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=86%2C14%2C81%2C31%2C26%2C2&c=963&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.24.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-24-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 13:38:26 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZHQAAmWZV9IAAAAIRxYIAw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
token
token.rubiconproject.com/ Frame 4372 		0
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=7&puid=fbfabb1e89960b7979ccb67a1ecd04d7&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=86%2C14%2C81%2C31%2C26%2C2&c=963&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
gdpr=0&_test=ZZlX0gAMY8sAPgAM
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZlX0gAMY8sAPgAM/ Frame 4372
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZZlX0gAMY8sAPgAM
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZlX0gAMY8sAPgAM/gdpr=0&_test=ZZlX0gAMY8sAPgAM
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZlX0gAMY8sAPgAM/gdpr=0&_test=ZZlX0gAMY8sAPgAM
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=86%2C14%2C81%2C31%2C26%2C2&c=963&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
52.74.150.191 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-150-191.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:26 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.28.158
content-length
49
expires
0

Redirect headers

x-served-by
cache-qpg1253-QPG
pragma
no-cache
date
Sat, 06 Jan 2024 13:38:26 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704548307.810710,VS0,VE0
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZlX0gAMY8sAPgAM/gdpr=0&_test=ZZlX0gAMY8sAPgAM
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rand=620650288
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4048876994717771444/gdpr=0/ Frame 4372
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=620650288
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D281%252Ftp%253DANXS%252Ftpid%253D%2524UID%252Fgdpr%253D0%252Frand%3D620650288
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4048876994717771444/gdpr=0/rand=620650288
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4048876994717771444/gdpr=0/rand=620650288
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=86%2C14%2C81%2C31%2C26%2C2&c=963&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
52.74.150.191 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-150-191.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:26 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.3.92
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:26 GMT
an-x-request-uuid
f74e069f-29d6-494f-acb6-eefd4887129c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4048876994717771444/gdpr=0/rand=620650288
x-proxy-origin
101.127.64.186; 101.127.64.186; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
publisher:getClientId
ampcid.google.com/v1/ 		78 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f102.1e100.net
Software
ESF /
Resource Hash
bc2c90a5d930389c9e3f9932904bf42c135e876a072fc08d023544ba7f539186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jan 2024 13:38:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97
x-xss-protection
0
adsct
t.co/1/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=919c210c-5fc3-450e-ada7-6e1fe3cba882&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=83de0e70-f6cb-4973-af4e-d13be62cd7ef&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.29
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_k /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-response-time
170
date
Sat, 06 Jan 2024 13:38:25 GMT
strict-transport-security
max-age=0
server
tsa_k
content-type
image/gif;charset=utf-8
x-transaction-id
7b6ea563efdff9b4
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
645b9fc16ef2812982484bd4072032d585a34245248bce1c323dee68b1beac6f
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=919c210c-5fc3-450e-ada7-6e1fe3cba882&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=83de0e70-f6cb-4973-af4e-d13be62cd7ef&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.29
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_k /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-response-time
168
date
Sat, 06 Jan 2024 13:38:26 GMT
strict-transport-security
max-age=631138519
server
tsa_k
content-type
image/gif;charset=utf-8
x-transaction-id
ed631d715a2d264c
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
6d066cbe860eeec6b7813dfca4e31bda8b3262637cbe9adb60ff4de02cd229e0
content-length
43
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202311.1.0/ 		427 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4ad3a7c4aa97b074c4d59a438bb5813ded8ad1d8bb8cf630abb4c6ee075d54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 13:38:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Jal9ZuZ5o01PB+RcMoFDzw==
age
40624
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
105099
x-ms-lease-status
unlocked
last-modified
Wed, 20 Dec 2023 03:30:51 GMT
server
cloudflare
etag
0x8DC010C10DEF255
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
390b8f8c-601e-0090-780f-3303ed000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84145c821a1840eb-SIN
120978121945017
connect.facebook.net/signals/config/ 		142 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/120978121945017?v=2.9.139&r=stable&domain=www.mlive.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
5fcb92a51aa8370f34dedbbe334b72387ce9f7e8bde13da609eb2f4a81f1606c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Jan 2024 13:38:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
37536
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
4VB1FAxDJe1Mz4xzO02xF8kuVg/Tsj7K/7+2/Wh79fj1V28Si4F7wuMwUYSks7fZLDrgQD5/2bTpWaqqI455gg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
prebid
exchange.postrelease.com/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		634 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311380&zone_id=1580874%3B1580870%3B1580874&size_id=15&eid_crwdcntrl.net=b946fd47a12f78bb55ed1b2f2818185ca02c630dbfbce5eea49ba188f569c833%5E1&eid_pubcid.org=69f894fa-bf42-4484-9694-fd1dd0e4ebe4%5E1&rf=https%3A%2F%2Fwww.mlive.com%2F&tg_i.domain=mlive.com&tg_i.page=https%3A%2F%2Fwww.mlive.com%2F&tg_i.aupname=344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right%2Crg_platform%3Ddesktop%3B344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Left%2Crg_platform%3Ddesktop%3B344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right%2Crg_platform%3Ddesktop&tg_i.pbadslot=desktop-InFeed_Right%3Bdesktop-InFeed_Left%3Bdesktop-InFeed_Right&tk_flint=dmpbjs_v8.23.0&x_source.tid=3db96f5b-9b39-4cae-b9a3-09a39be5e12b&l_pb_bid_id=6f483eb049a953%3B73f7fb6d68d1e2%3B809a70384b6774&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=9eb5be0d-6b47-4518-a6a0-b0f7579b6760%3Bae46018f-0350-43a6-8b26-12dd99113991%3B628fb328-ea9c-46cc-8e2a-b94e7308edce&rp_hard_floor=0.63%3B0.74%3B0.66&rp_maxbids=1&p_gpid=desktop-InFeed_Right%3Bdesktop-InFeed_Left%3Bdesktop-InFeed_Right&slots=3&rand=0.8976050702052629
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
eff3f3a3176b573deb814dcf030d72e46775a4efc8b7db90851bbe27d5e97c7d

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:27 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
662 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=488240
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4c450f21d15fd084443cf65cd2341c58558d4e85d144d78227ec350a38392cf

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CU6qZrzYIK2QVnHGIbtWlhCf9039yOnKvrqZmoZldx2Q0aMm7GUE70MVMmjGdFgPTgM8N5c68Z7qKgahpSa3Ms2hwgzyIpKECCT%2FrFBWV1GE82puczHi4PoByeND8yrdPS1pcP3B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84145c82fe76449f-SIN
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ 		0
112 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Sat, 06 Jan 2024 13:38:26 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
advancelocal
direct.adsrvr.org/bid/bidder/ 		0
397 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/advancelocal
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.33.241.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae69789f15ba8a942.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 13:38:26 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
01e0050e00c3776cb46cd8f95c050c963959d31c4e3dc2e5e01d81f876aa1df8

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:26 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
298
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jan 2024 13:38:26 GMT
auction
display.bidder.taboola.com/OpenRTB/TaboolaHB/ 		0
213 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://display.bidder.taboola.com/OpenRTB/TaboolaHB/auction?publisher=1494809
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

x-served-by
cache-qpg1225-QPG
date
Sat, 06 Jan 2024 13:38:26 GMT
via
1.1 varnish
server
nginx
x-timer
S1704548306.426359,VS0,VE552
x-cache
MISS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mlive.com
x-envoy-upstream-service-time
308
accept-ranges
bytes
x-cache-hits
0
tinypass.min.js
cdn.tinypass.com/api/ 		388 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.223.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec18ebaedb655fd8c94eb9c8160e218920dbe41c7059171f06c03d0dedd5010a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:26 GMT
x-amz-version-id
0QIZetJ_7irXXHtLgdmNhkMj0U1YDIAl
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
EJ0DV6YCF4KPV6HV
age
3947
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
x-amz-id-2
zhC3edT+YXYPRu3IXImCB2aal+MB/C0TP45Q5J6Xqklq+WOPKfqT1t4l2ceiWEqcSklVRFTYNTM=
last-modified
Tue, 19 Dec 2023 11:23:13 GMT
server
cloudflare
etag
W/"f8312bff3c7ba81de4b41efef3dbdb77"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
84145c8278e99ff1-SIN
expires
Sat, 06 Jan 2024 17:38:26 GMT
/
p1.parsely.com/plogger/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1704548306316&plid=41471756&idsite=mlive.com&url=https%3A%2F%2Fwww.mlive.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.mlive.com%2F&sref=&sts=1704548306311&slts=0&title=Michigan+Local+News%2C+Breaking+News%2C+Sports+%26amp%3B+Weather&date=Sat+Jan+06+2024+21%3A38%3A26+GMT%2B0800+(Singapore+Standard+Time)&action=pageview&js=1&pvid=19452203&u=pid%3Db3b76af9db7953b8adb5fcce7e6bec71
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 13:38:27 GMT
Cache-Control
no-cache
Last-Modified
Saturday, 06-Jan-2024 13:38:27 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
config.json
c.go-mpulse.net/api/ 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ&d=www.mlive.com&t=5681828&v=1.720.0&sl=0&si=601be70c-2b3a-43fa-8ce4-5b2706421d4a-s6udvn&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=468260
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.199.80.177 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-199-80-177.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
28445ab5a58bac3609ddba4d1200c1797a766b538fd6b0bdb0926fbe386f327c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 06 Jan 2024 13:38:26 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
230823541501762
connect.facebook.net/signals/config/ 		131 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/230823541501762?v=2.9.139&r=stable&domain=www.mlive.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
e5846855fe93138cefb036cfabb7df25e29cac878c52564ac6c116d8f343e210
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 06 Jan 2024 13:38:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35204
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
9vyeAp/bTi21ej3pFY8RaPW5ZFRtlh5K1AvlhanOQjOCvZFy20AFDU0IhGsfbsD6eNs1GAcki5pFmwi/9IixaQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
px.ads.linkedin.com/wa/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 06 Jan 2024 13:38:26 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 2C8FA0BA91B246FA974C56CA1EF25D50 Ref B: SG1EDGE0117 Ref C: 2024-01-06T13:38:26Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://www.mlive.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYORxRVt0lhN4NH6o25RA==
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1704548306433&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1704548306433&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1704548306433%26url%3Dhttps%253A%252F%252Fwww.mlive.com%252F%26t...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1704548306433&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&liSync=true
0
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1704548306433&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&liSync=true
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:27 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 25B6231C7D1F467C9392E50648FF1C9F Ref B: SG1EDGE0117 Ref C: 2024-01-06T13:38:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYORxRg6tt8hJNl1Wiolw==

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-content-type-options
nosniff
date
Sat, 06 Jan 2024 13:38:27 GMT
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAYORxRdMleuBe54fEPTiQ==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D685381EA4174846B6AA6C390E68086C Ref B: SG1EDGE0117 Ref C: 2024-01-06T13:38:27Z
x-frame-options
sameorigin
x-li-fabric
prod-ltx1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1704548306433&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&ptype=homepage&prem=0&sec=Home%20Page&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Asia%2FSingapore&tzoff=-480&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=17&tvcfg=all&tid=587b0813-fb2c-453a-af30-f253fecd6732&pid=1c9a3d40-f016-44b9-88fd-723e6c923025&dtm=1704548306474&qnm=_matherq&visible=1&tabid=f1a0bbc2-f118-4a97-9985-beb710322033&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x13916&tofa=1704548306&vid=1&lvidt=1704548306&duid=f088ef69-9a66-4fe5-acc8-f258c4b96205&fp=3152236695&cid=ma63527&mrk=484602605&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcwNDU0ODI5MTQ4OSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNy4xbWIiLCJoZWFwVCI6IjIxLjdtYiIsImZzdFBhaW50IjoiMTM0NjQiLCJmZXRjaFMiOiI1MDEyIiwiZG9tYWluUyI6IjU5NjgiLCJkb21haW5FIjoiNTk2OCIsImNvbm5TIjoiNTk2OCIsImNvbm5FIjoiNjMwNCIsInNzbFMiOiI2MjcxIiwicmVxdVMiOiI2MzA0IiwicmVzcFMiOiIxMzIzMyIsInJlc3BFIjoiMTM1NjEiLCJkb21Mb2FkIjoiMTMyMzgiLCJkb21JbnRlciI6IjEzNjA3IiwiZG9tTG9hZFMiOiIxMzc3MSIsImRvbUxvYWRFIjoiMTM3ODIifSwiaWRlbnRpdGllcyI6W3sidHlwZSI6ImdhIiwiaWQiOiIxMDcyNDc4OTMzIiwicmVmVGltZSI6IjE3MDQ1NDgzMDY0NzMifV0sInVzZXJEYXRhIjp7ImlzTG9jYWwiOiIwIn19
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.84.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-84-171.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Sat, 06 Jan 2024 13:38:27 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
iu3
s.amazon-adsystem.com/ Frame ADC3
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&dcc=t
378 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
96f394f2ce15c2dcc68e2ab3c94e6de48eb191998108a0e4112955f8ad8cdb51
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
378
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 06 Jan 2024 13:38:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ZS2VSZ569FG1Y5HH6PP6

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 06 Jan 2024 13:38:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
CK7H7R8QF32DTF5MEF1Y
t
jadserve.postrelease.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.mlive.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.24.58 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-24-58.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
d6ec6572f32d9611a47e251bfed6cbde0474401603a276f59f6054426b19f873

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:27 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
1917
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1704548306514&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704548306512.1982603853&cs_est=true&ler=empty&it=1704548306263&coo=false&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Jan 2024 13:38:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1704548306516&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704548306512.1982603853&ler=empty&it=1704548306263&coo=false&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Jan 2024 13:38:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1704548306518&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&sw=1600&sh=1200&v=2.9.139&r=stable&ec=1&o=4126&fbp=fb.1.1704548306512.1982603853&ler=empty&it=1704548306263&coo=false&tm=1&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Jan 2024 13:38:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1704548306519&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&sw=1600&sh=1200&v=2.9.139&r=stable&ec=1&o=4126&fbp=fb.1.1704548306512.1982603853&ler=empty&it=1704548306263&coo=false&tm=1&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Jan 2024 13:38:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
j
rp.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1704548306522&se=e30&duid=94c49eadf2ac--01hkffy32ebq330pp5cnv5fb47&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid
  • https://rp.liadm.com/j?se=e30&duid=94c49eadf2ac--01hkffy32ebq330pp5cnv5fb47&dtstmp=1704548306522&n3pc=true&wpn=prebid&pu=https%3A%2F%2Fwww.mlive.com%2F
42 B
360 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rp.liadm.com/j?se=e30&duid=94c49eadf2ac--01hkffy32ebq330pp5cnv5fb47&dtstmp=1704548306522&n3pc=true&wpn=prebid&pu=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
44.212.199.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-199-220.compute-1.amazonaws.com
Software
/
Resource Hash
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:27 GMT
x-pixel-event-id
5461c3bb-30b5-4d15-b5f9-32c79817f5f0
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
42

Redirect headers

location
/j?se=e30&duid=94c49eadf2ac--01hkffy32ebq330pp5cnv5fb47&dtstmp=1704548306522&n3pc=true&wpn=prebid&pu=https%3A%2F%2Fwww.mlive.com%2F
access-control-allow-origin
https://www.mlive.com
date
Sat, 06 Jan 2024 13:38:27 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
en.json
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/1c352555-62d0-4177-bb82-5a9172bc4d9d/ 		107 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/1c352555-62d0-4177-bb82-5a9172bc4d9d/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86ffd0f399d6fae2978a6113d5a87a85873c6495ef644041cd43fab6f2218575
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 13:38:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
53464
content-md5
r0BkOTUctrzsnYNuC+zOdw==
content-length
23439
x-ms-lease-status
unlocked
last-modified
Tue, 02 Jan 2024 21:54:45 GMT
server
cloudflare
etag
0x8DC0BDD6EFBE3A6
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
53b04046-801e-0043-76c6-3ddfdf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84145c843ffb9f74-SIN
expires
Sun, 07 Jan 2024 13:38:26 GMT
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/advancelocal/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Sat, 06 Jan 2024 13:38:27 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
600
content-length
0
date
Sat, 06 Jan 2024 13:38:26 GMT
server
nginx
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
6068b1fd7a614acfd121ee51fbd018fca6cb7e09ce1f8a0992a8ec41c3041a53
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Sat, 06 Jan 2024 13:38:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
publisher:getClientId
ampcid.google.com.sg/v1/ 		3 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com.sg/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f100.1e100.net
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jan 2024 13:38:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
otGPP.js
cdn.cookielaw.org/scripttemplates/202311.1.0/ 		58 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/otGPP.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e49f55637dff315b98e1fd8ff6d5891dad20a07bb8cead5070afed79a3973758
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 13:38:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
iCHTeEul4usQRSJqLRCksA==
age
29399
x-ms-lease-status
unlocked
last-modified
Wed, 20 Dec 2023 03:30:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d3fa1057-b01e-0083-5e16-3327e1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
84145c8538f940eb-SIN
otFlat.json
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 13:38:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
k/F42BQAEUqNDKd4RaNADA==
age
61205
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Wed, 20 Dec 2023 03:30:44 GMT
server
cloudflare
etag
0x8DC010C0C89850E
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
d33c659a-c01e-0099-3b59-33463e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84145c860a229f74-SIN
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a811246367093979c01fc9ea67e8db8c1b1e5abbd10fd669d6de163702c942b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 13:38:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
yvXg9cqHerDDeRorhtpvbQ==
age
61205
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12700
x-ms-lease-status
unlocked
last-modified
Wed, 20 Dec 2023 03:30:46 GMT
server
cloudflare
etag
0x8DC010C0DDC5F1F
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
12b9f5b8-801e-000e-4f59-331033000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84145c860a239f74-SIN
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 13:38:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
61205
x-ms-lease-status
unlocked
last-modified
Wed, 20 Dec 2023 03:30:55 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
db1ccba4-301e-0034-2259-330a4b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
84145c860a249f74-SIN
291
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		173 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/291?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2024-01-06T21%3A38%3A26%2B08%3A00&ts=1704548306890
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-45.sin5.r.cloudfront.net
Software
- /
Resource Hash
d570bcfb711bfa433426aacfc5e1b56cdc5cc5ecbd998f0c18e7c6c80f78c6b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jan 2024 13:38:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
37054
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
clQMqpYqLqxXlldc1T9Z_Nn9y5n5avNALHMhqmvQurWKJ_wAq7Lsiw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 13:38:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
20777
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 21:06:30 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
797bfcca-001e-005d-02a3-3f3307000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
84145c865a709f74-SIN
FormLogo.jpg
cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/35656d81-562c-47ba-aff0-16edf448dab7/0d7a52a3-a02e-40a3-9489-b86dacb2590b/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/35656d81-562c-47ba-aff0-16edf448dab7/0d7a52a3-a02e-40a3-9489-b86dacb2590b/FormLogo.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 13:38:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/VgjLzERih8MeSo4vme4Lw==
age
54289
content-length
90639
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Thu, 06 Apr 2023 16:10:22 GMT
server
cloudflare
etag
0x8DB36B96CBA69F0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
a8a8188c-401e-003e-5f32-0daefc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84145c867bb440eb-SIN
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 06 Jan 2024 13:38:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
43568
x-ms-lease-status
unlocked
last-modified
Thu, 04 Jan 2024 21:06:31 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
041b5ab3-001e-004d-668b-3ff66f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
84145c867bb940eb-SIN
33d1ef7c3eb3a0f8b91e05ec90648f1ee32f47a80
luminouscatalyst.com/submit/7b74784c73d/ 		299 B
799 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://luminouscatalyst.com/submit/7b74784c73d/33d1ef7c3eb3a0f8b91e05ec90648f1ee32f47a80
Requested by
Host: luminouscatalyst.com
URL: https://luminouscatalyst.com/fd1aec2a8f5faf/35f01c6515d5c9c30bbab5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.181.170 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.181.110.34.bc.googleusercontent.com
Software
/
Resource Hash
c57d9466026bfd2378357830150bc1e90c5762d2dd15730b2a622172dcc1c4fd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 06 Jan 2024 13:38:27 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
x-hostname
fen-hoothoot-asia-east1-9f87
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sat, 06 Jan 2024 13:38:26 GMT
collect
www.google-analytics.com/j/ 		4 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1923479956&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAQCACgFK~&jid=1490379962&gjid=1771041422&cid=1072478933.1704548306&tid=UA-16643585-16&_gid=1417018887.1704548307&_r=1&_slc=1&gtm=45He4130n81TLXFLCRv78133989&cd1=undefined&cd2=undefined&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=GA%20pageview%20-%20template%20-%20All%20Pages&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd65=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=undefined&cd102=undefined&cd103=undefined&gcd=11l1l1l1l1&dma=0&cd61=1072478933.1704548306&z=1076201152
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-16643585-16&cid=1072478933.1704548306&jid=1490379962&gjid=1771041422&_gid=1417018887.1704548307&_u=aADAAEAAAAQCACgFK~&z=1224311283
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 06 Jan 2024 13:38:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
392.json
id5-sync.com/g/v2/ 		630 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/392.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
a616b55881f1c4dc0d1293596ae12a4d6426a4e676e1cd1daf33e9aea192dbb2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Sat, 06 Jan 2024 13:38:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ads
securepubads.g.doubleclick.net/gampad/ 		337 KB
87 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=840887029304336&correlator=970181507717221&eid=31077978%2C31080122&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3&prev_iu_szs=300x250%2C300x250%2C300x250&ifi=2&sfv=1-0-40&fsbs=1%2C1%2C1&eri=1&sc=1&cookie=ID%3Dc64cff64467d2217%3AT%3D1704548306%3ART%3D1704548306%3AS%3DALNI_MYEmtJxT_Zv90LXJUl4Zejg7V8pJw&gpic=UID%3D00000cd29caf76ed%3AT%3D1704548306%3ART%3D1704548306%3AS%3DALNI_MYitAeUiNfPaNfVtH1CE3aj-bsobA&abxe=1&dt=1704548307295&lmt=1704548304&adxs=1135%2C165%2C1135&adys=165%2C977%2C905&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mlive.com%2F&vis=1&psz=300x24%7C300x274%7C300x24&msz=300x24%7C300x274%7C300x24&fws=0%2C512%2C512&ohw=0%2C0%2C0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1072478933.1704548306&ga_sid=1704548306&ga_hid=1923479956&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJDY5Zjg5NGZhLWJmNDItNDQ4NC05Njk0LWZkMWRkMGU0ZWJlNFgB&dlt=1704548304727&idt=1355&prev_scp=rg_adslot%3DInFeed_Right%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3Ddesktop-InFeed_Right%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3Ddesktop-InFeed_Right-2%7Crg_adslot%3DInFeed_Left%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Left%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3Ddesktop-InFeed_Left%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Left%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3Ddesktop-InFeed_Left-2%7Crg_adslot%3DInFeed_Right%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D2%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3Ddesktop-InFeed_Right%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3Ddesktop-InFeed_Right-2&cust_params=ccaud%3Dall%252Cc2976%252Cc0333%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26li-module-enabled%3Don&adks=1117919376%2C1117919391%2C3501067380&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
f81e1296368a568da6095490fdf3cf7e9788aec0c401ab375dcf3662b918090e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88472
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame 4A15 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
d3d8e9c50d7cc6bbbeaf8ff841661751cdb5fdcffcfa3600b9464b56d155fb6a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3188
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 06 Jan 2024 13:38:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
XRZZTFVBKJ0A7M8HA8C5
trk.gif
jadserve.postrelease.com/ 		43 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=9163989&ntv_pl=773533
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.24.58 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-24-58.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:27 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=bd66c489-5848-4082-8669-5bca35f26d6b&ntv_fl=MMTdWyeJBcdLcDTtFfyiRBPe8Vq-ba7jHN1vT59Rb8AaNiZSTjfYm3Al67hUUyWeEv4xysM9ZFSDJ81O15ndqjfb1_8HMLFj78seNGpMaWJZoLzMMyHC2YPKaDFCA81aQcJ2TI7fAb3D2109BNnNAGhm5qpQTtomrW6Wplh1FdFJBgLS5Vi98MJyWBGBG0TS2i6Ksw_LXIl8U6BsIRM56LInBJKnrlBJxV_8cpyun3WqANHGtm4e5xglVejd5L2773edZe41O3wICle_OdTnj_no8mZQyyOlnE1bW1Mn7AmmzRns9LBup7_FmwR-qEUi&ntv_ht=01eZZQA&ntv_at=303,302&ntv_a=AAAAAAAAAAnc0LA&ord=1704548307761&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.24.58 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-24-58.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:27 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=765b2fa5-a5b1-46db-9034-e73e040203c1&ntv_fl=wklKktgzCnjHRw7QsGHOxzNhXSYYdxQ6qfiLggX0SK77uLCGRUzUVU1eZnhoGwNYmykzwCMhcxXWoI8nh0pPkFe4kFaHXSQC5JQQ8R1rtuFY8clAUWiJiUWJYAM1l0i-31vLANoOlrSGJGxIhLKzyc-63KHJ43O6FWyR0QyR3B7QO8swYz1wPWET_QJT3coVAC-Q_0TYOVHFR7Fqmv0Vx59eWnXryYtGaouYdk-hZOtvG3_ba2MngemQ00PlqWHDT316wQF0BfMOfHfdXxzW9TKLRPfqwq7fpJNpUka9oqzx68XqeZpmVoPkW1gOois9&ntv_ht=01eZZQA&ntv_at=303&ntv_a=AAAAAAAAAAUr0QA&ord=1704548307763&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.24.58 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-24-58.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:27 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=765b2fa5-a5b1-46db-9034-e73e040203c1&ntv_fl=wklKktgzCnjHRw7QsGHOxzNhXSYYdxQ6qfiLggX0SK77uLCGRUzUVU1eZnhoGwNYmykzwCMhcxXWoI8nh0pPkFe4kFaHXSQC5JQQ8R1rtuFY8clAUWiJiUWJYAM1l0i-31vLANoOlrSGJGxIhLKzyc-63KHJ43O6FWyR0QyR3B7QO8swYz1wPWET_QJT3coVAC-Q_0TYOVHFR7Fqmv0Vx59eWnXryYtGaouYdk-hZOtvG3_ba2MngemQ00PlqWHDT316wQF0BfMOfHfdXxzW9TKLRPfqwq7fpJNpUka9oqzx68XqeZpmVoPkW1gOois9&ntv_ht=01eZZQA&ntv_at=323&ntv_a=AAAAAAAAAAUr0QA&ntv_jtr=3&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.24.58 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-24-58.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:27 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=b214c703-28ea-4e57-a935-909be4a57f5c&ntv_fl=No53AUp_qTJmWJYNLYz3zDH7Dla8D2Bigrcdt2SscM1CRBKMW2f8vMgrBDdCrlBZyr4z7L4Elf3Ok_N4vU4yFlPyMR3V1wQ5YSOUxO_2FpUZu7uchLTGXiS10Vet2MXSFDknYDrSOjlGh1Ojgk_lJJPWuZ-hYEItS36dPIO09TMYfRsMeL-ILTOG5nPd0q3wQYvwIvTYYPgcZ2pnwQakveSaHoUUqqv_D6hMnrIyQTdD6EJaR7QXpbuA9F36K0wTZAcGhr-1QaSEgDhQCocw8ULFHXBEZhY9KYyLegeYNAgtbk-f5NFmlfbXkH2SyF4t&ntv_ht=01eZZQA&ntv_at=303&ntv_a=AAAAAAAAAAU70QA&ord=1704548307764&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.24.58 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-24-58.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:27 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=36a630da-fc47-44c7-8de1-8b1e66a7381a&ntv_fl=miNEdYZhkQ016qn5OkGErteWbVfee99L6iQoR7ftguR8sGyRsJGan1-4hz5rpXnvydFDKPHOdMaouei4fqwEKCAVPbVPQyzoA3Ur-uMvFCGwBWpS3ZnqPZn57YMXOaZHOmW4mV6zEDWBw4qH4W7gBRtlq7LAbAEox4EDAzDZq8MFeMkqoaUfH84ys_rVarsuRQbqXAOFJHUmd3U4TjSRBMhiIsuCTszuGGTXFQlIijqJxOaDEQMmZesW44x9MIrNmmjKSVggR-ptlIgcc5RR2GcEozQEjbkn9GWrfwBiMli7Fr5Ku1wjEzeCAwKtSCWu&ntv_ht=01eZZQA&ntv_at=303&ntv_a=AAAAAAAAAAVL0QA&ord=1704548307764&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.24.58 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-24-58.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:27 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		322 B
441 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=840887029304336&correlator=970181507717221&eid=31077978%2C31080122&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50&fluid=height&ifi=5&sfv=1-0-40&fsbs=1&eri=1&sc=1&cookie=ID%3Dc64cff64467d2217%3AT%3D1704548306%3ART%3D1704548306%3AS%3DALNI_MYEmtJxT_Zv90LXJUl4Zejg7V8pJw&gpic=UID%3D00000cd29caf76ed%3AT%3D1704548306%3ART%3D1704548306%3AS%3DALNI_MYitAeUiNfPaNfVtH1CE3aj-bsobA&abxe=1&dt=1704548307791&lmt=1704548304&adxs=517&adys=1574&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mlive.com%2F&vis=1&psz=566x24&msz=566x24&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1072478933.1704548306&ga_sid=1704548306&ga_hid=1923479956&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJDY5Zjg5NGZhLWJmNDItNDQ4NC05Njk0LWZkMWRkMGU0ZWJlNFgB&dlt=1704548304727&idt=1355&prev_scp=rg_adslot%3DInFeed_Native_C%26rg_atf%3Dfalse%26rg_iab%3Dfalse%26rg_grid%3D1%26rg_counter%3D1%26rg_gpid%3Ddesktop-InFeed_Native_C%26rg_pagetype%3Dhomepage%26rg_product%3Diabfalse&cust_params=ccaud%3Dall%252Cc2976%252Cc0333%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26li-module-enabled%3Don&adks=767953642&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
ca32811c8da38b49a909fd33984d939ba1d339c8ff5e38b6deb35c31d75d10fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CC59 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 13:38:26 GMT
expires
Sun, 05 Jan 2025 13:38:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2250 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 13:38:26 GMT
expires
Sun, 05 Jan 2025 13:38:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D2BF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 13:38:26 GMT
expires
Sun, 05 Jan 2025 13:38:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame 4A15
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3475499083845877000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3475499083845877000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y1QH1HSXKGQP8EGMV38P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:28 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3475499083845877000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sat, 06 Jan 2024 13:38:28 GMT
ecm3
s.amazon-adsystem.com/ Frame 4A15
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AAXZdk7LMrAAABQjMFa4Qw&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AAXZdk7LMrAAABQjMFa4Qw&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PY0K6FSN7RCP3Z73QGAQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AAXZdk7LMrAAABQjMFa4Qw&ex=beeswax.com
Date
Sat, 06 Jan 2024 13:38:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 4A15
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=d34a1aaedb
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=d34a1aaedb
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YBSRHNYEGA4YJY3ZE0VW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 06 Jan 2024 13:38:11 GMT
via
1.1 75c2742886aa426af3e0688fa2a8677a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN52-C3
age
17
x-cache
Hit from cloudfront
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=d34a1aaedb
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
KBZaLzzp_mwf7PQ8fSZ4vU3dm6cve8uzHOIN008QAP5vhT64yo7Otg==
ecm3
s.amazon-adsystem.com/ Frame 4A15
Redirect Chain
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID
  • https://trace.popin.cc/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded22c75d8a9c21loli00lr241x69
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded22c75d8a9c21loli00lr241x69
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
65JV713GNJGP7V42DAXK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 06 Jan 2024 13:38:29 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=746ded22c75d8a9c21loli00lr241x69
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
101959
jadserve.postrelease.com/suid/ Frame 4A15 		43 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.24.58 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-24-58.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 4A15
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=NXByjL8KU7r9ann9wqC0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=NXByjL8KU7r9ann9wqC0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JS4WMG3BYPEPVTAVMW7N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:29 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=NXByjL8KU7r9ann9wqC0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
624472a3021d2febbad25c8e2a6873b86e0f58ec1f25c96340254ac9b241fc54
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www.mlive.com
date
Sat, 06 Jan 2024 13:38:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
3c3885ad0fa761126e05c713bb68c1bf
h312.mlive.com/plugin/plugin/ 		89 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/plugin/plugin/3c3885ad0fa761126e05c713bb68c1bf
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-45.sin5.r.cloudfront.net
Software
- /
Resource Hash
b5af004daafe813511ba3a5127eef79b185233fb1e297c3f53213c643a09c073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 16:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
age
938556
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
21619
x-xss-protection
1; mode=block
last-modified
Mon, 25 Dec 2023 16:55:51 GMT
server
-
etag
3c3885ad0fa761126e05c713bb68c1bf
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
0Ae7pk4jIv3e8GLsOOKJFlypq2IiAbaucZw2Db0bd1uWEtszTFoPeg==
expires
Wed, 25 Dec 2024 16:55:51 GMT
LB-Zone-3
h312.mlive.com/DG/DEFAULT/rest/rpc/291/ 		354 B
1017 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/291/LB-Zone-3?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=d7f7d8d3-bac0-4b4b-b3ff-092fa48b58c9&overruleReferrer=&time=2024-01-06T21%3A38%3A27%2B08%3A00&ts=1704548307922
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-45.sin5.r.cloudfront.net
Software
- /
Resource Hash
068482c7e58a007c4addaaf83130d0bae3ad1e713d0977774326bd8124e1aa6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jan 2024 13:38:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
233
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
1KYUoTUKPWaTyRAg-ZnllfFngOEg_SXMg-VTVQrOVfFie_6LCrhcJg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 7086
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
886 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbd06841ef604f5809ae6ebb76bcfe35209472cdf2bee20dbd09cf1b18b537f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84145c8db811449f-SIN
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 13:38:28 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZRTnWdU0qVxqrBO3T5RDjW4yD8tZDl0owt6Yd1VKkOebJTqmzxw6W1k2QlbwVsL02uLsnuNWh%2FZttyR332mGc3S107k8Q7dgOqNrAE7Fo%2FdlYplUeb143FN%2BipzlNOLeePGyT1F9mcmog%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84145c8d1ec6449f-SIN
content-length
0
date
Sat, 06 Jan 2024 13:38:28 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kDaGRoWkpDVqGqpu%2Fvzp%2B8lNqnlHkOsWKL1FIDW%2BNjfViUrWVluEFYBU8Ij9OhjWBnimrpbtOkl1Qp3intQwtNhPzqAC0oq3w%2F6WqMBPM%2BAGku7nNAeRFRFU4njYfvIz3WxJCt7iAqzcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 41A7
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
714 B
757 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
013d0d99a23cd1ced9c4ab62ad1e4665e4f72de13f23c83894b8eb51a8cb2dcf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
432
content-type
text/html
date
Sat, 06 Jan 2024 13:38:28 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 06 Jan 2024 13:38:28 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 3A75
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4474198923207602825&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4474198923207602825&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 06 Jan 2024 13:38:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
8BY2TRZ0HPTPR2WG9D66

Redirect headers

content-length
0
date
Sat, 06 Jan 2024 13:38:28 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=4474198923207602825&gdpr=0&gdpr_consent=
/
match.sharethrough.com/jwumXNuB/v1/ Frame 1737 		800 B
985 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.151.179.52 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-179-52.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
264fe6f4db0dfc19b10c6c0c18ea6f57c0d18d20c265e2fa3bc807d641ffb657

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-length
800
date
Sat, 06 Jan 2024 13:38:28 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7371 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.192.249 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-207-192-249.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=106438
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 06 Jan 2024 13:38:28 GMT
expires
Sun, 07 Jan 2024 19:12:26 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 3B1B 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.138.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-138-68.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0303ea40991b5474b8907de596d83f12e6cc7ec296a8897ce6a1c00982555861

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sat, 06 Jan 2024 13:38:28 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 2A10 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.109.78 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-203-109-78.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 06 Jan 2024 13:38:28 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame F48B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=4048876994717771444&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=4048876994717771444&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 06 Jan 2024 13:38:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
BH5CW8DH1Z4QV32V2WJH

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
a133b083-9038-4baa-8af9-717d1afb13d2
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 06 Jan 2024 13:38:28 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=4048876994717771444&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
101.127.64.186; 101.127.64.186; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0BE4 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGJHXsaABMAE&v=APEucNXY4P4owaDXDbDzq1KaRj7K8kqyBSnbPfJecaG77TNtBVjEX2WPFmyy1NgDj5XVoWV0KsJ5a9MOcyxeDgh_3bDm9gcbIg
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 13:38:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame CC59 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
Origin
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 22:29:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 22:29:55 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame CC59 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f154.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:20:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
37079
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Jan 2024 03:20:29 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame CC59 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f154.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 13:57:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
85285
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Jan 2024 13:57:03 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame CC59 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 17:40:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
244707
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jan 2025 17:40:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame CC59 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:30:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
40073
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Jan 2024 02:30:35 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F2D8 		1 KB
1000 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
291
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 13:33:37 GMT
etag
48472445140208031
expires
Sun, 07 Jan 2024 13:33:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame CC59 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 09:04:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
16461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Jan 2024 09:04:07 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CC59 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AcFi5nSkpXsStJDe6aeAmSF1KXtLvWqRbYMJ4EfPTeE9GMJZBK48a_na4oqVe0sGUtSvkbeTTeibz1Vo62QsLeWBvWOACwUdCEimXNdKYT7iTGLhw
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame CC59 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQoT4hCxAnp4Sqsn4rfXmE_QeK2t5hLfn_i2R7ztyHWjW3cQFLUEzgWWPPmvhEAvdhkhzB9trsgVME_1TEpaOtmBlV0ug
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CC59 		204 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Jan 2024 13:38:28 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3451 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGJHXsaABMAE&v=APEucNVYVggnP45gzwHIbm1dHboUwb4fXz8V927PTmqgNzWEOhXA0V48CTb2klLuxdhmQ3_CntZNRTGaIe80aSOKY4vsyriipQ
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 13:38:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 2250 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
Origin
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 22:29:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 22:29:55 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame 2250 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f154.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:20:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
37079
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Jan 2024 03:20:29 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 2250 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f154.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 13:57:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
85285
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Jan 2024 13:57:03 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 2250 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 17:40:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
244707
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jan 2025 17:40:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 2250 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:30:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
40073
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Jan 2024 02:30:35 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7F95 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
291
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 13:33:37 GMT
etag
48472445140208031
expires
Sun, 07 Jan 2024 13:33:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 2250 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 09:04:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
16461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Jan 2024 09:04:07 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2250 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D5B1zWw_sosmAuDs3aeMstw8xH6jMdg38qiOWgbT6oRH47TTVrGXkF3ziltxmmEl1chJvts3LLrCsUjoLOey8hDXfNXhrDsjm3C2Vn84eti0ZBtpU
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 2250 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTUJWOZ41ldZ5cinfAdJutaQPdi1t2Ig9qYHrtt6uCBQ53UVdnqR-URsxiBJ2P6UugHl28g5L21y5YeoClykqT2nd8j2Q
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2250 		204 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Jan 2024 13:38:28 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame AA84 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGJHXsaABMAE&v=APEucNXOMVvaAkVgn-up4m8WPgb_wqHoqO5VeOUYxraWnE31l4b0btnPtOkiVXVjJkJJvFrv-p8-fQMitOFzBhdxfxqmE_rX5w
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 13:38:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame D2BF 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
Origin
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 22:29:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 22:29:55 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame D2BF 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f154.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:20:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
37079
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Jan 2024 03:20:29 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame D2BF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f154.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 13:57:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
85285
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Jan 2024 13:57:03 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame D2BF 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 17:40:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
244707
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jan 2025 17:40:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame D2BF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:30:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
40073
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Jan 2024 02:30:35 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B8D1 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
291
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 13:33:37 GMT
etag
48472445140208031
expires
Sun, 07 Jan 2024 13:33:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame D2BF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 09:04:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
16461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Jan 2024 09:04:07 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D2BF 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AS6WYyVZ4OznGbsc7V1zInHJLPcdTEwJHxSpoMdX03h_XbloCkX-BPntMaWm-fL4N7bxBt2byWdf8yAorl3ew4P_o8CwICIitymIMUeuoooYFdhEY
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame D2BF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTEoeYhcErsqMCOveY5SX7cE2ejpjBcYzVQMASFTyQ9YkSILCpInC9aYfmws1FdgqIUVW_PI2ZdCPvW9m21Zn2aR6QfRA
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D2BF 		204 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Jan 2024 13:38:28 GMT
aa4cd109c31a008049713f8d93edaa05
h312.mlive.com/plugin/library/ 		296 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/plugin/library/aa4cd109c31a008049713f8d93edaa05
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-45.sin5.r.cloudfront.net
Software
- /
Resource Hash
eb3bf98cf3f5fb2a171fd8b82319b4a5706155049eb9be0747141baeb8ac4691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 08:04:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
age
2093613
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
95069
x-xss-protection
1; mode=block
last-modified
Tue, 12 Dec 2023 08:04:55 GMT
server
-
etag
aa4cd109c31a008049713f8d93edaa05
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
AesCg0m0FRTG458oOCJDWEI7zI4rpcnZkJA76o1EU6MW3_NlRCqpSw==
expires
Thu, 12 Dec 2024 08:04:55 GMT
LB-Zone-3
h312.mlive.com/DG/DEFAULT/rest/rpc/291/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/291/LB-Zone-3?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=d7f7d8d3-bac0-4b4b-b3ff-092fa48b58c9&overruleReferrer=&time=2024-01-06T21%3A38%3A28%2B08%3A00&ts=1704548308076
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-45.sin5.r.cloudfront.net
Software
- /
Resource Hash
db19d658a8dd7f95bf92f8150518f90b1ec33b645d41e9c925bc6f85ffd5ead7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jan 2024 13:38:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1306
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
sHh68rs1Cq0zN-4DVtWMyiF31Xt3B0uSRliViibqjQdZbjziDLSzGw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7086
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=98f33047-6206-44a9-9367-ebdba8f53da3&expiration=1707140308&gdpr=0&gdpr_consent=
43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=98f33047-6206-44a9-9367-ebdba8f53da3&expiration=1707140308&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oalWXqUmiDk83uNAAMDWfyYZ1QV2M4tOroECmWg7MuXC%2BMiX599CfN%2Fkar1K99G6ea6WKnShbKyaBtdJB9ytDfvAqFteUnm6GSJlwNryqQ7CwJReN6w3qNRajvrEA76Yn3kQmehSX8zLCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84145c90edc3449f-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=98f33047-6206-44a9-9367-ebdba8f53da3&expiration=1707140308&gdpr=0&gdpr_consent=
date
Sat, 06 Jan 2024 13:38:28 GMT
server
Kestrel
content-length
323
362358.gif
idsync.rlcdn.com/ Frame 7086
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZlX1MaY56wGe4C-uYiXYQAA%265336&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=4569115504333617179
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=25589b6a-66e1-45af-88b2-d7906ddb9058
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=08a08027-7b06-4f5a-bda9-6b2ebd482197%3A1704548311.523232&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D08a08027-7b06-4f5a-bda9-6b2ebd48...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2018527442084423031&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D08a08027-7b06-4f5a-bd...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=08a08027-7b06-4f5a-bda9-6b2ebd482197%3A1704548311.523232&_=1704548311.5255115
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEA4xZIg-4807-m3vrBYnOGw&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEA4xZIg-4807-m3vrBYnOGw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:33 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEA4xZIg-4807-m3vrBYnOGw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 7086 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZlX1MaY56wGe4C_uYiXYQAAFNgAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
241AM01Y6KXM2QH6FJDB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 7086
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZlX1MaY56wGe4C_uYiXYQAAFNgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJZxi5NBM0wZuTafCET3RCo&google_cver=1
43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJZxi5NBM0wZuTafCET3RCo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9u6WPwX45f%2BAC7dxHNO8qhfw%2Ba3EiZHKfwN2ZBX6VE6ZhAK3cKY879kkWKqDmucRpw%2BPbVAYACE9kbHVhqy%2BHjrXQFOgkCo16xT5v6sXOoJ7Lcfz4UUifSN3eJpwTO3W26FHSb7Pl%2Bexw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84145c90e9e155fb-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJZxi5NBM0wZuTafCET3RCo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7086
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5hw1zPiZsC3nLEp7DxSnRV%2Byy9%2BbIDqIIy31RewXsLH0P6SKFSnoB0aicmNzV1dvdfp8XJMRWNHPXYZ7S8YbGMB80zLWrZgq4%2BSkYQ9Wf4Ws6PxBL5R6am6ZS7GFzgUwi%2BG32XifC0N2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84145c938d0755fb-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Sat, 06 Jan 2024 13:38:28 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 7086
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1135824000551318125&gdpr=0&gdpr_consent=
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1135824000551318125&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRmAUA%2BYEPhYMEEjamIzQcMhJw0cWO57Oi%2FmaqL1f4WlSd554CQQwVK8nHBq0BmVkVmfXjN5EPWRC8%2B5LTwVfpIS3IDMi962t3nxanVddiD3el8IMEY9BNN8g8z7wYutgHDyBA7jYiyTtA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84145c927bc455fb-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1135824000551318125&gdpr=0&gdpr_consent=
date
Sat, 06 Jan 2024 13:38:28 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 7086
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720273108&external_user_id=479f0357-cb15-4471-a53c-773f7b9731fe
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720273108&external_user_id=479f0357-cb15-4471-a53c-773f7b9731fe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ouJMv%2BihYTP5grh7TlhdKabOQSm1raoF%2FUnhJQeiHAAmzZCW6Zj9DZVhSYFznTS5JIyNsP7WoqYcIuZuQ2QbkSmNZcueFYvoQIMePrx4zobYo2GsiVNi19%2BFhbYs1VWZMd%2BxuUR0QEWlA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84145c914e69449f-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 06 Jan 2024 13:38:28 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1720273108&external_user_id=479f0357-cb15-4471-a53c-773f7b9731fe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 7086
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAL_lU7LMrAAABNzhLXmVA&expiration=1705757908
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAL_lU7LMrAAABNzhLXmVA&expiration=1705757908
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMxhZ4jrU9BtPar8izm6EJ8Y5vo%2FdxVOTDnsoEvm9x2VwsuGSqaWYnGiHkkjpA4gIHYBdt9XdZGT0W%2Ft%2Bc2aouL7mBidwqeeKSRjzoPyDXLSVI2RfPkW%2FQqMlrFkRyIEJqMugvEtXiyEvA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84145c943dea55fb-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAL_lU7LMrAAABNzhLXmVA&expiration=1705757908
Date
Sat, 06 Jan 2024 13:38:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 7086 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZZlX1MaY56wGe4C_uYiXYQAAFNgAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W206QNYCB1VEKZZ41G7A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
baker
ead.mlive.com/ 		19 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ead.mlive.com/baker?dtstmp=1704548308193
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.81.31.93 Hyderabad, India, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-31-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
Sat, 06 Jan 2024 13:38:28 GMT
Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:28 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 2A10 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.109.78 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-203-109-78.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
53b2ca32aad7f85c22c1dba1e1b45aa876c6af724071b3c8dfa356ef86e68a08

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 13:38:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jan 2024 19:00:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19283
Connection
keep-alive
Content-Length
13174
Expires
Sat, 06 Jan 2024 18:59:51 GMT
v3
id5-sync.com/gm/ 		693 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
ab4046389a6099210e827d4e39fa09b38a914f0d1c665f8efb448e6bb27b49c4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Sat, 06 Jan 2024 13:38:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.94.90 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-94-90.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Sat, 06 Jan 2024 13:38:29 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.194.94.90 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-194-94-90.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sat, 06 Jan 2024 13:38:29 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
ecm3
s.amazon-adsystem.com/ Frame 1737 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=1be9c109-da85-4ead-a72e-c9e28d5ec6bf
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8VTAK9710DNPMX7AWKDN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 1737
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=MWJlOWMxMDktZGE4NS00ZWFkLWE3MmUtYzllMjhkNWVjNmJm
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.151.179.52 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-179-52.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:28 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 1737
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=98f33047-6206-44a9-9367-ebdba8f53da3&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=98f33047-6206-44a9-9367-ebdba8f53da3&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.151.179.52 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-179-52.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:28 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=98f33047-6206-44a9-9367-ebdba8f53da3&gdpr=0&gdpr_consent=
date
Sat, 06 Jan 2024 13:38:28 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame 1737
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=1be9c109-da85-4ead-a72e-c9e28d5ec6bf&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365
  • https://x.bidswitch.net/ul_cb/sync?ssp=sharethrough&user_id=1be9c109-da85-4ead-a72e-c9e28d5ec6bf&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=sharethrough
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=sharethrough
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7660733452243284982&ssp=sharethrough
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.151.179.52 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-179-52.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:30 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Sat, 06 Jan 2024 13:38:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookiesyncredir
bttrack.com/pixel/ Frame 1737 		35 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DFGhqNjC2WnFmmvNpTL32LMME%26source_user_id%3D%7Bglobalid%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.68 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.68.bidtellect.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-servername
Track001-iad
pragma
no-cache
date
Sat, 06 Jan 2024 13:37:21 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
ecm3
s.amazon-adsystem.com/ Frame 41A7 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=41afa4f7-dce5-8d0d-9543-a962329106a5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CDJ82F6Z2V1TEAVG7GGQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 41A7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=1979d88a-c04f-36f7-554d-2bf55aa2cd45&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=98f33047-6206-44a9-9367-ebdba8f53da3&ttd_puid=1979d88a-c04f-36f7-554d-2bf55aa2cd45&gdpr=0&gdpr_consent=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=98f33047-6206-44a9-9367-ebdba8f53da3&ttd_puid=1979d88a-c04f-36f7-554d-2bf55aa2cd45&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=98f33047-6206-44a9-9367-ebdba8f53da3&ttd_puid=1979d88a-c04f-36f7-554d-2bf55aa2cd45&gdpr=0&gdpr_consent=
date
Sat, 06 Jan 2024 13:38:28 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 41A7
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZZlX1MCo5swAAPrQcxIAAAAA
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZZlX1MCo5swAAPrQcxIAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Sat, 06 Jan 2024 13:38:28 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"101.127.64.186","key":"ZZlX1MCo5swAAPrQcxIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad421"}
X-SO-Key
ZZlX1MCo5swAAPrQcxIAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad421
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZZlX1MCo5swAAPrQcxIAAAAA
Cache-Control
private
X-SO-HostName
m-ad421.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
a-tgng40008.dc2p.scaleout.jp
X-SO-IP
101.127.64.186
sd
jp-u.openx.net/w/1.0/ Frame 41A7
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdvvROS3RoY-ks8AEDxkHmLQWM8AAAGM3v8YyQ
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdvvROS3RoY-ks8AEDxkHmLQWM8AAAGM3v8YyQ
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
via
1.1 f376d87611123aa47c006262522a6a94.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdvvROS3RoY-ks8AEDxkHmLQWM8AAAGM3v8YyQ
cache-control
no-cache
content-length
0
x-amz-cf-id
kYvKJ_Bm1Iuk7-9oswuHl3_iywyYEob9bqpnfwgBRCJriaQt1n6Xiw==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 41A7 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzUxNjBiNDAtMDkzOC02ODUzLTQwYWQtNzE0YzkwNDAwMzI1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 41A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBqHhkccryhBxtvuWNKsdxY&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBqHhkccryhBxtvuWNKsdxY&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBqHhkccryhBxtvuWNKsdxY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 2A10 		7 B
776 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 3B1B 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=VEhtIll55Zl9IW58q2lx
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8B0PFKTXGK3D30Z49H27
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3B1B 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=VkVodElsbDU1Wmw5SVc1OHEybHg=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 3B1B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1704548309346
  • https://ad.turn.com/r/cs?pid=45&rndcb=6556567175
  • https://sync.1rx.io/usersync/turn/3210515956384444875?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-9fdf8485-daa6-496f-b051-9e3ebabaae...
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004
43 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.255.135.85 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-135-85.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:31 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004
date
Sat, 06 Jan 2024 13:38:31 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX9fdf8485daa6496fb0519e3ebabaae0d004
content-type
text/html
sync
ads.yieldmo.com/v000/ Frame 3B1B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=4048876994717771444&pn_id=an
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=4048876994717771444&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.255.135.85 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-135-85.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
an-x-request-uuid
da1fe9fd-be7d-48c5-ae98-34443e65cfb0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.yieldmo.com/v000/sync?userid=4048876994717771444&pn_id=an
x-proxy-origin
101.127.64.186; 101.127.64.186; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 3B1B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=VEhtIll55Zl9IW58q2lx
  • https://ads.yieldmo.com/v000/sync?tdid=98f33047-6206-44a9-9367-ebdba8f53da3
43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=98f33047-6206-44a9-9367-ebdba8f53da3
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.255.135.85 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-135-85.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/v000/sync?tdid=98f33047-6206-44a9-9367-ebdba8f53da3
date
Sat, 06 Jan 2024 13:38:28 GMT
server
Kestrel
content-length
181
sync
ads.yieldmo.com/v000/ Frame 3B1B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEIMaHrHo-RjNMZPru5Cl1aw&google_cver=1
43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEIMaHrHo-RjNMZPru5Cl1aw&google_cver=1
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.255.135.85 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-135-85.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEIMaHrHo-RjNMZPru5Cl1aw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AA84
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGJHXsaABMAE&v=APEucNXOMVvaAkVgn-up4m8WPgb_wqHoqO5VeOUYxraWnE31l4b0btnPtOkiVXVjJkJJvFrv-p8-fQMitOFzBhdxfxqmE_rX5w
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTmU0%2FGKBvMqCPwWjfKdgWHBjS1jHSef5HCQmZfijAdM%2Bk0hXdY0yXgMwRtDykni8%2BUzBdTvW3gaZxhLD5SE8x3fzDeqSgqWdcYS9KBEILJyz8OPSoznAwD4I0wbRB5%2FEawOKFOTE8vDkw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84145c927bbb55fb-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AA84
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZlX1MaY56wGe4C-uYiXYQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGJHXsaABMAE&v=APEucNXOMVvaAkVgn-up4m8WPgb_wqHoqO5VeOUYxraWnE31l4b0btnPtOkiVXVjJkJJvFrv-p8-fQMitOFzBhdxfxqmE_rX5w
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7LLETnXG%2B40X11heSHinTIEUlU5N%2FZjS80BMUjr6r4R0VL1EFT5JJ%2FjxVvk6eJ149EyQFEeY0CX7bmCC%2BBNhPeSuoxIIgsd3fJS45WU0yssu4GqZ%2BDoKJ5epWTb5BwIfr1X2Q70PWS%2BzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84145c943de855fb-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame AA84
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOUREEUqxhP-OaGyYkU3R6s&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOUREEUqxhP-OaGyYkU3R6s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGJHXsaABMAE&v=APEucNXOMVvaAkVgn-up4m8WPgb_wqHoqO5VeOUYxraWnE31l4b0btnPtOkiVXVjJkJJvFrv-p8-fQMitOFzBhdxfxqmE_rX5w
Protocol
H2
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
an-x-request-uuid
c914d7b0-2f42-4fa6-ac0a-94bca33a3dd9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
101.127.64.186; 101.127.64.186; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOUREEUqxhP-OaGyYkU3R6s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AA84
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA0ODg3Njk5NDcxNzc3MTQ0NA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA0ODg3Njk5NDcxNzc3MTQ0NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGJHXsaABMAE&v=APEucNXOMVvaAkVgn-up4m8WPgb_wqHoqO5VeOUYxraWnE31l4b0btnPtOkiVXVjJkJJvFrv-p8-fQMitOFzBhdxfxqmE_rX5w
Protocol
H2
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
an-x-request-uuid
372df0b4-7307-46e7-9018-2989fe5fb802
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA0ODg3Njk5NDcxNzc3MTQ0NA%3D%3D
x-proxy-origin
101.127.64.186; 101.127.64.186; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 2A10
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---&khaos=LR241UYY-18-GEDC
  • https://s.amazon-adsystem.com/ecm3?id=LR241UYY-18-GEDC&ex=d-rubiconproject.com&status=ok&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LR241UYY-18-GEDC&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RJBDFY8NTBWXWRNZKTGN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LR241UYY-18-GEDC&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c57992b917a1c5de787b922c662fdf18
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 3451
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGJHXsaABMAE&v=APEucNVYVggnP45gzwHIbm1dHboUwb4fXz8V927PTmqgNzWEOhXA0V48CTb2klLuxdhmQ3_CntZNRTGaIe80aSOKY4vsyriipQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgoTNdtKeVmVOie5HNENKik75Nly7uPjHY3FNN%2F7xL6vuH29gCj2tsyBsh2fqX2vSJeIlLC3LTHTSej%2BkH3otSinMtLrKvBOulqrBXmdDP7aEFWRCSpltA%2BjzJTeeD1tfTaZopoN3H2Bag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84145c938d0555fb-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3451
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZlX1MaY56wGe4C-uYiXYQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGJHXsaABMAE&v=APEucNVYVggnP45gzwHIbm1dHboUwb4fXz8V927PTmqgNzWEOhXA0V48CTb2klLuxdhmQ3_CntZNRTGaIe80aSOKY4vsyriipQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzgEgLafUmkd6G7o09KL4206q7nQ%2FxXZ0zke9HAU%2F54mHM8PAMDIClHHGk%2FkTlpH9hKTE20SkJcIBQ77t5KthXQiN%2FfLSu%2BNDG29GW26olkW%2B%2FiJAjUVk0Qvi43JY5hNT014GxHEykSLrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84145c978b0855fb-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 3451
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOUREEUqxhP-OaGyYkU3R6s&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOUREEUqxhP-OaGyYkU3R6s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGJHXsaABMAE&v=APEucNVYVggnP45gzwHIbm1dHboUwb4fXz8V927PTmqgNzWEOhXA0V48CTb2klLuxdhmQ3_CntZNRTGaIe80aSOKY4vsyriipQ
Protocol
H2
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
an-x-request-uuid
121c4506-96fe-429e-849e-b69e00d3bb6f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
101.127.64.186; 101.127.64.186; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOUREEUqxhP-OaGyYkU3R6s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3451
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA0ODg3Njk5NDcxNzc3MTQ0NA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA0ODg3Njk5NDcxNzc3MTQ0NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGJHXsaABMAE&v=APEucNVYVggnP45gzwHIbm1dHboUwb4fXz8V927PTmqgNzWEOhXA0V48CTb2klLuxdhmQ3_CntZNRTGaIe80aSOKY4vsyriipQ
Protocol
H2
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
an-x-request-uuid
933a556d-6214-4e08-ab56-6bef2087a458
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA0ODg3Njk5NDcxNzc3MTQ0NA%3D%3D
x-proxy-origin
101.127.64.186; 101.127.64.186; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 2250 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00b8981bc12f1d4313764a20cc3d89418cac0ff9d546a759db55d0c9ac988a32

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame CC59 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a2061b5f295a0eeaa11cc613abb8e3434a15a1568c3434c22ef7769591e9183

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		66 B
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?bcsessionid=d7f7d8d3-bac0-4b4b-b3ff-092fa48b58c9&&callback=bc_json293
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.208.76.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-76-193.compute-1.amazonaws.com
Software
- /
Resource Hash
b61566612392f0437229c51aacd13673c22256fc0df43132ccc4f3d2c77e3ea5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 2A10
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECeSzpQrqRk_h4-9Xdyn2JQ&google_cver=1
42 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECeSzpQrqRk_h4-9Xdyn2JQ&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECeSzpQrqRk_h4-9Xdyn2JQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 2A10
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=C7Ae-mDQS_mntY_H9B9Lzg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=C7Ae-mDQS_mntY_H9B9Lzg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=C7Ae-mDQS_mntY_H9B9Lzg
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3N5G917GA8B2GAFCE425
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=C7Ae-mDQS_mntY_H9B9Lzg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2A10
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=98f33047-6206-44a9-9367-ebdba8f53da3&gdpr=0&gdpr_consent=&expires=30
42 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=98f33047-6206-44a9-9367-ebdba8f53da3&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=98f33047-6206-44a9-9367-ebdba8f53da3&gdpr=0&gdpr_consent=&expires=30
date
Sat, 06 Jan 2024 13:38:28 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 2A10
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5Z3QwE9TwfHmW0dcQkExSMn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ItIY_9xE2oLZokU5gNpOt.lzklvbeA3Z3CGyfA--~A
42 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ItIY_9xE2oLZokU5gNpOt.lzklvbeA3Z3CGyfA--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 06 Jan 2024 13:38:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ItIY_9xE2oLZokU5gNpOt.lzklvbeA3Z3CGyfA--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 2A10
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR241UYY-18-GEDC&us_privacy=1---
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR241UYY-18-GEDC&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 55CA923746504C7DB6C89E75FF37BA93 Ref B: SG1EDGE0117 Ref C: 2024-01-06T13:38:28Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYORxR/ngImOMXnqcZ36A==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR241UYY-18-GEDC&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc2b9026541f49c9c095b4cedfcedb9a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 2A10
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---
  • https://s.amazon-adsystem.com/ecm3?id=LR241UYY-18-GEDC&ex=d-rubiconproject.com&status=ok&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LR241UYY-18-GEDC&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SZ0Q0KY8R6JYHDMY89X3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LR241UYY-18-GEDC&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
pixel
cm.g.doubleclick.net/ Frame 2A10
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODA0NTgyNTQyOThlYjE1MWMwMmIwYmZjMGM2MTFjMTJlNWZmOGZkMA&us_privacy=1---
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODA0NTgyNTQyOThlYjE1MWMwMmIwYmZjMGM2MTFjMTJlNWZmOGZkMA&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODA0NTgyNTQyOThlYjE1MWMwMmIwYmZjMGM2MTFjMTJlNWZmOGZkMA&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc2b9026541f49c9c095b4cedfcedb9a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2A10 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FPEHBHZKMDBW1EVMXQNY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2A10
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFIyNDFVWVktMTgtR0VEQw==&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJhrK3d75YTFXo24Z-XRTpA&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFIyNDFVWVktMTgtR0VEQw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFIyNDFVWVktMTgtR0VEQw==&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFIyNDFVWVktMTgtR0VEQw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 2A10
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1---
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1---&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAXZdk7LMrAAABQjMFa4Qw&expires=30
42 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAXZdk7LMrAAABQjMFa4Qw&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAXZdk7LMrAAABQjMFa4Qw&expires=30
Date
Sat, 06 Jan 2024 13:38:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
pixel
capi.connatix.com/us/ Frame 2A10
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1---
  • https://capi.connatix.com/us/pixel?puid=LR241UYY-18-GEDC&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---
  • https://capi.connatix.com/us/pixel?puid=LR241UYY-18-GEDC&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LR241UYY-18-GEDC&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84145c981da787f6-SIN
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 06 Jan 2024 13:38:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LR241UYY-18-GEDC&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84145c967b4187f6-SIN
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
check
pixel.tapad.com/idsync/ex/receive/ Frame 2A10
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&us_privacy=1---
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR241UYY-18-GEDC&us_privacy=1---
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LR241UYY-18-GEDC&us_privacy=1---
95 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LR241UYY-18-GEDC&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sat, 06 Jan 2024 13:38:29 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LR241UYY-18-GEDC&us_privacy=1---
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
setuid
ib.adnxs.com/prebid/ Frame 2A10
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1---
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR241UYY-18-GEDC&us_privacy=1---
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR241UYY-18-GEDC&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
an-x-request-uuid
6eab6e52-d61a-487d-907f-1f78b2254595
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
101.127.64.186; 101.127.64.186; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR241UYY-18-GEDC&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
merge
ce.lijit.com/ Frame 2A10
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&us_privacy=1---
  • https://ce.lijit.com/merge?pid=80&3pid=LR241UYY-18-GEDC&us_privacy=1---
  • https://ce.lijit.com/merge?pid=80&3pid=LR241UYY-18-GEDC&us_privacy=1---&dnr=1
43 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LR241UYY-18-GEDC&us_privacy=1---&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
63.251.14.14 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
14.14.251.63.unassigned.ord.singlehop.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:30 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1sea1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:30 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LR241UYY-18-GEDC&us_privacy=1---&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1sea1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 2A10
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=aadb8592-82e3-4ab1-b1ef-bab4a9a1eeeb&expires=30&us_privacy=1---
42 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=aadb8592-82e3-4ab1-b1ef-bab4a9a1eeeb&expires=30&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=aadb8592-82e3-4ab1-b1ef-bab4a9a1eeeb&expires=30&us_privacy=1---
Date
Sat, 06 Jan 2024 13:38:30 GMT
Connection
keep-alive
X-CI-RTID
3a547135-124c-4126-a7c2-51e618d124ac
Content-Length
164
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame 2A10
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&us_privacy=1---
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR241UYY-18-GEDC&us_privacy=1---
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR241UYY-18-GEDC&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
54.151.179.52 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-179-52.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR241UYY-18-GEDC&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e2b6b837307e4a2cb84d126fbaf2cea2
Expires
0
pixel
cm.g.doubleclick.net/ Frame F2D8
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELRXhynvaJDfFibvvP377cw&google_cver=1&google_push=AXcoOmQux-244c8Fihuq_8RB22c_kqo4lzQbvVV_VLNQd0O82mxvTYl...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=343c2466e26b1ef4&is_secure=true&networkId=14000&version=1&google_gid=CAESELRXhynvaJDfFibvvP377cw&google_cver=1&google_push=AXcoOmQux-24...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALTyHy_Z-2KANyWtRkAAAAAAA&expiration=1704634709&google_cver=1&is_secure=true&google_gid=CAESELRXhynvaJDfFibvvP377...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALTyHy_Z-2KANyWtRkAAAAAAA&expiration=1704634709&google_cver=1&is_secure=true&google_gid=CAESELRXhynvaJDfFibvvP377cw&google_push=AXcoOmQux-244c8Fihuq_8RB22c_kqo4lzQbvVV_VLNQd0O82mxvTYlF5XzGcnQ2RV2TbkGkkx8LE8QDnWSvLpeZ-kBH3eGuu1kinkcK0GVfroW1KImPH0Ia54lhcRR6DtXu7pylZnuh7XrFao6wNMa5maY
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALTyHy_Z-2KANyWtRkAAAAAAA&expiration=1704634709&google_cver=1&is_secure=true&google_gid=CAESELRXhynvaJDfFibvvP377cw&google_push=AXcoOmQux-244c8Fihuq_8RB22c_kqo4lzQbvVV_VLNQd0O82mxvTYlF5XzGcnQ2RV2TbkGkkx8LE8QDnWSvLpeZ-kBH3eGuu1kinkcK0GVfroW1KImPH0Ia54lhcRR6DtXu7pylZnuh7XrFao6wNMa5maY
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame F2D8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlpsWDBnQU1ZOHNBUGdBTQ==&google_gid=CAESEJoZj86_fkpmSyeA_4fF8NI&google_cver=1&google_push=AXcoOmQqQqVw4vGA_lM8pQ1_QVh3OD9P0w...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlpsWDBnQU1ZOHNBUGdBTQ==&google_gid=CAESEJoZj86_fkpmSyeA_4fF8NI&google_cver=1&google_push=AXcoOmQqQqVw4vGA_lM8pQ1_QVh3OD9P0wx0y61r5xecNCjJa_vxBj9ldnzsy9PH3ZoF4Kaaw61Ii1Kl8ZP-SEG0l7PounXXRlnUhIdr6_YwFCmHjLZJDWKNHpwklHTU_HzioCvC7RYy-fU1SG-8T0HjDuo
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-qpg1253-QPG
pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
via
1.1 varnish
server
Varnish
x-timer
S1704548309.797381,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlpsWDBnQU1ZOHNBUGdBTQ==&google_gid=CAESEJoZj86_fkpmSyeA_4fF8NI&google_cver=1&google_push=AXcoOmQqQqVw4vGA_lM8pQ1_QVh3OD9P0wx0y61r5xecNCjJa_vxBj9ldnzsy9PH3ZoF4Kaaw61Ii1Kl8ZP-SEG0l7PounXXRlnUhIdr6_YwFCmHjLZJDWKNHpwklHTU_HzioCvC7RYy-fU1SG-8T0HjDuo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame F2D8
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEJNAg_cVKfJcNRd4dHB3GwA&google_cver=1&google_push=AXcoOmSSNbKWWs0zzDS_qXL1l_ZzA76qacXRj8m5T7_Bq3rIVfA56dDr0j_HTudNLMJ-Z-Jndye7KOlQka...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmSSNbKWWs0zzDS_qXL1l_ZzA76qacXRj8m5T7_Bq3rIVfA56dDr0j_HTudNLMJ-Z-Jndye7KOlQkaDKHyeg73gDyA8Ops1Ntzs_R3B3VuWOvuEbFOLrMNse3NxyWQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmSSNbKWWs0zzDS_qXL1l_ZzA76qacXRj8m5T7_Bq3rIVfA56dDr0j_HTudNLMJ-Z-Jndye7KOlQkaDKHyeg73gDyA8Ops1Ntzs_R3B3VuWOvuEbFOLrMNse3NxyWQQuU5Ev9OrqmeqDwCu2VmDgDQA&google_hm=MkpSRm01MXpNYU1pQk03ZHJNT0V0X18wQWNz&from_google=pc1
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:29 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmSSNbKWWs0zzDS_qXL1l_ZzA76qacXRj8m5T7_Bq3rIVfA56dDr0j_HTudNLMJ-Z-Jndye7KOlQkaDKHyeg73gDyA8Ops1Ntzs_R3B3VuWOvuEbFOLrMNse3NxyWQQuU5Ev9OrqmeqDwCu2VmDgDQA&google_hm=MkpSRm01MXpNYU1pQk03ZHJNT0V0X18wQWNz&from_google=pc1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame F2D8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEJnS5q2kQuBZNo5eCzY0Ha0&google_cver=1&google_push=AXcoOmRsndnX6pH5Z3cYn3_l9C_DRISBEfTLv7dPVZAp_d0K1iBI8L2y1oeexYDg3pu3SMsIbAqGrOktKg1OcrILQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmRsndnX6pH5Z3cYn3_l9C_DRISBEfTLv7dPVZAp_d0K1iBI8L2y1oeexYDg3pu3SMsIbAqGrOktKg1OcrILQ5I12JRvmguFcEd2ARmx48WWL_ovdYakCYbSp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmRsndnX6pH5Z3cYn3_l9C_DRISBEfTLv7dPVZAp_d0K1iBI8L2y1oeexYDg3pu3SMsIbAqGrOktKg1OcrILQ5I12JRvmguFcEd2ARmx48WWL_ovdYakCYbSpkw96Tm36g3K1Ca2H8stjR7BTUVk_po&google_hm=
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmRsndnX6pH5Z3cYn3_l9C_DRISBEfTLv7dPVZAp_d0K1iBI8L2y1oeexYDg3pu3SMsIbAqGrOktKg1OcrILQ5I12JRvmguFcEd2ARmx48WWL_ovdYakCYbSpkw96Tm36g3K1Ca2H8stjR7BTUVk_po&google_hm=
Date
Sat, 06 Jan 2024 13:38:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
doubleclick
app.cauly.co.kr/idsync_ssp/ Frame F2D8 		0
0
pixel
cm.g.doubleclick.net/ Frame F2D8
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEGrRchH8sv7Meq2wEAYD7qU&google_cver=1&google_push=AXcoOmREcNWDDD8D46JneczMnyptBEjmmBnkxUl_Z-i8wX_twYicJiESG996_4CZG2RWAvb2RXrnujepaW2mdeXk0Ec8bAve-RJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmREcNWDDD8D46JneczMnyptBEjmmBnkxUl_Z-i8wX_twYicJiESG996_4CZG2RWAvb2RXrnujepaW2mdeXk0Ec8bAve-RJdTG-v8hsyl7Fch1E-Oj7Fxo8sW3yNe8U...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmREcNWDDD8D46JneczMnyptBEjmmBnkxUl_Z-i8wX_twYicJiESG996_4CZG2RWAvb2RXrnujepaW2mdeXk0Ec8bAve-RJdTG-v8hsyl7Fch1E-Oj7Fxo8sW3yNe8U8vczVwmAXtVEeNiyvuoTDvuA&google_hm=VkVodElsbDU1Wmw5SVc1OHEybHg=
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmREcNWDDD8D46JneczMnyptBEjmmBnkxUl_Z-i8wX_twYicJiESG996_4CZG2RWAvb2RXrnujepaW2mdeXk0Ec8bAve-RJdTG-v8hsyl7Fch1E-Oj7Fxo8sW3yNe8U8vczVwmAXtVEeNiyvuoTDvuA&google_hm=VkVodElsbDU1Wmw5SVc1OHEybHg=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
/
onetag-sys.com/match/ Frame F2D8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFgookkdnwl-XenqiFo1FrA&google_cver=1&google_push=AXcoOmSKKp-UTxj33OFAc1ZmBF1ATlFwSdeCuQrN_7AZHXtP2O-X_86Zv-tryahLrwSMRv72qRm7w3gDWFC...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSKKp-UTxj33OFAc1ZmBF1ATlFwSdeCuQrN_7AZHXtP2O-X_86Zv-tryahLrwSMRv72qRm7w3gDWFCidxUhsu-e7U-ZgvMWlTfKLbZDFg-0eBYJP70G...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F2D8 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LNGKHHCOpilePYwxXIMfNQLXXRR3AyLEi2uzUrYi4QOXEaQyZIB_hH9l7FWKRPGZeR9eOusg
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
PugMaster
image6.pubmatic.com/AdServer/ Frame 7371 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=63110702&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
f83fdb9fb740cade58278412847013685fbd7b96499ba7dacf095bf7ee4a3c4a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 06 Jan 2024 13:36:48 GMT
content-length
1672
content-type
text/html; charset=UTF-8
rum
dsum-sec.casalemedia.com/ Frame 0BE4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGJHXsaABMAE&v=APEucNXY4P4owaDXDbDzq1KaRj7K8kqyBSnbPfJecaG77TNtBVjEX2WPFmyy1NgDj5XVoWV0KsJ5a9MOcyxeDgh_3bDm9gcbIg
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2XWbEpiFK2NYMon%2BDYieRRKt0gKapEaabep%2FzOT925S1JUmmEGAzT0KBryj3j8dUPKurRMY27%2BASJaU4%2F%2Fyfr2a8thsWRAd1wKbOWWVmrDm16kQLvg4oJeB9JqSyEhNB9nHbuyF0IF%2BTw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84145c96895755fb-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0BE4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZlX1MaY56wGe4C-uYiXYQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGJHXsaABMAE&v=APEucNXY4P4owaDXDbDzq1KaRj7K8kqyBSnbPfJecaG77TNtBVjEX2WPFmyy1NgDj5XVoWV0KsJ5a9MOcyxeDgh_3bDm9gcbIg
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qusogX%2FcHCdx4l114iGBBcdoD6iQoG9dmObNEbguQUJ82K%2B2k24t4TSwD4xZ4iB7EnWsLWApXCZvKWRr6mhU55jYcThEy0PAKKYWr08b6l6clR5lz48PE6ddxTFvp4MqvOjEGzUTUc2viQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84145c97cb7155fb-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBdqvaI8vDqlbo-dA76p62k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0BE4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOUREEUqxhP-OaGyYkU3R6s&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEOUREEUqxhP-OaGyYkU3R6s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGJHXsaABMAE&v=APEucNXY4P4owaDXDbDzq1KaRj7K8kqyBSnbPfJecaG77TNtBVjEX2WPFmyy1NgDj5XVoWV0KsJ5a9MOcyxeDgh_3bDm9gcbIg
Protocol
H2
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
an-x-request-uuid
184e9eae-9e1d-47ed-a431-de32f1e34403
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
101.127.64.186; 101.127.64.186; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEOUREEUqxhP-OaGyYkU3R6s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0BE4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA0ODg3Njk5NDcxNzc3MTQ0NA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA0ODg3Njk5NDcxNzc3MTQ0NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMqA3bkCGJHXsaABMAE&v=APEucNXY4P4owaDXDbDzq1KaRj7K8kqyBSnbPfJecaG77TNtBVjEX2WPFmyy1NgDj5XVoWV0KsJ5a9MOcyxeDgh_3bDm9gcbIg
Protocol
H2
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
an-x-request-uuid
9aa2fd5f-255a-4d7b-98d4-b5ef8630f42c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDA0ODg3Njk5NDcxNzc3MTQ0NA%3D%3D
x-proxy-origin
101.127.64.186; 101.127.64.186; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
291
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/291?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=d7f7d8d3-bac0-4b4b-b3ff-092fa48b58c9&bctempid=&overruleReferrer=&time=2024-01-06T21%3A38%3A28%2B08%3A00&ts=1704548308952
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-45.sin5.r.cloudfront.net
Software
- /
Resource Hash
a975d720478f73180b45aac604dd1a1c28a88696f8f32e6a14745abcf05d1830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
3704
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
AiFlJiaXs7ZnodbjAEFlQ91CCqHLk1xLP72RxH-HEzl_9czjS03aBw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
predict
h312.mlive.com/rest/v2/custom/frontend/listener_realtime_model/ 		2 B
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/rest/v2/custom/frontend/listener_realtime_model/predict?itemId=93193c90-1299-460a-add2-602384af02fc&profileId=d7f7d8d3-bac0-4b4b-b3ff-092fa48b58c9
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/plugin/plugin/3c3885ad0fa761126e05c713bb68c1bf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-45.sin5.r.cloudfront.net
Software
- /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
22
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache="Set-Cookie"
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
cyC8IoERpXx_4R2fjL4VIlIOa2DDpuGghx9dI4s6UX4bFY03xmGjpw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
291
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		547 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/291?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=d7f7d8d3-bac0-4b4b-b3ff-092fa48b58c9&bctempid=&overruleReferrer=&time=2024-01-06T21%3A38%3A28%2B08%3A00&ts=1704548308972
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-45.sin5.r.cloudfront.net
Software
- /
Resource Hash
42a81956859182fbd6f108c298208db557a98b75242e1f3e121865a0d96a38ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
176
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
b2Ur_9jmuv_VErlsTid7e-zXwaqhOAGWp0vsSjbZl9rOZe6ijEV_gg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
291
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/291?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=d7f7d8d3-bac0-4b4b-b3ff-092fa48b58c9&bctempid=&overruleReferrer=&time=2024-01-06T21%3A38%3A28%2B08%3A00&ts=1704548308973
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-45.sin5.r.cloudfront.net
Software
- /
Resource Hash
3f09be23411e14c211cefbda3f34a1bedbdb6052cf814c60e02cf06419731407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
163
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
qVDzoyo24peWcN41lYDti128KkO99_Lz7MaYcpho6pCudVLew9xWXA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
291
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/291?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=d7f7d8d3-bac0-4b4b-b3ff-092fa48b58c9&bctempid=&overruleReferrer=&time=2024-01-06T21%3A38%3A29%2B08%3A00&ts=1704548309029
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-45.sin5.r.cloudfront.net
Software
- /
Resource Hash
bb4f8f475b404644a100dd8b2ff86b208c65b167c8fc6410bf334b08dc8e2273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
164
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
8p-agcMuC5zjQczCHTwguW4QVZzLlCIqhsKaDco9EBtWPniONiEfqw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
291
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/291?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=d7f7d8d3-bac0-4b4b-b3ff-092fa48b58c9&bctempid=&overruleReferrer=&time=2024-01-06T21%3A38%3A29%2B08%3A00&ts=1704548309033
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-45.sin5.r.cloudfront.net
Software
- /
Resource Hash
82cc530818d2ba90ff4da637c0fde2422a6c856ff3915b84ec8a65ab360abba1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
164
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
GDfklVx9m5ikP_c1-gMdzIgYrBv_-5Y40WlgeCszfyHaBA1qy9K2HQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1923479956&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blueconic&ea=segments&_u=aDDAAEABAAQCACgFKAC~&jid=&gjid=&cid=1072478933.1704548306&tid=UA-16643585-16&_gid=1417018887.1704548307&gtm=45He4130n81TLXFLCRv78133989&cd1=undefined&cd2=1---&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=Blueconic%20-%20event%20call&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd64=undefined&cd65=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-c&cd99=undefined&cd100=fbfabb1e89960b7979ccb67a1ecd04d7&cd101=b946fd47a12f78bb55ed1b2f2818185ca02c630dbfbce5eea49ba188f569c833&cd102=undefined&cd103=undefined&gcd=11l1l1l1l1&dma=0&cd61=1072478933.1704548306&cd76=a0002%2Ca0022%2Ca0054%2Ca0107&cd77=undefined&cd78=undefined&cd79=undefined&cd80=undefined&cd85=undefined&cd89=undefined&cd96=1&cm1=undefined&cm2=undefined&cm3=undefined&cm4=undefined&z=444073358
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 07:40:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21467
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
291
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/291?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=d7f7d8d3-bac0-4b4b-b3ff-092fa48b58c9&bctempid=&overruleReferrer=&time=2024-01-06T21%3A38%3A29%2B08%3A00&ts=1704548309046
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-45.sin5.r.cloudfront.net
Software
- /
Resource Hash
a9f443128a1452aa4cd9e024e59e48ae22e8adac085229f91763da17c6a8c655
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
164
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
YSSPf_pvkLQS2f2ys_SOftdIS6withZqs1wsin2vBLhvj4w0UpA-dQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
data
bcp.crwdcntrl.net/6/ 		172 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.150.191 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-150-191.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
9bb456d836cc354945cecce8dbdf0ec21d2d9cbc30d001d401bc978f6df75818

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.42.27.43
access-control-allow-credentials
true
content-length
172
expires
0
291
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/291?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=d7f7d8d3-bac0-4b4b-b3ff-092fa48b58c9&bctempid=&overruleReferrer=&time=2024-01-06T21%3A38%3A29%2B08%3A00&ts=1704548309061
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-45.sin5.r.cloudfront.net
Software
- /
Resource Hash
7d5ff3f38fc47331890e77c5679963c972345acb699b580ee6d01379f053d4ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4495
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
E1cHQGH3lmo3C-Ek-YFMODgrf8t4SvY8LyWhAadS6srWyt2CDvIv4Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ Frame D2BF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc5752e8ed3fd346a0c405849102accc7580233c091a5c69eb3df7954b74d960

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 7F95
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMz58IqXpc-3ReBP9HEOG1I&google_cver=1&google_push=AXcoOmRHQrbb88IAxvtjA2CBwWjly18QSN84qqnoyDdH6qNOf0pvl4Hl97C2UCUrXoCstGUSNx8Je-6SwZbEtfXX_aklQtl...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRHQrbb88IAxvtjA2CBwWjly18QSN84qqnoyDdH6qNOf0pvl4Hl97C2UCUrXoCstGUSNx8Je-6SwZbEtfXX_aklQtl6zufxonOii4uyO79KwCA58C6K8GMfWMmvXgktk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRHQrbb88IAxvtjA2CBwWjly18QSN84qqnoyDdH6qNOf0pvl4Hl97C2UCUrXoCstGUSNx8Je-6SwZbEtfXX_aklQtl6zufxonOii4uyO79KwCA58C6K8GMfWMmvXgktkJZmAeFEf8-4yIlsOuXiVls&google_hm=eS04clhvY0c1RTJwSDhFclVDZGRIMnp0djA2UXdDa2NHV35B
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 06 Jan 2024 13:38:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRHQrbb88IAxvtjA2CBwWjly18QSN84qqnoyDdH6qNOf0pvl4Hl97C2UCUrXoCstGUSNx8Je-6SwZbEtfXX_aklQtl6zufxonOii4uyO79KwCA58C6K8GMfWMmvXgktkJZmAeFEf8-4yIlsOuXiVls&google_hm=eS04clhvY0c1RTJwSDhFclVDZGRIMnp0djA2UXdDa2NHV35B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 7F95 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR95kRpy1DQ9F27UL1DcKTUWyH9hiL3qt5wh4cUKgDPYR_JemOyQNB61DkDfQsreMENCUsxPrJrz8u2I4MoP8FAwQe38HQ3egnKWB-Z1B2SJimoAwL0bmtJn8mcdr2pmAHd1nYW7gNoOEfC0KNYox4&google_gid=CAESEDBb7eanItKbAypMVw9fLuE&google_cver=1
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
275226
expires
Sat, 06 Jan 2024 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7F95
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGeDJwtXd1i-YDGmVv5wBp0&google_cver=1&google_push=AXcoOmRi61JSbGseTD-m9GfnrmoIUkyTPvPJWAtxLgbLHfj2Ez05lPPN--IwS3iyYKdqjwe6d9Wm07Tz51WVB...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGeDJwtXd1i-YDGmVv5wBp0&google_push=AXcoOmRi61JSbGseTD-m9GfnrmoIUkyTPvPJWAtxLgbLHfj2Ez05lPPN--IwS3iyYKdqjwe6d9Wm07Tz51WVB...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRi61JSbGseTD-m9GfnrmoIUkyTPvPJWAtxLgbLHfj2Ez05lPPN--IwS3iyYKdqjwe6d9Wm07Tz51WVBaGNKi6q-I5S_M1bxst6wZxnGdEckLTovsHyyn9K38-y5cj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRi61JSbGseTD-m9GfnrmoIUkyTPvPJWAtxLgbLHfj2Ez05lPPN--IwS3iyYKdqjwe6d9Wm07Tz51WVBaGNKi6q-I5S_M1bxst6wZxnGdEckLTovsHyyn9K38-y5cjHoeRrtBz98zfS50fWgeos6Mg&google_hm=ZlVaYkdNYkh6SGdvdWNTVjIzbmo=
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:29 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRi61JSbGseTD-m9GfnrmoIUkyTPvPJWAtxLgbLHfj2Ez05lPPN--IwS3iyYKdqjwe6d9Wm07Tz51WVBaGNKi6q-I5S_M1bxst6wZxnGdEckLTovsHyyn9K38-y5cjHoeRrtBz98zfS50fWgeos6Mg&google_hm=ZlVaYkdNYkh6SGdvdWNTVjIzbmo=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
291
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7F95
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sfLFzJ8aRPSH9G_O5oX8cA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sfLFzJ8aRPSH9G_O5oX8cA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRHVNPCI1L_sfzisUFA5GEEuDraVIJMzZlhSdGPm8XyINr1YnbmrE9DWerEnHrYhzp4h2fC3RJLOYr13BnqfbZh0o1-tElfy0F8w2JJEILEuqPXqayNNbMSZRela3G2HcSkhrxPmvICDTJcbqwYig
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sfLFzJ8aRPSH9G_O5oX8cA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRHVNPCI1L_sfzisUFA5GEEuDraVIJMzZlhSdGPm8XyINr1YnbmrE9DWerEnHrYhzp4h2fC3RJLOYr13BnqfbZh0o1-tElfy0F8w2JJEILEuqPXqayNNbMSZRela3G2HcSkhrxPmvICDTJcbqwYig
date
Sat, 06 Jan 2024 13:38:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
/
s-cs.rmp.rakuten.com/ Frame 7F95
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEoPd_tdUGoWY2EeJbLZifk&google_cver=1&google_push=AXcoOmSRBlQCwVaz110RnCnAAwYq2JPrjSmlpDuqaLKG-a5ob8BCR4putugjpPBTht-zQdwWhmzS_DatOg_-ZxG8...
  • https://s-cs.rmp.rakuten.com/?d=50&uid=d34a1aaedb
43 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-cs.rmp.rakuten.com/?d=50&uid=d34a1aaedb
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
34.95.81.88 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
88.81.95.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
via
1.1 google
x-envoy-upstream-service-time
6
server
istio-envoy
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif

Redirect headers

date
Sat, 06 Jan 2024 13:38:29 GMT
via
1.1 75c2742886aa426af3e0688fa2a8677a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
location
https://s-cs.rmp.rakuten.com/?d=50&uid=d34a1aaedb
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
mKxcTv17MXxB1TyqCg2t06YxQcDAMwdiwJ6n2G23U6_JZuusD5GM1A==
pub
cs.chocolateplatform.com/ Frame 7F95 		0
0
pixel
cm.g.doubleclick.net/ Frame 7F95
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEE3XIRBAG4yKx7DhGcUXLYM&google_cver=1&google_push=AXcoOmTYJmSbsoT6BDaRGTS8nsSS-UYABGtytmlzhucwBBUmRDcfIrOqTbDi35eGl2p_HVNvJukUgh...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTYJmSbsoT6BDaRGTS8nsSS-UYABGtytmlzhucwBBUmRDcfIrOqTbDi35eGl2p_HVNvJukUghabTjefAYxvdci9A5E-1GUOt23n4Q3cUz800vjKgT7lU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTYJmSbsoT6BDaRGTS8nsSS-UYABGtytmlzhucwBBUmRDcfIrOqTbDi35eGl2p_HVNvJukUghabTjefAYxvdci9A5E-1GUOt23n4Q3cUz800vjKgT7lUynjPLNQNePl4_3GmpazgB7cYBpBJzX_Fr4&google_hm=NDQ3NDE5ODkyMzIwNzYwMjgyNQ%3D%3D
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTYJmSbsoT6BDaRGTS8nsSS-UYABGtytmlzhucwBBUmRDcfIrOqTbDi35eGl2p_HVNvJukUghabTjefAYxvdci9A5E-1GUOt23n4Q3cUz800vjKgT7lUynjPLNQNePl4_3GmpazgB7cYBpBJzX_Fr4&google_hm=NDQ3NDE5ODkyMzIwNzYwMjgyNQ%3D%3D
date
Sat, 06 Jan 2024 13:38:28 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 7F95 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IKA03WH-E-8-mtyfeNa015N4p061p3_Im4nLKNfeieOlHbHucpCGDkmAgoZAB8JOvaocm5
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 28A6 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
24414
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 06:51:35 GMT
expires
Sun, 05 Jan 2025 06:51:35 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
impressionTrackerOandaIABTCF20.js
a.svtrd.com/media/s/1371/1/ Frame CC59 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.svtrd.com/media/s/1371/1/impressionTrackerOandaIABTCF20.js?adID=574858489&advertiserID=8939372&campaignID=25601289&creativeID=207381705&placementID=298741816
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-16.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5bcebd2ecd1d1dda57aeb2173c4221bcd69cc0a722ee2136269553f9e98cc433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
n3pvyfi5JkIlvVIaALnmqOoEVt1o140V
content-encoding
gzip
via
1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
date
Fri, 05 Jan 2024 22:14:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN2-C1
age
55768
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Wed, 05 Aug 2020 12:46:05 GMT
server
AmazonS3
etag
W/"b773a034d0bbd2aac615ce793952d1fc"
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
8mYGWX1kqwiLkXu4Tgn6x-I9W6tLZYCz537ckh9p9-NuMM6C8n2fYA==
index.html
s0.2mdn.net/sadbundle/8666509942896927629/ Frame A141 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
0f4fe2938bb90ede05201fd69f8a47381636d12dd819d4fa8c24a4a06be92de8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
185047
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3324
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 10:14:22 GMT
expires
Fri, 03 Jan 2025 10:14:22 GMT
last-modified
Thu, 14 Dec 2023 16:02:43 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame CC59 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvtV1rWAJOBhRCa_KDlPfI_3nVeXePvGBuLCGucSRBFrZ6ipbjEo4v0JBEzalVZ1gxeXK_D5YI2EOty_R3KZWRjasmgv8PjThwPZCcwQeIJZfMGPKhWtnQVrLTXQ0Sj_4pnZipM-IRM5LyyVPfGmhYyydNjuKC7x2hdCLviP934zB405sgllMTXe_tBKqPFhOJndZV2Dw8jXtQ32uZvqP1zmd2BZZJ-TWOFe-srogB0GHs9_-FM4uaxCWmR7XEqYxqAfswcf09D3ej0UYxc4bpKWubGOm0TT5qjdZrBmataG5M-tRegLzJ_KXUQNgZX9DYFJ4DurbHrUXSe3H5mNFqOHnXFsg-iFsbQaTnMOP7M2MgewFlY01LHoPc4qXA7zFTrXU7ilXiyb1TTpD8zb5sjvzafjDdQfD3D83YkP6XE8aYryq66cCgwka1SHdrwW8S_ndmkB_V09_utUoFz-uW3j_grO25KC-Nl5UarLN8GCZg6x-IOIsoNzbnGo1Kkav5jGmkn3lEslsFEriQ_LgBKHfJnLoyWzQqH6uduW58glOxyXDWRxFFFuX_KQLPdP1MXu4SuwOFkp8D1cUJp7me2ZXnces60sONcMRj42hrAr6fLfU_HaRXOh9QOQZZNxOJinMh0QDYLuZ7zpbyv5s1Ue4DQhL4wD4NRpnuiyksqEORn2Vu0vwopYWdkLOljGPgkXzJzpXUSKm4A8vJ47uInxYCAVB36ElymYCvfjD-3vkexZZEOq44tnM1mBft9eqIG2uVswxJ2E8QcdJEdby_ot8_wHcXTBONdLqlSdAQYEKuCxuM1a-PUY7tu67hY5wECj3TM_tH2gde2QEYndJmff51tIk2kGXjjq3bCy7G5977Op5kPUBTr7ZnKLh4QnGA9NeU8e5YNpfokDNMIcqCqVnnmV1gh7cuPjSCO1VTsVvrGaiXQ5vCc2F0KsjQlwkO6z1gYOSyWLtmpsm45me1dXnTHDfsnyO4GrQzh6rqVRpVdd1zJ6fxvpTS6nR4CQH_40VD4rdRxI75vMRiYu9IrT7Ny1tuHLI7hog0SUMxEZuFi9fUIXccDYSJIVVm0XL01jlSEQvztHQ1P90raVVgK14bO6zTB-Y7XTrIa9UgK2hMbNi6eGSVJ4YUhlc5RzVEKRNG4LBoArVQblI4DMNx6aMR-56EvJT6aG--smPoOosLos8ZWtam27ntC6zm8Jgo5kXA3jau_Of73omiOyp5-capH21OArfMhMqgYCADlDLWNz-5ZIkzn1cXY40PA0Dae3UudbgkBpR5CACuQFWToSmQpKA_tbhToPbtVSZ5_7axr4KOPDnUnFRvopgBtaUQraRp4hsC-EUaV3ZW6Y3s7kLZbcBeRQNIQU4nEMIt3qbjui2pLqfSn0EEdXQZAT_EMxTklGx5a_qhmMP3CNp5cOnYNVFFcVe3AthSSIgh0eaVPHM1F_F3l28lv-Ho&sai=AMfl-YSZYlFyrF_Bd5VZBdMHhaKltJ5ryL5bySoolv7DyRpkVoZwigOjc8z5DgxeRTdw_mp96nCra7fS5H7lstir1Jd1RFvTrewF3vy0mFnu86t91Ug26YmkX0QnyB-xOcYSNKx00ZBnlE4ZbqRNkA9otBTBES3xiqtltBQAru13S85aOoy9feXChH8TINmt-A6rblwfKbYvkJ1ynnfAiXwAC5113Qb4HzMxsWg9zurfz9dJNPTRpgOc2eBmHEuUlrcOSwCFcZG3jOWQAL_GP7VJZ8c_X855V9Lw1ANAdJGWlsTrWf5K-MZy4ZDUAPzSU7LZjzVXXNur2t2YHZjHWDJWovqYGbiIdj9JF0Z3t_07A6dDEcZM-jh26SLIPTJNAHmZT-nLzwINFe57v4lrWwlSExNBG573sG79Jx47YG9j2VrlCZ0iVM11uA&sig=Cg0ArKJSzLgbhM68oqQNEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vYW5kYS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1138&cbvp=1&cstd=1134&cisv=r20240103.39297&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 06 Jan 2024 13:38:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 9F42 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
24414
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 06:51:35 GMT
expires
Sun, 05 Jan 2025 06:51:35 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 08A2 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
24414
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 06:51:35 GMT
expires
Sun, 05 Jan 2025 06:51:35 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame EE6B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d9786599-57d6-4f00-b556-cf5f21b767d8&gdpr=0&gdpr_consent=
42 B
290 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d9786599-57d6-4f00-b556-cf5f21b767d8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 13:38:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 06 Jan 2024 13:38:30 GMT
Expires
Sat, 06 Jan 2024 13:38:29 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1237 600843f master ord ord-pixel-x6 config_version:"2224"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d9786599-57d6-4f00-b556-cf5f21b767d8&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 20CA 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDB1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 06 Jan 2024 13:38:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
R3FQXPF30S1HHBV70ZFV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7371
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sfLFzJ8aRPSH9G_O5oX8cA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.207.192.249 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-207-192-249.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=106437
accept-ranges
bytes
content-length
5622
expires
Sun, 07 Jan 2024 19:12:26 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 7371
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9d8cee36-f085-4f3e-b59d-502b6bde50ee%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=98f33047-6206-44a9-9367-ebdba8f53da3&ttd_puid=9d8cee36-f085-4f3e-b59d-502b6bde50ee%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=98f33047-6206-44a9-9367-ebdba8f53da3&ttd_puid=9d8cee36-f085-4f3e-b59d-502b6bde50ee%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=98f33047-6206-44a9-9367-ebdba8f53da3&ttd_puid=9d8cee36-f085-4f3e-b59d-502b6bde50ee%2C%2C
date
Sat, 06 Jan 2024 13:38:29 GMT
server
Kestrel
content-length
359
qmap
sync.crwdcntrl.net/ Frame 7371 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.150.191 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-150-191.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.12.155
content-length
49
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 7371
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70&sInitiator=external&gdpr=0&gdpr_consent=
42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
119.9.108.191 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

uip-response-status
FallbackResponse
date
Sat, 06 Jan 2024 13:38:30 GMT
frontend-id
0
content-length
42
routing-server-id
1
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7371
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjFGMkM1Q0MtOUYxQS00NEY0LTg3RjQtNkZDRUU2ODVGQzcw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 04:44:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7371
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIDE14QCV_QRPG4CaATyUWU&google_cver=1
42 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIDE14QCV_QRPG4CaATyUWU&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 10:02:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIDE14QCV_QRPG4CaATyUWU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7371
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:57F94EE4CDA843F8863F34610C0CE531
42 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:57F94EE4CDA843F8863F34610C0CE531
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 13:38:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sat, 06 Jan 2024 13:38:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:57F94EE4CDA843F8863F34610C0CE531
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 05 Jan 2024 13:38:29 GMT
B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7371 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.217.47 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-217-47.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 7371
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=98f33047-6206-44a9-9367-ebdba8f53da3&gdpr=0&gdpr_consent=
42 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=98f33047-6206-44a9-9367-ebdba8f53da3&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 13:38:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=98f33047-6206-44a9-9367-ebdba8f53da3&gdpr=0&gdpr_consent=
date
Sat, 06 Jan 2024 13:38:29 GMT
server
Kestrel
content-length
355
impressionTrackerOandaIABTCF20.js
a.svtrd.com/media/s/1371/1/ Frame 2250 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.svtrd.com/media/s/1371/1/impressionTrackerOandaIABTCF20.js?adID=574858489&advertiserID=8939372&campaignID=25601289&creativeID=207381705&placementID=298741816
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-16.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5bcebd2ecd1d1dda57aeb2173c4221bcd69cc0a722ee2136269553f9e98cc433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
n3pvyfi5JkIlvVIaALnmqOoEVt1o140V
content-encoding
gzip
via
1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
date
Fri, 05 Jan 2024 22:14:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN2-C1
age
55768
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Wed, 05 Aug 2020 12:46:05 GMT
server
AmazonS3
etag
W/"b773a034d0bbd2aac615ce793952d1fc"
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
dUMcfglboN3_HJlz50A2B9NeMlVl2_UWxQRyp5PHFfAV9g8qaWB1GQ==
index.html
s0.2mdn.net/sadbundle/8666509942896927629/ Frame F7F3 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
0f4fe2938bb90ede05201fd69f8a47381636d12dd819d4fa8c24a4a06be92de8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
185047
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3324
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 10:14:22 GMT
expires
Fri, 03 Jan 2025 10:14:22 GMT
last-modified
Thu, 14 Dec 2023 16:02:43 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 2250 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuicJUKZ75K2Mrqt9GXUpS1azj5bsEeSKWm0DD-mNcFPRB68JGvQv95Z7dRC_cOG3kEQ1GGZ8bvDuw8wuVNrGoHktEeBytLhupW1MUi7G_6dyZA1uP0GWPoZP-_PvMJoA9mOymKDNDgqatew9dNa7-utRcfCPp0RGsqY36Z2fWB2qe9f5G0rSOymM_CHAW0BRLj--yOuZfbGu6tPlQiVwbnluVHxsrP2yggJMuV8nCcB893gICk46BlVeDg-2EJNITcO1moN3_7OgcjfkuGeirZywM2EjWA9Eje40kWkAPyBi2todTD4YHwmUZV9m39zrgXIpCfkF8okpxmSYwb00K53TZBIshbSPd-enhTH5oJ61EkmjqZAf2-g29tdaOIeCcUyhV_djIeB_6mJ8dcKNsSVOOCbswPk_MEjOkBm_FS5uuAvOAmMbEIgQqqq2HSamDSbig_fX7yRvnmbMPU3wqTjYiQBBas5PPkzwH7telyKJQeH0tygo5mR3nX92dsGWWjNy0iyM2HRMf8apmtxohC-hN67GdFI3nDTYnqkWanSfc5Wy9_BS0LpSJiSL_CkvuU0w7n-K84vA3OxHw9BXAM4T5NiE37TEXp9N4Pu7-nZfiZhIKZMRgD4nkvzNg_NKA8aNhB1RDJVR2BNFAlxhRfLl5avVGaiyPr1_HkNhns4DQrB0kNTL836gF8WX3khf-7UwaO860kf6ntfLL145uZbvqmJi3CDadhF3-9OYk7otiO2RUbe34lmKUQl8k7L02n19hINj3qweWqlK-5Y0C3uyX9cxpnjs9tvTSXlD_-r4FvPbhv3ZpK7563VKNCbmoiyaORfOip1F4mL8e3Zi_fSGgW1Poc-ZjUyti30cNn2sLtLP6VrAIp-uC6_eJ4IdAY9MAXgh5lKmN7whaIepnd26_ECtEbDj0Xbr5r9HQDU9JcwUBxZGDBlg7FfN7bRmCWNYwJE_A92FfNRX7tWP4uaISmtsdQaTkm0MMBhM_C86z5Cb5tUEZCiRWTy3Sjt7AizLSHRSiBBEZVUB8TofnWTphxsQ46CS7alxbxX5RY8_O1iNg-a7cCj0_QWka-Ql2cUmCtua7IsY9I_p-o5fMPYNq2Hhoih9nwOSQ-RCIIrfbXcRQfMxIqYXfool6_epyLxHRlV_oo9wgAHz42maL9JR1cThC-tucaayXH8DnlQCNNFDIgXy73woZ-9iePM6zH5dD3m_VHQlYRh8VxMjJSbQ7yI_nIimdrOHimVJnad0HhhUy87qWLf38YbDcpXXhPUpfAGVx_h70Sq7HVQPaSaI_gebX7Xef_KDqjnlNPJH9uocIWu9fAKX2h2uWaX3n-HFQdDSWwKBqOaJR-L2i8KMiwcF_IGtuyKyTr7SEJO_ayJMB7FofrfBt0be-AtId0U3LFjy61p3Sct-AOddoVPXlYy1o7q1lNHp_GMobEnAiSH5cc7VXoFjaekybHuNWe_8I&sai=AMfl-YSkLNPOvA8dGIVICGUxnJRZLCBArAruLWSWHp3R2Nh2rlVTVESSF6qUiGl8VynTBgQqfNO9q7-wPvY78cFg8sNhaiiEwNAtyNiDw7zbhHzOrcFVuTVetrwWqszFmo6YzTfCD6K2jtfIP64fDpcwuZr-m_3nIdsCOBPMl5iA5v48UwWmRxU3qArqyv4_SPFQp3limBmz3mgsu7yXj3g9v_vgfXux6h-9RAy_m0XH4eElLhuIZwjvY3xG2aJDjTUyS2gjf9Glywz0mSmCAe719LZE4HyMdlGCY0nubZsLNvOsf_sECyfEMn5qpOXCkmTHX1iE0DL2ag3KTWnH06EzahS51WPsMF9V3iPeWiBwLl8If2UPOimkoec8bFdXyE66ItxO_LUfXzYNrdCpKHhlBYoxO_P-3FzRdqH3KgP9_X-unxIYalA4zA&sig=Cg0ArKJSzKcUR0IURXO0EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vYW5kYS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1275&cbvp=1&cstd=1273&cisv=r20240103.43991&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 06 Jan 2024 13:38:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
impressionTrackerOandaIABTCF20.js
a.svtrd.com/media/s/1371/1/ Frame D2BF 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.svtrd.com/media/s/1371/1/impressionTrackerOandaIABTCF20.js?adID=574858489&advertiserID=8939372&campaignID=25601289&creativeID=207381705&placementID=298741816
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-16.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5bcebd2ecd1d1dda57aeb2173c4221bcd69cc0a722ee2136269553f9e98cc433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
n3pvyfi5JkIlvVIaALnmqOoEVt1o140V
content-encoding
gzip
via
1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
date
Fri, 05 Jan 2024 22:14:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN2-C1
age
55768
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Wed, 05 Aug 2020 12:46:05 GMT
server
AmazonS3
etag
W/"b773a034d0bbd2aac615ce793952d1fc"
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
TJ_uK1vhP61zOu5Kf6_ZydZl4IESo90Q9nsfIRvmi42xgsTkkKJqMg==
index.html
s0.2mdn.net/sadbundle/8666509942896927629/ Frame 829F 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
0f4fe2938bb90ede05201fd69f8a47381636d12dd819d4fa8c24a4a06be92de8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
185047
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3324
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 10:14:22 GMT
expires
Fri, 03 Jan 2025 10:14:22 GMT
last-modified
Thu, 14 Dec 2023 16:02:43 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame D2BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstcQ2UmZaf-Fy1TScjY0-wmpICOh0I_09GefkIAHCMuBh1VTwsE5pdgCc9aWbPGjcv_5xzje6C_8Hh7bi_8w1kR0l18AeGvZVg4BBgv-KM6W0AsTx6oUq3c9gwxp_PoQHxfz9OUuphWJxm7Mw4-5zPR9S3SbXyLsrJOwBgv2_ZXzpZTVPD0BXq_Mn-E6OQcNjy7BFzVBSXvpxI0XFi1Tltq84ZtcSKMh_FIOIsqgfhkIDeuxDUdjIcbs_hf72LHuPPaLu6ivScLLcQkxH3re_fn6Jv6Meo8R8cehnSlaDGssC4grRi17UXI9W4RjjDBRk1jTX2Kdsvk7R4JkIMA9WONekt3Owkg4WjLl2nWna_hIcI_aLagXKV5bbBWOVaGNNhdmRT3kj34rfgIQ3bnbVkbihVnC6wO-mFTxHukqOuC-yu8qAvlhjv6euZMhUl6HZMBlNZ6cALKGQjE6QnxF8PWNNZOzFpXLMb7AyGGYbisiavWkNUSw0j0s5Lzq7OOvIv68ai_4prYidA6cdb0kMgypp2FPgga6tmOQppQ0_a-Fp6BLHVFFaPTvywuVLZO2U7i4ILGIxBvoI66QcZq5DbsO0vwbz5EE4eDxjKc4XfAPUlTGVZED5sj2fjnbNrhXDjMEjOHYby2OHNk7ndTsj8JL3-S4o6UIAA5J2kt_GsyO_3O19pXNF2F0iWL7WBy1eM63jvwy_DlFQk0g1FOZviev8K1s_id_nW59Eu_WVIYi13XR67muPw1QmuEoGWmVgcjRHT8qHXHj9iDq9X0-fNQXyIHTj76Mz_WjRcHk6vVPH6EYbPSO7pmWH7w2i4Jow4I5ZlbJDj96xR18VD-73fWMQ_sm-OJhd8_Fy9rw0HT_HFoD4A2bz5BDLdx7bE61WKWa5t_Ivnnmy2Ocyaq-JS5hehd8eCcSbFa-TYHWG8RVqgOjsmhiQnsU5iT-fORPu2mOZ3usyZI-NrvhZqLk3Vft7b9dV4GK-f7-k3LB59oKemrKfGwugEREGOOwQCJgdqzBFL7SjLSr7gg05L9DFicrCkCQCJGBJ65y93vp3SjGfGb69XBURo16yvgEdi-SQLdX05POf6LcgjmrW-PhArE8NMUacgxjRrrDUoA6xTlxitvp8fGvML8xw_VTZb9_ld8rwT16jIWc9LIQg9mPIJ2eN86FAVyGlconnWGOSTJl-ZNwxfF8wYNW7swdJheQIA2SkUxbp1j4CTprKbbLIAUMsDZS4uWrz2N62tP_1f-q70LuRsn3cJ6t3wW1JH3RLWkkPLH71W62n76anSvfNIkxICQm2c46gExtKDsud_fpyP48-RMJsNZjrDrCGH1iY7iDAqUVsBDJ9ZV5nPL5qhyw5ScZn9pj0gtkq4rNajHDcPi51jBDU9ht9U1Xpw5CQ9pczv8R4drBSsT2QRj4jBEVSM1XH5hi2c3PvCfyuKdsfA6ktCLJUogbmtx4KhKZxLHOYQ&sai=AMfl-YRVtxHR79o8QYx9m4W0aJHMevhbeupakpXMAp0_tiovGbfWfzhWEqpm_JzN0M9xnrpFCKV-X2WelA6bOX_B81zKeYGySyMIYUt4pfD8khSTVmnPvIexsigu2WcIZmYC4p_NUV-puR5PjNXRv-wfcEyv0URGJR1d_sIkDryctC-wsCUYSxHPZ53dJkRmp6Wd19d-oG65DuhwTQOZ228uFACxMDsIxrTBU8768SdsWLQT-RcXtg2Zx8OTSABDaMMPbGzscKJpbdkiLlXj8AzmHBKaVkqsQswcru61I5yoc6umpox15CsX-xy740SZ09d65wFPmPqN8NKPfEfpmg3yEzv1IDBvzU2fZGgjDqa5f_637HapFbWvdeIRGvFWCR4CuGRH5RD_RqS9fqf2zjkRvXTlJ0ENVRp35Ss2U-fqGurDgpTE0QF1tw&sig=Cg0ArKJSzAd3GOpNGFo3EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vYW5kYS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1275&cbvp=1&cstd=1273&cisv=r20240103.04908&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 06 Jan 2024 13:38:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
115
check.analytics.rlcdn.com/check/ 		25 B
384 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-17.sin52.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
via
1.1 6b412795189620b2bd513604239f4f2e.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
x-amzn-trace-id
Root=1-659957d5-472757d7458daffe7d7fdead
x-amzn-requestid
97387bef-7758-4108-828a-d6b49eee8ce0
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
RHqpdEQGjoEEp_A=
content-length
25
x-amz-cf-id
11MEV8mmFhoGEVPP2RxBzfMg3xs4qco5khN5sRhz08BRrqjJoc9ctg==
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 28A6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 10:07:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
12646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 Jan 2025 10:07:43 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 9F42 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 10:07:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
12646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 Jan 2025 10:07:43 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 08A2 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 10:07:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
12646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 Jan 2025 10:07:43 GMT
pixel
cm.g.doubleclick.net/ Frame B8D1
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJAiAnlTmhhemyRGCLfMnXk&google_cver=1&google_push=AXcoOmTmA0k-TlGb54xde32-3jY-2wI3Jags-ipNuIRo5tl2q8B-NSLVv6zcEoVy7EepoFr68jw5h...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTmA0k-TlGb54xde32-3jY-2wI3Jags-ipNuIRo5tl2q8B-NSLVv6zcEoVy7EepoFr68jw5hgEUaTaKHbdspl3rjIySpx5tDrxhFIFUbejR9Vgi5cMNV-JaX0FiQG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTmA0k-TlGb54xde32-3jY-2wI3Jags-ipNuIRo5tl2q8B-NSLVv6zcEoVy7EepoFr68jw5hgEUaTaKHbdspl3rjIySpx5tDrxhFIFUbejR9Vgi5cMNV-JaX0FiQG42grKIWLOfJOiqG31El4Ho9Q
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 06 Jan 2024 13:38:29 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7CAD55B0E45A4AC59F8382F9A5087F5A Ref B: SG1EDGE0117 Ref C: 2024-01-06T13:38:29Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTmA0k-TlGb54xde32-3jY-2wI3Jags-ipNuIRo5tl2q8B-NSLVv6zcEoVy7EepoFr68jw5hgEUaTaKHbdspl3rjIySpx5tDrxhFIFUbejR9Vgi5cMNV-JaX0FiQG42grKIWLOfJOiqG31El4Ho9Q
x-li-proto
http/2
content-length
0
x-li-uuid
AAYORxSClfJFoQR8OhA1Tw==
pixel
cm.g.doubleclick.net/ Frame B8D1
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEJNAg_cVKfJcNRd4dHB3GwA&google_cver=1&google_push=AXcoOmSGSQUk5w8jvzZWrP0lbAfzDkKJ5ypx7mt-1YuOZXA7L1IUp-ZhPSsH8YHpVLFR8jWLJuA4N...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmSGSQUk5w8jvzZWrP0lbAfzDkKJ5ypx7mt-1YuOZXA7L1IUp-ZhPSsH8YHpVLFR8jWLJuA4NL1oX467HHoUYA3XKccyJgPiNZm-X_3ghoC4H7kbGhYxZKADVS6MEB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmSGSQUk5w8jvzZWrP0lbAfzDkKJ5ypx7mt-1YuOZXA7L1IUp-ZhPSsH8YHpVLFR8jWLJuA4NL1oX467HHoUYA3XKccyJgPiNZm-X_3ghoC4H7kbGhYxZKADVS6MEBqutdqcA220aHLkrkvIDPfU1g&google_hm=MkpSRm01MXpNYU1pQk03ZHJNT0V0X18wQWNz&from_google=sp1
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:29 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmSGSQUk5w8jvzZWrP0lbAfzDkKJ5ypx7mt-1YuOZXA7L1IUp-ZhPSsH8YHpVLFR8jWLJuA4NL1oX467HHoUYA3XKccyJgPiNZm-X_3ghoC4H7kbGhYxZKADVS6MEBqutdqcA220aHLkrkvIDPfU1g&google_hm=MkpSRm01MXpNYU1pQk03ZHJNT0V0X18wQWNz&from_google=sp1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
usersync.aspx
dis.criteo.com/dis/ Frame B8D1 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR8v01MMeCqU2V3HPkijDgE1ItTWsbAr5Bi2IeMDxxe59ks6u5YLWhj6xqVL5YeNNZOQD8hrXcsBq4jC7gGyCNnHCwagytvAagIx38juda1oHCMuLbu8vG0Xzhllbu7oT04784xjJnIxDeOdc_N_9s&google_gid=CAESEDBb7eanItKbAypMVw9fLuE&google_cver=1
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:28 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
364996
expires
Sat, 06 Jan 2024 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B8D1
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sfLFzJ8aRPSH9G_O5oX8cA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sfLFzJ8aRPSH9G_O5oX8cA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQIdZG6Gg0NiTSmAGX-RBKFbxiNJrkgxh89N1by46bDlk_tDVnbK2IPK8RyKR17ty-zKkQqTQTzaleEDkFXJZKRtEk6dT4TZTG5-2zJI7SgLlrAaP4u5z9c-30XlBO-zmB8qgfBku54j-ZVsjoDhzA
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sfLFzJ8aRPSH9G_O5oX8cA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQIdZG6Gg0NiTSmAGX-RBKFbxiNJrkgxh89N1by46bDlk_tDVnbK2IPK8RyKR17ty-zKkQqTQTzaleEDkFXJZKRtEk6dT4TZTG5-2zJI7SgLlrAaP4u5z9c-30XlBO-zmB8qgfBku54j-ZVsjoDhzA
date
Sat, 06 Jan 2024 13:38:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B8D1
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEAjo38sJ6wM98dL-qJEa8No&google_cver=1&google_push=AXcoOmQiwtLuMXF1YFu5GiUoqN3YyxRVW-ZqJmxpaNnh-cq9exM9kG9v7x8dYACGoJZ_FDJ9FQSZMQVLq-tATh3KUma2xfGROEqLpj1y...
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQiwtLuMXF1YFu5GiUoqN3YyxRVW-ZqJmxpaNnh-cq9...
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-d9eeDVbj4bSPsLxTmNTaVmc0LARxQVeleqMGFjSj_g&google_push=AXcoOmQiwtLuMXF1YFu5GiUoqN3YyxRVW-ZqJmxpaNnh-cq9exM9kG9v7x8dYACGoJZ_FDJ9FQSZMQVLq-tATh3KUma2...
  • https://cm.g.doubleclick.net/pixel?google_hm=RNJ5a3PimfAdLFgcX5y3&google_push=AXcoOmQiwtLuMXF1YFu5GiUoqN3YyxRVW-ZqJmxpaNnh-cq9exM9kG9v7x8dYACGoJZ_FDJ9FQSZMQVLq-tATh3KUma2xfGROEqLpj1yKdXtWeDXCwFblgU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=RNJ5a3PimfAdLFgcX5y3&google_push=AXcoOmQiwtLuMXF1YFu5GiUoqN3YyxRVW-ZqJmxpaNnh-cq9exM9kG9v7x8dYACGoJZ_FDJ9FQSZMQVLq-tATh3KUma2xfGROEqLpj1yKdXtWeDXCwFblgUf9dHIKPL5cacqSfC1MWRCU1cZeo68bgMqQ1k2&google_nid=inmobi_new_eb
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 06 Jan 2024 13:38:31 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=RNJ5a3PimfAdLFgcX5y3&google_push=AXcoOmQiwtLuMXF1YFu5GiUoqN3YyxRVW-ZqJmxpaNnh-cq9exM9kG9v7x8dYACGoJZ_FDJ9FQSZMQVLq-tATh3KUma2xfGROEqLpj1yKdXtWeDXCwFblgUf9dHIKPL5cacqSfC1MWRCU1cZeo68bgMqQ1k2&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
281
x-xss-protection
0
/
onetag-sys.com/match/ Frame B8D1
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFgookkdnwl-XenqiFo1FrA&google_cver=1&google_push=AXcoOmT4gotkhsFM1WiptbQlVLpid3GAnVZDUfTbN_0r-8oc5It6qb7ile8eLyvC2R2b6AcTKkA3wrBUwJW...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT4gotkhsFM1WiptbQlVLpid3GAnVZDUfTbN_0r-8oc5It6qb7ile8eLyvC2R2b6AcTKkA3wrBUwJW6bDRWIDtjs5OgHWmeeCuSt-InOBJoSpM91aRR...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
report
sync.teads.tv/um/ Frame B8D1
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENrsh9AjXQT1...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MjI2NTE4MDAtYmFiYi00YmFiLTg4OGMtMjg4MzM1ZmI3ODU5&google_push=AXcoOmQTI0gC8gfKlfpDoqI_0ZtTB_JPZ_Ko9jxWvcGD_IiNsJqYqD_SOCjMJcz16LZ7N...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.203.109.118 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-203-109-118.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sat, 06 Jan 2024 13:38:29 GMT
pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B8D1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IzUr1TsAwJq_KSQ43LxLmA3pO0DPMGR0gxWFk0P0Zawf7vABx5xxWBmgEDKESGjZPc_EiVJNqs
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
291
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/291?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=d7f7d8d3-bac0-4b4b-b3ff-092fa48b58c9&bctempid=&overruleReferrer=&time=2024-01-06T21%3A38%3A29%2B08%3A00&ts=1704548309851
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-45.sin5.r.cloudfront.net
Software
- /
Resource Hash
7d38e129ee23cd5f98c88239b0576903d219e04433ee1909e93427154162c3a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jan 2024 13:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4747
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
QEj-ppd7FUjEsRPIeN1GFw-jdI6p43EZgFn_m7OnS-HjvlH4UGzq6Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuserdbdata
app.matheranalytics.com/u/ 		54 B
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.matheranalytics.com/u/getuserdbdata
Requested by
Host: js.matheranalytics.com
URL: https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1644
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.255.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.255.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 06 Jan 2024 13:38:30 GMT
via
1.1 google
content-type
text/plain
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
8-gc-use1-3xwh0113
execute
c2.piano.io/xbuilder/experience/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.194.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4162ea57a90ab5b576177e35a6943295a755c8fb86f95af42971d334b68f85a3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 06 Jan 2024 13:38:30 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
28wmh8ds05
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
84145c9afd104912-SIN
ff68cff6274e45dcc7870ff2289fc6e9.svg
s0.2mdn.net/sadbundle/8666509942896927629/images/ Frame A141 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8666509942896927629/images/ff68cff6274e45dcc7870ff2289fc6e9.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
99957eb9f9af9a51f9b38c73cecafa38dc9304ac43aa63f6888f2f5abe6813e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sun, 05 Jan 2025 01:58:09 GMT
date
Sat, 06 Jan 2024 01:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42020
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1747
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 16:02:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
b560535fed76409f0bf55f99397d3e82.svg
s0.2mdn.net/sadbundle/8666509942896927629/images/ Frame A141 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8666509942896927629/images/b560535fed76409f0bf55f99397d3e82.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
196d2300b2d505fca7e055323494423e88f987178d6383d145600cc50a45fb4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 02 Jan 2025 16:26:40 GMT
date
Wed, 03 Jan 2024 16:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249109
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2999
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 16:02:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
8ba7b130321e0d4b6a6d12f7a6445c10.svg
s0.2mdn.net/sadbundle/8666509942896927629/images/ Frame A141 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8666509942896927629/images/8ba7b130321e0d4b6a6d12f7a6445c10.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
3f532563b13c4f462bae981e1683f717c050c4d81e12d0886073ba185ca5c0a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 02 Jan 2025 16:26:40 GMT
date
Wed, 03 Jan 2024 16:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249109
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4095
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 16:02:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
0aee45fd997ce6639623432bd08631bf.png
s0.2mdn.net/sadbundle/8666509942896927629/images/ Frame A141 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8666509942896927629/images/0aee45fd997ce6639623432bd08631bf.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
ccbf1df429b508c532e9f8b7e24766bedb71b44088a4b11c7f013d4fa43693d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sun, 05 Jan 2025 08:55:54 GMT
date
Sat, 06 Jan 2024 08:55:54 GMT
x-content-type-options
nosniff
age
16955
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37941
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 16:02:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
2cb7c4046b49e595bb3fa15b535b381c.svg
s0.2mdn.net/sadbundle/8666509942896927629/images/ Frame A141 		275 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8666509942896927629/images/2cb7c4046b49e595bb3fa15b535b381c.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
638e495250f109595db281e3d8fabab2eba880ec9429dc8b8c167df070415793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 09:07:30 GMT
date
Tue, 02 Jan 2024 09:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
361859
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 16:02:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
ff68cff6274e45dcc7870ff2289fc6e9.svg
s0.2mdn.net/sadbundle/8666509942896927629/images/ Frame F7F3 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8666509942896927629/images/ff68cff6274e45dcc7870ff2289fc6e9.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
99957eb9f9af9a51f9b38c73cecafa38dc9304ac43aa63f6888f2f5abe6813e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sun, 05 Jan 2025 01:58:09 GMT
date
Sat, 06 Jan 2024 01:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42020
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1747
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 16:02:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
b560535fed76409f0bf55f99397d3e82.svg
s0.2mdn.net/sadbundle/8666509942896927629/images/ Frame F7F3 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8666509942896927629/images/b560535fed76409f0bf55f99397d3e82.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
196d2300b2d505fca7e055323494423e88f987178d6383d145600cc50a45fb4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 02 Jan 2025 16:26:40 GMT
date
Wed, 03 Jan 2024 16:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249109
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2999
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 16:02:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
8ba7b130321e0d4b6a6d12f7a6445c10.svg
s0.2mdn.net/sadbundle/8666509942896927629/images/ Frame F7F3 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8666509942896927629/images/8ba7b130321e0d4b6a6d12f7a6445c10.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
3f532563b13c4f462bae981e1683f717c050c4d81e12d0886073ba185ca5c0a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 02 Jan 2025 16:26:40 GMT
date
Wed, 03 Jan 2024 16:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249109
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4095
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 16:02:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
0aee45fd997ce6639623432bd08631bf.png
s0.2mdn.net/sadbundle/8666509942896927629/images/ Frame F7F3 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8666509942896927629/images/0aee45fd997ce6639623432bd08631bf.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
ccbf1df429b508c532e9f8b7e24766bedb71b44088a4b11c7f013d4fa43693d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sun, 05 Jan 2025 08:55:54 GMT
date
Sat, 06 Jan 2024 08:55:54 GMT
x-content-type-options
nosniff
age
16955
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37941
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 16:02:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
2cb7c4046b49e595bb3fa15b535b381c.svg
s0.2mdn.net/sadbundle/8666509942896927629/images/ Frame F7F3 		275 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8666509942896927629/images/2cb7c4046b49e595bb3fa15b535b381c.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
638e495250f109595db281e3d8fabab2eba880ec9429dc8b8c167df070415793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 09:07:30 GMT
date
Tue, 02 Jan 2024 09:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
361859
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 16:02:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
ff68cff6274e45dcc7870ff2289fc6e9.svg
s0.2mdn.net/sadbundle/8666509942896927629/images/ Frame 829F 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8666509942896927629/images/ff68cff6274e45dcc7870ff2289fc6e9.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
99957eb9f9af9a51f9b38c73cecafa38dc9304ac43aa63f6888f2f5abe6813e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sun, 05 Jan 2025 01:58:09 GMT
date
Sat, 06 Jan 2024 01:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42020
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1747
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 16:02:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
b560535fed76409f0bf55f99397d3e82.svg
s0.2mdn.net/sadbundle/8666509942896927629/images/ Frame 829F 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8666509942896927629/images/b560535fed76409f0bf55f99397d3e82.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
196d2300b2d505fca7e055323494423e88f987178d6383d145600cc50a45fb4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 02 Jan 2025 16:26:40 GMT
date
Wed, 03 Jan 2024 16:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249109
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2999
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 16:02:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
8ba7b130321e0d4b6a6d12f7a6445c10.svg
s0.2mdn.net/sadbundle/8666509942896927629/images/ Frame 829F 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8666509942896927629/images/8ba7b130321e0d4b6a6d12f7a6445c10.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
3f532563b13c4f462bae981e1683f717c050c4d81e12d0886073ba185ca5c0a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 02 Jan 2025 16:26:40 GMT
date
Wed, 03 Jan 2024 16:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249109
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4095
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 16:02:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
0aee45fd997ce6639623432bd08631bf.png
s0.2mdn.net/sadbundle/8666509942896927629/images/ Frame 829F 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8666509942896927629/images/0aee45fd997ce6639623432bd08631bf.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
ccbf1df429b508c532e9f8b7e24766bedb71b44088a4b11c7f013d4fa43693d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sun, 05 Jan 2025 08:55:54 GMT
date
Sat, 06 Jan 2024 08:55:54 GMT
x-content-type-options
nosniff
age
16955
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37941
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 16:02:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
2cb7c4046b49e595bb3fa15b535b381c.svg
s0.2mdn.net/sadbundle/8666509942896927629/images/ Frame 829F 		275 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8666509942896927629/images/2cb7c4046b49e595bb3fa15b535b381c.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f148.1e100.net
Software
sffe /
Resource Hash
638e495250f109595db281e3d8fabab2eba880ec9429dc8b8c167df070415793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8666509942896927629/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 09:07:30 GMT
date
Tue, 02 Jan 2024 09:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
361859
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 16:02:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame 28A6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BpPzh01eZZZ_1FZCessUP44mvsAkAAAAAOAHgBAI&bg=!paalpunNAAY3kmNgF5I7ADQBe5WfOCsywQT6NHCBDpXntUSUeRlzYay2gOGSPBNzZUbnxhz5B9qh_CwH3o5NdHRVuyGKAgAAAZtSAAAABWgBBwoAZoyCCDiwXAkcBu9W_CpSoNNNABqFQITFd6sXFYcBjxgOp0dGMmhJWOUvjb1KwQRd8uuDmVEVszt-0AuDG-XRRTF2pyaQiChZzV78y75pKZl3jgx2O03IMSz4D6jDGY3aKzr3PJX1FpkC-sZpjdMKiYJeEeba27ZDYi_bS6k1-WXE1U2lnn9gwQAL_H320GoTS_PL9wXdPj77zMUWt2wSlAS9GuLmTNHwe2pV4TmMnCzaY4ZGndkV435qOzE9Mrxyo-ZLW6Oqga0ha_8y109oi0w2eOvAQzIq2yS7PmlLwjbf4wL3j6R0uFi7mT04urTT0dykFWaE8DDupEpbKfuYtwZu1ZEyyvqg_9YbSuddTboz4UlBjGb3cqzhwcBG74Hmh1fprgQk09C2x3Cjj8gjcNPBrgKgDzt2iOFdI2WatbCFvQntV2veTREwBG1B8xChUSbIYZXru17vg2dqpOA2StRqH0uoyqyWBJPzkfTqZ44RWDkL-kDFxUhylCSKDbvhCzfQzS1P3AcF7oTI6A98qTRGfzpuOEv7J3Rc0YrmvXzrL0S6ulPpjaV870eJ8CBE6RgjR2D0iAfe1iJuIDKy8Bcty0c9dGF9gyTZvEdqaDmK9aGO_iUUddLktuUwIO1_km02NFX3_fhEt3OmrT_OadeSrGEsTTh64VO1ydF09pqwIqkOa3nMCTQw1BNh9fLCGf4f2xVR6DjEAitc06878F3L2hPVOiNXiKLfreNmfwJK0DyIxk8MgNUrkOgrfPkWYufuOUcJmI6QNxWZ460Oyp6-Ug3_BkysJsnqWU1Phah0OOueyjDWBB9iUS0tRPseWsZg9bfhr3kJE17TcfbuxUlWmo-VzDrsMQWChij2vVnVDHMMb0d2OPgvRoSbgkhsJl4f4cOelp1NCnJqeB_9DKzXhgMxT8nF1074UUoFDnn4PS3M3PBdwyBn1-SGD8xexK7Yb75SQ7rsJI93bCQSFIVLlZVkbYLE6gSQwpN5S4kEgLuWAPs3VpkR009L3bWM9Pmy97s1P24gYbuV8pGfFEhNuGiuZK0NR6aM5iikPa2nE7HNXWvG8Wq3kBY4LlxxZ7URah8FB2U0exo5o08SMQORDYfZzcE0b_0vWpiRe-vUdWcbl81-MtO4F82Deeabo4AmgA
Requested by
Host: bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
URL: https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame CC59 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvtV1rWAJOBhRCa_KDlPfI_3nVeXePvGBuLCGucSRBFrZ6ipbjEo4v0JBEzalVZ1gxeXK_D5YI2EOty_R3KZWRjasmgv8PjThwPZCcwQeIJZfMGPKhWtnQVrLTXQ0Sj_4pnZipM-IRM5LyyVPfGmhYyydNjuKC7x2hdCLviP934zB405sgllMTXe_tBKqPFhOJndZV2Dw8jXtQ32uZvqP1zmd2BZZJ-TWOFe-srogB0GHs9_-FM4uaxCWmR7XEqYxqAfswcf09D3ej0UYxc4bpKWubGOm0TT5qjdZrBmataG5M-tRegLzJ_KXUQNgZX9DYFJ4DurbHrUXSe3H5mNFqOHnXFsg-iFsbQaTnMOP7M2MgewFlY01LHoPc4qXA7zFTrXU7ilXiyb1TTpD8zb5sjvzafjDdQfD3D83YkP6XE8aYryq66cCgwka1SHdrwW8S_ndmkB_V09_utUoFz-uW3j_grO25KC-Nl5UarLN8GCZg6x-IOIsoNzbnGo1Kkav5jGmkn3lEslsFEriQ_LgBKHfJnLoyWzQqH6uduW58glOxyXDWRxFFFuX_KQLPdP1MXu4SuwOFkp8D1cUJp7me2ZXnces60sONcMRj42hrAr6fLfU_HaRXOh9QOQZZNxOJinMh0QDYLuZ7zpbyv5s1Ue4DQhL4wD4NRpnuiyksqEORn2Vu0vwopYWdkLOljGPgkXzJzpXUSKm4A8vJ47uInxYCAVB36ElymYCvfjD-3vkexZZEOq44tnM1mBft9eqIG2uVswxJ2E8QcdJEdby_ot8_wHcXTBONdLqlSdAQYEKuCxuM1a-PUY7tu67hY5wECj3TM_tH2gde2QEYndJmff51tIk2kGXjjq3bCy7G5977Op5kPUBTr7ZnKLh4QnGA9NeU8e5YNpfokDNMIcqCqVnnmV1gh7cuPjSCO1VTsVvrGaiXQ5vCc2F0KsjQlwkO6z1gYOSyWLtmpsm45me1dXnTHDfsnyO4GrQzh6rqVRpVdd1zJ6fxvpTS6nR4CQH_40VD4rdRxI75vMRiYu9IrT7Ny1tuHLI7hog0SUMxEZuFi9fUIXccDYSJIVVm0XL01jlSEQvztHQ1P90raVVgK14bO6zTB-Y7XTrIa9UgK2hMbNi6eGSVJ4YUhlc5RzVEKRNG4LBoArVQblI4DMNx6aMR-56EvJT6aG--smPoOosLos8ZWtam27ntC6zm8Jgo5kXA3jau_Of73omiOyp5-capH21OArfMhMqgYCADlDLWNz-5ZIkzn1cXY40PA0Dae3UudbgkBpR5CACuQFWToSmQpKA_tbhToPbtVSZ5_7axr4KOPDnUnFRvopgBtaUQraRp4hsC-EUaV3ZW6Y3s7kLZbcBeRQNIQU4nEMIt3qbjui2pLqfSn0EEdXQZAT_EMxTklGx5a_qhmMP3CNp5cOnYNVFFcVe3AthSSIgh0eaVPHM1F_F3l28lv-Ho&sai=AMfl-YSZYlFyrF_Bd5VZBdMHhaKltJ5ryL5bySoolv7DyRpkVoZwigOjc8z5DgxeRTdw_mp96nCra7fS5H7lstir1Jd1RFvTrewF3vy0mFnu86t91Ug26YmkX0QnyB-xOcYSNKx00ZBnlE4ZbqRNkA9otBTBES3xiqtltBQAru13S85aOoy9feXChH8TINmt-A6rblwfKbYvkJ1ynnfAiXwAC5113Qb4HzMxsWg9zurfz9dJNPTRpgOc2eBmHEuUlrcOSwCFcZG3jOWQAL_GP7VJZ8c_X855V9Lw1ANAdJGWlsTrWf5K-MZy4ZDUAPzSU7LZjzVXXNur2t2YHZjHWDJWovqYGbiIdj9JF0Z3t_07A6dDEcZM-jh26SLIPTJNAHmZT-nLzwINFe57v4lrWwlSExNBG573sG79Jx47YG9j2VrlCZ0iVM11uA&sig=Cg0ArKJSzLgbhM68oqQNEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vYW5kYS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2189&vt=11&dtpt=1051&dett=3&cstd=1134&cisv=r20240103.39297&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 2250 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuicJUKZ75K2Mrqt9GXUpS1azj5bsEeSKWm0DD-mNcFPRB68JGvQv95Z7dRC_cOG3kEQ1GGZ8bvDuw8wuVNrGoHktEeBytLhupW1MUi7G_6dyZA1uP0GWPoZP-_PvMJoA9mOymKDNDgqatew9dNa7-utRcfCPp0RGsqY36Z2fWB2qe9f5G0rSOymM_CHAW0BRLj--yOuZfbGu6tPlQiVwbnluVHxsrP2yggJMuV8nCcB893gICk46BlVeDg-2EJNITcO1moN3_7OgcjfkuGeirZywM2EjWA9Eje40kWkAPyBi2todTD4YHwmUZV9m39zrgXIpCfkF8okpxmSYwb00K53TZBIshbSPd-enhTH5oJ61EkmjqZAf2-g29tdaOIeCcUyhV_djIeB_6mJ8dcKNsSVOOCbswPk_MEjOkBm_FS5uuAvOAmMbEIgQqqq2HSamDSbig_fX7yRvnmbMPU3wqTjYiQBBas5PPkzwH7telyKJQeH0tygo5mR3nX92dsGWWjNy0iyM2HRMf8apmtxohC-hN67GdFI3nDTYnqkWanSfc5Wy9_BS0LpSJiSL_CkvuU0w7n-K84vA3OxHw9BXAM4T5NiE37TEXp9N4Pu7-nZfiZhIKZMRgD4nkvzNg_NKA8aNhB1RDJVR2BNFAlxhRfLl5avVGaiyPr1_HkNhns4DQrB0kNTL836gF8WX3khf-7UwaO860kf6ntfLL145uZbvqmJi3CDadhF3-9OYk7otiO2RUbe34lmKUQl8k7L02n19hINj3qweWqlK-5Y0C3uyX9cxpnjs9tvTSXlD_-r4FvPbhv3ZpK7563VKNCbmoiyaORfOip1F4mL8e3Zi_fSGgW1Poc-ZjUyti30cNn2sLtLP6VrAIp-uC6_eJ4IdAY9MAXgh5lKmN7whaIepnd26_ECtEbDj0Xbr5r9HQDU9JcwUBxZGDBlg7FfN7bRmCWNYwJE_A92FfNRX7tWP4uaISmtsdQaTkm0MMBhM_C86z5Cb5tUEZCiRWTy3Sjt7AizLSHRSiBBEZVUB8TofnWTphxsQ46CS7alxbxX5RY8_O1iNg-a7cCj0_QWka-Ql2cUmCtua7IsY9I_p-o5fMPYNq2Hhoih9nwOSQ-RCIIrfbXcRQfMxIqYXfool6_epyLxHRlV_oo9wgAHz42maL9JR1cThC-tucaayXH8DnlQCNNFDIgXy73woZ-9iePM6zH5dD3m_VHQlYRh8VxMjJSbQ7yI_nIimdrOHimVJnad0HhhUy87qWLf38YbDcpXXhPUpfAGVx_h70Sq7HVQPaSaI_gebX7Xef_KDqjnlNPJH9uocIWu9fAKX2h2uWaX3n-HFQdDSWwKBqOaJR-L2i8KMiwcF_IGtuyKyTr7SEJO_ayJMB7FofrfBt0be-AtId0U3LFjy61p3Sct-AOddoVPXlYy1o7q1lNHp_GMobEnAiSH5cc7VXoFjaekybHuNWe_8I&sai=AMfl-YSkLNPOvA8dGIVICGUxnJRZLCBArAruLWSWHp3R2Nh2rlVTVESSF6qUiGl8VynTBgQqfNO9q7-wPvY78cFg8sNhaiiEwNAtyNiDw7zbhHzOrcFVuTVetrwWqszFmo6YzTfCD6K2jtfIP64fDpcwuZr-m_3nIdsCOBPMl5iA5v48UwWmRxU3qArqyv4_SPFQp3limBmz3mgsu7yXj3g9v_vgfXux6h-9RAy_m0XH4eElLhuIZwjvY3xG2aJDjTUyS2gjf9Glywz0mSmCAe719LZE4HyMdlGCY0nubZsLNvOsf_sECyfEMn5qpOXCkmTHX1iE0DL2ag3KTWnH06EzahS51WPsMF9V3iPeWiBwLl8If2UPOimkoec8bFdXyE66ItxO_LUfXzYNrdCpKHhlBYoxO_P-3FzRdqH3KgP9_X-unxIYalA4zA&sig=Cg0ArKJSzKcUR0IURXO0EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vYW5kYS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2170&vt=11&dtpt=895&dett=3&cstd=1273&cisv=r20240103.43991&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame D2BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstcQ2UmZaf-Fy1TScjY0-wmpICOh0I_09GefkIAHCMuBh1VTwsE5pdgCc9aWbPGjcv_5xzje6C_8Hh7bi_8w1kR0l18AeGvZVg4BBgv-KM6W0AsTx6oUq3c9gwxp_PoQHxfz9OUuphWJxm7Mw4-5zPR9S3SbXyLsrJOwBgv2_ZXzpZTVPD0BXq_Mn-E6OQcNjy7BFzVBSXvpxI0XFi1Tltq84ZtcSKMh_FIOIsqgfhkIDeuxDUdjIcbs_hf72LHuPPaLu6ivScLLcQkxH3re_fn6Jv6Meo8R8cehnSlaDGssC4grRi17UXI9W4RjjDBRk1jTX2Kdsvk7R4JkIMA9WONekt3Owkg4WjLl2nWna_hIcI_aLagXKV5bbBWOVaGNNhdmRT3kj34rfgIQ3bnbVkbihVnC6wO-mFTxHukqOuC-yu8qAvlhjv6euZMhUl6HZMBlNZ6cALKGQjE6QnxF8PWNNZOzFpXLMb7AyGGYbisiavWkNUSw0j0s5Lzq7OOvIv68ai_4prYidA6cdb0kMgypp2FPgga6tmOQppQ0_a-Fp6BLHVFFaPTvywuVLZO2U7i4ILGIxBvoI66QcZq5DbsO0vwbz5EE4eDxjKc4XfAPUlTGVZED5sj2fjnbNrhXDjMEjOHYby2OHNk7ndTsj8JL3-S4o6UIAA5J2kt_GsyO_3O19pXNF2F0iWL7WBy1eM63jvwy_DlFQk0g1FOZviev8K1s_id_nW59Eu_WVIYi13XR67muPw1QmuEoGWmVgcjRHT8qHXHj9iDq9X0-fNQXyIHTj76Mz_WjRcHk6vVPH6EYbPSO7pmWH7w2i4Jow4I5ZlbJDj96xR18VD-73fWMQ_sm-OJhd8_Fy9rw0HT_HFoD4A2bz5BDLdx7bE61WKWa5t_Ivnnmy2Ocyaq-JS5hehd8eCcSbFa-TYHWG8RVqgOjsmhiQnsU5iT-fORPu2mOZ3usyZI-NrvhZqLk3Vft7b9dV4GK-f7-k3LB59oKemrKfGwugEREGOOwQCJgdqzBFL7SjLSr7gg05L9DFicrCkCQCJGBJ65y93vp3SjGfGb69XBURo16yvgEdi-SQLdX05POf6LcgjmrW-PhArE8NMUacgxjRrrDUoA6xTlxitvp8fGvML8xw_VTZb9_ld8rwT16jIWc9LIQg9mPIJ2eN86FAVyGlconnWGOSTJl-ZNwxfF8wYNW7swdJheQIA2SkUxbp1j4CTprKbbLIAUMsDZS4uWrz2N62tP_1f-q70LuRsn3cJ6t3wW1JH3RLWkkPLH71W62n76anSvfNIkxICQm2c46gExtKDsud_fpyP48-RMJsNZjrDrCGH1iY7iDAqUVsBDJ9ZV5nPL5qhyw5ScZn9pj0gtkq4rNajHDcPi51jBDU9ht9U1Xpw5CQ9pczv8R4drBSsT2QRj4jBEVSM1XH5hi2c3PvCfyuKdsfA6ktCLJUogbmtx4KhKZxLHOYQ&sai=AMfl-YRVtxHR79o8QYx9m4W0aJHMevhbeupakpXMAp0_tiovGbfWfzhWEqpm_JzN0M9xnrpFCKV-X2WelA6bOX_B81zKeYGySyMIYUt4pfD8khSTVmnPvIexsigu2WcIZmYC4p_NUV-puR5PjNXRv-wfcEyv0URGJR1d_sIkDryctC-wsCUYSxHPZ53dJkRmp6Wd19d-oG65DuhwTQOZ228uFACxMDsIxrTBU8768SdsWLQT-RcXtg2Zx8OTSABDaMMPbGzscKJpbdkiLlXj8AzmHBKaVkqsQswcru61I5yoc6umpox15CsX-xy740SZ09d65wFPmPqN8NKPfEfpmg3yEzv1IDBvzU2fZGgjDqa5f_637HapFbWvdeIRGvFWCR4CuGRH5RD_RqS9fqf2zjkRvXTlJ0ENVRp35Ss2U-fqGurDgpTE0QF1tw&sig=Cg0ArKJSzAd3GOpNGFo3EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vYW5kYS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2146&vt=11&dtpt=871&dett=3&cstd=1273&cisv=r20240103.04908&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F42 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BdZF-01eZZaH1FZCessUP44mvsAkAAAAAOAHgBAI&bg=!jY6ljsHNAAY3kmNgF5I7ADQBe5WfOCZ-xnqgBXtLe4YDKGIam89uZA3NUNmiliK_IadRUqr9UnVx4DtrB5K3ZrlA975TAgAAAXZSAAAABGgBBwoAGylupzg3EixvVDKip3yWnUhvQr7NPy1eNldlQJkDCNPSiPcPuG2kF2moA6Ewwh1Hv6ATdyx9dZOYXcCN4jtwRar1_P3bhkxqlFsBcNp5O44oiavftDvmREO9Y4iwKgCKrOQnMvZWTnONwchNxgUFMvbWMf2Pk6F8BpV3k2hV93gW5_UqDGGSfVDlJCD5Ck3t7suochrx_K_NadNb9Y297RXocXsprczDIQeUWyXf1n_3u4AxBRH1t2dz7PZL5VMcNTrSHv1nYTHxU0R-5kuW0tH_gJEZuIz2BexRQ4i0B-uQIwJgyv1r4AeC6I2pREACrNqQDL3HrXmM8TgjvbKx49eVXM-ratli06aQ747yWJDqIXNvqCuwwx_Fu7z6dWaWYGiJPWdF-abH5lDwIBw8FnNOZaxTdERC0Dbz0jgTJ7hXsM-7o-nE58gmVH-BAmiRgdUpZH9ingDLd3h94smYIMU7ha1vPtyFeuNjlGXClMsdkdy9JVYqTRI0kQPHlNYWfzpHd74Y7JN64BoG5eAK3xbOI1D4qQ7i4Fhqfd4VRw_2g_aLBlTgKSuDCmOdHYwwPNnSiNW8K7v-nqz2ZaKt6dWgrA8x40q3RbKbRlZw1FR-5cMdfZmIsxGF2tnhS0CfyRCq-xsJhZv2RfIqQpEOBHj0h9PYBMCgsCnCkEOEKzCof_NeHlHBXJWf9j1MJK5kOOsT9OB6bbml2ZpoJia9UtvmR1z_gr3m680a4VBWXn3NvATWqNvwiyuD9EEyqYJc4hV4eHLR2Bej4ZVTc8_PsSrNoM9Pz6w4rfQQzie--XP84uMBxKLaOftTOcaYLB_77lT04SFcJJd3WQD-0kGo-YTX-8jlVWHFp3NC-EBzhIGgYcJWhYkSSnR2pmOEUlaajR9OPfUv1nr28KvI28gVCRCfNTeheNZ0VtaiTnlsY4_5W9d5pXXibrVlG0fnNBAxlHKZZbm_owQQAZ2D77mBAdQIulOVVmf8Diy3ejMLi5njVKCnsxp9zNApJmNm7yzbxgxdTLX5flhnQi7ZSMcTKJndvfUwB0pr55iUFhSLFcnraSw6oMnm
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 08A2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BlyGQ01eZZaD1FZCessUP44mvsAkAAAAAOAHgBAI&bg=!SkmlSQbNAAY3kmNgF5I7ADQBe5WfOJg6KaKBVUbpwGMSc4CwT_KgRypRru3dHuD9gBWfipcUJXZD2mbYJoGQ0l4hjxYiAgAAAYNSAAAABGgBB5kDDAfPGi6ztCYcflk3RU7ZMII4tb-kK03AqcpOCOhtXAG_5ZGJmjW4VU51yKnLve3yETwiCLSjqgs5ZK1c8HpHUP-Rr_dTUziQjVvFrQi5W14M-ZF_bqurr1W-43MJiXxF4qK4r0SzPac42jjpunooMX0I1JruS1wFL3vTrxOCLk_OnBI5ySY4lDl8Q8zYT6H6EKlTZbh3TVSdi1EXlCNO-BKFrRX2G1jDS_4-m1z-9WiHTGxjunniTZNFuJ-m51Hgcp3S4uwixHSAMIo2zMIt0dAkCBK7Bqr3-EbZ-CuLFq4vj-l9P-kx6J05--11W0EC_AsGQHDgdnCW8RUA6RP3Vq8UuTTp2fiHTp89GTua2KTb2oguKseMRkan1no3r8U4OOLAdeOv0-PMkvxJfZwIcVS13fJ147uwCakf6jHhAQKwEBAJnf49_RshCBmPl1s0UI08PkDrMURYcdT82st8KtwZ368CbZGKvyoBDcd0K9lKEDLaZh5aGo9ZoT0lYUU6B6-StmJudQjBokTavG8NVAk7aay3SbsFj8CjsJb5Zq6BYFCommmiK2jxfDabNU7UZM9UdzXhDoXTpNkg4SaIkd17tXkJfGQv3rrgil9P_Hds2_6TaOYw5gRvOrASVQwBUXq9uos7WQBBOtdHhRFszxNyz6WXmBw5OSOQtp37uVbMOOsapIedgTPzqJo1QyfhljYO1NmLZ_PRIHp6U9oBG60tsTLJZiaDAmN_DG5DCHrFOfLwlZS4UU7xlLtapMLGsDrEWRDzIJ7q_t4f8vZVl69wwhwSY9Ot1a_nVTPaJFunomXTv1P1hVjkaCdc2b67z-IuRYZAoUyHE4FJRNSySEBm2oC1e6AEpGpnKOuyMx7KkzhswW26P86gNFrb7je8gB8f-oGFp9TveEC1uMTRuDOiz09oJ5xnNUzY415j5BmjhfrufyzlEACgSm1peLYtF9Yl-b7GlqrTIX8iJCrZ4FzBU2Wptr9p1tXZxLsrTF-JeSzPjzI21DdqIbyZkaYpoHhFcYyH9Kn2lq0gog
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ud&error=uid%2Fmuid%2Fduid%20not%20found&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Asia%2FSingapore&tzoff=-480&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=17&tvcfg=all&tid=332d79aa-f692-4323-8cd9-ef39565e2ea7&pid=1c9a3d40-f016-44b9-88fd-723e6c923025&dtm=1704548310241&qnm=_matherq&visible=1&tabid=f1a0bbc2-f118-4a97-9985-beb710322033&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x13589&tofa=1704548306&vid=1&lvidt=1704548306&duid=f088ef69-9a66-4fe5-acc8-f258c4b96205&fp=3152236695&cid=ma63527&mrk=484602605&cx=eyJ1c2VyREIiOnsic2VnbWVudHMiOltdLCJtZXRlckRhdGEiOnsibWV0ZXJUaHJlc2hvbGQiOiIwIiwicmVzZXRNZXRlciI6IjAifSwicGFnZVZpZXdzIjoiMiIsInVzZXJEQkZldGNoIjoiMSIsImVyciI6InVpZC9tdWlkL2R1aWQgbm90IGZvdW5kIiwibmV4dFVwZGF0ZSI6IjE4MDAwMDAiLCJuZXh0VXBkYXRlVFMiOiIxNzA0NTUwMTA5ODU1In19
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.84.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-84-171.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Sat, 06 Jan 2024 13:38:30 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame CC59 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssToCxOW6VRWWfiYqGh3o--NQQjpvpELz4JizFv0kMLQjga2X5jeYcgoSc7XDzNGS3ayKQUOhyd9BdfvZEVdMGYO0Bf6sJoJN0HnMbIRsLNEn0xNvBWwhhbTD_hfjR1g03blhTjptg9ueBmfUmxkSh1C3IB&sai=AMfl-YQbuomZrXo-v03wVMeBzDfSXhX4LYmM90__EVCNA8g8oPVJkOATL9ay56aFHcerIIQX2yFxupu76ridV8z-_UvzW9eLcoNPPeS-2r2E60ko5pORZpIa_bksLIwN&sig=Cg0ArKJSzJC58ZOYrbCmEAE&cid=CAQSPAAvHhf_hQyQs5sAsNi8K3eD6Qk3M33qsZAMcVncGTg58w0YI_U7XcbS4yGYUmKmcIyVsP_42PZS7fhGvRgB&id=lidar2&mcvt=1000&p=165,1135,415,1435&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1117919376&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704548307830&rpt=1595&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		585 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.160.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ec9a04482df83185c1532eea68a7f029e7be1a813a2167a8c4f2dc7e85e1793
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 06 Jan 2024 13:38:31 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
M7wdu6s26Lm
pragma
no-cache
wn
prod-dash-10-0-120-90
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.004
cache-control
no-cache, no-store, must-revalidate
cf-ray
84145c9f1b6b44bb-SIN
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame EBED 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.223.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca479c29194026efc9f2ff315a9f91ee01e52f481414903e3c62f018a1ba6d1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
84145c9cfa4d9ff1-SIN
content-encoding
br
content-type
text/html;charset=UTF-8
date
Sat, 06 Jan 2024 13:38:30 GMT
expires
Sat, 06 Jan 2024 13:53:30 GMT
last-modified
Sat, 06 Jan 2024 13:38:30 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.010
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-88-49
x-forwarded-https
on
x-request-id
M6wdu6szsQP
x-xss-protection
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metered=1%7C7&metername=Support%20Meter&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Asia%2FSingapore&tzoff=-480&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=17&tvcfg=all&tid=6d802e9f-a815-466f-9510-511709e12f1a&pid=1c9a3d40-f016-44b9-88fd-723e6c923025&dtm=1704548310551&qnm=_matherq&visible=1&tabid=f1a0bbc2-f118-4a97-9985-beb710322033&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x13589&tofa=1704548306&vid=1&lvidt=1704548306&duid=f088ef69-9a66-4fe5-acc8-f258c4b96205&fp=3152236695&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoidGVtcGxhdGUiLCJkYXRhIjp7IjAiOnsidGVtcGxhdGVJZCI6Ik9UQzE3WDMyQkpDSSIsImRpc3BsYXlNb2RlIjoiaW5saW5lIiwiZXhwZXJpZW5jZUFjdGlvbklkIjoic2hvd1RlbXBsYXRlMU9EU0xBR1pYN1dYNzEiLCJleHBlcmllbmNlSWQiOiJFWEtFVTdZWDNaQUwiLCJvZmZlcklkIjoiZmFrZU9mZmVySWQiLCJzaG93Q2xvc2VCdXR0b24iOiIwIn19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTA3MjQ3ODkzMyIsInJlZlRpbWUiOiIxNzA0NTQ4MzEwNTUwIn1dfQ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.84.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-84-171.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Sat, 06 Jan 2024 13:38:30 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame D2BF 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPVtpq_aj4SuGP_xehW7G1K2EurSIv1VQxd1sHwtuauVgwR26OaHAOZYaaQ2XdVAeLqMV3hjxhfblOg2kFIlLaHjfHVDQWA5qqOXVRWIJObo0sJohPYjEyPoCPDg9acmivUvA5S8v7bAIVBEZeY4EP2-HN&sai=AMfl-YSzgWj-MV0ATWO9IEQNfLz10uHB9q2VJBjdmaSDY6zuxEIQeTYzZdNF1FuISiEBxWHB-SrTlsxRy31vWbRncfTU1Jw19JFy828kfydfwrx4kBeZqPZ8IcpXhuSH&sig=Cg0ArKJSzMKPbrjMdooYEAE&cid=CAQSPAAvHhf_hQyQs5sAsNi8K3eD6Qk3M33qsZAMcVncGTg58w0YI_U7XcbS4yGYUmKmcIyVsP_42PZS7fhGvRgB&id=lidar2&mcvt=1033&p=905,1135,1155,1435&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3501067380&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704548307875&rpt=1643&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2250 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUpthNDHHJ0Uy8Cj3nuE5Cmuyf8rgAkrM0dgQKMEnriVuZ82uhTaBQRhMfohL-IOCRHJlVdYGjNu04n2yteD5GTrSO6HsKgGrI-VB6kEoeXa3cF1VxEbNsryVP9hVlKLOZFs8txtRfAUVB63WaWzyg3ljD&sai=AMfl-YRQM0-5IVQGI0jdJOXHMg253GkaG9Qn52PQjswcYPtqyF5EEtExKbXaqb9EsMJlcXSANCslRvbVyChrVJctIjAieam6clvwxbFlWV_qcZW7o4qf8iPSV7Fj6qfC&sig=Cg0ArKJSzKkkrGMx_f-dEAE&cid=CAQSPAAvHhf_hQyQs5sAsNi8K3eD6Qk3M33qsZAMcVncGTg58w0YI_U7XcbS4yGYUmKmcIyVsP_42PZS7fhGvRgB&id=lidar2&mcvt=1000&p=977,165,1227,465&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=0.89&if=1&vu=1&app=0&itpl=20&adk=1117919391&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704548307860&rpt=1717&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame EBED 		126 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.223.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d223768c8c211c108349645cb062a9dcdb5456e9abc8c6a36eb06366db6fbd5a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:30 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
2929
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:16:48 GMT
wn
prod-dash-10-0-93-48
server
cloudflare
etag
W/"128533-1702570608000"
vary
Accept-Encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
84145c9edcc69ff1-SIN
expires
Sat, 06 Jan 2024 15:38:30 GMT
piano-frame.css
static.advance.net/static/common/css/ Frame EBED 		154 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.advance.net/static/common/css/piano-frame.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd32b408a6feeda51fd7c694ab86f265c4d11d9041079b681018eb792c36d980

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Sat, 06 Jan 2024 13:38:30 GMT
x-shield-cache-expires
10
x-amz-request-id
MXEY06B7DW9F27SN
age
542
x-cache
HIT, HIT
x-host
static.advance.net
content-length
23936
x-served-by
cache-iad-kcgs7200076-IAD, cache-qpg1272-QPG
last-modified
Tue, 14 Nov 2023 14:37:04 GMT
x-timer
S1704548311.901933,VS0,VE0
etag
"d6d19879ab6383a664fcca2243dfb516"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame EBED 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1432423
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BbUs8Pfh2uCrKjb99XT3wtbaHwPdIpipLbUOx1eiYVOtizLtpW66xBhzifCHukJCsS1Vj75VBT1MXOJ7WoBIii9or8soDDrhzuKqzpH%2FmuJq%2B%2BAAuW1dCoWHiYhx9Wtehs%2BuDV7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84145ca12f4c44ba-SIN
expires
Thu, 26 Dec 2024 13:38:31 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame EBED 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2064278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhifrfKFEnqeZEapratiQFKVMu7DnOX5KCYByYhOqT0kkE%2Bze5fDwOokvykuPUAPeGaiJA63ecbGgU5qJtsPzXGV5EEAeZ5%2BXzEVhm%2BpveFs9WEbuskuWDgz%2BnlXjs2e4vaPFgTs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84145ca12f4944ba-SIN
expires
Thu, 26 Dec 2024 13:38:31 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame EBED 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1435052
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAosR6adNmbA6aD5Sbp5W7jPhSwyazgeYSNOcjBVEre5%2BUJhh%2FGwB2GU5zcJ7FbPUSmqT7kDLnHRUK0boAy84l3nEOT9tfxJojzSxXE7Uh5i59jPLzX17xfUaCbDA5QGkLXQee17"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84145ca12f5d44ba-SIN
expires
Thu, 26 Dec 2024 13:38:31 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame EBED 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
912822
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hM12HDkq9z8zXuQZknjgvDrh748wRUiVGyu%2FDy4VfPVF9gE4u2yKh2JMH3mSRh86xumPrzAzCGlxhDz7g2Eu6NV3Vygb6M%2BNe8xCtyOiYE%2BP%2Fj0eij2v5FcxWGCr1tadREQrIwA0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84145ca12f5b44ba-SIN
expires
Thu, 26 Dec 2024 13:38:31 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame EBED 		825 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
71572
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4k7Wg55StPZrpxrjjQBLm61d87moF%2FinMVXwxOVpQiQBHqkjZcULrizt%2FVgVtkFf2KbwYGLbsgQSucBU%2FWW54E0kaMlrk%2BR9yi0UB892CdZw35Oy%2Bq9w8HFn0VP8933fIWDqC%2BDX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84145ca12f5644ba-SIN
expires
Thu, 26 Dec 2024 13:38:31 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame EBED 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3330045
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vty8Hs4HR8TIuO%2F5913I%2FuWKnobN9XdkP2NravfyN6Vplxhe5Imq9o1t4gjviLFWXb5t4nNxKr2tUo9vmtxbybhWfItlLF7r559hOjfiGsd2GE%2FtlgvyIWM7GbitUr4yf%2BfrDtpi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84145ca12f5144ba-SIN
expires
Thu, 26 Dec 2024 13:38:31 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame EBED 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3170172
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2Kn%2BVTc8n%2BxYCJ8%2B08gOcQ4tCa9jq5AjCFXakJgtY3vd8iQQZMwx7flhQ3Pj%2BScr0iAFOcVXleiQmVRMMxJ5lgPcacqnQmgdbuvn4b7XjIugfpIhz%2FlU3%2FlhGzR9kJqtDExEJWg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84145ca15fb844ba-SIN
expires
Thu, 26 Dec 2024 13:38:31 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame EBED 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3157153
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5lpBa8Sms6g%2BCSHWvBCPrZKiXxARa1nLRAtd10oorZP5x7a0%2FodOBWQhqdx%2BezndeVDlhWEWVmL8cMIclHQW2KbPutkUt4cOEf8lBNyzJa4SxxHxpqA60cBKKjqrdeuwtZdT9Zp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84145ca15fb244ba-SIN
expires
Thu, 26 Dec 2024 13:38:31 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame EBED 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3171357
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5WZH4uh2xT%2B8yuHr8nHbL0X%2Fdk3sR3V8s%2Bjluj1IyPhvcjq3jqk1c%2Fqhbd6jqWBQgXeUhbY3IyHL3Kvy60esLvnkZD55ehgZWh54tN1ZBuRbaO%2BpgI6Y%2FYx2%2Fkcs96neSg3BBwp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84145ca12f6644ba-SIN
expires
Thu, 26 Dec 2024 13:38:31 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame EBED 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5071667
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OZwMSgwPWAoCdeRib6s%2FFuiJOzoxB4KYbMVa8ZRXREIltiphSwlso8yUXtIaVyEpjbtv%2BP9b3cYpmjvPj1v0Dv2h92fxqVxB52rf%2BR2Kok1j1hdQNtiIsa%2B8kzeXp%2BSbweV%2Bbcc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84145ca12f6144ba-SIN
expires
Thu, 26 Dec 2024 13:38:31 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame EBED 		62 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=8Gu2Z8RCvZ&version=1691000262000&language=en_US
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.223.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b78bc5c07f038b149515d8a5cadf1533dd1cc438ee4a587fd2770c526304279a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:31 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
M6wdu6shM4V
pragma
wn
prod-dash-10-0-120-90
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
server-time
0.002
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
84145c9edcc89ff1-SIN
expires
Sun, 7 Jan 2024 08:38:30 EST
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame EBED 		67 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=16.84.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.223.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2b6a09251dfdb96bb8a73aeabee416131dfe2a4410bccfaa2f4d089a6642051
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:30 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
18520
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 17:34:20 GMT
wn
prod-dash-10-0-131-167
server
cloudflare
etag
W/"68959-1703180060000"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
server-time
0.001
cache-control
public, max-age=86400
cf-ray
84145c9edcc99ff1-SIN
expires
Sun, 07 Jan 2024 13:38:30 GMT
H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame EBED 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=16.84.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.223.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9a88d548488330c2fdc31dd655203aa0044b8d954b0e1665e09b58965e52bf7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:30 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
229
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 17:46:28 GMT
wn
prod-dash-10-0-80-79
server
cloudflare
optimized-by
_sam
vary
Accept-Encoding
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=604571
cf-ray
84145c9edcca9ff1-SIN
expires
Sat, 13 Jan 2024 13:34:41 GMT
close-icon-black.svg
static.advance.net/static/common/img/piano/ Frame EBED 		1 KB
791 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/close-icon-black.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eef57151e6646e4f59ca6a1d749631ee2f89bf4d1b736fb4620b784cedbe0de6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Sat, 06 Jan 2024 13:38:30 GMT
x-shield-cache-expires
10
x-amz-request-id
VWKFSAM60Z187Q1Q
age
3118
x-cache
HIT, HIT
x-host
static.advance.net
content-length
610
x-served-by
cache-iad-kjyo7100168-IAD, cache-qpg1272-QPG
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1704548311.901911,VS0,VE0
etag
"35ec888ec074218ee36fea53d51653a8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
SPug
simage4.pubmatic.com/AdServer/ Frame 7371 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
piano-frame.js
static.advance.net/static/common/js/ Frame EBED 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.advance.net/static/common/js/piano-frame.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4918f51b2e5fe8e382052c64d1f082d4e7e52e4aa04b06805b41253a41fb7531

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Sat, 06 Jan 2024 13:38:31 GMT
x-shield-cache-expires
10
x-amz-request-id
Y7RHWQCRS9094V3Q
age
70
x-cache
HIT, HIT
x-host
static.advance.net
content-length
3628
x-served-by
cache-iad-kcgs7200148-IAD, cache-qpg1272-QPG
last-modified
Wed, 06 Dec 2023 17:04:02 GMT
x-timer
S1704548311.378792,VS0,VE2
etag
"37bff6897042341f8c8fdd86cb8983a5"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
logo-mlive.svg
static.advance.net/static/common/img/paywall/lmg/ Frame EBED 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/paywall/lmg/logo-mlive.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Sat, 06 Jan 2024 13:38:31 GMT
x-shield-cache-expires
10
x-amz-request-id
SATAT09Y2KXP70FE
age
2263
x-cache
HIT, HIT
x-host
static.advance.net
content-length
879
x-served-by
cache-iad-kcgs7200092-IAD, cache-qpg1272-QPG
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1704548311.379246,VS0,VE2
etag
"eddae84ef46240dace31d24e6e3f4dae"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
logAutoMicroConversion
api-v3.tinypass.com/api/v3/conversion/ 		49 B
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-v3.tinypass.com/api/v3/conversion/logAutoMicroConversion?page_title=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&url=https%3A%2F%2Fwww.mlive.com%2F&page_view_id=lr241v17922t7j5r&referrer=&content_author=&tags=null&content_type=website&tracking_id=%7Bkpdx%7DAAAA-rDb8XDw6woKOEd1Mlo4UkN2WhIQbHIyNDF2MTc5MjJ0N2o1choMRVhLRVU3WVgzWkFMIiUxODA4azNvMDhvLTAwMDAzMzZ1dnNlbmoyNGpmYXE1YjVzaGZzKhpzaG93VGVtcGxhdGUxT0RTTEFHWlg3V1g3MTABOgxPVEMxN1gzMkJKQ0lCDU9UVllRRUxKTExWUU9SS3YtMjAyNC0wMS0wNi0yMS0zOC0yNi03OTUtWkdvZVV4b3F6NkRncm9pZS04NTEyN2ViZGQyMTk2YjI1YjI4N2VlODc1M2RiNzNmYloOMTAxLjEyNy42NC4xODZiA2R3Y2jW0uqsBnAQeAQ&browser_id=lr241v17z6eb9wtp&event_type=EXTERNAL_EVENT&event_group_id=config&custom_params=%7B%22config%22%3A%22%7B%5C%22type%5C%22%3A%5C%22bottomfixed%5C%22%2C%5C%22version%5C%22%3A%5C%22cta%5C%22%2C%5C%22placement%5C%22%3A%5C%22bottom-fixed%5C%22%2C%5C%22newsletterId%5C%22%3A%5C%22%5C%22%2C%5C%22closable%5C%22%3A%5C%22true%5C%22%2C%5C%22scrollLock%5C%22%3A%5C%22true%5C%22%7D%22%7D&cookie_consents=null&previous_user_segments=null&callback=jsonp4234
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.223.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d442ca0d9b1e3120d0d523cbfc20520ea75c82a0e503717df802f47e960a2e7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:31 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
84145ca249209ff1-SIN
alt-svc
h3=":443"; ma=86400
x-request-id
M7wdu6svKd6
expires
0
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1923479956&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=nonblocking&ea=bottomfixed_shown&el=var%3A%22OTVYQELJLLVQO%22%7Cexp%3A%22EXKEU7YX3ZAL%22%7Cver%3A%22cta%22%7Cmet%3A%22Support%20Meter%22%7Ctot%3A%221%22%7Cmax%3A%227%22%7Cterm%3A%22%22&ev=0&_u=aDDAAEABAAQCACgFKAC~&jid=&gjid=&cid=1072478933.1704548306&tid=UA-16643585-16&_gid=1417018887.1704548307&gtm=45He4130n81TLXFLCRv78133989&cd1=undefined&cd2=1---&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=GA%20-%20event%20call&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd64=undefined&cd65=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-c&cd99=undefined&cd100=fbfabb1e89960b7979ccb67a1ecd04d7&cd101=b946fd47a12f78bb55ed1b2f2818185ca02c630dbfbce5eea49ba188f569c833&cd102=undefined&cd103=undefined&gcd=11l1l1l1l1&dma=0&cd61=1072478933.1704548306&cd98=meterName%3A%20%22Support%20Meter%22%7C%7CtotalViews%3A%201%7C%7CmaxViews%3A%207&z=1175083286
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 07:40:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21469
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metername=Support%20Meter&metered=1%7C7&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Asia%2FSingapore&tzoff=-480&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=17&tvcfg=all&tid=5639c519-a967-4164-ba9e-24900b6c8d37&pid=1c9a3d40-f016-44b9-88fd-723e6c923025&dtm=1704548311444&qnm=_matherq&visible=1&tabid=f1a0bbc2-f118-4a97-9985-beb710322033&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x1200&tofa=1704548306&vid=1&lvidt=1704548306&duid=f088ef69-9a66-4fe5-acc8-f258c4b96205&fp=3152236695&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJjdXN0b21fZXZlbnQiLCJhY3Rpb24iOiJjb25maWciLCJkYXRhIjp7ImV4cGVyaWVuY2VBY3Rpb25JZCI6InNob3dUZW1wbGF0ZTFPRFNMQUdaWDdXWDcxIiwiY3VzdG9tRXZlbnROYW1lIjoiY29uZmlnIiwiY29udGFpbmVyU2VsZWN0b3IiOiIjYm90dG9tLWZpeGVkLW1vZGFsIiwiZXZlbnROYW1lIjoiY29uZmlnIiwicGFyYW1zIjp7ImNvbmZpZyI6IntcInR5cGVcIjpcImJvdHRvbWZpeGVkXCIsXCJ2ZXJzaW9uXCI6XCJjdGFcIixcInBsYWNlbWVudFwiOlwiYm90dG9tLWZpeGVkXCIsXCJuZXdzbGV0dGVySWRcIjpcIlwiLFwiY2xvc2FibGVcIjpcInRydWVcIixcInNjcm9sbExvY2tcIjpcInRydWVcIn0ifX0sInZlbmRvciI6InBpYW5vIiwidHlwZSI6InVua25vd24ifSwiaWRlbnRpdGllcyI6W3sidHlwZSI6ImdhIiwiaWQiOiIxMDcyNDc4OTMzIiwicmVmVGltZSI6IjE3MDQ1NDgzMTE0NDMifV19
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.84.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-84-171.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Sat, 06 Jan 2024 13:38:31 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
farnhamheadline-semi-bold.woff
fonts.advance.net/fonts/v1/farnham-headline-semi-bold/ Frame EBED 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/v1/farnham-headline-semi-bold/farnhamheadline-semi-bold.woff
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 06 Jan 2024 13:38:31 GMT
x-shield-cache-expires
10
x-amz-request-id
E88MXDEDV845P0VS
age
42172
x-cache
HIT, HIT
x-host
fonts.advance.net
content-length
37160
x-served-by
cache-iad-kiad7000038-IAD, cache-qpg1251-QPG
last-modified
Wed, 19 Sep 2018 19:27:30 GMT
x-timer
S1704548312.849549,VS0,VE0
etag
"c9a8222fbabe6b700baacd21dd7a1f61"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
s-maxage-ignore=86400, no-store
Inter-Regular.woff2
fonts.advance.net/fonts/inter/ Frame EBED 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/inter/Inter-Regular.woff2
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 06 Jan 2024 13:38:31 GMT
x-shield-cache-expires
10
x-amz-request-id
BFTJBMVY6VG8SZEX
age
3514
x-cache
HIT, HIT
x-host
fonts.advance.net
content-length
98868
x-served-by
cache-iad-kjyo7100054-IAD, cache-qpg1251-QPG
last-modified
Mon, 17 Jul 2023 14:21:52 GMT
x-timer
S1704548312.849557,VS0,VE0
etag
"dc131113894217b5031000575d9de002"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
Inter-SemiBold.woff2
fonts.advance.net/fonts/inter/ Frame EBED 		103 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/inter/Inter-SemiBold.woff2
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 06 Jan 2024 13:38:31 GMT
x-shield-cache-expires
10
x-amz-request-id
BFTY2FVC866NHJJ7
age
4919
x-cache
HIT, HIT
x-host
fonts.advance.net
content-length
105804
x-served-by
cache-iad-kcgs7200165-IAD, cache-qpg1251-QPG
last-modified
Mon, 17 Jul 2023 14:21:52 GMT
x-timer
S1704548312.849494,VS0,VE0
etag
"007ad31a53f4ab3f58ee74f2308482ce"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
PugMaster
image6.pubmatic.com/AdServer/ Frame 7371 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1168235&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
8e177a91def5457a48dcbe910e828b7bf06dbeeac581bf68b33bc004aa1fbceb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 06 Jan 2024 13:38:32 GMT
content-length
1058
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 2AEE 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 06 Jan 2024 13:38:32 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 9C22
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4048876994717771444&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4048876994717771444&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 13:38:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
5fe379b8-082a-4b02-853c-8a385b223a06
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 06 Jan 2024 13:38:32 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4048876994717771444&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
101.127.64.186; 101.127.64.186; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 16C1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3&gdpr=0&gdpr_consent=&gdp...
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=af3c3f0a-bfed-3b95-8e8d-28bb76527378&ssp=pubmatic&bsw_param=d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 06 Jan 2024 09:29:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 06 Jan 2024 13:38:32 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 3EDC
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12zpt1m9f2qf
1 B
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12zpt1m9f2qf
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 06 Jan 2024 13:38:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Sat, 06 Jan 2024 13:38:39 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12zpt1m9f2qf
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
image2.pubmatic.com/AdServer/ Frame E825
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=t6f_2LSlotmspfTQsKTr1Of0_4CsoffWs_NcPClL
42 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=t6f_2LSlotmspfTQsKTr1Of0_4CsoffWs_NcPClL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 09:38:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 06 Jan 2024 13:38:32 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=t6f_2LSlotmspfTQsKTr1Of0_4CsoffWs_NcPClL
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
ecm3
s.amazon-adsystem.com/ Frame 8125 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDB1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 06 Jan 2024 13:38:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
B9DRCXNDZC5PCPDATSJX
458249.gif
idsync.rlcdn.com/ Frame 7371
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70
  • https://pippio.com/api/sync?pid=5324&it=1&iv=43299a7fe409d8a7130c99bf804bee8b457bf2023798c5f6d5b91718265678e2791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA0MzI5OWE3ZmU0MDlkOGE3MTMwYzk5YmY4MDRiZWU4YjQ1N2JmMjAyMzc5OGM1ZjZkNWI5MTcxODI2NTY3OGUyNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA0MzI5OWE3ZmU0MDlkOGE3MTMwYzk5YmY4MDRiZWU4YjQ1N2JmMjAyMzc5OGM1ZjZkNWI5MTcxODI2NTY3OGUyNzkxNDI2YjU0MTdkY2UyMRAAGgwI2K_lrAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=379b54b0-111a-4997-b9c4-8b28343be5dc
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=379b54b0-111a-4997-b9c4-8b28343be5dc
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:33 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 06 Jan 2024 13:38:33 GMT
via
1.1 google
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/458249.gif?partner_uid=379b54b0-111a-4997-b9c4-8b28343be5dc
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
Pug
simage2.pubmatic.com/AdServer/ Frame 7371
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4569115504333617179&gdpr=0&gdpr_consent=&us_privacy=
1 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4569115504333617179&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 06 Jan 2024 13:38:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4569115504333617179&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 06 Jan 2024 13:38:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
SPug
image4.pubmatic.com/AdServer/ Frame 7371
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2FdtZztE2uWVavlsOXVM3MFHpgHijms-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2FdtZztE2uWVavlsOXVM3MFHpgHijms-~A&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-MediaNet_n-Beeswax_ox-db5_smrt_n-smaato_n-sharethrough_pm-db5_ym_rbd_n-baidu_n-nativo_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2FdtZztE2uWVavlsOXVM3MFHpgHijms-~A&gdpr=0
date
Sat, 06 Jan 2024 13:38:32 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2E48 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.192.249 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-207-192-249.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=106434
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 06 Jan 2024 13:38:32 GMT
expires
Sun, 07 Jan 2024 19:12:26 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 3BBF 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
829
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
84145ca83fc949cc-SIN
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 06 Jan 2024 13:38:32 GMT
expires
Sat, 06 Jan 2024 17:38:32 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 6B46 		37 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c2e63495ba4031641ce088011c4be239cdd576e98b3d88d74464af39606670fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
12354
content-type
text/html; charset=UTF-8
date
Sat, 06 Jan 2024 13:38:32 GMT
expires
Mon, 08 Jan 2024 13:38:32 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 79A1 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.109.78 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-203-109-78.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 06 Jan 2024 13:38:32 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cm
trc.taboola.com/sg/prebidJS/1/ 		43 B
665 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/prebidJS/1/cm
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Sat, 06 Jan 2024 13:38:32 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
2444
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-qpg1279-QPG
pragma
no-cache
server
nginx
x-timer
S1704548313.635590,VS0,VE3
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ibs:dpid=903&dpuuid=98f33047-6206-44a9-9367-ebdba8f53da3
dpm.demdex.net/
Redirect Chain
  • https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=98f33047-6206-44a9-9367-ebdba8f53da3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=98f33047-6206-44a9-9367-ebdba8f53da3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=98f33047-6206-44a9-9367-ebdba8f53da3
42 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=98f33047-6206-44a9-9367-ebdba8f53da3
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
52.35.107.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-107-54.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-usw2-1-v050-060580c20.edge-usw2.demdex.com 2 ms
pragma
no-cache
date
Sat, 06 Jan 2024 13:38:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
p4R9tyrORuU=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=98f33047-6206-44a9-9367-ebdba8f53da3
date
Sat, 06 Jan 2024 13:38:33 GMT
server
Kestrel
content-length
189
usync.js
eus.rubiconproject.com/ Frame 79A1 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.109.78 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-203-109-78.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
53b2ca32aad7f85c22c1dba1e1b45aa876c6af724071b3c8dfa356ef86e68a08

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 13:38:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jan 2024 19:00:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19279
Connection
keep-alive
Content-Length
13174
Expires
Sat, 06 Jan 2024 18:59:51 GMT
usermatch
ssum-sec.casalemedia.com/ Frame C2AA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97e3ac693c9feefce753e5424bc2739f2352f31f47411ce0e69e2d4a16532ec7

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84145ca8786d55fb-SIN
content-encoding
br
content-type
text/html
date
Sat, 06 Jan 2024 13:38:32 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8cHkRWAjk%2F6zOPTBi5NBxTOrwYc5N4jix8%2BIXsH06OCaBF2wBELSuj18voesuHdy%2FSLRieUMGjR5rbD94e2qDq876kvjMa1S4EEi7x8jwYnxqY3seyF2x%2FUE2lm%2FuQJR2xVpSGZB8Plmw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ZZlX1MaY56wGe4C_uYiXYQAAFNgAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C2AA 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZZlX1MaY56wGe4C_uYiXYQAAFNgAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.217.47 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-217-47.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame C2AA
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4048876994717771444
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4048876994717771444
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xMJVwA%2FrC9vUEZcXZnRZCGdVnGHG%2Fs1mQvS8GMmmOxrB0PiIjrR7OV7vuSG1DulQuQMm%2FDvmFYWX5ovmetWlZSdPwnkY8MyINsqMA%2B0HJyDzxMPh7MAkur7fg9BaZpn1CxvuKZJLYI22g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84145ca8d8ce55fb-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:32 GMT
an-x-request-uuid
2ed91a4c-bae9-4140-bee6-14abb0831f45
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4048876994717771444
x-proxy-origin
101.127.64.186; 101.127.64.186; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C2AA
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=oW4hH6JsfB66bClA8m41FaFsLRK6Pn4WoD-j4zVZ
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=oW4hH6JsfB66bClA8m41FaFsLRK6Pn4WoD-j4zVZ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3VDWq%2F4MPZ43ZMU1ncWtQ2MtFzkBluEpNQ%2B3XLscqXBwvchrs%2BrhTuyUdRf8ALcCmYsQn8FG27fBC1haBhprVTPxuzggrlZ2E8nxeivw1k5b7l8%2BZJG4VxipwmbrsQ0pkgb4tnODcITzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84145ca9092455fb-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=oW4hH6JsfB66bClA8m41FaFsLRK6Pn4WoD-j4zVZ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ZZlX1MaY56wGe4C_uYiXYQAAFNgAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C2AA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZZlX1MaY56wGe4C_uYiXYQAAFNgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZZlX1MaY56wGe4C_uYiXYQAAFNgAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZZlX1MaY56wGe4C_uYiXYQAAFNgAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
52.74.217.47 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-217-47.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZZlX1MaY56wGe4C_uYiXYQAAFNgAAAAB
date
Sat, 06 Jan 2024 13:38:32 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
demconf.jpg
dpm.demdex.net/ Frame C2AA
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZZlX1MaY56wGe4C-uYiXYQAA%265336?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZZlX1MaY56wGe4C-uYiXYQAA%265336
42 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZZlX1MaY56wGe4C-uYiXYQAA%265336
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
52.35.107.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-107-54.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-usw2-1-v050-07675a7c3.edge-usw2.demdex.com 1 ms
pragma
no-cache
date
Sat, 06 Jan 2024 13:38:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
MMngSrqVQtA=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-usw2-1-v050-0af0908f6.edge-usw2.demdex.com 0 ms
pragma
no-cache
date
Sat, 06 Jan 2024 13:38:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
aYW/OboTTcw=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZZlX1MaY56wGe4C-uYiXYQAA%265336
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum-sec.casalemedia.com/ Frame C2AA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4569115504333617179
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4569115504333617179
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKesgaAvK9Pprbp8434JJPgrvGyT%2FPldU0w%2F1aOQROLyuYd95Pf3MgY%2FJJxkwKrnKWIiHvnOGlyhylWPQwt4S%2FAZfetBLLoLgDBYSgAm3do4q6UT%2B69s6V040KLfkqwadFJo1rOgDtWbEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84145ca9497c55fb-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4569115504333617179
pragma
no-cache
date
Sat, 06 Jan 2024 13:38:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dcm
s.amazon-adsystem.com/ Frame C2AA 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZZlX1MaY56wGe4C_uYiXYQAAFNgAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M3MHJ4K6349Z0Y1G5WMW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame C2AA
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3867dc02-312d-2278-e58afac8
43 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3867dc02-312d-2278-e58afac8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gFRAPoeshjozwRSQQnXsmCAziBDnCvI5f1m76UZujqbkMxP8OBzl%2FVVfKhcn0qOXHbDA2zxAM7vE%2BdL0maMg%2BBBhMbFsGO0kWCvQuHDAH7cIaNwNnJobLAZy30r0GtWnLZsOh3V"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84145caaeaa4449f-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 06 Jan 2024 13:38:32 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=3867dc02-312d-2278-e58afac8
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
htw-pixel.gif
cdn.indexww.com/ht/ Frame C2AA 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZZlX1MaY56wGe4C-uYiXYQAA%265336
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:32 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
57301
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
84145ca8c89549cc-SIN
content-length
43
expires
Sun, 07 Jan 2024 13:38:32 GMT
pubcid.php
hbx.media.net/ Frame 6B46 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Sat, 06 Jan 2024 13:38:32 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Sat, 06 Jan 2024 14:08:32 GMT
sync
gum.criteo.com/ Frame 6B46 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:32 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
224009
expires
60
usync.html
eus.rubiconproject.com/ Frame 23D6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.109.78 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-203-109-78.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 06 Jan 2024 13:38:32 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 06 Jan 2024 13:38:32 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 7CB2
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3475499083845877000V10%26type%3Drkt%26refUrl%3D%26vid%3D454831250534754990838458770...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3475499083845877000V10&type=rkt&refUrl=&vid=45483125053475499083845877000V10&axid_e=&ovsid=2018527442084423065
231 B
256 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3475499083845877000V10&type=rkt&refUrl=&vid=45483125053475499083845877000V10&axid_e=&ovsid=2018527442084423065
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
95d98804a6e5f1e07cca375e5eff2d59603f175e6f35f1de42a5fd1112b0dc1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-length
231
content-type
text/html;charset=UTF-8
date
Sat, 06 Jan 2024 13:38:32 GMT
expires
Sat, 06 Jan 2024 13:38:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
quic-version
0x00000001
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Sat, 06 Jan 2024 13:38:32 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3475499083845877000V10&type=rkt&refUrl=&vid=45483125053475499083845877000V10&axid_e=&ovsid=2018527442084423065
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cksync.php
contextual.media.net/ Frame 6B46
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3475499083845877000V10%...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=bfa728642e21eff&is_secure=true&version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3475499083845877000V10&type=con&refUrl=&vid=45483125053475499083845877000V10&axid_e=&ovsid=AAALTyHy_Z-3UQNCMqrfAAAAAAA&expiration=1704634712&is_sec...
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3475499083845877000V10&type=con&refUrl=&vid=45483125053475499083845877000V10&axid_e=&ovsid=AAALTyHy_Z-3UQNCMqrfAAAAAAA&expiration=1704634712&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 06 Jan 2024 13:38:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Sat, 06 Jan 2024 13:38:32 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:32 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3475499083845877000V10&type=con&refUrl=&vid=45483125053475499083845877000V10&axid_e=&ovsid=AAALTyHy_Z-3UQNCMqrfAAAAAAA&expiration=1704634712&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame 6B46
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3475499083845877000V10%26type%3Dr1%26refUrl%3D%26vid%3D45483125053475499083...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5646801149
  • https://sync.1rx.io/usersync/tradedesk/98f33047-6206-44a9-9367-ebdba8f53da3
  • https://sync.targeting.unrulymedia.com/csync/RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3475499083845877000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3475499083845877000V10&type=r1&refUrl=&vid=45483125053475499083845877000V10&axid_e=&ovsid=RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3475499083845877000V10&type=r1&refUrl=&vid=45483125053475499083845877000V10&axid_e=&ovsid=RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 06 Jan 2024 13:38:33 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Sat, 06 Jan 2024 13:38:33 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3475499083845877000V10&type=r1&refUrl=&vid=45483125053475499083845877000V10&axid_e=&ovsid=RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004
date
Sat, 06 Jan 2024 13:38:33 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX9fdf8485daa6496fb0519e3ebabaae0d004
content-type
text/html
cksync
cs.media.net/ Frame 6B46
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQ3NTQ5OTA4Mzg0NTg3NzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEFQRkoOWOjuTyawm8qFpQU4&google_cver=1
57 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEFQRkoOWOjuTyawm8qFpQU4&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.203.108.27 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-203-108-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:32 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
57
x-mnet-hl2
E
Expires
Sat, 06 Jan 2024 13:38:32 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEFQRkoOWOjuTyawm8qFpQU4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 6B46
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3475499083845877000V10%26type%3Ddxu%26refUrl%3D%26vid%3D45483125053475499083845...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3475499083845877000V10%26type%3Ddxu%26refUrl%3D%26vid%3D45483125053475499...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3475499083845877000V10&type=dxu&refUrl=&vid=45483125053475499083845877000V10&axid_e=&ovsid=FLwNzbTm1Rm6SI5
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3475499083845877000V10&type=dxu&refUrl=&vid=45483125053475499083845877000V10&axid_e=&ovsid=FLwNzbTm1Rm6SI5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 06 Jan 2024 13:38:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Sat, 06 Jan 2024 13:38:32 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:32 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-019419e25e51af8eb@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3475499083845877000V10&type=dxu&refUrl=&vid=45483125053475499083845877000V10&axid_e=&ovsid=FLwNzbTm1Rm6SI5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 6B46
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsi...
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=05340985-a6fd-48ca-847a-263c57f46abd&gdpr=0&gdpr_consent=&us_privacy=
57 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=05340985-a6fd-48ca-847a-263c57f46abd&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 06 Jan 2024 13:38:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Sat, 06 Jan 2024 13:38:32 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:32 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=05340985-a6fd-48ca-847a-263c57f46abd&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1240483
content-length
0
expires
Sat, 06 Jan 2024 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 6B46
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-eNkkv71E2pmOKuALllXP8T2RXI6dTYl.FjjIow--~A&expires=5&ssp=medianet
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3&gdpr=&gdpr_consent=&gdpr_pd=
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 06 Jan 2024 13:38:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Sat, 06 Jan 2024 13:38:32 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 06 Jan 2024 13:38:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 6B46
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=fUZbGMbHzHgoucSV23nj
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=fUZbGMbHzHgoucSV23nj
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 06 Jan 2024 13:38:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Sat, 06 Jan 2024 13:38:32 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:32 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=fUZbGMbHzHgoucSV23nj
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
111
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
dmp.adblade.com/srv/sync/gateway/ Frame 6B46 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 13:38:33 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame 6B46
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3475499083845877000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3475499083845877000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=3032bcfc-64f1-4f57-94be-d207d34718d1&cs=1
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=3032bcfc-64f1-4f57-94be-d207d34718d1&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 06 Jan 2024 13:38:33 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Sat, 06 Jan 2024 13:38:33 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=3032bcfc-64f1-4f57-94be-d207d34718d1&cs=1
Date
Sat, 06 Jan 2024 13:38:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
710489.gif
id.rlcdn.com/ Frame 6B46 		42 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:32 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 6B46
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=98f33047-6206-44a9-9367-ebdba8f53da3
57 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=98f33047-6206-44a9-9367-ebdba8f53da3
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.203.108.27 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-203-108-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:32 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
57
x-mnet-hl2
E
Expires
Sat, 06 Jan 2024 13:38:32 GMT

Redirect headers

location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=98f33047-6206-44a9-9367-ebdba8f53da3
date
Sat, 06 Jan 2024 13:38:32 GMT
server
Kestrel
content-length
199
cksync.php
contextual.media.net/ Frame 6B46
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=medianet
  • https://creativecdn.com/cm-notify?pi=medianet&tc=1
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=LE0BBioQlieMnwfs_Qa1F2_4guAxir_H1uYpGq4trPY&pi=medianet&tc=1
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=LE0BBioQlieMnwfs_Qa1F2_4guAxir_H1uYpGq4trPY&pi=medianet&tc=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 06 Jan 2024 13:38:33 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Sat, 06 Jan 2024 13:38:33 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=LE0BBioQlieMnwfs_Qa1F2_4guAxir_H1uYpGq4trPY&pi=medianet&tc=1
pragma
no-cache
date
Sat, 06 Jan 2024 13:38:33 GMT, Sat, 06 Jan 2024 13:38:33 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 23D6 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.109.78 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-203-109-78.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
53b2ca32aad7f85c22c1dba1e1b45aa876c6af724071b3c8dfa356ef86e68a08

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 13:38:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Jan 2024 19:00:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19279
Connection
keep-alive
Content-Length
13174
Expires
Sat, 06 Jan 2024 18:59:51 GMT
khaos.json
token.rubiconproject.com/ Frame 23D6 		7 B
776 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LR241UYY-18-GEDC
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Expires
0
cksync.php
contextual.media.net/ Frame 23D6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&us_privacy=1---&khaos=LR241UYY-18-GEDC
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LR241UYY-18-GEDC&us_privacy=1---
57 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LR241UYY-18-GEDC&us_privacy=1---
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H3
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 06 Jan 2024 13:38:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Sat, 06 Jan 2024 13:38:32 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LR241UYY-18-GEDC&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
log
c21lg-d.media.net/ Frame 6B46 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=0c6eda8e-801b-460c-8a25-d72117231d8d&cs=15&vsid=3475499083845877000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=2034%2C2033%2C2030%2C273%2C233%2C157%2C2027%2C159%2C2026%2C117%2C359%2C239%2C97%2C99%2C56%2C59%2C3012%2C2043%2C201%2C3007%2C246%2C4%2C126%2C203%2C9%2C3024%2C3022%2C171%2C3020%2C173%2C294%2C251%2C175%2C132%2C178%2C257%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C184%2C261%2C141%2C262%2C461%2C188%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82%2C508&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.108.27 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-203-108-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 06 Jan 2024 13:38:32 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sat, 06 Jan 2024 13:38:32 GMT
sdk-runtime-config.js
buy.tinypass.com/api/v3/anon/assets/ 		266 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.160.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269310477d1b33ec8b0d3a7483688f388740edbe3b34f2d2b0d3c6bbdb466738
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:33 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
3821
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
M4yau6sqwZ0
wn
prod-dash-10-0-86-97
last-modified
Sat, 06 Jan 2024 12:34:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.006
cache-control
public, max-age=14400
cf-ray
84145cafa88244bb-SIN
expires
Sat, 06 Jan 2024 17:38:33 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_HEADER1&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&t=1704548305778&de=284869134601&rx=856943115918&m=0&ar=cc84ca2002d-clean&iw=00ce329&q=1&cb=0&cu=1704548305778&ll=2&lm=0&ln=0&em=0&en=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=advanceddigitalheader640552616592&fd=1&it=500&ti=0&ih=2&pe=1%3A13464%3A13464%3A0%3A13607&fs=206701&na=343981381&cs=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.193.230 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-207-193-230.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 06 Jan 2024 13:38:33 GMT
optimus_rules.json
tags.crwdcntrl.net/lt/c/963/ 		26 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/963/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-125.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f8051f3eb7b146bdfd1156266a2947c7361e2d9546fa39f4c86cc06d869cd877

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 06 Jan 2024 04:04:38 GMT
content-encoding
gzip
via
1.1 2e4ea5ed710a1104b183ead6b210a514.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
34436
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 27 Oct 2023 11:15:30 GMT
server
AmazonS3
etag
W/"5f1caf5b5ed07225c2bf7016429a9c40"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-id
5WvqzODt-w_jBCaLriOOGj2RIvXeV2o7K1_7bqH632dJUkohNx-nLA==
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f154.1e100.net
Software
cafe /
Resource Hash
d1e849dae35bc7601913a56dee0dc20b3a47fc4cbf050aa6527c38c1e038f1fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12162
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 06 Jan 2024 13:38:33 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.mlive.com%2F-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3MIJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWYFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-k0RseVcsuWC81Q%3D%3D&sc=1&os=1-xA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1704548305778&de=284869134601&rx=856943115918&cu=1704548305778&m=8009&ar=cc84ca2002d-clean&iw=00ce329&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=13589&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A13464%3A13464%3A0%3A13607&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=206701&na=2053742316&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.193.230 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-207-193-230.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 06 Jan 2024 13:38:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 236E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
100572
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jan 2024 09:42:21 GMT
expires
Sat, 04 Jan 2025 09:42:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0CC8 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f105.1e100.net
Software
GSE /
Resource Hash
f136e48ba4e90eefa26696f9cdee07c1565a55642e769d76ce3c524b3556a666
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hD2bq0EV_TDI8s4qVRArpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-hD2bq0EV_TDI8s4qVRArpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 13:38:33 GMT
expires
Sat, 06 Jan 2024 13:38:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 0CC8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=840887029304336&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 236E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.175.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 10:07:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
12650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 Jan 2025 10:07:43 GMT
generate_204
tpc.googlesyndication.com/ Frame 236E 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?MPsVoA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=45je4130v875661087z878133989&_p=1704548304856&gcd=11l1l1l1l1&dma=0&cid=1072478933.1704548306&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dp=%2F&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1704548305&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&_s=2&tfd=22541
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 7371 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401020101&jk=840887029304336&bg=!4-Cl4K_NAAY3kmNgF5I7ADQBe5WfONgEEaEukxYNKOhlkp8FJuH4bLZRSlgSHxUpMHBMCzG--OjZFm6nVgOqKa1ZeHw8AgAAAGRSAAAABWgBBwoA0RaOFGqI6cLCRvvZy7nDvoaUZy5pb6PVjlHZwT81hqdnJ9ClC5_wNRFxfwwd2uPShRdT_j2a7zq6nS10WmNK8hgE5Jvv2tnVLnhGvNYV2H0UPyYfdzGz2iyTajZoiFj3qFs4sEaxs5oLZXT85v44uQCYYWsrZS7anl0UGOSm5khALIhqhkrJU3fgL2U73NGmTM9EguG-4FPMlk5jI_Qg1oIpgXs8jo-eqzr-2drGMqPKnNla-F_Zj7mxASoaAIV4j_hZc5ukFE20G-Wvyb5RUZ_HmQKonlhZCwGJm0dCY8Nqyoa6h-XaYDJZWXVNwKYQQ34XvZkCtUJca3jDwz3obNaGmvAnVPhWIirqQGLsddz6o28dfNWr_A7T-jBktagHH6gPbx8gdCBWxUyJ64XdNnDZ_oqc-WEhyXApLNtz3H3ug6B6kw15QR9AgA37xOJw5UcbfyA-5TNUMtKYMZ-SthfLoDOOcep3k3KIKRF4zRjD20MiwDdHD9uJDtQ4eGQKkoQ3V0do-BwxPKVhBdWadUyg6inrWf9Y8piMEvDYYCRz1HyI2yy1cBZNWWSlLTF5RTIac1kJ85ha-KV1jHybzKFyDS-EatHXvLFUQyJIIMtEbUkSMyCoaTDV9RYNAm_PVuA9OvnWqqCvXpDOZf6df9CIJ2vVOzTR-kQN1h4YsY-_bM0zPGYwwiRK1X4NOvvcxp0pMN1clRh-eFxNjFgcQZ7KlJP5OmzcANpxak0CkTLsODXLoLMrntN9ud6s5EAWcakhAqN9MZ1ubp1EidE9QgTNzlMTGESJvRIlXJK42fTGclDGxoDeaLNST6_rzvMPz9I7PchVlIQxuje8Up_ivo4SsIk9GQKh6ynMi6ZOLs2BSj8y3W2VeI6rwbEpJmnaPDW40NT2vROBvPleFwaMh_mLhLiGJd3Cynv3yrgpnYf8jgPzDthKvt_v7ZoEfRmjt0ac50GNjyfjqtxQCvJ8pXzTz3so1c1HtLv1IJAnsQpeYJTOdyX-DCXDB8hLNMoApkFQgmmIpW5fr0OoAdYDLhbzkw9vcY8O7ySKPtBIQBpTUoDW5VVDqtVdM594DYacIJDmdmkYFi6YiKoRH8sZjNJQYn0ex4KKsQbT8nTwbRbst4UcZfZyGTYOR1bMhdIelgn6bCSD8VTPpJ9IS1SpmtjPOYVeyC-6p6O7dFA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
data
bcp.crwdcntrl.net/6/ 		172 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.150.191 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-150-191.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
9bb456d836cc354945cecce8dbdf0ec21d2d9cbc30d001d401bc978f6df75818

Request headers

Referer
https://www.mlive.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:35 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.42.14.8
access-control-allow-credentials
true
content-length
172
expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 2E48 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=30399765&p=159879&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
ec55901d8377ee761067bab7debb33c9adbedda3b7756ef7cb5d8b546f43bc16

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 06 Jan 2024 13:38:35 GMT
content-length
1673
content-type
text/html; charset=UTF-8
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 4B1E 		85 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sat, 06 Jan 2024 13:38:35 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-qpg1253-QPG
x-timer
S1704548315.378494,VS0,VE482
Pug
simage2.pubmatic.com/AdServer/ Frame 5166
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=10b7309f62c448c0ab8b11d51ea91f40
42 B
382 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=10b7309f62c448c0ab8b11d51ea91f40
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 13:38:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Sat, 06 Jan 2024 13:38:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=10b7309f62c448c0ab8b11d51ea91f40
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
cm
ipac.ctnsnet.com/int/ Frame 9C4A 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 06 Jan 2024 13:38:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 28D0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kSnZhaUdU0Zi-dFxxHQND2V_QLo&gdpr=0&gdpr_consent=
42 B
380 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kSnZhaUdU0Zi-dFxxHQND2V_QLo&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 09:29:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sat, 06 Jan 2024 13:38:36 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kSnZhaUdU0Zi-dFxxHQND2V_QLo&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 9869
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 13:38:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jan 2024 13:38:34 GMT
expires
Sat, 06 Jan 2024 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1213926
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 9874 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 6998
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU7317efbc45b941baa4ddc943a66fefa6
42 B
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU7317efbc45b941baa4ddc943a66fefa6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 09:18:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Sat, 06 Jan 2024 13:38:35 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU7317efbc45b941baa4ddc943a66fefa6
pragma
no-cache
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 8D53
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=2O9sOZO-D--6meGJ21eZZQ
42 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=2O9sOZO-D--6meGJ21eZZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 13:38:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Sat, 06 Jan 2024 13:38:35 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=2O9sOZO-D--6meGJ21eZZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
bridge
cm.adgrx.com/ Frame ED83 		0
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.14.27 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
date
Sat, 06 Jan 2024 13:38:36 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1c-delivery-3
Pug
simage2.pubmatic.com/AdServer/ Frame 2E48
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7660733452243284982
42 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7660733452243284982
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 13:38:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7660733452243284982
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Asia%2FSingapore&tzoff=-480&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=17&tvcfg=all&f_privb=0&tid=f502e024-5fa6-42a4-a2f5-838553b7489c&pid=1c9a3d40-f016-44b9-88fd-723e6c923025&dtm=1704548316473&qnm=_matherq&visible=1&tabid=f1a0bbc2-f118-4a97-9985-beb710322033&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x1200&tofa=1704548306&vid=1&lvidt=1704548306&duid=f088ef69-9a66-4fe5-acc8-f258c4b96205&fp=3152236695&cid=ma63527&mrk=484602605&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcwNDU0ODI5MTQ4OSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNy4xbWIiLCJoZWFwVCI6IjIxLjdtYiIsImZzdFBhaW50IjoiMTM0NjQiLCJmZXRjaFMiOiI1MDEyIiwiZG9tYWluUyI6IjU5NjgiLCJkb21haW5FIjoiNTk2OCIsImNvbm5TIjoiNTk2OCIsImNvbm5FIjoiNjMwNCIsInNzbFMiOiI2MjcxIiwicmVxdVMiOiI2MzA0IiwicmVzcFMiOiIxMzIzMyIsInJlc3BFIjoiMTM1NjEiLCJkb21Mb2FkIjoiMTMyMzgiLCJkb21JbnRlciI6IjEzNjA3IiwiZG9tTG9hZFMiOiIxMzc3MSIsImRvbUxvYWRFIjoiMTM3ODIiLCJkb21DbXBsdCI6IjIyMjkwIiwibG9hZFMiOiIyMjMwMiIsImxvYWRFIjoiMjIzMDYifX0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.84.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-84-171.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Sat, 06 Jan 2024 13:38:36 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
SPug
simage4.pubmatic.com/AdServer/ Frame 2E48 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159879&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 13:38:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 2E48 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=48431053&p=159879&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
fa76463735fce864c32dda07c312700148fc03e30ed12be2ba60c048ede446de

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 06 Jan 2024 13:38:38 GMT
content-length
1721
content-type
text/html; charset=UTF-8
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 010A 		0
0
pxd
dps.jp.cinarra.com/ Frame 5329 		0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.168.28.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-length
0
date
Sat, 06 Jan 2024 13:38:38 GMT
i.match
s.tribalfusion.com/z/ Frame 1B83
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
428 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
84145cd2aaf14109-SIN
content-length
43
content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 13:38:39 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
84145cd06f294109-SIN
content-type
text/html
date
Sat, 06 Jan 2024 13:38:39 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
783
141
match.deepintent.com/usersync/ Frame 34C4 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-length
0
date
Sat, 06 Jan 2024 13:38:38 GMT
server
b
cookiesync
core.iprom.net/ Frame C97A 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sat, 06 Jan 2024 13:38:39 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-30ed839ff0ab@version_1.579
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 676B
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 06 Jan 2024 13:38:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sat, 06 Jan 2024 13:38:39 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 2F38
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FLwNzbTm1Rm6SI5&gdpr=0&gdpr_consent=
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FLwNzbTm1Rm6SI5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 13:38:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 06 Jan 2024 13:38:38 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FLwNzbTm1Rm6SI5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-083f2e64da6706325@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 8540
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018527442084423065
42 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018527442084423065
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 13:38:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sat, 06 Jan 2024 13:38:38 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018527442084423065
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004
sync.targeting.unrulymedia.com/csync/ Frame B6AE
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/unruly?rndcb=502219177
  • https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-5FAuMsJE2oWI0KZynbWmoWPMD188ALeqflBu~A
  • https://sync.1rx.io/usersync/verizon/y-5FAuMsJE2oWI0KZynbWmoWPMD188ALeqflBu~A
  • https://sync.targeting.unrulymedia.com/csync/RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2E48
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=52a25224f3651eff&is_secure=true&networkId=17100&version=1&nuid=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMNKNOkZS54AMmycqWAAAAAAA&expiration=1704634718&nuid=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70&...
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMNKNOkZS54AMmycqWAAAAAAA&expiration=1704634718&nuid=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 06 Jan 2024 13:38:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:38 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMNKNOkZS54AMmycqWAAAAAAA&expiration=1704634718&nuid=B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3MIJ1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWYFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-k0RseVcsuWC81Q%3D%3D&sc=1&os=1-xA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=13589&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=13589&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1704548305778&de=284869134601&rx=856943115918&cu=1704548305778&m=13048&ar=cc84ca2002d-clean&iw=00ce329&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A13464%3A13464%3A22306%3A13607&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5030&cd=0&ah=5030&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=206701&na=719530937&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.193.230 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-207-193-230.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jan 2024 13:38:38 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 06 Jan 2024 13:38:38 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
exchange.postrelease.com
URL
https://exchange.postrelease.com/prebid?ntv_pb_eid=W3sic291cmNlIjoiY3J3ZGNudHJsLm5ldCIsInVpZHMiOlt7ImlkIjoiYjk0NmZkNDdhMTJmNzhiYjU1ZWQxYjJmMjgxODE4NWNhMDJjNjMwZGJmYmNlNWVlYTQ5YmExODhmNTY5YzgzMyIsImF0eXBlIjoxfV19LHsic291cmNlIjoicHViY2lkLm9yZyIsInVpZHMiOlt7ImlkIjoiNjlmODk0ZmEtYmY0Mi00NDg0LTk2OTQtZmQxZGQwZTRlYmU0IiwiYXR5cGUiOjF9XX1d&ntv_ptd=1134022,1134019&ntv_pas=eyIxMTM0MDE5IjpbWzMwMCwyNTBdXSwiMTEzNDAyMiI6W1szMDAsMjUwXV0sImxlbmd0aCI6Mn0=&ntv_ppf=eyJhZC1zbWFsbC0yIjp7ImJhbm5lciI6eyIzMDB4MjUwIjowLjYzLCIqIjowLjYzfSwiKiI6eyIqIjowLjQ2LCIzMDB4MjUwIjowLjQ2fX0sImFkLXNtYWxsLTEiOnsiYmFubmVyIjp7IjMwMHgyNTAiOjAuNzQsIioiOjAuNzR9LCIqIjp7IioiOjAuNDYsIjMwMHgyNTAiOjAuNDZ9fSwiYWQtbGFyZ2UtMSI6eyJiYW5uZXIiOnsiMzAweDI1MCI6MC42NiwiKiI6MC42Nn0sIioiOnsiKiI6MC40NiwiMzAweDI1MCI6MC40Nn19fQ==&ntv_pbv=v8.23.0&ntv_pb_rid=143c7f400d4cd1&ntv_ppc=W3siYWRVbml0Q29kZSI6ImFkLXNtYWxsLTIiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX0seyJhZFVuaXRDb2RlIjoiYWQtc21hbGwtMSIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fSx7ImFkVW5pdENvZGUiOiJhZC1sYXJnZS0xIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19XQ==&ntv_dbr=eyJhZC1zbWFsbC0yIjowLCJhZC1zbWFsbC0xIjowLCJhZC1sYXJnZS0xIjowfQ==&ntv_url=https%3A%2F%2Fwww.mlive.com%2F
Domain
app.cauly.co.kr
URL
https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEKI0BE2f9qKkbCRKZNRTnZE&google_cver=1&google_push=AXcoOmRzSikMsyXbHs04-sM1K75ubsYMWLKteDu_rk5M90L55idYaSjnDrORGkhq6iYmMXdx1p0rhRes6IWYdd7odJ3r-cq6HOykHjgZSxHIGWmlR_aLb-HGzWAUwHP1ip9AQYzeHDIyefXZEt033kGIpRU
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEGmpUEjR81tZSiq-Ky3phuo&google_cver=1&google_push=AXcoOmSnAdFUkz87ivjQ_tdff_TZ_Nj51_6oUyRKKHKJuNDksKbALvcsg0lmbCbqrkVmqYCnPYGy5zlLPX9q6paL5pYpw26FRsR7O6IUiSoR56CnWkOSPlJYtzCJ2bUdzdCUpeJayns1dbtdOplsufSMeEY
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
sync-dsp.ad-m.asia
URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004

Verdicts & Comments Add Verdict or Comment

553 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| documentPictureInPicture function| admiral object| googletag object| sophi number| a object| sophiSegments object| BOOMR_mq string| BOOMR_API_key object| BOOMR string| environment object| adiData object| dataLayer object| $OPHI_GN function| sophiTag object| Snowplow object| Fusion object| react object| React function| setImmediate function| clearImmediate object| ReactDOM object| PropTypes object| StyledComponents object| adiTrackPromise object| adiTrack object| regeneratorRuntime function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| otCcpaOptOut function| dnsfeed object| OneTrustStub object| CDP object| apstag object| pbjs boolean| bcDFPCallbackCalled function| bcDFPCallback object| lotame_963 object| AdManager function| setAdiDataAffiliateMarket function| adhesionInit object| Advance object| tp object| SWG function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| idl object| teads_analytics string| bcHostname object| pArray function| adiGetLotameValue number| times function| waitFor object| lotameSegments object| atsScript boolean| isOriginalIDL undefined| revgenDebug string| bcAffiliateProp string| logStyle function| handleProfileProperties function| debouncedHandleProfileProperties function| loadValuesFromBlueConic function| debounce function| storeIDLInfo function| setOriginalIDL function| retry function| retryGetProfileProps function| emitIDLInfo function| retryEmitIDLInfo function| setLiveRampsIDL function| waitForBcPageView function| waitForATS function| waitForAuth0 function| waitForWall function| waitForBC function| pathValue object| IDLExists object| isIDLReportingPending object| isProfileUpdatePending object| atsPromise object| profilePromise object| loginAuth0Promise object| emailWallPromise object| pianoScript string| GoogleAnalyticsObject function| ga object| PARSELY object| ntv undefined| debug function| removeHash function| debugLog function| backfillNativo object| clientScript object| _comscore function| fbq function| _fbq string| meterContentType function| twq object| _linkedin_data_partner_ids boolean| _already_called_lintrk function| 4dm1r11545242527 function| lotameIsCompatible function| lt963_ba function| lt963_b undefined| lt963_c undefined| lt963_ca undefined| lt963_da function| lt963_ea object| lt963_e function| lt963_fa function| lt963_g function| lt963_ha object| lt963_ object| lt963_na object| lt963_oa object| lt963_Oa object| lt963_Ya object| lt963_Za object| lt963_7 function| lt963_aa function| lt963_a function| lt963_d function| lt963_f function| lt963_h function| lt963_ga function| lt963_ia function| lt963_i function| lt963_ja function| lt963_j function| lt963_k function| lt963_l function| lt963_m function| lt963_n function| lt963_la function| lt963_ka function| lt963_o function| lt963_p function| lt963_ma function| lt963_q function| lt963_r function| lt963_s function| lt963_t function| lt963_u function| lt963_sa function| lt963_pa function| lt963_qa function| lt963_w function| lt963_ra function| lt963_x function| lt963_y function| lt963_z function| lt963_A function| lt963_v function| lt963_B function| lt963_C function| lt963_ta function| lt963_D function| lt963_E function| lt963_ua function| lt963_F function| lt963_G function| lt963_va function| lt963_H function| lt963_I function| lt963_J function| lt963_wa function| lt963_L function| lt963_M function| lt963_K function| lt963_xa function| lt963_ya function| lt963_N function| lt963_za function| lt963_Aa function| lt963_Ba function| lt963_Ca function| lt963_Da function| lt963_Ea function| lt963_Fa function| lt963_Ja function| lt963_Ga function| lt963_Ha function| lt963_Ia function| lt963_Ka function| lt963_Ma function| lt963_La function| lt963_Na function| lt963_O function| lt963_Pa function| lt963_Qa function| lt963_Ra function| lt963_Sa function| lt963_Ta function| lt963_Ua function| lt963_Va function| lt963_Wa function| lt963_Xa function| lt963_P function| lt963__a function| lt963_0a function| lt963_1a function| lt963_Q function| lt963_R function| lt963_2a function| lt963_S function| lt963_T function| lt963_3a function| lt963_4a function| lt963_5a function| lt963_U function| lt963_V function| lt963_W function| lt963_X function| lt963_Y function| lt963_6a function| lt963_9a function| lt963_8a function| lt963_7a function| lt963_Z function| lt963__ function| lt963_0 function| lt963_1 function| lt963_4 function| lt963_ab function| lt963_cb function| lt963_bb function| lt963_eb function| lt963_db function| lt963_2 function| lt963_gb function| lt963_ib function| lt963_hb function| lt963_3 function| lt963_$a function| lt963_fb function| lt963_jb function| lt963_kb function| lt963_lb function| lt963_mb function| lt963_5 function| lt963_6 function| lt963_nb function| lt963_ob function| lt963_pb function| lt963_qb function| lt963_rb function| lt963_sb function| lt963_tb function| lt963_ub function| lt963_vb function| lt963_wb function| lt963_8 function| lt963_zb function| lt963_Ab function| lt963_yb function| lt963_xb function| lt963_Cb function| lt963_Bb function| lt963_Eb function| lt963_Db function| lt963_Fb function| lt963_Gb function| lt963_Hb function| lt963_Ib function| lt963_Jb function| lt963_Kb function| lt963_Mb function| lt963_Pb function| lt963_Ob function| lt963_Lb function| lt963_Sb function| lt963_Nb function| lt963_Qb function| lt963_Ub function| lt963_Tb function| lt963_Vb function| lt963_Rb function| lt963_Wb function| lt963_Xb function| lt963_Yb function| lt963_9 function| lt963_Zb function| lt963__b function| lt963_0b function| lt963_1b function| lt963_2b function| lt963_$ function| lt963_3b function| lt963_4b function| lt963_5b function| lt963_6b function| lt963_7b function| lt963_8b function| lt963_9b function| lt963_$b function| lt963_bc function| lt963_cc function| lt963_dc function| lt963_ac object| _aps boolean| apstagLOADED object| apscustom object| __otccpaooLocation object| blueConicPreListeners function| BCClass object| blueConicClient object| lotame_sync_16576 undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 function| onYouTubeIframeAPIReady object| gaGlobal object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadedadvanceddigitalheader640552616592 object| atsenvelopemodule object| fbcapimodule object| ats object| ggeac object| google_js_reporting_queue object| pbjsChunk object| _pbjsGlobals object| mnet object| liQ_instances function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| COMSCORE object| ns_p object| default_gsi object| _F_toggles object| google object| closure_lm_465903 object| __G_ID_CLIENT__ undefined| google_measure_js_timing object| SUBSCRIPTIONS number| google_unique_id object| gaplugins object| twttr string| OnetrustActiveGroups string| OptanonActiveGroups function| __gpp object| otStubData function| _typeof string| url string| ptitle undefined| nQuery number| ntvLoadStart object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| lintrk object| ORIBILI object| _mather number| _zid object| _matherq object| tid object| currentSegments object| segmentWhiteList object| filteredSegments object| filteredAudGov object| filteredAudIndividual object| filteredAudVoter object| filteredAudMVD object| filteredAudMayoral object| filteredAudMidterm2022 object| PublisherCommonId boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion function| ___tp object| ID5 object| __id5_instances object| otIabModule object| Optanon object| OneTrust object| bc_json292 number| BOOMR_configt object| gaData function| $ object| _bcp function| RuleService object| justDetectAdblock function| BlueConicEngagement object| bcConnectionUtil function| md5 function| BlueConicDataLayerUtility string| _contentURL string| _title object| bcSegmentsArray number| bcchunkSize number| num string| chunkString object| bcGASegment string| bcGASegmentName undefined| dcrSegmentsMI object| bc_json293 object| PianoESPConfig number| BOOMR_onload object| GoogleGcLKhOms

237 Cookies

Domain/Path Name / Value
h312.mlive.com/DG/DEFAULT Name: BCSessionID
Value: d7f7d8d3-bac0-4b4b-b3ff-092fa48b58c9
advancelocal.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: d7f7d8d3-bac0-4b4b-b3ff-092fa48b58c9
.liadm.com/j Name: lidid
Value: 25589b6a-66e1-45af-88b2-d7906ddb9058
i.liadm.com/s Name: _li_ss
Value: ChAKBgjSARD0FgoGCKIBEPQW
reschedule.delivery.evri.nn-lb.com/ Name: cookie_profiles
Value: 2a6c0b9d67cf4b802ef8da050420c23748943b8f
www.mlive.com/ Name: arc-geo
Value: {"country":"SG","continent":"AS","regioncode":"","city":"SINGAPORE","areacode":"","zipcode":"","timezone":"GMT+8","network":"","networktype":"","bandwidth":"5000"}
.mlive.com/ Name: AKA_A2
Value: A
.mlive.com/ Name: sophiTagses.073a
Value: *
.mlive.com/ Name: _sp_duid
Value: 21fe3f16-aa1c-4f70-9db4-67d98059347c
.mlive.com/ Name: _gcl_au
Value: 1.1.92354983.1704548306
.mlive.com/ Name: utag_vnum
Value: 1707140305635&vn=1
.mlive.com/ Name: utag_invisit
Value: true
.mlive.com/ Name: utag_dslv_s
Value: Less than 1 day
.mlive.com/ Name: lotame_domain_check
Value: mlive.com
www.mlive.com/ Name: last_visit_bc
Value: 1704548305746
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_domain
Value: .cc.mlive.com
.crwdcntrl.net/ Name: _cc_id
Value: fbfabb1e89960b7979ccb67a1ecd04d7
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSEtKS0xKMky1sLQ0M0gytzS3TE5OMjNPNExNTjEwSTFnAILUmeEXQTQE8NxbdJWF8TA7w39GRoad33vg7LYvljDh64dbjWDs80cPMcPYPzdOgSu%2FdOoRG0x8977LAjD2h4b7cPbhxXPg6t8tQbCfn1eHKQcA6387%2FA%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBInRl%2BEUhBABMDg6I%2FmKnECiQAPlsCwA%3D%3D"
.mlive.com/ Name: _cc_id
Value: fbfabb1e89960b7979ccb67a1ecd04d7
.mlive.com/ Name: _cc_cc
Value: ACZ4XmNQSEtKS0xKMky1sLQ0M0gytzS3TE5OMjNPNExNTjEwSTFnAILUmeEXQTQE8NxbdJWF8TA7w39GRoad33vg7LYvljDh64dbjWDs80cPMcPYPzdOgSu%2FdOoRG0x8977LAjD2h4b7cPbhxXPg6t8tQbCfn1eHKQcA6387%2FA%3D%3D
.mlive.com/ Name: _cc_aud
Value: ABR4XmNgYGBInRl%2BEUhBABMDg6I%2FmKnECiQAPlsCwA%3D%3D
.mlive.com/ Name: panoramaId_expiry
Value: 1705153105818
.mlive.com/ Name: panoramaId
Value: b946fd47a12f78bb55ed1b2f2818185ca02c630dbfbce5eea49ba188f569c833
.mlive.com/ Name: panoramaIdType
Value: panoDevice
.mlive.com/ Name: pbjs_sharedId
Value: 69f894fa-bf42-4484-9694-fd1dd0e4ebe4
.mlive.com/ Name: pbjs_sharedId_cst
Value: zix7LPQsHA%3D%3D
.mlive.com/ Name: _li_dcdm_c
Value: .mlive.com
.mlive.com/ Name: _lc2_fpi
Value: 94c49eadf2ac--01hkffy32ebq330pp5cnv5fb47
.mlive.com/ Name: _lc2_fpi_meta
Value: %7B%22w%22%3A1704548305998%7D
www.mlive.com/ Name: _lr_retry_request
Value: true
www.mlive.com/ Name: _lr_env_src_ats
Value: false
.mlive.com/ Name: sophiTagid.073a
Value: 21fe3f16-aa1c-4f70-9db4-67d98059347c.1704548305.1.1704548306.1704548305.04694cdf-d6c4-400c-b83a-63cb090dd869
www.mlive.com/ Name: _tfpvi
Value: Y2UzODdiNDQtMzg5Ni00YmZlLWE5YTItZjM1ZjI2NGVkNmM5Iy04LTE%3D
www.mlive.com/ Name: authsource_origin
Value: false
.scorecardresearch.com/ Name: UID
Value: 17F6d7e6e112e5309af0b7a1704548306
.mlive.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.mlive.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1704548306311%2C%22slts%22:0}
.mlive.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=b3b76af9db7953b8adb5fcce7e6bec71%22%2C%22session_count%22:1%2C%22last_session_ts%22:1704548306311}
.mlive.com/ Name: __gads
Value: ID=c64cff64467d2217:T=1704548306:RT=1704548306:S=ALNI_MYEmtJxT_Zv90LXJUl4Zejg7V8pJw
.mlive.com/ Name: __gpi
Value: UID=00000cd29caf76ed:T=1704548306:RT=1704548306:S=ALNI_MYitAeUiNfPaNfVtH1CE3aj-bsobA
.adnxs.com/ Name: uuid2
Value: 4048876994717771444
.mlive.com/ Name: _ml_ses
Value: *
.mlive.com/ Name: _fbp
Value: fb.1.1704548306512.1982603853
www.mlive.com/ Name: _lr_geo_location_state
Value:
www.mlive.com/ Name: _lr_geo_location
Value: SG
.t.co/ Name: muc_ads
Value: c0c524d4-6199-4c56-ae5a-cbd2d2268b97
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.twitter.com/ Name: guest_id_marketing
Value: v1%3A170454830655412738
.twitter.com/ Name: guest_id_ads
Value: v1%3A170454830655412738
.twitter.com/ Name: personalization_id
Value: "v1_pYHR6gC56VAUhhgVnm3QCA=="
.twitter.com/ Name: guest_id
Value: v1%3A170454830655412738
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZZlX0gAMY8sAPgAM
.mlive.com/ Name: OTGPPConsent
Value: DBABLA~BVQqAAAACgA.QA
www.mlive.com/ Name: usprivacy
Value: 1---
.mlive.com/ Name: __li_idex_cache2_InByZWJpZC8zNzIzP2R1aWQ9OTRjNDllYWRmMmFjLS0wMWhrZmZ5MzJlYnEzMzBwcDVjbnY1ZmI0NyZyZXNvbHZlPW5vbklkJnJlc29sdmU9dWlkMiZyZXNvbHZlPWluZGV4JnJlc29sdmU9bWFnbml0ZSZyZXNvbHZlPW1lZGlhbmV0JnJlc29sdmU9Ymlkc3dpdGNoIg
Value: %7B%7D
.mlive.com/ Name: __li_idex_cache2_InByZWJpZC8zNzIzP2R1aWQ9OTRjNDllYWRmMmFjLS0wMWhrZmZ5MzJlYnEzMzBwcDVjbnY1ZmI0NyZyZXNvbHZlPW5vbklkJnJlc29sdmU9dWlkMiZyZXNvbHZlPWluZGV4JnJlc29sdmU9bWFnbml0ZSZyZXNvbHZlPW1lZGlhbmV0JnJlc29sdmU9Ymlkc3dpdGNoIg_meta
Value: %7B%22w%22%3A1704548306881%2C%22e%22%3A1704551906000%7D
www.mlive.com/ Name: pbjs_li_nonid
Value: %7B%7D
www.mlive.com/ Name: pbjs_li_nonid_cst
Value: zix7LPQsHA%3D%3D
.mlive.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Sat+Jan+06+2024+21%3A38%3A26+GMT%2B0800+(Singapore+Standard+Time)&version=202311.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.mlive.com%2F&GPPCookiesCount=1&groups=1912%3A1%2CC0001%3A1%2CC0002%3A1%2CC0004%3A1%2CC0003%3A1
.sharethis.com/ Name: __stid
Value: ZHQAAmWZV9IAAAAIRxYIAw==
.sharethis.com/ Name: __stidv
Value: 2
.linkedin.com/ Name: li_sugr
Value: e5fbccda-7d57-469d-9ef9-bb187a762f13
.linkedin.com/ Name: lidc
Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2915:u=1:x=1:i=1704548306:t=1704634706:v=2:sig=AQGLLziArn_AHAZoxlBYZT5lTDZCj9Bp"
.mlive.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.rubiconproject.com/ Name: khaos
Value: LR241UYY-18-GEDC
.mlive.com/ Name: _ga
Value: GA1.2.1072478933.1704548306
.mlive.com/ Name: _gid
Value: GA1.2.1417018887.1704548307
.mlive.com/ Name: _gat_UA-16643585-16
Value: 1
.linkedin.com/ Name: UserMatchHistory
Value: AQKj0casqkt4NQAAAYze_xDOFO7J1vhK0BqGabwyTzqcv2Zv64VSoExzHdN98ZnY_CRrFIXu9hs5HA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKh_DVqbRegJgAAAYze_xDOB8w9BkNKQvYoEI6dsBPbixCSOyQZZf_fWD6zbhHDTucVDP9dkvSB_Ofmyki6Kg
.linkedin.com/ Name: bcookie
Value: "v=2&ba57393c-7030-4631-89f8-bd79302d3570"
.www.linkedin.com/ Name: bscookie
Value: "v=1&2024010613382726d5194e-d42e-4ae0-8973-578770a119b3AQHMSGqgdnwqBajzQbaN-jOmjssMnAs2"
.amazon-adsystem.com/ Name: ad-id
Value: A1OGas2JukIekE3ju7lR6yk
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.liadm.com/ Name: lidid
Value: 25589b6a-66e1-45af-88b2-d7906ddb9058
.postrelease.com/ Name: status
Value: 0
.mlive.com/ Name: _awl
Value: 2.1704548307.5-d3d15a513aac062552cf96427e91a6e5-6763652d617369612d6561737431-0
.postrelease.com/ Name: visitor
Value: 306a3f6b-e02a-4a7b-a4f8-c81d7d887089
www.mlive.com/ Name: ntvSession
Value: {"id":9163989,"placementID":773533,"lastInteraction":1704548307746,"sessionStart":1704548307746,"sessionEndDate":1704556800000,"experiment":""}
.id5-sync.com/ Name: 3pi
Value:
www.mlive.com/ Name: _ntv_uid
Value: 306a3f6b-e02a-4a7b-a4f8-c81d7d887089
.doubleclick.net/ Name: IDE
Value: AHWqTUl9zdGj3QECAH3nOYWg3whuvwm2kVjP8gr0jg5kaPnRjq8m2WFuQMwrTKRUNs0
.postrelease.com/ Name: ver
Value: 1
.casalemedia.com/ Name: CMID
Value: ZZlX1MaY56wGe4C-uYiXYQAA
.casalemedia.com/ Name: CMPS
Value: 5336
.casalemedia.com/ Name: CMPRO
Value: 5336
.openx.net/ Name: i
Value: cad5e7d3-69c8-0900-0f9b-e31d3e85feb8|1704548308
.sharethrough.com/ Name: stx_user_id
Value: 1be9c109-da85-4ead-a72e-c9e28d5ec6bf
.openx.net/ Name: pd
Value: v2|1704548308|jElYiuvOhI
.adsrvr.org/ Name: TDID
Value: 98f33047-6206-44a9-9367-ebdba8f53da3
.yieldmo.com/ Name: yieldmo_id
Value: VEhtIll55Zl9IW58q2lx%7C1704499200000%7C0
.ads.yieldmo.com/ Name: re_sync
Value: unl%3D1184554%7Cc%3D1184554%7Ct%3D1184554%7Cdv360%3D1184554%7Can%3D1184554
.smaato.net/ Name: SCM
Value: d34a1aaedb
.smaato.net/ Name: SCMaps
Value: d34a1aaedb
.openx.net/ Name: univ_id
Value: 537072971|98f33047-6206-44a9-9367-ebdba8f53da3|1704548308624722
.company-target.com/ Name: tuuid
Value: 479f0357-cb15-4471-a53c-773f7b9731fe
.company-target.com/ Name: tuuid_lu
Value: 1704548308|ix:0
www.mlive.com/ Name: BCSessionID
Value: d7f7d8d3-bac0-4b4b-b3ff-092fa48b58c9
.bidr.io/ Name: bitoIsSecure
Value: ok
.adotmob.com/ Name: uid
Value: 0a012204002f33736382d868
.adotmob.com/ Name: uuid
Value: 0a012204002f33736382d868
.adotmob.com/ Name: partners
Value: IX%3A1704548308786
.media.net/ Name: visitor-id
Value: 3475499083845877000V10
advancelocal.blueconic.net/ Name: AWSALBCORS
Value: nC/Y31vLWSwJvQjBV5vJBxGohb01wPGNcnB1a0V243r8S1H8gJ9YZJlN7gdJ9PTrR8nLTKl5ojrjy6nNS9WFYFqPY81lJpYLAsOsHEFkgirI3e+SHj0ttTreofnx
.smartadserver.com/ Name: pid
Value: 4474198923207602825
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzA0NTQ4MzA4fQ
.mediago.io/ Name: __mguid_
Value: 746ded22f33d08e32ducbb00lr241wlg
.ladsp.com/ Name: cr
Value: 1
.ads.yieldmo.com/ Name: ptrt
Value: 98f33047-6206-44a9-9367-ebdba8f53da3
.ads.yieldmo.com/ Name: ptran
Value: 4048876994717771444
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B1F2C5CC-9F1A-44F4-87F4-6FCEE685FC70
.bidswitch.net/ Name: tuuid
Value: d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3
.bidswitch.net/ Name: c
Value: 1704548309
.bidswitch.net/ Name: tuuid_lu
Value: 1704548309
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.bidr.io/ Name: bito
Value: AAXZdk7LMrAAABQjMFa4Qw
.smaato.net/ Name: SCMrktn
Value: d34a1aaedb
.ladsp.com/ Name: smn_uid
Value: OmzLJxQKfqfkjr7SibJRoRA8ZB5i0Fg
.ladsp.com/ Name: lum
Value: CMmx_PfNMRIFCAMQ0AU
.ads.yieldmo.com/ Name: ptrc
Value: CAESEIMaHrHo-RjNMZPru5Cl1aw
.fout.jp/ Name: uid
Value: 2JRFm51zMaMiBM7drMOEt__0Acs
.bidswitch.net/ Name: google_push
Value: AXcoOmRsndnX6pH5Z3cYn3_l9C_DRISBEfTLv7dPVZAp_d0K1iBI8L2y1oeexYDg3pu3SMsIbAqGrOktKg1OcrILQ5I12JRvmguFcEd2ARmx48WWL_ovdYakCYbSpkw96Tm36g3K1Ca2H8stjR7BTUVk_po
.yahoo.com/ Name: A3
Value: d=AQABBNVXmWUCEJQn2sGzkJGeOtoWfHpwpygFEgEBAQGpmmWjZQAAAAAA_eMAAA&S=AQAAAvAYeq4LNouE03JMsLyWPbE
.semasio.net/ Name: SEUNCY
Value: A154326C47C6E8FB
.popin.cc/ Name: __mguid_
Value: 746ded22c75d8a9c21loli00lr241x69
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-98f33047-6206-44a9-9367-ebdba8f53da3&KRTB&22918-98f33047-6206-44a9-9367-ebdba8f53da3&KRTB&22926-98f33047-6206-44a9-9367-ebdba8f53da3&KRTB&23031-98f33047-6206-44a9-9367-ebdba8f53da3
.tapad.com/ Name: TapAd_TS
Value: 1704548309628
.tapad.com/ Name: TapAd_DID
Value: 9d8cee36-f085-4f3e-b59d-502b6bde50ee
.rmp.rakuten.com/ Name: Rp
Value: 6911c43523d4554a34359299c7b1659957d560e47147f8f7
.connatix.com/ Name: cnx_userId
Value: 338f21f94d1f4c4fae7c4bc286b80c76
.adnxs.com/ Name: anj
Value: dTM7k!M40]D>6NRF']wIg2GVIwn+EP!]tcF8i_iqf!oN/@E'zz<*Z0Qx6QqnkCmFqQz`2e:2.oJqvqcg_]WOiqcyAlTD._*Pl[h>o'uTXn^*dj4/>UrRNzDI`-[wBJeI2<1>X8e!!)^m.(+d<
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxSMjQxVVlZLTE4LUdFREMiLCJleHBpcmVzIjoiMjAyNC0wNC0wNVQxMzozODoyOVoifX0sImJpcnRoZGF5IjoiMjAyNC0wMS0wNlQxMzozODoyOVoifQ==
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEIDE14QCV_QRPG4CaATyUWU&KRTB&23025-CAESEIDE14QCV_QRPG4CaATyUWU&KRTB&23386-CAESEIDE14QCV_QRPG4CaATyUWU
.teads.tv/ Name: tt_viewer
Value: 22651800-babb-4bab-888c-288335fb7859
.mlive.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lr241v17z6eb9wtp%22%7D
.mlive.com/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
.simpli.fi/ Name: suid
Value: 57F94EE4CDA843F8863F34610C0CE531
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!157
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:57F94EE4CDA843F8863F34610C0CE531&KRTB&23486-uid:57F94EE4CDA843F8863F34610C0CE531&KRTB&23489-uid:57F94EE4CDA843F8863F34610C0CE531&KRTB&23539-uid:57F94EE4CDA843F8863F34610C0CE531
.adform.net/ Name: C
Value: 1
www.mlive.com/ Name: _lr_sampling_rate
Value: 100
.adform.net/ Name: uid
Value: 7660733452243284982
h312.mlive.com/ Name: AWSALB
Value: VGXjX3fOQxAi0jBsw9MZHoMtowEltASVAvVEjd/nDNFYEnifdCajODLIj5M0scMAHuGUS5qgCnnWfQLfQi1hebWi/KPcM19j2yEdlQmUEpqqWzyn45X0+u6pepEC
h312.mlive.com/ Name: AWSALBCORS
Value: VGXjX3fOQxAi0jBsw9MZHoMtowEltASVAvVEjd/nDNFYEnifdCajODLIj5M0scMAHuGUS5qgCnnWfQLfQi1hebWi/KPcM19j2yEdlQmUEpqqWzyn45X0+u6pepEC
.zemanta.com/ Name: zuid
Value: fUZbGMbHzHgoucSV23nj
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.mathtag.com/ Name: uuid
Value: d9786599-57d6-4f00-b556-cf5f21b767d8
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:d9786599-57d6-4f00-b556-cf5f21b767d8
.lijit.com/ Name: ljt_reader
Value: H8jyJQZHoO3TmJmARdakjDVN
.piano.io/ Name: __cf_bm
Value: mXgckjAAPlv6PJ.xkIZJ5NlkAn8jDFjRoRG_mmo6he0-1704548310-1-AStl0TgdLkz/bntrVtqJNud3qYxpuhk+lfuW1ThVWAax5dMkDYEdC7P1GO/WI/D1agwULKPSSZlPmRbG50HZMqo=
.mlive.com/ Name: __tbc
Value: %7Bkpex%7DOsVHa_Xwe9WNmawXt4tr1vvI7APoa7oE0FhpCAq1WIueHqX2PJilglda91ubTy3t
.mlive.com/ Name: __pat
Value: -18000000
.mlive.com/ Name: __pvi
Value: eyJpZCI6InYtMjAyNC0wMS0wNi0yMS0zOC0yNi03OTUtWkdvZVV4b3F6NkRncm9pZS04NTEyN2ViZGQyMTk2YjI1YjI4N2VlODc1M2RiNzNmYiIsImRvbWFpbiI6Ii5tbGl2ZS5jb20iLCJ0aW1lIjoxNzA0NTQ4MzEwNTMwfQ%3D%3D
.mlive.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXQF8g
.mlive.com/ Name: xbc
Value: %7Bkpex%7DUEjrpi2WLg0PiHbjiCvQS8ezgJzTv0Ur5egnXmgKlOsLuAKTyQ52BXyYBr-U1YsSSjbED7V_fQTyEU9xZuftxsHMKf-A3efq_OZk9PeUTOMUKyTgXbBWi_TNyZMpX2wUVe15_N78bWhsyfyN-pmJjoNwiFjK4cJORgdolpn9-Jx6Q3KHv1g1otY9pk2zkNLUWPvMVNYMQMG1f0ULrQaj_DxKUGuiiZ5NtyLECW4Sk4GpaL_XMDBFzxbC7qqO6G8tWe6XK6pAKa2qKJ2OpjRHhbmI-X12GMHdqd9lL7Nvq5PbPa8UUAnCPrtpcvTK89bLmZdxnkNAU5aKBBGWvBLuvmKXp5n-RJCsbUiCmADeEMylA3k-n2vuoV5nGBfKAUDl0rfvTpsaz_BFCyPKnF2rPANkNVOQBMdYYoQEGkGgmZ_kLDnVgL59iY5bwvDVXPq1L4qM1Ih9JuFXP6h_USCZEU7dMoI1YyfE9gS7B-oF7uF95wxo8YFNz7_JISedFGhFXkGNniPqVxHjZ1e-O5DLLNCOYG-2QAIkE3ORYM1508ifgoZQjq3pteZdacII1vOKE6kmYWOEiYdZnwRHMh9ATCaqE6qFKyUSmNcu2E15pefOkBAqaju3V-EIomBbgSpzJyuX_S_UQimV_BpHTb0mfr2zqjCKnxyMtOG63po6dDIKy7upUBIPN5hIpq-wJw1oFOxYAbIeB7wFG7X8Dr6M50Rx7a_yrnZsw_b657gqpsUDGKX3HK7imFQKKFcVb-dasdxeANrEHlsBxHTiu9pMQr_LbEgol3-gLadOtcw55pBcvK6gxw7cXCZsERcYOaV35quOeZTw3RXODfvcGRi1gIzY71uuu0st3DaM8koF_kXjBTCSJQFBMc2wjVJlziWfVcaOvEV48QzVPiwgYvqEFYiO1JgciJEwIyBKY6__t-T-FWQ9HE4YtW29330AthyZ49yETFNUmaFwF06nRsUWj_aqgpguUH-SGiHNW32Xvjs7NY_Sd9F0JAJ1ygjttuLsaAdkVadGNQNGM-DGVm8Ut2HIQD3p-HokoKizVRgd_4SZD5vsNPPArtRETn9l9LsHRABU6w7uF2KFBqE1y8YJqiaL9S3o4Y0qD7RD2OwIAmn8FdZ5KyZJp4a1XjQj1n4_MA7mPVMhrmV90QwbqRGbFh2cnW57Sn3hUpwCKO4JfFgG-s5PDUn89ggoJtblb3C1o5zeDrD6pgOSKQH-_RyXB8S3FqCG_2_HbyvVpdIMZE79IadHckV_z4xlBC-QWQF2
.mlive.com/ Name: _ml_id
Value: f088ef69-9a66-4fe5-acc8-f258c4b96205.1704548306.1.1704548311.1704548306
.www.mlive.com/ Name: _pc_sup_support_acq-sup2
Value: 10
.lijit.com/ Name: _ljtrtb_80
Value: LR241UYY-18-GEDC
.turn.com/ Name: uid
Value: 4569115504333617179
.ipredictive.com/ Name: cu
Value: aadb8592-82e3-4ab1-b1ef-bab4a9a1eeeb|1704548310583
.tinypass.com/ Name: LANG
Value: en_US
.id5-sync.com/ Name: id5
Value: cab1841d-b779-78ee-8d7e-acc4af1356ee#1704548307665#3
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJ3i7HOB7AXMEJ1L8DnI4nQ22I0OOQUNtcPRA0_9NYBupZoouJGr2kjxKyZQC4TM1
.tinypass.com/ Name: LANG_CHANGED
Value: en_US
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004%22%7D
.mlive.com/ Name: utag_vs
Value: 6
.mlive.com/ Name: utag_dslv
Value: 1704548311429
.mlive.com/ Name: _ga_GG8B674XK4
Value: GS1.1.1704548305.1.0.1704548311.0.0.0
www.mlive.com/ Name: offer_config
Value: %257B%2522type%2522%253A%2522bottomfixed%2522%252C%2522version%2522%253A%2522cta%2522%252C%2522placement%2522%253A%2522bottom-fixed%2522%252C%2522newsletterId%2522%253A%2522%2522%252C%2522closable%2522%253A%2522true%2522%252C%2522scrollLock%2522%253A%2522true%2522%257D
.ads.yieldmo.com/ Name: ptrunl
Value: RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004
.rezync.com/ Name: zync-uuid
Value: 08a08027-7b06-4f5a-bda9-6b2ebd482197:1704548311.523232
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 156011:4
.pubmatic.com/ Name: DPSync3
Value: 1705708800%3A201_245_226_197%7C1704585600%3A248%7C1705104000%3A164
.pubmatic.com/ Name: SyncRTB3
Value: 1705708800%3A54_3_247_21_13_7_8_71_220%7C1705363200%3A63%7C1705104000%3A223_2
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4048876994717771444&KRTB&23339-4048876994717771444
.ambientdsp.com/ Name: _aGeoIp
Value: SG-Singapore
.ambientdsp.com/ Name: _aUID
Value: 12zpt1m9f2qf
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4569115504333617179&KRTB&23150-4569115504333617179&KRTB&23527-4569115504333617179
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-12zpt1m9f2qf
.aralego.com/ Name: sspid
Value: af3c3f0a-bfed-3b95-8e8d-28bb76527378
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3
.adnxs.com/ Name: XANDR_PANID
Value: F625Gx39mdXRLduNLO6cl0kHAmuzKtz14ke--4r24_2wzTlnV2yu50mCArv-4pK9cZ2PBlGMLZc0PS0Naf_NKUQzPGbayj1q-mNAqUnWOx0.
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2g11:175w~2g11"
.quantserve.com/ Name: d
Value: EIEBCwHrKvijAA
.quantserve.com/ Name: mc
Value: 659957d8-72116-5ff9a-3172a
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-t6f_2LSlotmspfTQsKTr1Of0_4CsoffWs_NcPClL&KRTB&19420-t6f_2LSlotmspfTQsKTr1Of0_4CsoffWs_NcPClL&KRTB&22979-t6f_2LSlotmspfTQsKTr1Of0_4CsoffWs_NcPClL&KRTB&23462-t6f_2LSlotmspfTQsKTr1Of0_4CsoffWs_NcPClL
.pubmatic.com/ Name: PugT
Value: 1704533890
.criteo.com/ Name: uid
Value: 05340985-a6fd-48ca-847a-263c57f46abd
.media.net/ Name: data-ttd
Value: 98f33047-6206-44a9-9367-ebdba8f53da3~~1
.media.net/ Name: data-c
Value: 05340985-a6fd-48ca-847a-263c57f46abd~~1
.media.net/ Name: data-c-ts
Value: 1704548312
.w55c.net/ Name: wfivefivec
Value: FLwNzbTm1Rm6SI5
.w55c.net/ Name: matchmedianet
Value: 5
.media.net/ Name: data-g
Value: CAESEFQRkoOWOjuTyawm8qFpQU4~~8
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMK+lCDt9ruaGW/I4OAzkH5QMIjnAuwSLQ+jZYdqfCxGJg3w4zmW/LaN/frC/1VlldDMboWaW1ii7cZeSo+tMFocX1vKT1ONdRY=
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_5skbGZgkWhgYWBkrmueZGCma5JmmqiblJJoqWuWZJSalGJiYWRoaW5laG5gYmpiYWxoqGdqZAyEs4R54WJGQHIRKt8SAM0gydxZAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_w3CyxGAMAgFwIvt4DwIv9gNTLSQVB5nd1-OLCQkKBpO-llRr5rkLW8vTeEZDwfUNAfzbTJ-B9pFd905AAAA
.media.net/ Name: data-xu
Value: FLwNzbTm1Rm6SI5~~8
.taboola.com/ Name: t_gid
Value: 75af0428-5253-4bad-b894-8d800f61d6d8-tuctc92dd58
.taboola.com/ Name: t_pt_gid
Value: 75af0428-5253-4bad-b894-8d800f61d6d8-tuctc92dd58
.pippio.com/ Name: did
Value: SEEw5tqe-263oZxu
.pippio.com/ Name: didts
Value: 1704548312
.pippio.com/ Name: nnls
Value:
.media.net/ Name: data-r
Value: LR241UYY-18-GEDC~~1
.media.net/ Name: data-bs
Value: d0b7385f-fe38-4307-bdb7-f32a0d7d0bb3~~1
.dotomi.com/ Name: DotomiTest
Value: bfa728642e21eff
.brand-display.com/ Name: _knxq_
Value: 3867dc02-312d-2278-e58afac8.1704548312.0.1704548312.1704548312
.media.net/ Name: data-ze
Value: fUZbGMbHzHgoucSV23nj~~1
.media.net/ Name: data-co
Value: AAALTyHy_Z-3UQNCMqrfAAAAAAA~~8
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjIwtDA1MjcxMTKwABLGBmamQnyGuqWplmGZjsWFwSkWPgBL_u_gJQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjIwtDA1MjcxMTKwABLGBmamQnyGuqWplmGZjsWFwSkWPgBL_u_gJQAAAA
.media.net/ Name: data-rk
Value: 2018527442084423065~~8
.pippio.com/ Name: pxrc
Value: CNiv5awGEgQIAhAAEgYI7OsBEAA=
live.rezync.com/ Name: sd-session-id
Value: .eJwNitEKwyAMAP8lz3UkUWvqzxSdGchWN2r3stJ_nxwcHNwJ60f3LTVtB8Rj_-oE91cd1SGe0Otv0ydEYCTxHJxjlCGLluCaoGvv9d3WWsaDklCQgwkZZ-MePplc0mLmzJqLE6YlRArovBNLdPNsB3D9AXk-JQ8.ZZlX2A.kTdhqaxm_NzzbO2QbC0pQ4b30ag
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004%22%7D
.demdex.net/ Name: demdex
Value: 76758388696753948480449708794875861790
.media.net/ Name: data-r1
Value: RX-9fdf8485-daa6-496f-b051-9e3ebabaae0d-004~~8
.rlcdn.com/ Name: rlas3
Value: S7jYRpwwzGYR4baGGwsXQCiYj1WSGtuiPWk1iBHsYvo=
.rlcdn.com/ Name: pxrc
Value: CNiv5awGEgUI6EcQABIGCLrqARAB
.creativecdn.com/ Name: u
Value: 08q8RdIEQJwNdP4LRm5n
.creativecdn.com/ Name: g
Value: 08q8RdIEQJwNdP4LRm5n_1704548313176
.creativecdn.com/ Name: ts
Value: 1704548313
.linksynergy.com/ Name: rmuid
Value: 379b54b0-111a-4997-b9c4-8b28343be5dc
.linksynergy.com/ Name: icts
Value: 2024-01-06T13:38:33Z
.dpm.demdex.net/ Name: dpm
Value: 76758388696753948480449708794875861790
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCIzSo8fZscc8EAUSFwoIcHVibWF0aWMSCwjc28DM2bHHPBAFEhQKBXRhcGFkEgsIhoCr0dmxxzwQBRISCgNhYW0SCwj07Ir02bHHPBAFGAEgAigCMgsIsqG7mvCxxzwQBTgBWgthZGNvbmR1Y3RvcmAC
.mfadsrvr.com/ Name: tuuid
Value: 3032bcfc-64f1-4f57-94be-d207d34718d1
.mfadsrvr.com/ Name: c
Value: 1704548313
.mfadsrvr.com/ Name: tuuid_lu
Value: 1704548313
.mfadsrvr.com/ Name: ssh
Value: !medianet,1704548313
.media.net/ Name: data-mf
Value: 3032bcfc-64f1-4f57-94be-d207d34718d1~~1
.media.net/ Name: data-rbh
Value: LE0BBioQlieMnwfs_Qa1F2_4guAxir_H1uYpGq4trPY~~1
.www.mlive.com/ Name: RT
Value: "z=1&dm=www.mlive.com&si=601be70c-2b3a-43fa-8ce4-5b2706421d4a&ss=lr241j8h&sl=1&tt=h7m&rl=1&ld=h7o"
.pubmatic.com/ Name: SPugT
Value: 1704548314

4 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=115
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://connect.facebook.net/signals/config/120978121945017?v=2.9.139&r=stable&domain=www.mlive.com(Line 137)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEKI0BE2f9qKkbCRKZNRTnZE&google_cver=1&google_push=AXcoOmRzSikMsyXbHs04-sM1K75ubsYMWLKteDu_rk5M90L55idYaSjnDrORGkhq6iYmMXdx1p0rhRes6IWYdd7odJ3r-cq6HOykHjgZSxHIGWmlR_aLb-HGzWAUwHP1ip9AQYzeHDIyefXZEt033kGIpRU
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEGmpUEjR81tZSiq-Ky3phuo&google_cver=1&google_push=AXcoOmSnAdFUkz87ivjQ_tdff_TZ_Nj51_6oUyRKKHKJuNDksKbALvcsg0lmbCbqrkVmqYCnPYGy5zlLPX9q6paL5pYpw26FRsR7O6IUiSoR56CnWkOSPlJYtzCJ2bUdzdCUpeJayns1dbtdOplsufSMeEY
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.svtrd.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.google.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.rubiconproject.com
ads.yieldmo.com
advancelocal.blueconic.net
ampcid.google.com
ampcid.google.com.sg
analytics.twitter.com
api-v3.tinypass.com
api.rlcdn.com
app.cauly.co.kr
app.matheranalytics.com
apps.sophi.io
at.teads.tv
ats-wrapper.privacymanager.io
b1sync.zemanta.com
bb9bcb08b50bf514542d203f8ef331be.safeframe.googlesyndication.com
bcp.crwdcntrl.net
bttrack.com
buy.tinypass.com
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
c2.piano.io
c21lg-d.media.net
capi.connatix.com
cdn.cookielaw.org
cdn.id5-sync.com
cdn.indexww.com
cdn.parsely.com
cdn.sophi.io
cdn.tinypass.com
cdnjs.cloudflare.com
ce.lijit.com
check.analytics.rlcdn.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
core.iprom.net
cr-p3.ladsp.com
creativecdn.com
cs.chocolateplatform.com
cs.media.net
csync.loopme.me
d.turn.com
d1z2jf7jlzjs58.cloudfront.net
dclk-match.dotomi.com
direct.adsrvr.org
dis.criteo.com
display.bidder.taboola.com
dmp.adblade.com
dmp.brand-display.com
dpm.demdex.net
dps.jp.cinarra.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ead.mlive.com
ecollector-us-east.sophi.io
eus.rubiconproject.com
exchange.postrelease.com
experience.tinypass.com
fastlane.rubiconproject.com
fonts.advance.net
geo.privacymanager.io
geolocation.onetrust.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
h312.mlive.com
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
jadserve.postrelease.com
jp-u.openx.net
js-sec.indexww.com
js.matheranalytics.com
lb.eu-1-id5-sync.com
lexicon.33across.com
live.rezync.com
luminouscatalyst.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
medianet-match.dotomi.com
micro.rubiconproject.com
mlive.com
news.google.com
onetag-sys.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pippio.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.media.net
privacy.crwdcntrl.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
reschedule.delivery.evri.nn-lb.com
rp.liadm.com
rtb.mfadsrvr.com
s-cs.rmp.rakuten.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.go-mpulse.net
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.advance.net
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aralego.com
sync.crwdcntrl.net
sync.fout.jp
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.sharethis.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.adx.opera.com
t.co
tags.crwdcntrl.net
tags.rd.linksynergy.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trace.popin.cc
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.linkedin.com
www.mlive.com
x.bidswitch.net
z.moatads.com
app.cauly.co.kr
cm-supply-web.gammaplatform.com
cs.chocolateplatform.com
exchange.postrelease.com
sync-dsp.ad-m.asia
sync.targeting.unrulymedia.com
103.229.10.192
103.254.153.160
103.43.89.4
104.17.194.118
104.17.24.14
104.18.131.236
104.18.160.126
104.18.223.248
104.18.25.173
104.18.36.155
104.244.42.5
104.244.42.67
104.81.16.97
104.81.29.52
104.81.31.93
104.83.196.24
107.178.250.234
107.178.254.65
119.9.108.191
13.107.42.14
13.224.250.125
13.226.120.90
13.227.254.17
13.227.254.99
13.227.255.71
13.228.126.19
13.250.171.168
13.33.33.26
13.33.35.24
13.33.88.98
13.35.21.79
139.162.23.100
142.251.10.148
142.251.10.157
142.251.12.132
142.251.175.101
142.251.175.105
142.251.175.154
142.251.175.156
142.251.175.97
15.197.193.217
151.101.1.44
151.101.108.157
151.101.130.133
151.101.130.49
151.101.194.133
157.240.15.13
157.240.15.35
162.19.138.120
162.19.138.83
172.104.51.122
172.217.194.148
172.253.118.132
172.64.146.152
172.64.149.180
172.64.151.101
172.64.155.119
172.67.38.106
18.138.18.111
18.140.225.254
18.155.68.11
18.155.68.84
18.156.93.131
182.161.73.136
182.161.73.146
185.184.8.90
185.84.60.23
192.132.33.68
195.5.165.20
198.8.71.131
20.127.253.7
202.232.238.37
207.65.33.76
207.65.33.78
207.65.33.82
211.120.53.200
216.137.52.106
216.200.232.253
23.105.12.143
23.106.127.165
23.199.80.177
23.203.108.27
23.203.109.118
23.203.109.78
23.207.180.137
23.207.192.249
23.207.193.230
23.36.48.24
23.47.190.130
23.9.116.188
3.1.14.27
3.160.188.30
3.33.241.113
34.110.181.170
34.111.113.62
34.120.155.137
34.120.63.153
34.160.19.107
34.199.73.116
34.225.182.250
34.95.81.88
34.96.71.22
34.98.64.218
34.98.67.3
35.186.193.173
35.186.255.72
35.208.249.213
35.213.12.39
35.213.89.133
35.214.204.214
35.230.38.116
35.244.154.8
35.244.193.51
35.78.136.80
38.91.45.7
42.99.140.176
44.208.76.193
44.212.199.220
44.238.24.58
45.137.176.88
50.116.239.135
51.79.154.9
52.194.94.90
52.223.1.76
52.35.107.54
52.46.130.91
52.54.170.5
52.57.24.26
52.74.150.191
52.74.217.47
52.84.228.19
52.84.251.101
52.84.251.45
52.84.45.86
52.95.125.22
54.146.46.22
54.151.179.52
54.155.18.159
54.168.28.98
54.175.254.208
54.192.150.16
54.208.84.171
54.251.138.68
54.255.135.85
63.251.14.14
64.233.170.102
64.233.170.113
64.233.170.84
64.74.236.127
67.199.150.81
67.199.150.86
69.173.158.64
69.173.158.65
74.118.186.107
74.125.200.154
74.125.200.156
74.125.68.100
74.125.68.155
75.2.53.215
8.43.72.97
82.145.213.8
89.207.22.76
000875f535d3c8342137670778185a66af35c904fd6d5e5f19fb57438eea12db
00b8981bc12f1d4313764a20cc3d89418cac0ff9d546a759db55d0c9ac988a32
013d0d99a23cd1ced9c4ab62ad1e4665e4f72de13f23c83894b8eb51a8cb2dcf
01e0050e00c3776cb46cd8f95c050c963959d31c4e3dc2e5e01d81f876aa1df8
0256ac69ffaae638ffb56855a0f47b40e4cd001ba903c43cc0402beb29391303
0303ea40991b5474b8907de596d83f12e6cc7ec296a8897ce6a1c00982555861
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
068482c7e58a007c4addaaf83130d0bae3ad1e713d0977774326bd8124e1aa6c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0709e11f34bb1e47193a170bc8baf94732a32a867443b29be840c550cc03981d
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
07d0084f1697727f6f7f9d76c00d2ef5bdfea6824dc3c4e481fa1cb33bc6c4c7
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1194491324f0e5b99036c8ae0ad83d12f0f21d841cc31eae81caf10c05d76b
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f4fe2938bb90ede05201fd69f8a47381636d12dd819d4fa8c24a4a06be92de8
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
12c18b0df739a4d7a005b5f008753db68f086e697149f7b633af20d547aff6ab
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18706969485372141ee0b1278ac2ea411ed8d714a5e0c24a45ede1b125b7fa16
189c7fe10b370e1646bce8dd3f0639b844d5e0702cd5631b982f4b4507ea66a0
196d2300b2d505fca7e055323494423e88f987178d6383d145600cc50a45fb4c
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1f0b2b7a9ed8dff75946a5d1e80ff3a83cd4609274a71f4af7ddae9191e1bcac
2109fef047b2cdb546bfe714738d6e0fcbd276b16773bcd43d2be960931370da
2170db8df6f2531ee5b7d8ed31fa09fc5209dcd18e18a7091161dc4e9fd32aee
264fe6f4db0dfc19b10c6c0c18ea6f57c0d18d20c265e2fa3bc807d641ffb657
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269310477d1b33ec8b0d3a7483688f388740edbe3b34f2d2b0d3c6bbdb466738
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
26f59c7ff784ea03c69b44aa4f8496d8b7452217bbac5d9b18626203462bf00a
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
278c594fb1e8381410e079777ccd31fa020a6c6c602e4679409935b70ad0706d
28445ab5a58bac3609ddba4d1200c1797a766b538fd6b0bdb0926fbe386f327c
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
2a70c011ae2744e9d6486d31e25e621e6d7c5334224c69f04409012afba00c2b
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2dd35ea485e6d027cd5eef09499dbb790b2c16ffa80189476877362ebfc1f70d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ec9a04482df83185c1532eea68a7f029e7be1a813a2167a8c4f2dc7e85e1793
3f09be23411e14c211cefbda3f34a1bedbdb6052cf814c60e02cf06419731407
3f532563b13c4f462bae981e1683f717c050c4d81e12d0886073ba185ca5c0a7
3f5684bf5aa4a6eb5c9015394c8739dff39377a73adf72c30ba511d0ab5b50f3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4162ea57a90ab5b576177e35a6943295a755c8fb86f95af42971d334b68f85a3
421984feec8064b5c04fc4b0b39790fb7a8c7f029f7fe066cb368289e37508f6
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42a81956859182fbd6f108c298208db557a98b75242e1f3e121865a0d96a38ce
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4918f51b2e5fe8e382052c64d1f082d4e7e52e4aa04b06805b41253a41fb7531
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fb1d13154b4b396d3ce77eb8294a859bef473d7d991624d266b0247c419a9ef
53b2ca32aad7f85c22c1dba1e1b45aa876c6af724071b3c8dfa356ef86e68a08
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59dcb4a586677f8eaae8c4bf0123f4248e34bd62367f5b90c84127d98c219dc5
5bcebd2ecd1d1dda57aeb2173c4221bcd69cc0a722ee2136269553f9e98cc433
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fcb92a51aa8370f34dedbbe334b72387ce9f7e8bde13da609eb2f4a81f1606c
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068b1fd7a614acfd121ee51fbd018fca6cb7e09ce1f8a0992a8ec41c3041a53
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6d55944664ea05fc63a29cba6ef737c7a961f22e616cd2b7e9dc6139aa5fd
624472a3021d2febbad25c8e2a6873b86e0f58ec1f25c96340254ac9b241fc54
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
638e495250f109595db281e3d8fabab2eba880ec9429dc8b8c167df070415793
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6aa559f239655277f2e115d885d2eff1ce567d1d5e6e6d7cdfeb53645156212d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bfe280c501d01dc9b39511ab8b8f9346efdf243c3db60a935f108c8e36b56d9
702c805fec65a8cc8c6c40aed34123b021e5ed6107cc6dfdebc4b0fc2e229887
76a1f0ea6b737ffd1815e0baedeceede870ba1fc24b378db27924cb8ddc10f08
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7d38e129ee23cd5f98c88239b0576903d219e04433ee1909e93427154162c3a3
7d5ff3f38fc47331890e77c5679963c972345acb699b580ee6d01379f053d4ae
7e29d6c2b0ad820dd8f947266b198f1b2a8f8095f7c8150556e159ab93dc2124
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
82cc530818d2ba90ff4da637c0fde2422a6c856ff3915b84ec8a65ab360abba1
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
86a1e1067e7006d30f97a6a2e5f38794fab13056dc9e8730aafc745783b56899
86ffd0f399d6fae2978a6113d5a87a85873c6495ef644041cd43fab6f2218575
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
8a2061b5f295a0eeaa11cc613abb8e3434a15a1568c3434c22ef7769591e9183
8a32c5b076142770db05105a79a7fceba65ac31a29277e3f7247fec57e3ee2b5
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8b0a66ebf5f8d14ae79bd8ef9787cd1640c331927b7549bc7ca762d3c2eddca3
8e177a91def5457a48dcbe910e828b7bf06dbeeac581bf68b33bc004aa1fbceb
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
900058dffaf216c9a853e2d7e4109bfa2a58994237b2d4e5793734e4c2ecb4ac
91ceaaf6d83a6fe14565186dc45f495c27633ec9fac3bfd633ba5162f04c4c0d
95d98804a6e5f1e07cca375e5eff2d59603f175e6f35f1de42a5fd1112b0dc1c
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
96f394f2ce15c2dcc68e2ab3c94e6de48eb191998108a0e4112955f8ad8cdb51
97e3ac693c9feefce753e5424bc2739f2352f31f47411ce0e69e2d4a16532ec7
989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
99957eb9f9af9a51f9b38c73cecafa38dc9304ac43aa63f6888f2f5abe6813e1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9a811246367093979c01fc9ea67e8db8c1b1e5abbd10fd669d6de163702c942b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b421b9b77fb6b30849932d7538f2f051debd7d5c8c36dd9521f8e65a32df895
9bb456d836cc354945cecce8dbdf0ec21d2d9cbc30d001d401bc978f6df75818
9d442ca0d9b1e3120d0d523cbfc20520ea75c82a0e503717df802f47e960a2e7
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
a616b55881f1c4dc0d1293596ae12a4d6426a4e676e1cd1daf33e9aea192dbb2
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275
a975d720478f73180b45aac604dd1a1c28a88696f8f32e6a14745abcf05d1830
a9f443128a1452aa4cd9e024e59e48ae22e8adac085229f91763da17c6a8c655
ab4046389a6099210e827d4e39fa09b38a914f0d1c665f8efb448e6bb27b49c4
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca479c29194026efc9f2ff315a9f91ee01e52f481414903e3c62f018a1ba6d1
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad958dae8a1b5be06730926b4b27000aea178e1f5cd62b2e666c4144bff477a2
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b6a09251dfdb96bb8a73aeabee416131dfe2a4410bccfaa2f4d089a6642051
b396ae4c9dc4cec9c79931da5c8993ffb15d5d6ed98a14fc00bb4d159c7dd739
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b4aab23f2abdbef0e01780c8e11567a9a7c7a5e425d57540e5b24115ff38508f
b4c450f21d15fd084443cf65cd2341c58558d4e85d144d78227ec350a38392cf
b5af004daafe813511ba3a5127eef79b185233fb1e297c3f53213c643a09c073
b61566612392f0437229c51aacd13673c22256fc0df43132ccc4f3d2c77e3ea5
b78bc5c07f038b149515d8a5cadf1533dd1cc438ee4a587fd2770c526304279a
b9afeb90db17ffa772a8bbc38f8ae37524ac4c0660dfc228f528cfe36a38d53d
bb4f8f475b404644a100dd8b2ff86b208c65b167c8fc6410bf334b08dc8e2273
bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc
bbd06841ef604f5809ae6ebb76bcfe35209472cdf2bee20dbd09cf1b18b537f5
bc2c90a5d930389c9e3f9932904bf42c135e876a072fc08d023544ba7f539186
bfcc23462136af97c7b17c5143ae4ad78ae1779ecebcc3692120c8af9bb8abd8
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2c29ef79bb4f8d316dd0ea33a8ac3d91fb8a54592f5ada1d796792124721c11
c2e63495ba4031641ce088011c4be239cdd576e98b3d88d74464af39606670fc
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c57d9466026bfd2378357830150bc1e90c5762d2dd15730b2a622172dcc1c4fd
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7
ca32811c8da38b49a909fd33984d939ba1d339c8ff5e38b6deb35c31d75d10fb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc5752e8ed3fd346a0c405849102accc7580233c091a5c69eb3df7954b74d960
ccbf1df429b508c532e9f8b7e24766bedb71b44088a4b11c7f013d4fa43693d9
cd4831ce5e4604e3554bea94ceb387ef7d7bad029a81853464e741211a5e5f23
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfbda9c93a684a4cda34db0352c7b6d6c42f58b513a1e0ed8f82b4a7ec6b67e8
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d115b4a70f5c60653dc5977257bfd5af45373de3c7369411fbf797a0d1ea32d2
d1e849dae35bc7601913a56dee0dc20b3a47fc4cbf050aa6527c38c1e038f1fd
d223768c8c211c108349645cb062a9dcdb5456e9abc8c6a36eb06366db6fbd5a
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d2eb94caefed2b3b1b85445bb432e2341b103f48ae9153db5b127585847219eb
d3d8e9c50d7cc6bbbeaf8ff841661751cdb5fdcffcfa3600b9464b56d155fb6a
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d570bcfb711bfa433426aacfc5e1b56cdc5cc5ecbd998f0c18e7c6c80f78c6b3
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
d6ec6572f32d9611a47e251bfed6cbde0474401603a276f59f6054426b19f873
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d9a88d548488330c2fdc31dd655203aa0044b8d954b0e1665e09b58965e52bf7
db19d658a8dd7f95bf92f8150518f90b1ec33b645d41e9c925bc6f85ffd5ead7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd32b408a6feeda51fd7c694ab86f265c4d11d9041079b681018eb792c36d980
ddd6d77b168d8f2f86001448f752d85c3109a2430a5aeaaaec957d1c5ab9dba1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49f55637dff315b98e1fd8ff6d5891dad20a07bb8cead5070afed79a3973758
e4ad3a7c4aa97b074c4d59a438bb5813ded8ad1d8bb8cf630abb4c6ee075d54e
e4e4cdf8ed42abda5a5d8dabe90433777be1b35d8d4ba74da7a5c1d7aee7950d
e5696a4c04cb9236e69390a6a84619091cfe6ce887e5747c74f3214a69419484
e5846855fe93138cefb036cfabb7df25e29cac878c52564ac6c116d8f343e210
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
e7e045a8603cecff41b38e87c8ed6e3f5e8920b8f002c5466a352b87306481ae
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
eb3bf98cf3f5fb2a171fd8b82319b4a5706155049eb9be0747141baeb8ac4691
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec18ebaedb655fd8c94eb9c8160e218920dbe41c7059171f06c03d0dedd5010a
ec27429b92840173d570438ca448f932353e4ee729c74cfaeb307dbc0893336a
ec55901d8377ee761067bab7debb33c9adbedda3b7756ef7cb5d8b546f43bc16
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ee9d11c373870aee4391c291c71c32919add23f19e67b5da86421d8d067c60a8
eef57151e6646e4f59ca6a1d749631ee2f89bf4d1b736fb4620b784cedbe0de6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcd7b0fbc8fc88625d0610c979dc72aff5c4f5b1aa5dd661ba228fe52efef13
eff3f3a3176b573deb814dcf030d72e46775a4efc8b7db90851bbe27d5e97c7d
f136e48ba4e90eefa26696f9cdee07c1565a55642e769d76ce3c524b3556a666
f29b257a3de129765fa546474230d7f016cf770544f4a55327b8b947c6aa58b9
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
f551a0b8d7f4c2bdd5b94af090c24b43a03a29c20d841e639799aa38493cc51e
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f8051f3eb7b146bdfd1156266a2947c7361e2d9546fa39f4c86cc06d869cd877
f81e1296368a568da6095490fdf3cf7e9788aec0c401ab375dcf3662b918090e
f83fdb9fb740cade58278412847013685fbd7b96499ba7dacf095bf7ee4a3c4a
fa76463735fce864c32dda07c312700148fc03e30ed12be2ba60c048ede446de
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804
fcef857804b8d1cf1fa3a19dc80b9b2d92f344332538b39585706b228534a3f4
fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c