urlscan.io logo urlscan.io
SecurityTrails logo

www.mlive.com Open in urlscan Pro
2a02:26f0:64::210:6a92  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.mlive.com/
Submission Tags: @phishunt_io
Submission: On October 05 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 121 IPs in 12 countries across 85 domains to perform 409 HTTP transactions. The main IP is 2a02:26f0:64::210:6a92, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.mlive.com. The Cisco Umbrella rank of the primary domain is 96069.
TLS certificate: Issued by R3 on July 26th 2022. Valid for: 3 months.
This is the only time www.mlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
34 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
10 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:1901:0:8... 15169 (GOOGLE)
1 13.32.121.108 16509 (AMAZON-02)
1 18.66.122.48 16509 (AMAZON-02)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
8 52.223.1.76 16509 (AMAZON-02)
2 2.18.232.7 16625 (AKAMAI-AS)
13 52.222.236.75 16509 (AMAZON-02)
5 23.35.237.151 16625 (AKAMAI-AS)
1 108.138.7.53 16509 (AMAZON-02)
8 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 18.66.92.109 16509 (AMAZON-02)
1 23.35.237.64 16625 (AKAMAI-AS)
2 13.32.121.37 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 199.232.136.157 54113 (FASTLY)
1 108.138.15.119 16509 (AMAZON-02)
1 2 107.178.250.234 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 96.16.141.156 16625 (AKAMAI-AS)
3 108.138.4.10 16509 (AMAZON-02)
3 108.138.17.94 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 18.66.100.58 16509 (AMAZON-02)
3 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
2 3.228.43.237 14618 (AMAZON-AES)
1 52.212.137.183 16509 (AMAZON-02)
4 34.251.218.252 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
8 52.16.246.173 16509 (AMAZON-02)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 54.146.241.124 14618 (AMAZON-AES)
1 18.66.112.25 16509 (AMAZON-02)
2 18.203.164.244 16509 (AMAZON-02)
1 23.206.210.112 16625 (AKAMAI-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 3.219.38.131 14618 (AMAZON-AES)
1 54.155.18.159 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 108.138.4.150 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 141.95.98.71 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
3 2602:803:c003... 26667 (RUBICONPR...)
3 34.107.148.139 396982 (GOOGLE-CL...)
3 185.64.189.112 62713 (AS-PUBMATIC)
3 104.18.18.126 13335 (CLOUDFLAR...)
3 3.211.220.40 14618 (AMAZON-AES)
3 141.95.33.111 16276 (OVH)
1 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
6 2a03:2880:f11... 32934 (FACEBOOK)
6 3.33.220.150 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.82.150.226 14618 (AMAZON-AES)
1 23.205.246.164 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 52.36.23.219 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638::3 44788 (ASN-CRITE...)
1 3.134.134.122 16509 (AMAZON-02)
6 3.65.87.135 16509 (AMAZON-02)
12 18.66.122.92 16509 (AMAZON-02)
2 108.138.7.5 16509 (AMAZON-02)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
3 3 3.120.25.48 16509 (AMAZON-02)
12 32 142.250.185.226 15169 (GOOGLE)
4 5 2a05:d018:d29... 16509 (AMAZON-02)
2 2 52.49.201.206 16509 (AMAZON-02)
3 3 13.248.245.213 16509 (AMAZON-02)
2 3 23.35.228.23 16625 (AKAMAI-AS)
2 52.57.233.51 16509 (AMAZON-02)
3 6 51.89.9.252 16276 (OVH)
1 2 2406:2600:4::b 55569 (CRITEO-AS...)
5 151.101.114.132 54113 (FASTLY)
2 18.66.147.110 16509 (AMAZON-02)
3 213.227.153.223 60781 (LEASEWEB-...)
6 213.227.153.222 60781 (LEASEWEB-...)
3 213.19.147.47 3356 (LEVEL3)
1 34.98.64.218 396982 (GOOGLE-CL...)
2 23.35.237.86 16625 (AKAMAI-AS)
5 6 37.157.4.25 198622 (ADFORM)
2 8 104.18.19.126 13335 (CLOUDFLAR...)
1 1 2600:9000:223... 16509 (AMAZON-02)
1 185.86.137.121 201081 (SMARTADSE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 178.250.0.157 44788 (ASN-CRITE...)
13 151.101.194.133 54113 (FASTLY)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 151.101.130.133 54113 (FASTLY)
3 143.204.89.57 16509 (AMAZON-02)
1 2600:1901:0:8... 15169 (GOOGLE)
1 34.120.133.55 396982 (GOOGLE-CL...)
3 23.35.236.247 16625 (AKAMAI-AS)
4 23.35.236.201 16625 (AKAMAI-AS)
3 2.18.235.93 16625 (AKAMAI-AS)
2 23.205.235.133 16625 (AKAMAI-AS)
1 185.64.190.78 62713 (AS-PUBMATIC)
2 13 185.80.39.216 27381 (CASALE-MEDIA)
4 7 52.46.155.104 ()
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 64.202.112.191 23352 (SERVERCEN...)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 37.252.173.22 29990 (ASN-APPNEX)
2 2 162.19.80.91 16276 (OVH)
2 2 37.252.172.123 29990 (ASN-APPNEX)
3 3 185.29.134.248 30419 (MEDIAMATH...)
1 151.101.2.49 54113 (FASTLY)
1 52.30.152.75 16509 (AMAZON-02)
1 2 52.49.84.111 ()
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 3.251.13.39 16509 (AMAZON-02)
3 5 52.95.126.160 16509 (AMAZON-02)
2 4 69.173.144.138 26667 (RUBICONPR...)
4 4 69.173.144.139 26667 (RUBICONPR...)
2 2 213.155.156.181 1299 (TWELVE99 ...)
7 185.64.190.80 62713 (AS-PUBMATIC)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 198.47.127.20 62713 (AS-PUBMATIC)
1 1 141.94.171.212 16276 (OVH)
1 34.91.62.186 396982 (GOOGLE-CL...)
409 121
34    2a02:26f0:64::210:6a92 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.mlive.com
10    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    2600:1901:0:802f::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
satisfycork.com
1    13.32.121.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-108.fra60.r.cloudfront.net
cdn.sophi.io
1    18.66.122.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-48.fra60.r.cloudfront.net
apps.sophi.io
2    2a02:26f0:480:293::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
68794912.akstat.io
2    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    52.223.1.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8fd921d2017b5f79.awsglobalaccelerator.com
collector2.sophi.io
2    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
at.teads.tv
13    52.222.236.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-75.fra56.r.cloudfront.net
h312.mlive.com
5    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    108.138.7.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-53.fra56.r.cloudfront.net
ats.rlcdn.com
8    2606:4700::6811:b8b1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
api-v3.tinypass.com
5    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
ampcid.google.de
1    18.66.92.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-92-109.fra56.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1    23.35.237.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-64.deploy.static.akamaitechnologies.com
s.ntv.io
2    13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net
sb.scorecardresearch.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
2    2606:4700:4400::6812:2962 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
11    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2606:4700::6812:a6e0 (United States)

ASN13335 (CLOUDFLARENET, US)
pub.doubleverify.com
2    96.16.141.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
3    108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net
c.amazon-adsystem.com
3    108.138.17.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-94.fra56.r.cloudfront.net
tags.crwdcntrl.net
3    2a00:1450:4001:806::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2600:9000:223f:d000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net
cdn.parsely.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    3.228.43.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-43-237.compute-1.amazonaws.com
advancelocal.blueconic.net
1    52.212.137.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-137-183.eu-west-1.compute.amazonaws.com
privacy.crwdcntrl.net
4    34.251.218.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-218-252.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
id.crwdcntrl.net
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
8    52.16.246.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-246-173.eu-west-1.compute.amazonaws.com
jadserve.postrelease.com
1    2600:1f18:730:b130:1296:7358:4f0d:4115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    54.146.241.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-241-124.compute-1.amazonaws.com
rp4.liadm.com
1    18.66.112.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-25.fra56.r.cloudfront.net
geo.privacymanager.io
2    18.203.164.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-164-244.eu-west-1.compute.amazonaws.com
vtrk.doubleverify.com
1    23.206.210.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
3    3.219.38.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-38-131.compute-1.amazonaws.com
www.i.matheranalytics.com
1    54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
p1.parsely.com
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
16    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
www.googletagservices.com
4    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
3    108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    141.95.98.71 (France)

ASN16276 (OVH, FR)
PTR: ns3216577.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    2001:41d0:701:1000::2fb3 (France)

ASN16276 (OVH, FR)
lbs.eu-1-id5-sync.com
3    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
3    3.211.220.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-220-40.compute-1.amazonaws.com
exchange.postrelease.com
3    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
1    2a02:26f0:64:6b5::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
6    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
12    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    54.82.150.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-150-226.compute-1.amazonaws.com
idx.liadm.com
1    23.205.246.164 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-246-164.deploy.static.akamaitechnologies.com
ead.mlive.com
4    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    52.36.23.219 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-23-219.us-west-2.compute.amazonaws.com
id.sharedid.org
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    3.134.134.122 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-134-134-122.us-east-2.compute.amazonaws.com
prod.uidapi.com
6    3.65.87.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-87-135.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
12    18.66.122.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-92.fra60.r.cloudfront.net
b.sharethrough.com
2    108.138.7.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-5.fra56.r.cloudfront.net
native.sharethrough.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
3    3.120.25.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-25-48.eu-central-1.compute.amazonaws.com
pm.w55c.net
32    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
5    2a05:d018:d29:3601:2446:243c:2b31:890f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    52.49.201.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-201-206.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
cs.media.net
c21lg-d.media.net
2    52.57.233.51 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-233-51.eu-central-1.compute.amazonaws.com
match.sharethrough.com
6    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
2    2406:2600:4::b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
5    151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
zem.outbrainimg.com
2    18.66.147.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-110.fra60.r.cloudfront.net
sdk.sharethrough.com
3    213.227.153.223 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
b1-eudc1.zemanta.com
6    213.227.153.222 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
b1t-eudc1.zemanta.com
3    213.19.147.47 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
a-ams.1rx.io
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
2    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
6    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
8    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    2600:9000:223f:7200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    185.86.137.121 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
13    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
static.advance.net
9    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
fonts.advance.net
3    143.204.89.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-57.fra50.r.cloudfront.net
check.analytics.rlcdn.com
1    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
3    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
4    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
13    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
dsum.casalemedia.com
7    52.46.155.104 (None, )

ASN- ()
s.amazon-adsystem.com
1    2606:4700::6813:ad6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
2    64.202.112.191 (Lovettsville, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    2606:4700::6812:d4c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
4    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    162.19.80.91 (France)

ASN16276 (OVH, FR)
PTR: ns3011793.ip-162-19-80.eu
gu.dyntrk.com
2    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
3    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    52.30.152.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-152-75.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    52.49.84.111 (None, )

ASN- ()
dpm.demdex.net
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    3.251.13.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-13-39.eu-west-1.compute.amazonaws.com
d.adroll.com
5    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    213.155.156.181 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com
d5p.de17a.com
7    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel.onaudience.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
Apex Domain
Subdomains		 Transfer
48 mlive.com
www.mlive.com — Cisco Umbrella Rank: 96069
h312.mlive.com — Cisco Umbrella Rank: 185707
ead.mlive.com — Cisco Umbrella Rank: 213862
2 MB
44 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
cm.g.doubleclick.net — Cisco Umbrella Rank: 304
205 KB
26 googlesyndication.com
c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
tpc.googlesyndication.com — Cisco Umbrella Rank: 170
101 KB
24 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 754
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 703
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 908
dsum.casalemedia.com — Cisco Umbrella Rank: 2347
19 KB
21 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3166
ads.rubiconproject.com — Cisco Umbrella Rank: 3516
fastlane.rubiconproject.com — Cisco Umbrella Rank: 701
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3615
eus.rubiconproject.com — Cisco Umbrella Rank: 861
pixel.rubiconproject.com — Cisco Umbrella Rank: 493
token.rubiconproject.com — Cisco Umbrella Rank: 1067
138 KB
18 sharethrough.com
b.sharethrough.com — Cisco Umbrella Rank: 3309
native.sharethrough.com — Cisco Umbrella Rank: 3226
match.sharethrough.com — Cisco Umbrella Rank: 820
sdk.sharethrough.com — Cisco Umbrella Rank: 3681
150 KB
18 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 391
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 750
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1300
58 KB
16 advance.net
static.advance.net — Cisco Umbrella Rank: 65102
fonts.advance.net — Cisco Umbrella Rank: 146552
381 KB
16 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 718
ads.pubmatic.com — Cisco Umbrella Rank: 728
image6.pubmatic.com — Cisco Umbrella Rank: 915
image2.pubmatic.com — Cisco Umbrella Rank: 1513
simage2.pubmatic.com — Cisco Umbrella Rank: 1016
image4.pubmatic.com — Cisco Umbrella Rank: 1520
37 KB
11 zemanta.com
b1-eudc1.zemanta.com — Cisco Umbrella Rank: 22576
b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 15215
b1sync.zemanta.com — Cisco Umbrella Rank: 827
2 KB
11 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1981
exchange.postrelease.com — Cisco Umbrella Rank: 6747
6 KB
11 google.com
accounts.google.com — Cisco Umbrella Rank: 130
ampcid.google.com — Cisco Umbrella Rank: 2411
adservice.google.com — Cisco Umbrella Rank: 136
www.google.com — Cisco Umbrella Rank: 19
77 KB
10 sophi.io
cdn.sophi.io — Cisco Umbrella Rank: 25601
apps.sophi.io — Cisco Umbrella Rank: 56011
collector2.sophi.io — Cisco Umbrella Rank: 47694
45 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 668
234 KB
9 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 358
90 KB
9 media.net
prebid.media.net — Cisco Umbrella Rank: 1901
cs.media.net — Cisco Umbrella Rank: 2337
contextual.media.net — Cisco Umbrella Rank: 841
c21lg-d.media.net — Cisco Umbrella Rank: 3468
27 KB
8 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1563
privacy.crwdcntrl.net — Cisco Umbrella Rank: 28384
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1096
id.crwdcntrl.net — Cisco Umbrella Rank: 2077
36 KB
8 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 8577
cdn.tinypass.com — Cisco Umbrella Rank: 6941
buy.tinypass.com — Cisco Umbrella Rank: 5834
api-v3.tinypass.com — Cisco Umbrella Rank: 25129
142 KB
7 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 2307
insight.adsrvr.org — Cisco Umbrella Rank: 922
match.adsrvr.org — Cisco Umbrella Rank: 463
4 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 334
secure.adnxs.com — Cisco Umbrella Rank: 707
6 KB
6 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 965
cdn.indexww.com — Cisco Umbrella Rank: 2222
6 KB
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 989
3 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1080
1 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 115
330 B
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
region1.google-analytics.com — Cisco Umbrella Rank: 2144
20 KB
5 outbrainimg.com
zem.outbrainimg.com — Cisco Umbrella Rank: 3247
42 KB
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 735
3 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1477
id5-sync.com — Cisco Umbrella Rank: 642
34 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 850
www.linkedin.com — Cisco Umbrella Rank: 840
px4.ads.linkedin.com — Cisco Umbrella Rank: 6680
4 KB
5 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 16596
www.i.matheranalytics.com — Cisco Umbrella Rank: 17361
42 KB
5 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 2288
check.analytics.rlcdn.com — Cisco Umbrella Rank: 5016
api.rlcdn.com — Cisco Umbrella Rank: 1094
39 KB
5 moatads.com
z.moatads.com — Cisco Umbrella Rank: 620
px.moatads.com — Cisco Umbrella Rank: 634
85 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 486
mug.criteo.com — Cisco Umbrella Rank: 1859
dis.criteo.com — Cisco Umbrella Rank: 935
8 KB
4 google.de
ampcid.google.de — Cisco Umbrella Rank: 37983
adservice.google.de — Cisco Umbrella Rank: 5221
1 KB
4 doubleverify.com
pub.doubleverify.com — Cisco Umbrella Rank: 8133
vtrk.doubleverify.com — Cisco Umbrella Rank: 2127
18 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 723
2 KB
3 1rx.io
a-ams.1rx.io — Cisco Umbrella Rank: 58288
10 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 601
1 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1306
3 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 3924
google-bidout-d.openx.net — Cisco Umbrella Rank: 3835
572 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 228
132 KB
3 liadm.com
rp.liadm.com — Cisco Umbrella Rank: 2494
rp4.liadm.com — Cisco Umbrella Rank: 6039
idx.liadm.com — Cisco Umbrella Rank: 3682
2 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 203
196 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6517
562 B
2 demdex.net
dpm.demdex.net
2 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 2175
843 B
2 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1371
13 KB
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 983
815 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1743
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1864
574 B
2 blueconic.net
advancelocal.blueconic.net — Cisco Umbrella Rank: 44867
2 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3974
p1.parsely.com — Cisco Umbrella Rank: 3168
21 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 913
666 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
2 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1407
at.teads.tv — Cisco Umbrella Rank: 4911
4 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
189 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1898
c.go-mpulse.net — Cisco Umbrella Rank: 738
50 KB
2 satisfycork.com
satisfycork.com — Cisco Umbrella Rank: 51308
28 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1440
610 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 4592
417 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 2343
181 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 23393
269 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 833
433 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 930
177 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1257
425 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 683
506 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1351
131 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 7160
295 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 485
5 KB
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 5411
3 KB
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1188
75 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1009
443 B
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 4526
5 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 789
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 4181
8 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 4078
903 B
1 akstat.io
68794912.akstat.io — Cisco Umbrella Rank: 22990
201 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 2197
17 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 2308
596 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 859
726 B
1 t.co
t.co — Cisco Umbrella Rank: 550
378 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 828
466 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 967
15 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1571
3 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 4720
143 KB
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1 KB
409 85
Domain Requested by
34 www.mlive.com www.mlive.com
32 cm.g.doubleclick.net 12 redirects c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
13 static.advance.net buy.tinypass.com
www.mlive.com
13 h312.mlive.com www.mlive.com
h312.mlive.com
12 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
12 b.sharethrough.com www.mlive.com
c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
11 securepubads.g.doubleclick.net www.mlive.com
securepubads.g.doubleclick.net
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
www.googletagservices.com
10 cdn.cookielaw.org www.mlive.com
cdn.cookielaw.org
9 cdnjs.cloudflare.com buy.tinypass.com
8 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
8 jadserve.postrelease.com s.ntv.io
www.mlive.com
8 collector2.sophi.io cdn.sophi.io
7 s.amazon-adsystem.com 4 redirects ssum-sec.casalemedia.com
6 c1.adform.net 5 redirects ads.pubmatic.com
6 b1t-eudc1.zemanta.com c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
widgets.outbrain.com
6 onetag-sys.com 3 redirects c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
6 prebid-a.rubiconproject.com micro.rubiconproject.com
6 www.facebook.com www.mlive.com
5 aax-eu.amazon-adsystem.com 3 redirects ads.pubmatic.com
5 match.adsrvr.org ssum-sec.casalemedia.com
5 zem.outbrainimg.com c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
5 pr-bh.ybp.yahoo.com 4 redirects ssum-sec.casalemedia.com
5 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
4 image2.pubmatic.com ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 pixel.rubiconproject.com 2 redirects
4 ib.adnxs.com 4 redirects
4 ads.pubmatic.com micro.rubiconproject.com
4 www.google.com tpc.googlesyndication.com
c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
4 c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 simage2.pubmatic.com ads.pubmatic.com
3 sync.mathtag.com 3 redirects
3 cdn.indexww.com ssum-sec.casalemedia.com
3 contextual.media.net micro.rubiconproject.com
3 js-sec.indexww.com micro.rubiconproject.com
3 check.analytics.rlcdn.com micro.rubiconproject.com
3 fonts.advance.net static.advance.net
3 a-ams.1rx.io c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
a-ams.1rx.io
3 b1-eudc1.zemanta.com c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
3 eb2.3lift.com 3 redirects
3 pm.w55c.net 3 redirects
3 www.googletagservices.com c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
3 px.moatads.com www.mlive.com
3 id5-sync.com cdn.id5-sync.com
micro.rubiconproject.com
3 exchange.postrelease.com micro.rubiconproject.com
3 htlb.casalemedia.com micro.rubiconproject.com
3 hbopenbid.pubmatic.com micro.rubiconproject.com
3 prebid.media.net micro.rubiconproject.com
3 fastlane.rubiconproject.com micro.rubiconproject.com
3 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 www.i.matheranalytics.com www.mlive.com
3 bcp.crwdcntrl.net tags.crwdcntrl.net
3 px.ads.linkedin.com 2 redirects
3 accounts.google.com www.mlive.com
accounts.google.com
3 tags.crwdcntrl.net www.mlive.com
securepubads.g.doubleclick.net
3 c.amazon-adsystem.com www.mlive.com
c.amazon-adsystem.com
3 connect.facebook.net www.mlive.com
connect.facebook.net
2 d5p.de17a.com 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 secure.adnxs.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
2 widgets.outbrain.com a-ams.1rx.io
c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
2 sdk.sharethrough.com c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
2 gum.criteo.com 1 redirects static.criteo.net
2 match.sharethrough.com c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
2 cs.media.net 2 redirects
2 ads.yieldmo.com 2 redirects
2 oajs.openx.net 1 redirects
2 native.sharethrough.com www.mlive.com
2 cdn.id5-sync.com www.mlive.com
securepubads.g.doubleclick.net
2 vtrk.doubleverify.com pub.doubleverify.com
2 region1.google-analytics.com www.googletagmanager.com
2 advancelocal.blueconic.net h312.mlive.com
2 pub.doubleverify.com www.mlive.com
pub.doubleverify.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 js.matheranalytics.com 1 redirects www.mlive.com
2 sb.scorecardresearch.com www.mlive.com
2 z.moatads.com www.mlive.com
z.moatads.com
2 www.googletagmanager.com www.mlive.com
www.googletagmanager.com
2 satisfycork.com www.mlive.com
satisfycork.com
1 um.simpli.fi
1 pixel.onaudience.com 1 redirects
1 image4.pubmatic.com
1 dis.criteo.com 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 sync-tm.everesttech.net ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 ad.turn.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 csync.loopme.me ssum-sec.casalemedia.com
1 c21lg-d.media.net contextual.media.net
1 image6.pubmatic.com ads.pubmatic.com
1 api.rlcdn.com micro.rubiconproject.com
1 id.crwdcntrl.net micro.rubiconproject.com
1 lexicon.33across.com micro.rubiconproject.com
1 api-v3.tinypass.com cdn.tinypass.com
1 ajax.googleapis.com buy.tinypass.com
1 mug.criteo.com
1 c2.piano.io cdn.tinypass.com
1 ssbsync.smartadserver.com c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
1 s.ad.smaato.net 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 prod.uidapi.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 id.sharedid.org securepubads.g.doubleclick.net
1 ead.mlive.com
1 idx.liadm.com micro.rubiconproject.com
1 68794912.akstat.io s.go-mpulse.net
1 insight.adsrvr.org js.adsrvr.org
1 c.go-mpulse.net s.go-mpulse.net
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 stats.g.doubleclick.net www.google-analytics.com
1 p1.parsely.com www.mlive.com
1 secure.cdn.fastclick.net www.mlive.com
1 geo.privacymanager.io ats.rlcdn.com
1 ampcid.google.de www.google-analytics.com
1 rp4.liadm.com www.mlive.com
1 rp.liadm.com 1 redirects
1 ads.rubiconproject.com micro.rubiconproject.com
1 privacy.crwdcntrl.net tags.crwdcntrl.net
1 analytics.twitter.com www.mlive.com
1 t.co www.mlive.com
1 ampcid.google.com www.google-analytics.com
1 px4.ads.linkedin.com www.mlive.com
1 www.linkedin.com 1 redirects
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 cdn.tinypass.com experience.tinypass.com
1 at.teads.tv a.teads.tv
1 static.adsafeprotected.com satisfycork.com
1 micro.rubiconproject.com www.mlive.com
1 js.adsrvr.org www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 s.ntv.io www.mlive.com
1 d1z2jf7jlzjs58.cloudfront.net www.mlive.com
1 experience.tinypass.com www.mlive.com
1 ats.rlcdn.com www.mlive.com
1 a.teads.tv www.googletagmanager.com
1 s.go-mpulse.net www.mlive.com
1 apps.sophi.io www.mlive.com
1 cdn.sophi.io www.mlive.com
409 152
Subject Issuer Validity Valid
advancelocal.web.arc-cdn.net
R3		 2022-07-26 -
2022-10-24		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
satisfycork.com
R3		 2022-08-28 -
2022-11-26		 3 months crt.sh
cdn.sophi.io
Amazon		 2021-11-18 -
2022-12-16		 a year crt.sh
apps.sophi.io
Amazon		 2022-04-17 -
2023-05-16		 a year crt.sh
akstat.io
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-15 -
2023-04-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.sophi.io
Amazon		 2022-05-11 -
2023-06-09		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
h299.reckon.news
Amazon		 2022-07-01 -
2023-07-30		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-12 -
2023-09-12		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-14 -
2022-10-12		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.parsely.com
Amazon		 2022-06-05 -
2023-07-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.blueconic.net
Amazon		 2022-07-08 -
2023-08-06		 a year crt.sh
*.postrelease.com
Amazon		 2022-02-17 -
2023-03-18		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
vtrk.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2021-12-03 -
2023-01-04		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
www.i.matheranalytics.com
Amazon		 2022-01-13 -
2023-02-11		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.liadm.com
Amazon		 2022-09-30 -
2023-10-29		 a year crt.sh
li.lisecurelink.com
R3		 2022-07-13 -
2022-10-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-08-09 -
2022-11-07		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.uidapi.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.outbrainimg.com
R3		 2022-10-04 -
2023-01-02		 3 months crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2022-04-27 -
2023-04-26		 a year crt.sh
advancelocal.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-04-25 -
2023-05-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
analytics.rlcdn.com
Amazon		 2022-07-27 -
2023-08-25		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2022-08-27 -
2022-11-25		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
adroll.mgr.consensu.org
Amazon		 2022-08-10 -
2023-09-08		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh

This page contains 33 frames:

Primary Page: https://www.mlive.com/
Frame ID: D50E7871464C62632EB0072B6605C753
Requests: 210 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: AC1E7A2D8F206E3849B04545A862F408
Requests: 1 HTTP requests in this frame

Frame: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1BF18013CB63BB854AB9D4473DD8E8B6
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=4pdxx2d&ref=https%3A%2F%2Fwww.mlive.com%2F&upid=p5qqvcp&upv=1.1.0
Frame ID: 79EFEC6842FE2C6EE331E0B4B2D83E1B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E114B44A2EADCD96899C18F916FB9B68
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 040DC50F20B72B040116A31B461303E6
Requests: 2 HTTP requests in this frame

Frame: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7FB5A7CF9D84A3D91A681FD084B910F4
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 069A740AD259A28C90EDE4D715B538F2
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mlive.com
Frame ID: 82BB427CA12B075DCAF613EE11BAE663
Requests: 2 HTTP requests in this frame

Frame: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 25054EDAFB03DD2CAF0F91DC7238B48E
Requests: 18 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 0726406A9C7792127C7DC7A4C5DE01B5
Requests: 1 HTTP requests in this frame

Frame: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CB480CBF639E273049A94166CEE887E2
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 019B469E30BCABC39B8169896F31355B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 31D9B3ED1B7C3336D0F0117BF95E0ED2
Requests: 9 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Frame ID: A22B9DDB32BC529D83B8041A97D30C19
Requests: 29 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: CA1ACFAC0653DC7C0F97E2F9C1AF995A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Frame ID: B40FF28FED89E6D0D9798B0662F1EB69
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 70B2D43B8D9206E576205DEAA2BC8244
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 9E48A1744581BED09AD7E5E59E491863
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 7CD08F84D48E66FACB50825E012ED01D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0B52BD1676FCA554107168D54269C92A
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Frame ID: B2E89072C4E7EEEE95437C2980860EA4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Frame ID: D4F6E876F5167EEB6277F39774255A2C
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 42A0C60A3D24D8E1C79F7A0D0E05E803
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 3AE24467B660302278A5D1380B202D98
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 0E87A76935D4765EFC4F3537FAF8DB9C
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B49FAA2F684DEB1C5DCE39F6A1045DD4
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A81B6E5DEFD7FE5213ECB4A23AAD2B1D
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=4A6719EB-F3B4-437E-ABDB-7FA4AA85366E
Frame ID: 29AD606F5743EAA899B9C74FB029BF29
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6647946735075619217
Frame ID: 4EC914827E78464412F0718EBC2C5C1D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:15df633d-101c-4f00-ba55-f67012fd5781&gdpr=0&gdpr_consent=
Frame ID: 82CCAD45FDAC3407A1B6D171C071339C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 6E0FF8DDD9A66BA0E63BCDD6E45E5542
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4A6719EB-F3B4-437E-ABDB-7FA4AA85366E&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 9DE669ACABF88372CDE89EB6B09873EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Michigan Local News, Breaking News, Sports & WeatherLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronBack ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

409
Requests

87 %
HTTPS

31 %
IPv6

85
Domains

152
Subdomains

121
IPs

12
Countries

4463 kB
Transfer

12486 kB
Size

107
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54
  • https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1606 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
Request Chain 72
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1664946198225&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1664946198225%26url%3Dhttps%253A%252F%252Fwww.mlive.com%252F%26tm%3Dgtmv2%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1664946198225&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1664946198225&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQICCUvbaMceWAAAAYOmhtihbCv7qrA-Ul9acdWhEH8qkjsKEtI92nYx8oxkSrk6hDAYW_5vYbPab7-zDSw8Oe3MDejAqA
Request Chain 88
  • https://rp.liadm.com/j?dtstmp=1664946198372&se=e30&duid=94c49eadf2ac--01gek8dnv2gzd9padg1f08hbmd&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1664946198372&se=e30&duid=94c49eadf2ac--01gek8dnv2gzd9padg1f08hbmd&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOjRhODU6YzU5NTplN2Nl&n3pc=true
Request Chain 201
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
Request Chain 202
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOHx-pkMsJhh81z0H1o3Vjg&google_cver=1&google_push=AZmPxg_63C3zZpFeoGB6JEBiebcBlocexZFHFSYDrmcEsZSlebC9bbzDYoAHva90jkm1GdywDHpI1o2Wta67TSIT-EMvwTOcm_k HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOHx-pkMsJhh81z0H1o3Vjg&google_cver=1&google_push=AZmPxg_63C3zZpFeoGB6JEBiebcBlocexZFHFSYDrmcEsZSlebC9bbzDYoAHva90jkm1GdywDHpI1o2Wta67TSIT-EMvwTOcm_k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWxaYzRHU2oxT0ZXeVg1&google_gid=CAESEOHx-pkMsJhh81z0H1o3Vjg&google_cver=1&google_push=AZmPxg_63C3zZpFeoGB6JEBiebcBlocexZFHFSYDrmcEsZSlebC9bbzDYoAHva90jkm1GdywDHpI1o2Wta67TSIT-EMvwTOcm_k
Request Chain 203
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGKd_Gp15hzy4P7YpOZuv6Q&google_cver=1&google_push=AZmPxg8a7HVOPBaud6rXP-voei9zYXDf-lqClLcdlunKLjQ5g5cOD40c4y2UELp4rSbnkFLP0PE2ac8bW4bEgzSD_a3Kp7k5Ok9L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg8a7HVOPBaud6rXP-voei9zYXDf-lqClLcdlunKLjQ5g5cOD40c4y2UELp4rSbnkFLP0PE2ac8bW4bEgzSD_a3Kp7k5Ok9L&google_hm=MjM2MDY3MjAyMTAwODMyMzk1Ng%3D%3D
Request Chain 204
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEMprPZvZcXp_HOgFFo6UzNw&google_cver=1&google_push=AZmPxg8D4jZ6_Sd9QHmhDK9WHGc3-WGhtlhSfDWqYft7CKuKIlnzIIPMqY8Q9cjLKtZjF8xYUhqpTM4LaQt6sXMJwzWlh187ip9b HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg8D4jZ6_Sd9QHmhDK9WHGc3-WGhtlhSfDWqYft7CKuKIlnzIIPMqY8Q9cjLKtZjF8xYUhqpTM4LaQt6sXMJwzWlh187ip9b&google_hm=ZzIxZTIzOWZjMWRmNTBkN2VmOTg=
Request Chain 205
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPbUZU6Q3wVNSE1Griuazsk&google_cver=1&google_push=AZmPxg_EtMzVeQ-1bOiBRAo93ZPCqpVzgQHNCCUZxDRbGH2YXDa8w5Zqy_Pn5Izn6XIhBzMQlCbzY96NhvxAcRUQrnqsnl4C_Qvg HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg_EtMzVeQ-1bOiBRAo93ZPCqpVzgQHNCCUZxDRbGH2YXDa8w5Zqy_Pn5Izn6XIhBzMQlCbzY96NhvxAcRUQrnqsnl4C_Qvg&google_gid=CAESEPbUZU6Q3wVNSE1Griuazsk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODA2NzczMjg4ODUwMDk5NjIzNzUy&google_push=AZmPxg_EtMzVeQ-1bOiBRAo93ZPCqpVzgQHNCCUZxDRbGH2YXDa8w5Zqy_Pn5Izn6XIhBzMQlCbzY96NhvxAcRUQrnqsnl4C_Qvg
Request Chain 206
  • https://cs.media.net/cksync?type=g&google_gid=CAESELnGkwYNkJhcGpdhTKjlgJE&google_cver=1&google_push=AZmPxg_m0p-W5sxBevGloiZv2e25Cu7OBNEWiZ-dxY409Yrbz-f4XcBsd1Im37o1rU_Z_vIPhzqLRma_NtHbyp1U8vW66objb57z HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA3OTQ3Nzk5ODIxNDk3MjAwMFYxMA%3d%3d&mn_hm=MzA3OTQ3Nzk5ODIxNDk3MjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_m0p-W5sxBevGloiZv2e25Cu7OBNEWiZ-dxY409Yrbz-f4XcBsd1Im37o1rU_Z_vIPhzqLRma_NtHbyp1U8vW66objb57z&gdpr=&gdpr_consent=
Request Chain 208
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF_AAGxw__9aEBrm4YRkZwk&google_cver=1&google_push=AZmPxg8on4mTbdnTFSkNgayaIJLgbRUJ8Fm3EhUa2jV5WhibCSLa9W5OcSPxbGP5-j8MHv9OsoIp-wkz-JzGbhWimU9t9DZFOhpd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8on4mTbdnTFSkNgayaIJLgbRUJ8Fm3EhUa2jV5WhibCSLa9W5OcSPxbGP5-j8MHv9OsoIp-wkz-JzGbhWimU9t9DZFOhpd HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 264
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOHx-pkMsJhh81z0H1o3Vjg&google_cver=1&google_push=AZmPxg8AtjEbIweKmYpb-BBB3lithVTGpbP35tbRtdotiBoo3Igou6mcaZWmWUZ_ebeJ7YgBQmsQKxOUa2W3R5q3zwgbbF_IX2Jc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWxaYzRHU2oxT0ZXeVg1&google_gid=CAESEOHx-pkMsJhh81z0H1o3Vjg&google_cver=1&google_push=AZmPxg8AtjEbIweKmYpb-BBB3lithVTGpbP35tbRtdotiBoo3Igou6mcaZWmWUZ_ebeJ7YgBQmsQKxOUa2W3R5q3zwgbbF_IX2Jc
Request Chain 265
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGKd_Gp15hzy4P7YpOZuv6Q&google_cver=1&google_push=AZmPxg93HE5Ox__5LfltCj60EOydpnfAG8e-kIm7ZpThldI0DrzxPUD5vjaR5439kIl4pL7-lDWzsc0dvEBkrNQJX2rF1fW95qGH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg93HE5Ox__5LfltCj60EOydpnfAG8e-kIm7ZpThldI0DrzxPUD5vjaR5439kIl4pL7-lDWzsc0dvEBkrNQJX2rF1fW95qGH&google_hm=MjM2MDY3MjAyMTAwODMyMzk1Ng%3D%3D
Request Chain 266
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHKom1X51H6FeKI85ykNDow&google_cver=1&google_push=AZmPxg94qJR6OaaJ7xxxWmzSaHmXVNCi4SkB-pkszbYSbbEv4WLGrP70qrsOiWOs5FaFi2gYex69zyv-SiJURKf0nr0N38CQFdk HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHKom1X51H6FeKI85ykNDow&google_cver=1&google_push=AZmPxg94qJR6OaaJ7xxxWmzSaHmXVNCi4SkB-pkszbYSbbEv4WLGrP70qrsOiWOs5FaFi2gYex69zyv-SiJURKf0nr0N38CQFdk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc0NjczOTQ4MDk0NTcwNTkwMw&google_push=AZmPxg94qJR6OaaJ7xxxWmzSaHmXVNCi4SkB-pkszbYSbbEv4WLGrP70qrsOiWOs5FaFi2gYex69zyv-SiJURKf0nr0N38CQFdk
Request Chain 267
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEMprPZvZcXp_HOgFFo6UzNw&google_cver=1&google_push=AZmPxg8IMgPja2n06fIZvUa9O9yg_RwrJAUf7JnQr22jhqt1OZQmjO9qCe-ikXRH7TMHAMarAxc9P1b-Q66xsZFDfSZ3YhaM_r54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg8IMgPja2n06fIZvUa9O9yg_RwrJAUf7JnQr22jhqt1OZQmjO9qCe-ikXRH7TMHAMarAxc9P1b-Q66xsZFDfSZ3YhaM_r54&google_hm=ZzIxZTIzOWZjMWRmNTBkN2VmOTg=
Request Chain 268
  • https://cs.media.net/cksync?type=g&google_gid=CAESELnGkwYNkJhcGpdhTKjlgJE&google_cver=1&google_push=AZmPxg8QoIId8L-nxr7dfJIrNutRPl1JqkyJCCbCkr5wAFFGqgA0LsW98fq-wUDD4HFslzJraaqnG0AZndree5DxrSoSQ0sahKDk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA3OTQ3Nzk5ODIxNDk3MjAwMFYxMA%3d%3d&mn_hm=MzA3OTQ3Nzk5ODIxNDk3MjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8QoIId8L-nxr7dfJIrNutRPl1JqkyJCCbCkr5wAFFGqgA0LsW98fq-wUDD4HFslzJraaqnG0AZndree5DxrSoSQ0sahKDk&gdpr=&gdpr_consent=
Request Chain 270
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF_AAGxw__9aEBrm4YRkZwk&google_cver=1&google_push=AZmPxg8LrfzJeR7IchCn0HnDnntfr0f9ahe2HQLIOMr4qxvIFi-7R_ImvO4otncUH8E3IR_Bqvkjbhosriehrf6OJSxTrN3-JlrPdg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8LrfzJeR7IchCn0HnDnntfr0f9ahe2HQLIOMr4qxvIFi-7R_ImvO4otncUH8E3IR_Bqvkjbhosriehrf6OJSxTrN3-JlrPdg HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 280
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGKd_Gp15hzy4P7YpOZuv6Q&google_cver=1&google_push=AZmPxg-FeGr8TLGhVu6pDGVZjCVZQTwFU6hFbIn7ECEVJ7EXxSLwY9kEjSdq1UWdvccv2OTWvHZ5i0vXb3fggzA1l9ePM-1s1wjb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-FeGr8TLGhVu6pDGVZjCVZQTwFU6hFbIn7ECEVJ7EXxSLwY9kEjSdq1UWdvccv2OTWvHZ5i0vXb3fggzA1l9ePM-1s1wjb&google_hm=MjM2MDY3MjAyMTAwODMyMzk1Ng%3D%3D
Request Chain 281
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHKom1X51H6FeKI85ykNDow&google_cver=1&google_push=AZmPxg8BzO8M6bQULmxMYPPTB0vtYkAudoxWQfchYRz1dvjUqaohFrxhg7V6e38uzmxbzZR-cbBMGh8Tal4_ID1rbZAqPQoNFcI HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHKom1X51H6FeKI85ykNDow&google_cver=1&google_push=AZmPxg8BzO8M6bQULmxMYPPTB0vtYkAudoxWQfchYRz1dvjUqaohFrxhg7V6e38uzmxbzZR-cbBMGh8Tal4_ID1rbZAqPQoNFcI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDUxMDAxNzk3ODEzMjkyNDU4MA&google_push=AZmPxg8BzO8M6bQULmxMYPPTB0vtYkAudoxWQfchYRz1dvjUqaohFrxhg7V6e38uzmxbzZR-cbBMGh8Tal4_ID1rbZAqPQoNFcI
Request Chain 282
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_cver=1&google_push=AZmPxg--7LPJ4qOBXP5npr0L9TQUjwraEZy8eGeq4FOh4S_lrCXwmWfcerMHah4ZadATyNa_XgYUUfvFfbFBsC8lAgbDYOYFQNX7 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_push=AZmPxg--7LPJ4qOBXP5npr0L9TQUjwraEZy8eGeq4FOh4S_lrCXwmWfcerMHah4ZadATyNa_XgYUUfvFfbFBsC8lAgbDYOYFQNX7&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_hm=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB&google_nid=index&google_push=AZmPxg--7LPJ4qOBXP5npr0L9TQUjwraEZy8eGeq4FOh4S_lrCXwmWfcerMHah4ZadATyNa_XgYUUfvFfbFBsC8lAgbDYOYFQNX7
Request Chain 283
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGbUHGOBBQ11h2z8S1uZeN8&google_cver=1&google_push=AZmPxg-bSbk8I26cMPJHuuvy265UcbeFduYLxDSk-7hgMUKAOqXWBfbF3dpZQHxG1jssjhIY7Y3Zgk8kyc4uQaYWOEgwdbBAZHnv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-bSbk8I26cMPJHuuvy265UcbeFduYLxDSk-7hgMUKAOqXWBfbF3dpZQHxG1jssjhIY7Y3Zgk8kyc4uQaYWOEgwdbBAZHnv
Request Chain 284
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPbUZU6Q3wVNSE1Griuazsk&google_cver=1&google_push=AZmPxg-M1HXWwoOfm0H7VQcYM92fnc2aLLwdxzTKMPExs6zVHI8jmWt9duAJEPq4Xmpaa8wz2w9JXbYxh58f7_dVZADufeFz94hE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODA2NzczMjg4ODUwMDk5NjIzNzUy&google_push=AZmPxg-M1HXWwoOfm0H7VQcYM92fnc2aLLwdxzTKMPExs6zVHI8jmWt9duAJEPq4Xmpaa8wz2w9JXbYxh58f7_dVZADufeFz94hE
Request Chain 286
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF_AAGxw__9aEBrm4YRkZwk&google_cver=1&google_push=AZmPxg-dldSGo1LhxZVrEhwM_YqcnOGobnwl0jTxHxTe_fbwIfeClIUD0CeBPZr77RPV8DJJmFrRY0z9iyG0C6m0t4BQUdDOZO-WHg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-dldSGo1LhxZVrEhwM_YqcnOGobnwl0jTxHxTe_fbwIfeClIUD0CeBPZr77RPV8DJJmFrRY0z9iyG0C6m0t4BQUdDOZO-WHg HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 294
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=mlive.com&sn=ChromeSyncframe&so=0&topUrl=www.mlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=ZFdZmHxQRjRMV2phUGE0bWFPRDQyaXlxNXU4NjZiVzNWbkg5eVJwazRFZnMwMjAzVXVJT3RJRVJoTUtteGxJRGZ1eWJlSW9hZkZZTGloRXVqdmZFQm5pNHRYRnlpdTR6Q3YwVjBjTHNESUQvSXdtR1lzYnE1UkRnQ0pxYVBMZTlFbGZZQi9CTytvRFJ3aXJMWjVjMVBhbDQyR0J3OTFkZFJSODgwVncrS0IyRjNqTkNEVSs2T1JROVdGcEJhMWt4RXZvaTlhYmt0UnNHSVhGMytrc1UxRDFJVnBibHZwNmlkTE5tRHdTeDR2L2kxMmIrQUtMTjVlRHlDN1J6bEFVaTRvNC9RR0FDRmFsVjJJQ1ZPNWdoNmtHNmlYdz09fA&cppv=2
Request Chain 361
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yz0QGLuyisWmzPrKTdGlvwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAUzZnrEmg9lCHjNqZ9qa0c&google_cver=1
Request Chain 362
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_cver=1
Request Chain 364
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB&dcc=t
Request Chain 366
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 367
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=jrJB74mxQ-iVt0q73bhf6d7gE-2VuBe_j7fpBU4G
Request Chain 368
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3133487591381184866
Request Chain 370
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_cver=1
Request Chain 371
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yz0QGLuyisWmzPrKTdGlvwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAUzZnrEmg9lCHjNqZ9qa0c&google_cver=1
Request Chain 372
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB&dcc=t
Request Chain 375
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8161604650859879892
Request Chain 376
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 377
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 379
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2002323948792627444
Request Chain 380
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=55b2633d-101c-4a00-8e9b-f0db3a3a164e
Request Chain 383
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yz0QGLuyisWmzPrKTdGlvwAA%261110?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Yz0QGLuyisWmzPrKTdGlvwAA%261110
Request Chain 384
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=cb7392c7-1b66-4b22-96c4-04caf70b4ced
Request Chain 385
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_cver=1
Request Chain 388
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=abPNWTAYTkOTDI0jg-5yAw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=abPNWTAYTkOTDI0jg-5yAw
Request Chain 389
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjgxZWJmNzdmMjUxYzY4NmYwMjM1ZDU0MDM3ZTc2MzExNjgxZTk4MA&us_privacy=1---
Request Chain 390
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAUpMTndec_gZaV-HuuVJ8k&google_cver=1
Request Chain 392
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhWNVo4WlQtTy1MWDBZ&us_privacy=1---
Request Chain 393
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=kMjMhpF0Tv-8hDDDpol4cw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=kMjMhpF0Tv-8hDDDpol4cw
Request Chain 394
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8V5Z8ZT-O-LX0Y&us_privacy=1---
Request Chain 395
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/KFlC9BQoUm1bS0du1zQ5fQ?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2360672021008323956
Request Chain 397
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6647946735075619217
Request Chain 398
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:15df633d-101c-4f00-ba55-f67012fd5781&gdpr=0&gdpr_consent=
Request Chain 399
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 400
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4A6719EB-F3B4-437E-ABDB-7FA4AA85366E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4A6719EB-F3B4-437E-ABDB-7FA4AA85366E&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 401
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SmcZ6_O0Q36r23-kqoU2bg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 402
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b429633d-101c-4400-80d8-ad39442d9378
Request Chain 403
  • https://pixel.onaudience.com/?partner=214&mapped=4A6719EB-F3B4-437E-ABDB-7FA4AA85366E HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 404
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEE2NzE5RUItRjNCNC00MzdFLUFCREItN0ZBNEFBODUzNjZF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 405
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIHkAzbTJUANzNLqAKB_mgk&google_cver=1
Request Chain 407
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4510017978132924580
Request Chain 409
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5559769979328845738&gdpr=0&gdpr_consent=

409 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mlive.com/ 		417 KB
76 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
600269ac050f6d3dc320784f2c235bb52164651a7152a3afaf97df98412a6326
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-true-ttl
130 -1
cache-control
private, max-age=60
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Wed, 05 Oct 2022 05:03:17 GMT
etag
W/"67223-OyZrILe/qp69SZ7GoU1cHjpbDlY"
expires
Wed, 05 Oct 2022 05:04:17 GMT
last-modified
Wed, 05 Oct 2022 05:03:17 GMT
link
<https://cdn.sophi.io>;rel="preconnect",<https://apps.sophi.io>;rel="preconnect",<https://securepubads.g.doubleclick.net>;rel="preconnect",<https://micro.rubiconproject.com>;rel="preconnect",<https://c.amazon-adsystem.com>;rel="preconnect",<https://pub.doubleverify.com>;rel="preconnect",<https://tags.crwdcntrl.net>;rel="preconnect",<https://a.teads.tv>;rel="preconnect",<https://s.ntv.io>;rel="preconnect" <https://cdn.cookielaw.org>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://static.adsafeprotected.com>;rel="preconnect",<https://ats.rlcdn.com>;rel="preconnect",<https://connect.facebook.net>;rel="preconnect",<https://www.google-analytics.com>;rel="preconnect",<https://snap.licdn.com>;rel="preconnect",<https://static.ads-twitter.com>;rel="preconnect"
referrer-policy
no-referrer-when-downgrade
server
openresty
server-timing
cdn-cache; desc=HIT edge; dur=25
vary
Accept-Encoding
x-akamai-transformed
9 74250 0 pmb=mRUM,2
default.css
www.mlive.com/pf/dist/components/combinations/ 		399 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/combinations/default.css?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f2d2bdb0e0f76e1d69582fbb9c34f18d505b5044637eb000a3243d126e8c6af0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DRDG6ZDV664SKPVV
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
61741
x-amz-id-2
LzMpkj8d6rCc1Z4U0BYYEy1sfoSSnkUTmw7AayW7j0JXR1m1d0790yBQFkOIbKdBOJVDom4dlGI=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:31:41 GMT
server
openresty
etag
W/"a42b9738297f58222013a87fde6f2d0b"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
expires
Thu, 05 Oct 2023 05:03:17 GMT
style.css
www.mlive.com/pf/resources/dist/mlive/css/ 		2 KB
978 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
13f3f835b91d712852bf68a1bbd224341fd1a1af01cbac4580d0e14d0881efa1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DRDT7AQWSCQ7M5Y8
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
492
x-amz-id-2
E+ITjVjzujaj7URQPBbdYsmr1s1QEiFiPns663O9Z8BsfP3tADmkXjWVLlDaGX0iHJqy/ytK3BQ=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:31:40 GMT
server
openresty
etag
W/"86b8da3fc68e29b48264ae0988ad1554"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 05 Oct 2023 05:03:17 GMT
react.js
www.mlive.com/pf/dist/engine/ 		340 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/engine/react.js?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
6d1ca6f9679e9e05dc78fea68bd959549ab79cc90e0cba4067db0a3a6fb4e3ae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DRDHASTMK4Y4JQG7
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
102852
x-amz-id-2
8c0fr0+uhi775JlKHn1Ax+tiVr15usU47f/vLE7FvjkS0Jnm2fPkG2rV8d4hyOOXlkYKwTowp4w=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:31:42 GMT
server
openresty
etag
W/"37c5a8f5f8cfa8d1db0a1d855baad4f2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Thu, 05 Oct 2023 05:03:17 GMT
default.js
www.mlive.com/pf/dist/components/combinations/ 		2 MB
352 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/combinations/default.js?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
89582a837a48f5a3f2a66ceed44689dd268c4c8fa8bbc9a3f53295b7e066302b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DRDZA9KHMBK7MR14
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=9
content-length
359215
x-amz-id-2
qh1vjDwBSLpVvrPQOEVv+F7g2eHkdnUeCabYsmrDUiBp3KSUqzDUdeESGK9oinIY+YdXO455boM=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:31:42 GMT
server
openresty
etag
W/"7b1c5e09ba362ec417b037c93ee9b19e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
expires
Thu, 05 Oct 2023 05:03:17 GMT
166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
www.mlive.com/pf/resources/fonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DRDR7D4TK22RT1X2
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
54391
x-amz-id-2
xosyCkDAnG4TVIQn0E8JgeYIgsPThbUPXrTkZBugrJJxySwqGq0VxBRzE0t95PzyNdFJKYQkH4I=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:31:40 GMT
server
openresty
etag
W/"63c3700153fd19bac6ac63c816251c03"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 05 Oct 2023 05:03:17 GMT
448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
www.mlive.com/pf/resources/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DRDPYV932SB63FC0
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
53376
x-amz-id-2
Nu9AGU0nt1N/thD5x4HMxfUK5eUAz0cw4XQDXM8/qtaBMItO7t+1m+V0FOfHOk6XAeac/ysgrnA=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:31:40 GMT
server
openresty
etag
W/"00b8650c0e6992c5c9ced8f621e43ffd"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 05 Oct 2023 05:03:17 GMT
a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff
www.mlive.com/pf/resources/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DRDNG2C568PEHVNB
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
53862
x-amz-id-2
6KSol6PBkk90o038Ion/fAOyh5fg8k0JN0EvUQGg94CbSaWVH0m2hkRPBA+K6Gs/TUuFMtBS6e4=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:31:40 GMT
server
openresty
etag
W/"527a99c70868c89d6be3cc11a8feb999"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 05 Oct 2023 05:03:17 GMT
farnhamheadline-medium.woff
www.mlive.com/pf/resources/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/farnhamheadline-medium.woff?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DRDJ1YMHTCSF652Z
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
36831
x-amz-id-2
2hXFoY98KRtz9pX/X0vckflXWpp+ASSG/RN9k3x0wZ3NzrO0pADqve8fWqNiZa4XYV+Qtuupwb0=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:31:41 GMT
server
openresty
etag
W/"05b85684cbf3bc11490297c50cfd67c3"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 05 Oct 2023 05:03:17 GMT
farnhamheadline-semi-bold.woff
www.mlive.com/pf/resources/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/farnhamheadline-semi-bold.woff?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DRDZ03VRCCJPDMMA
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
37066
x-amz-id-2
wvkCY6SGbSwCx6r1p1ydtlkv0vd2C9ELfYvmG5+tJmc730Ilc5YgsZjhOfkB3/UP2w+PetXDXHw=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:31:41 GMT
server
openresty
etag
W/"c9a8222fbabe6b700baacd21dd7a1f61"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 05 Oct 2023 05:03:17 GMT
WHSKJBPDMNGG3NJL456OQ6T2HY.JPG
www.mlive.com/resizer/KSqa2e7GFmHuhxVA6f38ry50Exo=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/KSqa2e7GFmHuhxVA6f38ry50Exo=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/WHSKJBPDMNGG3NJL456OQ6T2HY.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
0dfcc344fa6177e7d2f476aee8d452e2e29bc86958708ee4ee0103db60d54411
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 19:49:37 GMT
x-serial
126
server
Akamai Image Manager
x-check-cacheable
YES
etag
"cdfba9d6ab09aaf5922a6cb3e82e8a9903e145d3"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31502841
server-timing
cdn-cache; desc=HIT, edge; dur=109
content-length
24754
expires
Wed, 04 Oct 2023 19:50:38 GMT
iabCcpaIntegrationScript-noGAM.js
cdn.cookielaw.org/opt-out/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Oct 2022 05:03:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ZkLmnzyu8aoAQNwZHm6Yqw==
age
13612
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
182db57a-701e-001d-114b-28010c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
75539c2769efbb7f-FRA
logo_main.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_main.svg?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DRDPQSF1SSZXR42M
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
660
x-amz-id-2
jcI//pr2XI0LIJ57HA+sUQ/0yFL8tAAt/uESPGYQx2Ej54fBR9/uFXKLktq9IAOty2Ie8X9NjF0=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:31:41 GMT
server
openresty
etag
W/"351c57e1a77c618772f5966a7f2094ee"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 05 Oct 2023 05:03:17 GMT
logo_main_sm.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_main_sm.svg?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DRDRQP99ZH7E1117
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
902
x-amz-id-2
794/5zAE9qN7OEPjR4hwP6KwvUpsbR47cs7l7odLf1ZF/eGXWO+h9wNSTk1DmQDSEX/mqEU0o/g=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:31:41 GMT
server
openresty
etag
W/"cb98cda61d359616349bbc2a92540ddb"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 05 Oct 2023 05:03:17 GMT
social-monochrome.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/social-monochrome.svg?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
TFTQF6RZ74C0GYW5
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=6
content-length
603
x-amz-id-2
2hH3Dzph6Ph+wSHgKe9dy/h8YqGIYONLDBa1P9ldMuzsLCgBgYHm6HuaRBcbudpLzUiBF7jYG0A=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:31:41 GMT
server
openresty
etag
W/"7819fa78e2e7770bb40587187d83cb87"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 05 Oct 2023 05:03:17 GMT
logo_footer.png
www.mlive.com/pf/resources/images/mlive/logos/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_footer.png?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
fbaacd40862bf1ea965f26571bf04a2609f80f3ba82af73ccd0d840bb19db1c2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 17:47:32 GMT
server
Akamai Image Manager
x-serial
1166
x-check-cacheable
YES
etag
W/"be8042e858f0c6b5cd87834c8aafe76d"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31495338
server-timing
cdn-cache; desc=HIT, edge; dur=5
content-length
2314
expires
Wed, 04 Oct 2023 17:45:35 GMT
footer-logo-advance.svg
www.mlive.com/pf/resources/images/common/logos/ 		18 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/logos/footer-logo-advance.svg?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
25c3fb46576f9c03a7aa53f9e84261623a1a1d7aef5cc0024641d040a89c02ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DRDGVC70QANTP6S9
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
5265
x-amz-id-2
XXqL4/z5E3TyxN8clUAWG13Jdybj5xgxMV0zZgNnIyXUp6d6ybysA5JP1S97Yf8wUAZVIidi2uo=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:31:41 GMT
server
openresty
etag
W/"165b66ce6f4daa48f02b4871f04b31e4"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 05 Oct 2023 05:03:17 GMT
ad-choices-arrow.png
www.mlive.com/pf/resources/images/common/logos/ 		190 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/logos/ad-choices-arrow.png?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 17:47:08 GMT
server
Akamai Image Manager
x-serial
195
x-check-cacheable
YES
etag
W/"c6e75cc6be8dcb2f2d1ab36209f3c3b7"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31495375
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=93
content-length
190
expires
Wed, 04 Oct 2023 17:46:12 GMT
v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
satisfycork.com/ 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:802f::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
4749ec6c3b796c444c0368b8bdab63d4335e19d3f871ac105e51215c01036547
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Wed, 05 Oct 2022 05:03:17 GMT
x-datacenter
gce-europe-west1
etag
"4c4567909f9b5befa0223525d9e5ed121e7aec9b17a7a9711a3b4e5da18f64c5"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-7ghk
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
632800667
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sophi.min.js
cdn.sophi.io/latest/ 		124 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sophi.io/latest/sophi.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-108.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
096a0419a3787b284e7105edeebc7cf4915cb9549f3b433258f65483acc24510

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 14:09:53 GMT
x-amz-version-id
77yKHytHO_pcAyQcoklw1dHdk4sqBtp0
content-encoding
br
last-modified
Tue, 04 Oct 2022 14:09:32 GMT
server
AmazonS3
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"dfd164092f8d8abc70b55ba8c1bc2e80"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
age
53605
x-amz-cf-id
J52krv_rqfAEekBlU8bUqp8NtcJlORtv3lWWEZ6UF3gES6ca-PF9Uw==
al-mlive.segments.min.js
apps.sophi.io/latest/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.sophi.io/latest/al-mlive.segments.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-48.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f34ef19ccd1022b10f4fd7128e043646814d31868f55a49175ee4514d65daea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
.Z5khleXGIYIh4NScba6jaxo0gn8AR57
content-encoding
gzip
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
date
Wed, 05 Oct 2022 05:02:04 GMT
last-modified
Thu, 22 Sep 2022 19:34:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
212
etag
W/"a388533a2593138995d23d7765b5df3e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=0
x-amz-cf-id
ltdTMwlctN-ToYdXwX46aHyIpeAkcSoxLWJOA3uQh4WJctYnfQpO-Q==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
zvDmpz9S9y5z1XhncmOZ/w==
age
4527
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7151
x-ms-lease-status
unlocked
last-modified
Tue, 04 Oct 2022 02:35:27 GMT
server
cloudflare
etag
0x8DAA5B119096EDC
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f2a38831-301e-00ff-3b9e-d7e57e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75539c2769f0bb7f-FRA
SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:293::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
br
last-modified
Wed, 21 Sep 2022 10:50:51 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
gtm.js
www.googletagmanager.com/ 		409 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f46f61ef3f736d0b6e10920f20aba2dc720b17ccfddc1869df68f88d093370af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117374
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Oct 2022 05:03:17 GMT
01.png
www.mlive.com/pf/resources/images/common/weather/tiny/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/weather/tiny/01.png?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=916
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
3fc70270a527227c6493bc5a1c703f4bef2373f857cb7606b711b4d2fa14684a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=916
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 17:47:10 GMT
server
Akamai Image Manager
etag
W/"943580722d571b890fa63310005293d9"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31495404
server-timing
cdn-cache; desc=HIT, edge; dur=43
content-length
1372
expires
Wed, 04 Oct 2023 17:46:41 GMT
chevron-white.svg
www.mlive.com/pf/resources/images/common/arrows/ 		864 B
966 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/arrows/chevron-white.svg?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=916
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=916
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
6C7AKGP8TQ8XS3ZT
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=30
content-length
486
x-amz-id-2
WKqh1Z1I2zGGPyM9FL6L6jUG2Bjzsu7jVhOHZwJKdAM1FSmXxbypm8AtXCnxcKaY1fYt1X2R/Ps=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:31:41 GMT
server
openresty
etag
W/"691552a6377a1dfc9eeae87d6aeb8931"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 05 Oct 2023 05:03:17 GMT
newsletter.svg
www.mlive.com/pf/resources/images/mlive/promo/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/promo/newsletter.svg?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=916
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a7e702f15b65f58d32945e27b8416dac2811afad1a828a9a617d5c0c1cc85b21
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=916
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Z13WYNX6XKT4Y7R5
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=16
content-length
1059
x-amz-id-2
lksxB7BR/nORpvnh2TJBfaWKGYKfPpR40bH0yEidn8bs6b8pwn98xru64qVR0ynNdCdAqY6+7wE=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:31:41 GMT
server
openresty
etag
W/"22c89d844df3fcb416b9291f7e668863"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 05 Oct 2023 05:03:17 GMT
chevron-black-right.svg
www.mlive.com/pf/resources/images/common/arrows/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/arrows/chevron-black-right.svg?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=916
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=916
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Z13KAC3N65F7NSC8
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=82
content-length
746
x-amz-id-2
6BJylIy7sOWKmF0KpEmGi464YwzJ54OUADhlJR48Rnj7qMmWvWA31hgY+vbMDxXRbHCphVqRhJw=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:31:41 GMT
server
openresty
etag
W/"4347be806f2c6a630a5407afb75ab920"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 05 Oct 2023 05:03:17 GMT
RQUIKGVJX5ACVPKEZ2F4EQTGCA.jpg
www.mlive.com/resizer/kFl_VzU7wLqyK32B2qkEgNIt3So=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/kFl_VzU7wLqyK32B2qkEgNIt3So=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/RQUIKGVJX5ACVPKEZ2F4EQTGCA.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
89fe4a21a57c9ff62b12b759aba1b6ed3165cd7ca8d1f63484e82627bfe7fb9e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 05 Oct 2022 05:03:18 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 13:15:22 GMT
x-serial
598
server
Akamai Image Manager
x-check-cacheable
YES
etag
"f50c081d3439787c37f446a06899a7ee35d0890c"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31479057
server-timing
cdn-cache; desc=MISS, edge; dur=141, origin; dur=280
content-length
73425
expires
Wed, 04 Oct 2023 13:14:15 GMT
77X652PP5BCQHNG5OZ2KGOYXYQ.JPG
www.mlive.com/resizer/YzqEhi2P0dr7v5xO2woBozE_7JU=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/YzqEhi2P0dr7v5xO2woBozE_7JU=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/77X652PP5BCQHNG5OZ2KGOYXYQ.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e6a4b4314fe4ff50b8d1dfe0897bd14b279830e3e3a537d6b42080e4a7c7b125
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 05 Oct 2022 05:03:18 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Oct 2022 02:52:13 GMT
server
Akamai Image Manager
etag
"66fe63558fb75a78efa3e01adab98269568bbcc7"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31528123
server-timing
cdn-cache; desc=HIT, edge; dur=266
content-length
41815
expires
Thu, 05 Oct 2023 02:52:01 GMT
EKOBF6BERNHMHMGXTMGCGQZ6CA.jpg
www.mlive.com/resizer/gXJBSTO2iPjWEo9R51J9dZx0q9A=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/gXJBSTO2iPjWEo9R51J9dZx0q9A=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/EKOBF6BERNHMHMGXTMGCGQZ6CA.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
8c55309a53040af74da529a7303297ec0ad82eef914b1526c02b01c7eb7d6fce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 12:59:00 GMT
x-serial
1127
server
Akamai Image Manager
x-check-cacheable
YES
etag
"f8909dd0d85368e6ccdb74900fff103d942e044b"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31478051
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=144
content-length
56521
expires
Wed, 04 Oct 2023 12:57:28 GMT
NDKUZ4M5SZDNTIXBHKUSZG4N64.JPG
www.mlive.com/resizer/h6FOdjMbzWoK6016etzcHABpg8c=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/h6FOdjMbzWoK6016etzcHABpg8c=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/NDKUZ4M5SZDNTIXBHKUSZG4N64.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
95613789b7b011dfc55db22e3d097d5ba69503aed17e96b99923c86ed9746b9e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 14:09:20 GMT
server
Akamai Image Manager
etag
"8b68af4cd7007f12a8d1ad571084a1e1ba295b5b"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31482399
server-timing
cdn-cache; desc=HIT, edge; dur=43
content-length
42050
expires
Wed, 04 Oct 2023 14:09:56 GMT
JKCWYWEHWZBGDOIHRA3LG5IMDE.JPG
www.mlive.com/resizer/GLKfppm-hY22qe4n6-EC0mw_Lf0=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/GLKfppm-hY22qe4n6-EC0mw_Lf0=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/JKCWYWEHWZBGDOIHRA3LG5IMDE.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
498a4f26f8d624968218b46ae564d5f00cacae7bb4e835f84422e4754092b920
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 05 Oct 2022 05:03:18 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 19:59:22 GMT
server
Akamai Image Manager
etag
"abfae32057ff0cf35a54d3780294ed0dc8ea099e"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31503371
server-timing
cdn-cache; desc=HIT, edge; dur=482
content-length
32492
expires
Wed, 04 Oct 2023 19:59:29 GMT
7PIUEORBSVES5IRCCS5CFTOUVQ.JPG
www.mlive.com/resizer/PKBVlCEjvK2XIcet6rbtgsFIxqw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/PKBVlCEjvK2XIcet6rbtgsFIxqw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/7PIUEORBSVES5IRCCS5CFTOUVQ.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
b2f55de14adcf334ea708b3e35825d6744f7f399edfd275c4afac6347c0c7d97
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 02 Oct 2022 04:22:31 GMT
server
Akamai Image Manager
etag
"e9ce68735588408dabe02ff2c5d3fd8479c7c24b"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31274354
server-timing
cdn-cache; desc=HIT, edge; dur=42
content-length
26949
expires
Mon, 02 Oct 2023 04:22:31 GMT
FGF7EFWP5BAI3DAXZOKKGMXFJ4.jpg
www.mlive.com/resizer/Xq5Qs6GZZTgtIeY0pqN_oplIEz0=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/Xq5Qs6GZZTgtIeY0pqN_oplIEz0=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/FGF7EFWP5BAI3DAXZOKKGMXFJ4.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5e66d44dc25582d91b69f73c0d7a3fa909be35fe322155708554c15a42d673ee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 18:13:39 GMT
x-serial
1265
server
Akamai Image Manager
x-check-cacheable
YES
etag
"9e3d5b9f41b69f25e498dc2650eb0da137c93ba1"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31497050
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=223
content-length
33031
expires
Wed, 04 Oct 2023 18:14:07 GMT
SDH6PU5WTRFEFCRDNMHDDXHU5Q.jpg
www.mlive.com/resizer/T003he8xhpTuPp065_h_GZ2Aazc=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/T003he8xhpTuPp065_h_GZ2Aazc=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/SDH6PU5WTRFEFCRDNMHDDXHU5Q.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
bd013222501bc93b09582d52af29b0fce252f36e90d00e28f05e252445110ecc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 05 Oct 2022 05:03:18 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 23:34:49 GMT
x-serial
1943
server
Akamai Image Manager
x-check-cacheable
YES
etag
"2de95dd52002c818d87278e4597aea3086a87eaa"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31516273
server-timing
cdn-cache; desc=MISS, edge; dur=286, origin; dur=46
content-length
27417
expires
Wed, 04 Oct 2023 23:34:31 GMT
GGBL3XHRB5HOLMXKVSKR4URJQA.JPG
www.mlive.com/resizer/QF2cK2ON4TD7oU8dP_1tJLK0-sA=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/QF2cK2ON4TD7oU8dP_1tJLK0-sA=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/GGBL3XHRB5HOLMXKVSKR4URJQA.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
068cf947b74519ce07ead56793d4e6cab4508408ded0069b1cd3805b61812671
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 19:28:44 GMT
x-serial
1205
server
Akamai Image Manager
x-check-cacheable
YES
etag
"a885572555c45f237a1a6876658bd207f36a2cfb"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31501658
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=122
content-length
37851
expires
Wed, 04 Oct 2023 19:30:55 GMT
Q7FDYKLFPVEA7KKXPFIWEGH73M.JPG
www.mlive.com/resizer/EeK5E2xTBK7d7uCqMg1_NmyZY1A=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/EeK5E2xTBK7d7uCqMg1_NmyZY1A=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/Q7FDYKLFPVEA7KKXPFIWEGH73M.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9818c708635746c2f31b7644602e761d35a04f2cd9d6ff0f77f001268e448196
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:02:45 GMT
x-serial
137
server
Akamai Image Manager
x-check-cacheable
YES
etag
"d6b4d3fd2a68cbcfddaf5d6d8a9903cad916453d"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31489024
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=273
content-length
38267
expires
Wed, 04 Oct 2023 16:00:21 GMT
RCEXN2OAWVHFTNNPW2M66EJAEY.jpg
www.mlive.com/resizer/NSQLSSRpLkBCTB1KApvmJVM4RuI=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/NSQLSSRpLkBCTB1KApvmJVM4RuI=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/RCEXN2OAWVHFTNNPW2M66EJAEY.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
085e9fdbf9637b10315f46861b2f9240397e5b2574f2014a561cde5721ec3194
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
date
Wed, 05 Oct 2022 05:03:17 GMT
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:19:19 GMT
server
Akamai Image Manager
etag
"b92c82cbba3de71bd0e16b7972382f73c4416f46"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31490113
server-timing
cdn-cache; desc=HIT, edge; dur=29
content-length
46602
expires
Wed, 04 Oct 2023 16:18:30 GMT
92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f8bba3185dc65a7168148a020df7fea04e09e96a393a00bc159a002c56637ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
hop+4RB5NFNZEHY2vFXYeg==
age
6600
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1462
x-ms-lease-status
unlocked
last-modified
Wed, 07 Sep 2022 14:40:44 GMT
server
cloudflare
etag
0x8DA90DEF22DE641
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5b96ca58-f01e-0147-52cc-c241d8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75539c280ee39055-FRA
expires
Wed, 05 Oct 2022 09:03:17 GMT
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
5
content-length
0
date
Wed, 05 Oct 2022 05:03:18 GMT
server
nginx
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 05 Oct 2022 05:03:18 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9347c1d8c30a6dab610953c8568d20ddff10e1e41021fb6cc3aea9098c842065

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
e3HRkV45dlKSU2VLXzuV.1qsEv2pzDxO
date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
br
last-modified
Thu, 29 Sep 2022 14:53:50 GMT
x-amz-request-id
B6G3SCA7DFMGTQ1N
etag
"17c0d6e20839220eda6b6705a5927ecd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3375
x-amz-id-2
PCshiiBIFny1pvCQg5XwLWiOIi2ShVt5IDTjeBVJyNRxn6aX2gzXkCrD41FlmdVjz3xVVQ3Jj/c=
script.js
h312.mlive.com/ 		148 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/script.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-75.fra56.r.cloudfront.net
Software
- /
Resource Hash
a9fad541e10caeebefedf8a2e64eb955f2168545c2368b38e42e79ce1f04025b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:53:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
age
599
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
45893
x-xss-protection
1; mode=block
last-modified
Mon, 03 Oct 2022 07:59:51 GMT
server
-
etag
e80855a7bb3d6b1b88932e7dc392c8d3
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
PN-SHckLWWe06Qb4CQrV2VYAIAfwvLin442mzuCjcbK1Wn6BAYC1HQ==
expires
Wed, 05 Oct 2022 05:03:18 GMT
moatheader.js
z.moatads.com/advanceddigitalheader640552616592/ 		237 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
85519160a67188998f0ecf9e9ef9f6a577b05c7ca0005f0979a027810e14acc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
last-modified
Wed, 21 Sep 2022 17:49:41 GMT
server
AmazonS3
x-amz-request-id
DTVSXQDAVGVFXRFH
etag
"07e91ae3f400787822721fe6874fb56f"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=29621
accept-ranges
bytes
content-length
84194
x-amz-id-2
aE13ktlNo0SBU1GdeVFXzPGo3dJ1NSwH5eCD7+cTah3Ro5rp/6T3Ae77JA5ag9RMTPeTgHYDAj8=
ats.js
ats.rlcdn.com/ 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-53.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
gzip
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date
Tue, 04 Oct 2022 10:05:53 GMT
x-amz-cf-pop
FRA56-P6
age
85594
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
etag
W/"148e21f812b555a13b2a9c6b616141f4"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-id
vWMNRjxo2MU0ecfNPVs7Pd7YEeCOGf_tNVGMYVU2Ak7Wd8n7hXjw-g==
load
experience.tinypass.com/xbuilder/experience/ 		338 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:17 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
1584
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Mhhj9jrNkQx
pragma
wn
prod-dash-10-0-116-237
last-modified
Wed, 05 Oct 2022 04:36:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
server-time
0.006
cache-control
public, max-age=1800
cf-ray
75539c28cc5e9bca-FRA
expires
Wed, 05 Oct 2022 05:33:17 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 05 Oct 2022 03:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6440
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 05 Oct 2022 05:15:57 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.92.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-92-109.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 02:56:08 GMT
Via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P2
Age
24985
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
E-io63DISpNSI6zU5xt5AJ-M0yu1_JGXt3TMCfOgo-5G_wfU0Vx8JA==
Expires
Wed, 05 Oct 2022 22:06:52 GMT
load.js
s.ntv.io/serve/ 		509 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
afe47171747a2bd220313a3b7ef68648cbda2191f3c4767e4e1d2af32495ac09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:03:17 GMT
Content-Encoding
gzip
x-amz-request-id
2KXCMD7W54992ZBY
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
6MI79xUyGGapok9pw9aq9ciVtLgaXvK9X8IJzEDvh/NOfy50z8pwxx7XeAJ8LY39PuAWEJ/GRt0=
Last-Modified
Thu, 29 Sep 2022 23:24:13 GMT
Server
AmazonS3
ETag
"6c5da5565fef519ab1a344897881948a"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:04:47 GMT
content-encoding
gzip
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
84929
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
hmOdbtPpIFjyzaT-_3YfCTyQWXBd40I_Agn3DdK-sg7k5qE4z30qRA==
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 05 Oct 2022 05:03:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26840
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Ttcwlw11zjSoCeDwftOe8K7uUbUl4k5PMMfqMPSVnCqTxd3glYWMuNlKpM/g+7rR6IbQPcJ+19PiN9kVWBWLig==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 20:23:36 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=43394
accept-ranges
bytes
content-length
3063
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 15:04:19 GMT
etag
"d4de8398858246712016031c834bb061+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15317
x-served-by
cache-iad-kiad7000104-IAD, cache-hhn11575-HHN
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 02:56:58 GMT
Content-Encoding
gzip
Via
1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
7580
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
eyLUQFn9cB-1aNvqq85Q_L7lT-0HFyUXFIGmHWvgFdxZZmzzjqRQKg==
ml.br.js
js.matheranalytics.com/static/ltm/ma63527/all/15/
Redirect Chain
  • https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1606
  • https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
142 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
68b5df8a16ee7bbfd4789f8533b7f9882f9095625a8be1f56e352bc10710484d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 21:04:19 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 07 Apr 2021 17:41:03 GMT
server
nginx
age
28739
etag
"8be38a11960c372ea9c4119961294047"
vary
Accept-Encoding
x-cache
HIT Wed, 07 Apr 2021 17:49:14 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42243

Redirect headers

date
Wed, 05 Oct 2022 05:03:17 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
5-gc-euw1-10924
js
www.googletagmanager.com/gtag/ 		212 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a5493fa486c3fa2b4c68b2b3698fb1bcd618dce2542727c2b893cbfef57951d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75523
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 05 Oct 2022 05:03:17 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		153 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
75539c28ebfe995c-FRA
access-control-allow-headers
Content-Type
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		162 B
298 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
75539c29cf7ebc04-FRA
vary
Accept-Encoding
content-type
text/javascript
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
208a558b824a74bef4889e62df2d8e25fea00f36a49a602a5853bf553ee437bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27714
x-xss-protection
0
server
sffe
etag
"1354 / 10 of 1000 / last-modified: 1664921228"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 05 Oct 2022 05:03:18 GMT
pub.js
pub.doubleverify.com/signals/ 		67 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45169abf0c7bb67cf7708983ec00a7c62c8beddb556112ec1ae79de86c8c9681
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
content-security-policy
frame-ancestors 'self'
server-timing
total;dur=0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=14400, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
timing-allow-origin
*
cf-ray
75539c2a2f2f9130-FRA
10071.js
micro.rubiconproject.com/prebid/dynamic/ 		418 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/10071.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=916
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.141.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-141-156.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4047e25e8c59454000bb44a2cfcc0d650dfb1e809e9368124a1ac814ba7661b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
last-modified
Tue, 04 Oct 2022 13:41:04 GMT
server
Apache
vary
Accept-Encoding
edge-cache-tag
prod-prebid-10071_MI_Desktop_Mobile.js
content-type
text/javascript
access-control-expose-headers
x-trp-pba
cache-control
public, must-revalidate, max-age=0
content-length
118507
x-trp-pba
{"ruleId":"9","rulePos":0,"ruleName":"MI_Default","wrapperName":"10071_MI_Desktop_Mobile","isPrimary":true,"randomProb":83,"account":10071,"device":"desktop","country":"DE","host":"mlive.com","isMobile":false,"isTablet":false,"reqHost":"micro.rubiconproject.com","referrer":["https://www.mlive.com/"],"xForwardedFor":"","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36","query":"","ranAt":"2022-10-05T05:03:18.100Z","runId":"1664946198100-2335","wrapperPath":"/prebid/10071_MI_Desktop_Mobile.js","redirectUrl":"/prebid/get-wrapper/MI_Default/10071_MI_Desktop_Mobile.js"}
expires
Wed, 05 Oct 2022 14:18:44 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:27:09 GMT
content-encoding
gzip
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront), 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
2170
x-amz-server-side-encryption
AES256
etag
W/"da0e8e1151d3ebb7a34f07d19a6e05d0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
kS5-jL2OiROgd9n9gvfKUlTQENt0lSfE8qVceDTvWI8CeGH1o0aRkg==
lt.min.js
tags.crwdcntrl.net/lt/c/963/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0e243e9b5013996c5ab54dd8838f270d8f39f8b2249e5de7a391f12814ae8c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 02:42:36 GMT
content-encoding
gzip
via
1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 19:55:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
8443
x-amz-server-side-encryption
AES256
etag
W/"313df5c09fb7c78265de8e3a165df111"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
4RbluS-xgcp13vRNpS1jZ3OpTOwwI1lAnEoJVNxjB_WaqTYEbRJU4Q==
main-menu-hamburger-white.svg
www.mlive.com/pf/resources/images/common/icons/ 		1 KB
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/main-menu-hamburger-white.svg?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=916
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
1cb614c81c491878e5b6256098b31fb4f68b7bbde5e60b21334d085db7e37549
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=916
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
5GEDRKHR87ZZ04WZ
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=58
content-length
455
x-amz-id-2
EwCXatmOpT9MdhItVPSHLCrP2x1oqagNFi70W0EZeXlN5enePHZ9Ii+em0kAsLx+JctERMc89ro=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:31:41 GMT
server
openresty
etag
W/"4c13e35767d4f1fc45fe58d883b78893"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 05 Oct 2023 05:03:18 GMT
client
accounts.google.com/gsi/ 		186 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4b71f2cb31acb1eb34b365c91e09f73e7f4919b9b218c4605d371c1ea75b734
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HFHqWahkg7RXyCfzmW5vfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
content-security-policy
script-src 'report-sample' 'nonce-HFHqWahkg7RXyCfzmW5vfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 05 Oct 2022 05:03:18 GMT
user-white.svg
www.mlive.com/pf/resources/images/common/icons/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/user-white.svg?d=916
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=916
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64::210:6a92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=916
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-request-id
6C77GSA86S4VXQQV
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=99
content-length
2508
x-amz-id-2
/WZwlzyB9vH3cKTrg+QqH1bXOdZKs8iRJkKc1IF7ywNu6JyyEToIHBk1rMf5N9fTlFNMmMcxyCQ=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Oct 2022 16:31:41 GMT
server
openresty
etag
W/"fdc13d9553130cf8463df06e8ba5682d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Thu, 05 Oct 2023 05:03:18 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202208.1.0/ 		375 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202208.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0766007565870c9a9ce93e31236bc0119fd01fff87ed569848a2a486e931c0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
PoUkurh3GT3DbFeu3QcwyA==
age
2553
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
91152
x-ms-lease-status
unlocked
last-modified
Fri, 02 Sep 2022 06:26:19 GMT
server
cloudflare
etag
0x8DA8CAC0C067309
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
915f4702-c01e-008c-1d9f-be95bd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75539c2acf33bb7f-FRA
skeleton.js
static.adsafeprotected.com/ 		17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
20012715
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
7mnj1lpV1Zpu4QCwIBQRdrgRqbajoKMCObXIHD9wlAYZ4E13ucM8gA==
fpc
at.teads.tv/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_11014&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=a89a58d&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:18 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Wed, 05 Oct 2022 05:03:18 GMT
tinypass.min.js
cdn.tinypass.com/api/ 		322 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d9f4a868c875927eb927249c0aaa7184ea7c8ae171e926f2d0de886689d502d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
x-amz-version-id
B_QyFAyHGleBMBXx1gTTZ6CSWPC1vZQ8
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
WJBWZ227CJ5HW5YA
age
7511
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
IFNmQH6kdUI4eFbH8mnczoev54D6iKrqk1wZgoZehg/BkrpKVaeuObeESt0tPR8iyny+x4C1m2g=
last-modified
Mon, 03 Oct 2022 06:06:09 GMT
server
cloudflare
etag
W/"a2f3682f684c3eeeb24a9ecd064444c5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
75539c2aff699bca-FRA
expires
Wed, 05 Oct 2022 09:03:18 GMT
p.js
cdn.parsely.com/keys/mlive.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/mlive.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
public
date
Tue, 04 Oct 2022 07:44:54 GMT
content-encoding
gzip
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
last-modified
Wed, 29 Jun 2022 14:34:05 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
76704
etag
W/"62bc62dd-df3e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
jzfkHarKnoJAg6jPuha3XTfFQj_PpudEdnRKUFW8CnCAdvXPoOlYfA==
expires
Wed, 05 Oct 2022 07:44:54 GMT
b
sb.scorecardresearch.com/ 		0
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6034988&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&cs_it=b3&cv=3.8.0.210223&ns__t=1664946198224&ns_c=UTF-8&c7=https%3A%2F%2Fwww.mlive.com%2F&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&c9=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
2iG9VYMfQz7XTG6vAVj_cCtavhJXekcaukCcj2gfpElShoIstBve2w==
x-cache
Miss from cloudfront
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1664946198225&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1664946198225%26url%3Dhttps%253A%252F%252Fwww.mlive.com%252F%26t...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1664946198225&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1664946198225&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQICCUvbaMceWAAAAYOmhtihbCv7qrA-Ul9acdWhEH8qkjsKEtI92nY...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1664946198225&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQICCUvbaMceWAAAAYOmhtihbCv7qrA-Ul9acdWhEH8qkjsKEtI92nYx8oxkSrk6hDAYW_5vYbPab7-zDSw8Oe3MDejAqA
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 4ADB5B362F12499E9516F880A89F2325 Ref B: DUS30EDGE0920 Ref C: 2022-10-05T05:03:18Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXqQn7BYkwSTsBZrcPEXQ==

Redirect headers

date
Wed, 05 Oct 2022 05:03:18 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 944DDE901B8E4729A0A23F503E7594CC Ref B: FRAEDGE1217 Ref C: 2022-10-05T05:03:18Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1664946198225&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQICCUvbaMceWAAAAYOmhtihbCv7qrA-Ul9acdWhEH8qkjsKEtI92nYx8oxkSrk6hDAYW_5vYbPab7-zDSw8Oe3MDejAqA
x-li-proto
http/2
content-length
0
x-li-uuid
AAXqQn6+DvFXXgEYOOiR2Q==
publisher:getClientId
ampcid.google.com/v1/ 		74 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94
x-xss-protection
0
adsct
t.co/1/i/ 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=76baf787-19eb-46fb-ac08-b54c5953ec46&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=a976340f-f7d0-4dec-a157-9db8b8d3788c&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.27
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time
111
date
Wed, 05 Oct 2022 05:03:17 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
5dd6c516f1e653c2
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
8825a36fcc0d2a55df53d5756c21d2f4383f55d65e33f1d22630d52fc15a133d
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=76baf787-19eb-46fb-ac08-b54c5953ec46&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=a976340f-f7d0-4dec-a157-9db8b8d3788c&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.27
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time
104
date
Wed, 05 Oct 2022 05:03:17 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
be711aad1c0251dc
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
06959cfb82c82571cfb9553534eb517482d532339a778997214bb54afbc86b52
content-length
43
120978121945017
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/120978121945017?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
47f95f34231c92bb607aa3430a80d39dbe748061dd096b401f0ae7fbc9b448ef
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 05 Oct 2022 05:03:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86364
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
IFD21D+VineXwNEHbbI4KQcQ7VNTYsLq1r7DML83S1YI0FuoBA+XAyX1FwkjjHgjI8hF9H0rMgVMmIe9TEV6Ng==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		16 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?&callback=bc_json692
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.43.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-43-237.compute-1.amazonaws.com
Software
- /
Resource Hash
57892851463ef81bb83acf3455ba9a5bc75921ee0e49b277d3c1eb393f901065
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
pub.json
pub.doubleverify.com/signals/ 		55 B
304 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.json?ctx=20823471&cmp=DV460143&signals=ids,bsc&url=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a3493f0ccfe2c01adca092d40d99c62c80938188044917f7f5e714cb894f76a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self'
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
cf-ray
75539c2b5cc0bb79-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55
pubads_impl_2022092901.js
securepubads.g.doubleclick.net/gpt/ 		376 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54a6606bed93bee86d6763cdc2f435c3501de5b129044f7896fda2080e9d5caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 01:55:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97659
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130415
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 08:35:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 04 Oct 2023 01:55:39 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		218 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d668f82f398ea679cc5913c2eebc7cf9db9be07bf086e55fd30b2799fb43aa08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 05 Oct 2022 05:03:18 GMT
set
privacy.crwdcntrl.net/consent/ 		61 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy.crwdcntrl.net/consent/set?ct=skip&ca=1&ccd=1&cds=1&cta=1&c=963
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.137.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-137-183.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
5f26dfc3f5d603822dd5eb17c772720fd8d984f3fa596f757973dabe24ebda6e

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:18 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.10.211
access-control-allow-credentials
true
content-length
61
expires
0
data
bcp.crwdcntrl.net/6/ 		24 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.218.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-218-252.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
3499c2bfdc525e4672c8a2d78d7fb89e7cadd4b4c84a58daf8c30f3a2c7cee59

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

expires
0
pragma
no-cache
date
Wed, 05 Oct 2022 05:03:18 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.10.211
access-control-allow-credentials
true
content-length
24
x-consent
absent
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3178&u=https%3A%2F%2Fwww.mlive.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e7261fe5ce66c71ad531ce6da47cd76b7b875cea04c6fe7cfe616b0cad05cd3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:36:26 GMT
via
1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
12412
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1378
x-amz-cf-id
Ld4Iy4soTwgSppMwcRJYkn8P_n_7nBz9LKjkpKNjjLFPDg3Os6xYDA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding
gzip
via
1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
date
Wed, 05 Oct 2022 02:27:46 GMT
x-amz-cf-pop
FRA56-P6
age
9333
x-cache
Hit from cloudfront
last-modified
Mon, 19 Sep 2022 09:37:07 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
LOxbcuxDTV6rJrw8P-W4eXxv3bjfWn_4XUYkWrz4nkf28j8rPYqHhA==
collect
region1.google-analytics.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=2oea30&_p=1557562236&cid=1198089221.1664946198&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1664946198&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&en=page_view&_fv=1&_nsi=1&_ss=1&ep.headline=undefined&ep.author=undefined&ep.page_type=homepage&ep.product=homepage-beta&ep.platform=desktop&ep.page_path=%2F&ep.user_subscription_status=undefined&ep.ab_test_group_user=undefined
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
jadserve.postrelease.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.mlive.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.246.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-246-173.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
db3699951500433a3e215f129084f85a9f67bb5231deb4a7d3c02367f961b5ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
1312
expires
Mon, 1 Jan 1990 12:00:00 GMT
10071-pbjs-floors.json
ads.rubiconproject.com/floors/ 		37 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/10071-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.141.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-141-156.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4a1400466be8225f33ab32a8cf0ec4d00f632c11ed7e6017b1e33f53323a787d

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
last-modified
Wed, 05 Oct 2022 03:41:04 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
4637
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1664946198372&se=e30&duid=94c49eadf2ac--01gek8dnv2gzd9padg1f08hbmd&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid
  • https://rp4.liadm.com/j?dtstmp=1664946198372&se=e30&duid=94c49eadf2ac--01gek8dnv2gzd9padg1f08hbmd&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOjRhODU6YzU5NTplN2Nl&n3...
42 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1664946198372&se=e30&duid=94c49eadf2ac--01gek8dnv2gzd9padg1f08hbmd&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOjRhODU6YzU5NTplN2Nl&n3pc=true
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
54.146.241.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-241-124.compute-1.amazonaws.com
Software
/
Resource Hash
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
x-pixel-event-id
fcc7c9db-2615-4d3e-bc10-5416b79528b5
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
5b245d7f4ae064ed
content-length
42
x-xss-protection
1; mode=block

Redirect headers

date
Wed, 05 Oct 2022 05:03:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1664946198372&se=e30&duid=94c49eadf2ac--01gek8dnv2gzd9padg1f08hbmd&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOjRhODU6YzU5NTplN2Nl&n3pc=true
access-control-allow-origin
https://www.mlive.com
request-time
0
access-control-allow-credentials
true
trace-id
ab758cca2f2f5901
content-length
0
x-xss-protection
1; mode=block
iframe.html
z.moatads.com/hd09824092/ Frame AC1E 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=3411
content-length
1374
content-type
text/html
date
Wed, 05 Oct 2022 05:03:18 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
unused62
8096267
x-amz-id-2
tXhAc64MXavoo2Ys7gL4K0CHvWdnnjW6yMDYhattkSwkbmjydK4ZTHB9EYLhbnHzR5lAnVYPFb8=
x-amz-request-id
7Y2H1YDSCY2G4ZCG
publisher:getClientId
ampcid.google.de/v1/ 		3 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
/
geo.privacymanager.io/ 		30 B
596 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-25.fra56.r.cloudfront.net
Software
/
Resource Hash
e73a140c69c1bc697cacc30b095e0adbe7153c61bb8d94b3b550e34601c4b042

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 01:17:26 GMT
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront), 1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA56-P5
age
13552
x-amzn-requestid
67b92988-508b-4527-a3bd-9bc198efe121
x-amzn-trace-id
Root=1-633cdb26-7d0e5fb65c84d943306fa678;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
ZgcuBF2WjoEF_yA=
content-length
30
x-amz-cf-id
lIWDrqTg91U3Hs9fsvy1FlBnIEIYSqvxlzte02OYTcBIK9ajAqVsNA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
vtrk.doubleverify.com/ 		0
182 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=974f5e90-b045-4443-a403-b5f4206189cb&z=392967778685&ctx=20823471&cd160=e0ee5b74-b786-4380-bd2e-654b93224cbc&cd161=https%3A%2F%2Fwww.mlive.com%2F&ea=load-pq&cd180=network&cm180=90&cm181=16&cm182=20&cm183=23&cm184=28&cm185=2&cm186=223&cm191=0&cmp=DV460143
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.164.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-164-244.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 05 Oct 2022 05:03:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 05 Oct 2022 05:03:18 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
5
content-length
0
date
Wed, 05 Oct 2022 05:03:18 GMT
server
nginx
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
last-modified
Thu, 08 Sep 2022 20:10:31 GMT
server
Apache
etag
"d71e-5e830058020dd-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17404
expires
Wed, 05 Oct 2022 05:18:18 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ca7d45c26841657f394d905623d5e5c9c7f32aecc66d66ff8401388ffc43097

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 02:40:18 GMT
content-encoding
gzip
via
1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
last-modified
Tue, 19 Jul 2022 18:12:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
8582
x-amz-server-side-encryption
AES256
etag
W/"979a52ecf913f8004d0123a9b7ba2a05"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
eYPwAhBkK_V8f5YItYWMFzjAzdiXr5coCn19bc5cw0oMZMY_2Fmbng==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
BNJ6QE5JEPQ6QZQN
age
2307
etag
W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
75539c2cccb89b22-FRA
x-amz-id-2
hJmPwVJFjVRFjjxB02rGj7iGRK80JkfiG0N/xC3qR9uTKG4G8bnSsVqbVVPjooGi44s5hsva9Y4=
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sec=Home%20Page&prem=0&ptype=homepage&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=12d85610-13e1-4e1a-8368-b29e0babe22c&pid=50fcbba8-709f-470e-8bbb-88e93cd2211a&dtm=1664946198477&qnm=_matherq&visible=1&tabid=810d7aaf-ff6b-4e6a-8d94-fd0ef8eb65fc&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x12160&tofa=1664946198&vid=1&lvidt=1664946198&duid=865d874800ff589e&fp=2509661442&cid=ma63527&mrk=484602605&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY2NDk0NjE5NzI2OSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMG1iIiwiZnN0UGFpbnQiOiIzNjYiLCJmZXRjaFMiOiIwIiwiZG9tYWluUyI6IjEiLCJkb21haW5FIjoiNjYiLCJjb25uUyI6IjY2IiwiY29ubkUiOiIxMzYiLCJzc2xTIjoiODYiLCJyZXF1UyI6IjEzNiIsInJlc3BTIjoiMTg2IiwicmVzcEUiOiIzMzAiLCJkb21Mb2FkIjoiMTk3IiwiZG9tSW50ZXIiOiI0MjQiLCJkb21Mb2FkUyI6IjcyMiIsImRvbUxvYWRFIjoiODY4In0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTE5ODA4OTIyMSIsInJlZlRpbWUiOiIxNjY0OTQ2MTk4NDc2In1dLCJ1c2VyRGF0YSI6eyJpc0xvY2FsIjoiMCJ9fQ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.38.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-38-131.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Wed, 05 Oct 2022 05:03:18 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
en.json
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/09119d5f-27a6-429d-a491-4d6d379a3bb4/ 		81 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/09119d5f-27a6-429d-a491-4d6d379a3bb4/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202208.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ec4f813ce8f006e01f0888e4c5871b4064b64585face027d84aee807f059907
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
cQbcs11AN4ydJklsb+a9/g==
age
9234
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
17623
x-ms-lease-status
unlocked
last-modified
Wed, 07 Sep 2022 14:40:48 GMT
server
cloudflare
etag
0x8DA90DEF48CB48A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8da96da8-901e-00f2-55ce-c20a72000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75539c2c8b899055-FRA
expires
Wed, 05 Oct 2022 09:03:18 GMT
get.js
buy.tinypass.com/api/v3/anon/captcha/ 		153 B
395 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
374f9c06d09ab99531c9c37efe289e6977f00135eaa61065d2cb3803a93e9bdc
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Mipk9jrJ9Ay
pragma
wn
prod-dash-10-0-87-53
last-modified
Wed, 05 Oct 2022 04:31:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
server-time
0.002
cache-control
public, max-age=1200
cf-ray
75539c2cc99f9bca-FRA
expires
Wed, 05 Oct 2022 05:23:18 GMT
/
p1.parsely.com/plogger/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1664946198534&plid=610271&idsite=mlive.com&url=https%3A%2F%2Fwww.mlive.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.mlive.com%2F&sref=&sts=1664946198531&slts=0&title=Michigan+Local+News%2C+Breaking+News%2C+Sports+%26amp%3B+Weather&date=Wed+Oct+05+2022+05%3A03%3A18+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=54985151&u=pid%3D7ad66d38efe144c80ed1b0ea3e402be2
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:03:18 GMT
Cache-Control
no-cache
Last-Modified
Wednesday, 05-Oct-2022 05:03:18 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
style
accounts.google.com/gsi/ 		533 B
328 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Tym0Ku48nQ_I5YST2oU-_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
content-security-policy
script-src 'report-sample' 'nonce-Tym0Ku48nQ_I5YST2oU-_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 05 Oct 2022 05:03:18 GMT
status
accounts.google.com/gsi/ 		40 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=339703812340-kido2ms26ssegr4jpn27vo7ro7hgkjme.apps.googleusercontent.com&as=PgST%2B%2BJfKEed2Qe3wid0HQ
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b3a16ba63a872a5a157f8abd95651ad7ceac43d8c5d0d659b50e456882ef351
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-0kOXeObn3HS5ddFdZMfjBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-0kOXeObn3HS5ddFdZMfjBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1557562236&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAQCACgFK~&jid=2135547148&gjid=1942742430&cid=1198089221.1664946198&tid=UA-16643585-16&_gid=1128824650.1664946199&_r=1&gtm=2wga30TLXFLCR&cd1=undefined&cd2=undefined&cd3=undefined&cd4=undefined&cd6=undefined&cd9=undefined&cd10=undefined&cd11=undefined&cd13=Weekday&cd14=undefined&cd15=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=mlive&cd21=undefined&cd23=undefined&cd25=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd32=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd38=No%20Referrer&cd39=undefined&cd40=undefined&cd43=false&cd44=undefined&cd45=undefined&cd46=homepage-beta&cd47=desktop&cd48=undefined&cd50=GA%20pageview%20-%20template%20-%20All%20Pages&cd51=undefined&cd52=undefined&cd53=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd59=undefined&cd60=undefined&cd62=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd86=undefined&cd87=undefined&cd88=true&cd61=1198089221.1664946198&z=73052263
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
vtrk.doubleverify.com/ 		0
181 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=974f5e90-b045-4443-a403-b5f4206189cb&z=5362333934&ctx=20823471&cd160=034ca1f5-f407-4c27-97ec-858f2f4a50b7&cd161=https%3A%2F%2Fwww.mlive.com%2F&ea=error&cd110=unknown%20error&cmp=DV460143
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.164.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-164-244.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 05 Oct 2022 05:03:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
230823541501762
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/230823541501762?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a5807816b537a2cb612263a34d1f9df01b66a79cbb700e60f975089147b8e881
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 05 Oct 2022 05:03:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
yrPrD5o8rK5MANgCOltsWWFI1nQ8vAL6FAP3AOBwEgmBB8Flla3FwUewtQtV/dZBurskMrfhhz+2rTv31qybeg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=588194251405630&correlator=2495796086413799&eid=31069682&output=ldjh&gdfp_req=1&vrg=2022092901&ptt=17&impl=fifs&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x91%7C970x91&ifi=1&adks=2024654923&sfv=1-0-38&fsbs=1&fsapi=false&prev_scp=rg_adslot%3DInFeed_Center_Wide_Adhesion%26rg_atf%3Dtrue%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Center_Wide_Adhesion%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Center_Wide_Adhesion%26rg_a9%3DAdvance_MI_ATF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta&eri=1&cust_params=IDS%3Dtimeout%26BSC%3Dtimeout%26pts_pid%3D974f5e90-b045-4443-a403-b5f4206189cb%26amznbid%3D0%26amznp%3D0%26ccaud%3D0%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26rg_pvid%3D263b9a43-6608-4e0b-b647-4e66800023e9&sc=1&cookie_enabled=1&abxe=1&dt=1664946198614&lmt=1664946197&dlt=1664946197466&idt=1106&adxs=0&adys=12164&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&frm=20&vis=1&psz=728x4&msz=728x0&fws=4&ohw=728&ga_vid=1198089221.1664946198&ga_sid=1664946199&ga_hid=1557562236&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2e0f512b3e73b001bb215647199804c65654416b1c125b9f12eb7317137fb83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
511
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1BF1 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 05:03:18 GMT
expires
Thu, 05 Oct 2023 05:03:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v2ybl_8IZ9vd9NCgPYTNsXc_uZptpbBliSXBXMOhHXvr0Pvc0VpqNF4I4mf47drT8tbwytQPL
satisfycork.com/ 		191 B
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/v2ybl_8IZ9vd9NCgPYTNsXc_uZptpbBliSXBXMOhHXvr0Pvc0VpqNF4I4mf47drT8tbwytQPL
Requested by
Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:802f::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
338392f3acfa46f608276904e9ddf900e17f355c83592300eb95377faba917e0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Wed, 05 Oct 2022 05:03:18 GMT
via
1.1 google
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
x-hostname
fen-hoothoot-europe-west1-spot-7ghk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Wed, 05 Oct 2022 05:03:17 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=8077633&ntv_pl=773533
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.246.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-246-173.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:18 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=3fe6e3f3-b0f7-47b0-bcd4-8b27a65f50d1&ntv_fl=MMTdWyeJBcdLcDTtFfyiRIW1J4RFfT92NPEX72OFNwb2ZJwH_GkMbUBfVJpvvBSu3gkBqNnsDjYK4HINb0OO7vg1brxXpHWxEKFjEqiBNIUQl0v-Tf-E-6Se11D-sIrG0mXJUdq9OW2bJgL-eajuaA==&ntv_ht=FhA9YwA&ntv_at=303,302&ntv_a=AAAAAAAAAAnc0LA&ord=1664946198626&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.246.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-246-173.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:18 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=9aae124b-22d4-4221-a185-b2a28a8611f0&ntv_fl=wklKktgzCnjHRw7QsGHOxzNhXSYYdxQ6qfiLggX0SK6yFo7I8e7vwxbeJtNDjw3K6eYtffM3M0RhU4S8UZ16jy6EFBqvKchD4dSkusfHoE71KmuaTa8hDut9ATJLO2LGWXYeweoUh2anIuGMNlq1XQ==&ntv_ht=FhA9YwA&ntv_at=303&ntv_a=AAAAAAAAAAUr0QA&ord=1664946198628&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.246.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-246-173.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:18 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=bbde2a66-b88d-44f1-a3b4-c4516f741d93&ntv_fl=No53AUp_qTJmWJYNLYz3zDH7Dla8D2Bigrcdt2SscM0m-_9EXliOrwDenOVifkM_Q60kCXZX9uHnkeV3ZTDBNXWEQr2l_10zSKBCCZQphfkWSqbX7u4o-YEbTpCHwjaKZCfoDDZEMk4N4corwW6ihA==&ntv_ht=FhA9YwA&ntv_at=303&ntv_a=AAAAAAAAAAU70QA&ord=1664946198628&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.246.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-246-173.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:18 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=1fd2f561-96aa-4bee-9733-ee5a4cc8690b&ntv_fl=miNEdYZhkQ016qn5OkGErteWbVfee99L6iQoR7ftguQI98CJB5sRf7O3x5pfTgIXT6AdO9R_y6wx32T9QrlYAD6EDdznQW-PJHJJs0BWdi81NpU_zScnXVW6sYOAEIWcB0487IQR1MN6KQmfwCi-4Q==&ntv_ht=FhA9YwA&ntv_at=303&ntv_a=AAAAAAAAAAVL0QA&ord=1664946198628&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.246.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-246-173.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:18 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1097042&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.246.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-246-173.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:18 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		64 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.mlive.com%2F&pid=0oJQZCZG5yVoO&cb=0&ws=1600x1200&v=22.9.81452&t=1500&slots=%5B%7B%22sd%22%3A%22ad-small-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
CNEQ8VPH58ARN209YPE6
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
vzblar1GvmPjYBIWit9pCLHCY931hW13NWtBL5mA70sMf74Uckdq5g==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		64 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.mlive.com%2F&pid=0oJQZCZG5yVoO&cb=1&ws=1600x1200&v=22.9.81452&t=1500&slots=%5B%7B%22sd%22%3A%22ad-small-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
MSEAF0WHJKJ8ZRNFHF5H
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
rN5LOYQq-VTO4RuZnOQU5RaGz3iM1rVATQwoEWZcHyVFheGbRhTmJw==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		64 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.mlive.com%2F&pid=0oJQZCZG5yVoO&cb=2&ws=1600x1200&v=22.9.81452&t=1500&slots=%5B%7B%22sd%22%3A%22ad-large-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
DYB34TG1YHXMFV777CDX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
GF7t9hFvTUp828hzuDZGsENEbog6kn_BZWyC8TgWJ8WCl6V3bl8Vhg==
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-16643585-16&cid=1198089221.1664946198&jid=2135547148&gjid=1942742430&_gid=1128824650.1664946199&_u=aADAAEAAAAQCACgFK~&z=2098110178
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 05 Oct 2022 05:03:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202208.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202208.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202208.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ivRWEcgBmKISMHohZLmqHg==
age
9234
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3007
x-ms-lease-status
unlocked
last-modified
Fri, 02 Sep 2022 06:26:11 GMT
server
cloudflare
etag
0x8DA8CAC07455974
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
f5c4c0c1-601e-012f-2acc-c21f89000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75539c2dbcc69055-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202208.1.0/assets/ 		62 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202208.1.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202208.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
swAgHfEDuh0iqMy2LpxrJQ==
age
2861
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14749
x-ms-lease-status
unlocked
last-modified
Fri, 02 Sep 2022 06:26:12 GMT
server
cloudflare
etag
0x8DA8CAC07E21E7C
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cd85ed7f-901e-0157-3ccc-c2773e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75539c2dbcc79055-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202208.1.0/assets/ 		22 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202208.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202208.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Oct 2022 05:03:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
B55i3ZY9miZIaUrwjufy0w==
age
6599
x-ms-lease-status
unlocked
last-modified
Fri, 02 Sep 2022 06:26:26 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
f443b176-601e-016b-65cc-c2c3e5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
75539c2dbcc99055-FRA
map
bcp.crwdcntrl.net/6/ 		20 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.218.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-218-252.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

expires
0
pragma
no-cache
date
Wed, 05 Oct 2022 05:03:18 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.1.42
access-control-allow-credentials
true
content-length
20
x-consent
absent
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
b82156a924667c27e8e9ddb51cdc88678f9a7adca51d09a6b8c6962852571c4c

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 05 Oct 2022 05:03:18 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		74 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::2fb3 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
0c6140abe08611f7d073f94a58707dac4f2da4904f0807a35e0d006ac793860e

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 5 Oct 2022 05:03:18 GMT
content-length
74
vary
Origin
content-type
application/json
691
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		161 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/691?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2022-10-05T05%3A03%3A18%2B00%3A00&ts=1664946198681
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-75.fra56.r.cloudfront.net
Software
- /
Resource Hash
d72fedbaaf092cb4f52b8190bc56d4ad2b279ae8947dd7ba5476fd5a32f41538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
30269
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
0PQ3rs-QfaarGlpb43n8ZxDeCm5IT5FxBM5B0BajbSZzqcJv2SP5YQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		902 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=588194251405630&correlator=2495796086413799&eid=31069682&output=ldjh&gdfp_req=1&vrg=2022092901&ptt=17&impl=fifs&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50&fluid=height&ifi=2&adks=767953642&sfv=1-0-38&fsbs=1&fsapi=false&prev_scp=rg_adslot%3DInFeed_Native_C%26rg_atf%3Dfalse%26rg_iab%3Dfalse%26rg_grid%3D1%26rg_counter%3D1%26rg_gpid%3DMI-desktop-InFeed_Native_C%26rg_pagetype%3Dhomepage%26rg_product%3Diabfalse&eri=1&cust_params=IDS%3Dtimeout%26BSC%3Dtimeout%26pts_pid%3D974f5e90-b045-4443-a403-b5f4206189cb%26ccaud%3D0%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26rg_pvid%3D263b9a43-6608-4e0b-b647-4e66800023e9&sc=1&cookie_enabled=1&abxe=1&dt=1664946198689&lmt=1664946197&dlt=1664946197466&idt=1106&adxs=517&adys=1267&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&frm=20&vis=1&psz=566x24&msz=566x24&fws=0&ohw=0&ga_vid=1198089221.1664946198&ga_sid=1664946199&ga_hid=1557562236&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c4348beae53315b1a64396ac79ad1597cba44c70133e5cc3f635e98482b2799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
430
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		387 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311380&zone_id=1940286&size_id=15&eid_pubcid.org=d490561c-a459-4765-ab24-252f008de9fa%5E1&rf=https%3A%2F%2Fwww.mlive.com%2F&tg_i.aupname=344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right_Tall%2Crg_platform%3Ddesktop&tg_i.pbadslot=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-2&tk_flint=dmpbjs_v7.11.0&x_source.tid=c3ce9f2d-d553-4351-8bda-2bb724deb314&l_pb_bid_id=283205b6726b7e&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.35&rp_maxbids=1&p_gpid=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-2&slots=1&rand=0.7221179316187756
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a44c9386a4662ec7a0fbc4951ed4fb3b5a909afc91ab50b2bf6e5cc8c4b796d3

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:18 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.mlive.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
387
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		338 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cefa8e6a0b857087049d072d5079786b0d58d2a3e779a28e50e6cb9396a501a2

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 05 Oct 2022 05:03:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=488240&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22731cd6cc78f677%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.mlive.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.11.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%2F%22%2C%22tmax%22%3A1000%2C%22syncsPerBidder%22%3A3%2C%22pbadslot%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-2%22%2C%22adunitcode%22%3A%22ad-small-2%22%2C%22divId%22%3A%22ad-small-2%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2285d3577d2b16bb%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22488240%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%22%2C%22gpid%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-2%22%2C%22tid%22%3A%22c3ce9f2d-d553-4351-8bda-2bb724deb314%22%7D%2C%22bidfloor%22%3A0.35%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d490561c-a459-4765-ab24-252f008de9fa%22%7D%5D%7D%5D%7D%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7748a8a89ad6eda90f0a2885e274d040e488baa0ec132eb6249f09e8287b8a0c

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtCx8o1HXYrp9ODwBAB7lQ2HFwpWOJJ2TaP7Qgdk3GHKUcvbsDNOYx7yIAxEsIgIAwVc%2Fk5T%2FfCCLQQP6dCllAOTxDzSqUI%2BHIA4gVSAxIb9yqmMohQVFygDep7g3cQ0mPZSvqXF"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75539c2e5974915c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
exchange.postrelease.com/ 		0
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1134023&ntv_pas=eyIxMTM0MDIzIjpbWzMwMCwyNTBdXSwibGVuZ3RoIjoxfQ==&ntv_ppf=eyJhZC1zbWFsbC0yIjp7ImJhbm5lciI6eyIzMDB4MjUwIjowLjM1LCIqIjowLjM1fSwiKiI6eyIqIjowLjIsIjMwMHgyNTAiOjAuMn19fQ==&ntv_pb_rid=950741a79186e&ntv_ppc=W3siYWRVbml0Q29kZSI6ImFkLXNtYWxsLTIiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX1d&ntv_dbr=eyJhZC1zbWFsbC0yIjowfQ==&ntv_url=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.220.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-220-40.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:19 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=488238&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211611477cbf5068%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.mlive.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.11.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%2F%22%2C%22tmax%22%3A1000%2C%22syncsPerBidder%22%3A3%2C%22pbadslot%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-1%22%2C%22adunitcode%22%3A%22ad-small-1%22%2C%22divId%22%3A%22ad-small-1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221207122563fa199%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22488238%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%22%2C%22gpid%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-1%22%2C%22tid%22%3A%2255a09606-d7ae-4d30-93c4-f9a1f7727ef2%22%7D%2C%22bidfloor%22%3A0.2%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d490561c-a459-4765-ab24-252f008de9fa%22%7D%5D%7D%5D%7D%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34d350644f6cb8c6ef6b786bf59766e7d6db7432519e4f0c0b949e2e5b179134

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wtCSB%2FtMHxQ%2FYUY1r7rlnIQvHcj%2Fe0EGw5hMLdw%2BNVsNlGmNKAcSne9uveTjr%2BZ%2FVokEvz5r0j%2FX%2F1Et05BHeFhBeD75QBEl2zWqdug3wGPtyYgS2LZnhs8YLFj%2FvJdFQnL5L7E"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75539c2e5977915c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 05 Oct 2022 05:03:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
exchange.postrelease.com/ 		0
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1134020&ntv_pas=eyIxMTM0MDIwIjpbWzMwMCwyNTBdXSwibGVuZ3RoIjoxfQ==&ntv_ppf=eyJhZC1zbWFsbC0xIjp7ImJhbm5lciI6eyIzMDB4MjUwIjowLjIsIioiOjAuMn0sIioiOnsiKiI6MC4yLCIzMDB4MjUwIjowLjJ9fX0=&ntv_pb_rid=15832f4ee5c16ff&ntv_ppc=W3siYWRVbml0Q29kZSI6ImFkLXNtYWxsLTEiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX1d&ntv_dbr=eyJhZC1zbWFsbC0yIjowLCJhZC1zbWFsbC0xIjowfQ==&ntv_url=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.220.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-220-40.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:19 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
prebid
prebid.media.net/rtb/ 		338 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6ac2fb7982bdb2e734577c41d22881dfa8083b9dbb250b3cfefc24b1647daddf

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
fastlane.json
fastlane.rubiconproject.com/a/api/ 		402 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311380&zone_id=1940284&size_id=15&eid_pubcid.org=d490561c-a459-4765-ab24-252f008de9fa%5E1&rf=https%3A%2F%2Fwww.mlive.com%2F&tg_i.bsc=timeout&tg_i.aupname=344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Left_Tall%2Crg_platform%3Ddesktop&tg_i.pbadslot=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-1&tk_flint=dmpbjs_v7.11.0&x_source.tid=55a09606-d7ae-4d30-93c4-f9a1f7727ef2&l_pb_bid_id=205bf8ba6a38fcd&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.2&rp_maxbids=1&p_gpid=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-1&slots=1&rand=0.4182480765808094
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5b05a58583763aa5e68b791791af2fc5c18b12fd67009bd10f202e866e18a02b

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:18 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.mlive.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
402
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
exchange.postrelease.com/ 		0
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1134023&ntv_pas=eyIxMTM0MDIzIjpbWzMwMCwyNTBdXSwibGVuZ3RoIjoxfQ==&ntv_ppf=eyJhZC1sYXJnZS0xIjp7ImJhbm5lciI6eyIzMDB4MjUwIjowLjUyLCIqIjowLjUyfSwiKiI6eyIqIjoxLjExLCIzMDB4MjUwIjoxLjExfX19&ntv_pb_rid=215d3867326c60c&ntv_ppc=W3siYWRVbml0Q29kZSI6ImFkLWxhcmdlLTEiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX1d&ntv_dbr=eyJhZC1zbWFsbC0yIjowLCJhZC1zbWFsbC0xIjowLCJhZC1sYXJnZS0xIjowfQ==&ntv_url=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.220.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-220-40.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:19 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=488240&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2223dab47577c629%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.mlive.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.11.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%2F%22%2C%22tmax%22%3A1000%2C%22syncsPerBidder%22%3A3%2C%22pbadslot%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-large-1%22%2C%22adunitcode%22%3A%22ad-large-1%22%2C%22divId%22%3A%22ad-large-1%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2224849046c496ed1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22488240%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%22%2C%22gpid%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-large-1%22%2C%22tid%22%3A%228647b593-a1d2-4a08-856e-56f6a0d8979f%22%7D%2C%22bidfloor%22%3A0.52%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d490561c-a459-4765-ab24-252f008de9fa%22%7D%5D%7D%5D%7D%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fed9efcd59ece931725e3812ca15607be3f9c43bbbffcd71a5089dca6657528

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3aM3WNi%2FP2KDQeXHcbLKvNbtQCWnz%2FBTsVlIbNNHg1QnZPkOnj14leJXp8cWxbJ8TZhl0tNpyKep3pCVjPKrvj38ITwZxNnpUyqCdkeOM%2Bg2QoCywbNJV2gep9klhqsx36SHHUU"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75539c2e5978915c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
prebid.media.net/rtb/ 		338 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9caa3cc1d49a06322b567450c3e217a93c5f4ca9cf512cc8bae3e95215b5398f

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:18 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 05 Oct 2022 05:03:18 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		403 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311380&zone_id=1940286&size_id=15&eid_pubcid.org=d490561c-a459-4765-ab24-252f008de9fa%5E1&rf=https%3A%2F%2Fwww.mlive.com%2F&tg_i.bsc=timeout&tg_i.aupname=344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right_Tall%2Crg_platform%3Ddesktop&tg_i.pbadslot=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-large-1&tk_flint=dmpbjs_v7.11.0&x_source.tid=8647b593-a1d2-4a08-856e-56f6a0d8979f&l_pb_bid_id=30ab339d691a876&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.52&rp_maxbids=1&p_gpid=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-large-1&slots=1&rand=0.6525362215080697
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c616c7d1604c445eee93e6ae45ecf32acf52df523f4cd7859d0d350fc3c112a4

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:18 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.mlive.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
403
Expires
Wed, 17 Sep 1975 21:32:10 GMT
FormLogo.jpg
cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/9db7a06a-4f0a-4b5b-8abb-9f3aac23afb7/f8bc963b-b2e8-45f7-80d3-988cede5f448/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/9db7a06a-4f0a-4b5b-8abb-9f3aac23afb7/f8bc963b-b2e8-45f7-80d3-988cede5f448/FormLogo.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Oct 2022 05:03:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/VgjLzERih8MeSo4vme4Lw==
age
14216
content-length
90639
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Tue, 15 Dec 2020 19:27:11 GMT
server
cloudflare
etag
0x8D8A12F6B751639
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
c4ce03f6-a01e-011b-01d2-21b021000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75539c2e5de6bb7f-FRA
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Oct 2022 05:03:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
LpuayL42jB78xRllx0vkOw==
age
12127
x-ms-lease-status
unlocked
last-modified
Tue, 04 Oct 2022 02:35:35 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b03a2b09-001e-0056-279f-d73096000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
75539c2e5de7bb7f-FRA
392.json
id5-sync.com/g/v2/ 		216 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/392.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
f0bdcaa3bbe53b812fdd28a255aa84af054dc9acd24c7df1bec215876e8a7add
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 05 Oct 2022 05:03:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
config.json
c.go-mpulse.net/api/ 		624 B
897 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ&d=www.mlive.com&t=5549821&v=1.720.0&sl=0&si=c1e1c6c7-3791-4f87-9a85-9edf7a67f936-rj9kph&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=468260
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:64:6b5::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a7725228f4c82b6a0acc1e8dc04ceb4d404af9feae06069becd809da49eae48a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 05 Oct 2022 05:03:18 GMT
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
624
Content-Type
application/json
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1664946198824&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664946198823.455937927&it=1664946198247&coo=false&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 05 Oct 2022 05:03:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1664946198825&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664946198823.455937927&it=1664946198247&coo=false&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 05 Oct 2022 05:03:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1664946198826&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&cd[content_name]=undefined&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664946198823.455937927&it=1664946198247&coo=false&tm=1&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 05 Oct 2022 05:03:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1664946198826&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&cd[content_name]=undefined&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664946198823.455937927&it=1664946198247&coo=false&tm=1&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 05 Oct 2022 05:03:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_HEADER1&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&t=1664946198275&de=890723720420&rx=596129050217&m=0&ar=220b545db30-clean&iw=0fe1c466&q=1&cb=0&cu=1664946198275&ll=2&lm=0&ln=0&em=0&en=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=advanceddigitalheader640552616592&fd=1&it=500&pe=1%3A366%3A366%3A0%3A423&fs=200409&na=204449710&cs=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 05 Oct 2022 05:03:19 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 05 Oct 2022 05:03:19 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
48a9cf6c98a634bd55afef686350df27b3dcb6878e03653921f719cd78bd55a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11046
x-xss-protection
0
up
insight.adsrvr.org/track/ Frame 79EF 		0
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=4pdxx2d&ref=https%3A%2F%2Fwww.mlive.com%2F&upid=p5qqvcp&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html
date
Wed, 05 Oct 2022 05:03:19 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
/
68794912.akstat.io/ 		0
201 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://68794912.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:293::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:19 GMT
content-type
image/gif
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Wed, 05 Oct 2022 05:03:19 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.mlive.com%2F-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKmKjefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VYfZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-2w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1664946198275&de=890723720420&rx=596129050217&cu=1664946198275&m=704&ar=220b545db30-clean&iw=0fe1c466&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11820&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A366%3A366%3A0%3A423&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=200409&na=977838834&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 05 Oct 2022 05:03:19 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 05 Oct 2022 05:03:19 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:03:19 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=588194251405630&correlator=2495796086413799&eid=31069682&output=ldjh&gdfp_req=1&vrg=2022092901&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=3&adks=455907384&sfv=1-0-38&fsbs=1&fsapi=false&prev_scp=rg_adslot%3DInFeed_Right_Tall%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_position%3Dundefined%26rg_counter%3D2%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right_Tall%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Right_Tall%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right_Tall%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3DMI-desktop-InFeed_Right_Tall-2&eri=1&cust_params=IDS%3Dtimeout%26BSC%3Dtimeout%26pts_pid%3D974f5e90-b045-4443-a403-b5f4206189cb%26ccaud%3D0%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26rg_pvid%3D263b9a43-6608-4e0b-b647-4e66800023e9&sc=1&cookie=ID%3D7e414bd2430918d6%3AT%3D1664946198%3AS%3DALNI_Mb6n6xgrSU8k99Y4IclEzUDl7bhAw&abxe=1&dt=1664946199106&lmt=1664946197&dlt=1664946197466&idt=1106&adxs=1135&adys=917&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&frm=20&vis=1&psz=300x24&msz=300x24&fws=512&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=1198089221.1664946198&ga_sid=1664946199&ga_hid=1557562236&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e014f4f56d1747802ba8c20a908590067e763f2a6ecdd67a4f0b3181f4e7fe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
107162
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16911
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
270150
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=588194251405630&correlator=2495796086413799&eid=31069682&output=ldjh&gdfp_req=1&vrg=2022092901&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=4&adks=197823414&sfv=1-0-38&fsbs=1&fsapi=false&prev_scp=rg_adslot%3DInFeed_Right_Tall%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_position%3Dundefined%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right_Tall%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Right_Tall%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right_Tall%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3DMI-desktop-InFeed_Right_Tall-2&eri=1&cust_params=IDS%3Dtimeout%26BSC%3Dtimeout%26pts_pid%3D974f5e90-b045-4443-a403-b5f4206189cb%26ccaud%3D0%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26rg_pvid%3D263b9a43-6608-4e0b-b647-4e66800023e9&sc=1&cookie=ID%3D7e414bd2430918d6%3AT%3D1664946198%3AS%3DALNI_Mb6n6xgrSU8k99Y4IclEzUDl7bhAw&abxe=1&dt=1664946199113&lmt=1664946197&dlt=1664946197466&idt=1106&adxs=1135&adys=155&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&frm=20&vis=1&psz=300x24&msz=300x24&fws=0&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=1198089221.1664946198&ga_sid=1664946199&ga_hid=1557562236&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30d5a08f1e8b8d8e59fbc8606607bcd4d3631718fec42458d02329e13fb2a514
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
107162
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11515
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
148067
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
3723
idx.liadm.com/idex/prebid/ 		54 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/3723?duid=94c49eadf2ac--01gek8dnv2gzd9padg1f08hbmd
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.150.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-150-226.compute-1.amazonaws.com
Software
/
Resource Hash
600496c9d462f04667666e8eae937e6e1a2c4d8a351fbf18267ac60ac37975cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
3
content-type
application/json
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
trace-id
d81540b379f3b250
content-length
54
baker
ead.mlive.com/ 		19 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ead.mlive.com/baker?dtstmp=1664946199169
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.246.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-246-164.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Expires
Wed, 05 Oct 2022 05:03:19 GMT
Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=588194251405630&correlator=2495796086413799&eid=31069682&output=ldjh&gdfp_req=1&vrg=2022092901&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=5&adks=197823415&sfv=1-0-38&fsbs=1&fsapi=false&prev_scp=rg_adslot%3DInFeed_Left_Tall%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_position%3Dundefined%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Left_Tall%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Left_Tall%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Left_Tall%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3DMI-desktop-InFeed_Left_Tall-2&eri=1&cust_params=IDS%3Dtimeout%26BSC%3Dtimeout%26pts_pid%3D974f5e90-b045-4443-a403-b5f4206189cb%26ccaud%3D0%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26rg_pvid%3D263b9a43-6608-4e0b-b647-4e66800023e9&sc=1&cookie=ID%3D7e414bd2430918d6%3AT%3D1664946198%3AS%3DALNI_Mb6n6xgrSU8k99Y4IclEzUDl7bhAw&abxe=1&dt=1664946199204&lmt=1664946197&dlt=1664946197466&idt=1106&adxs=165&adys=887&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&frm=20&vis=1&psz=300x274&msz=300x274&fws=512&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=1198089221.1664946198&ga_sid=1664946199&ga_hid=1557562236&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b8428cbf00154ce20a92f39dd45f6245e1420fa353b02accb01e2c86bf2beb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
107162
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17237
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
270150
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E114 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
33150
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 19:50:49 GMT
expires
Wed, 04 Oct 2023 19:50:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 040D 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bf42506762114c6a7fe8e76e59177032c9e369af8c98f19fe40d13a9e74b32d6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-C40ozvvkkY3Y_udoyALAlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-C40ozvvkkY3Y_udoyALAlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 05:03:19 GMT
expires
Wed, 05 Oct 2022 05:03:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
d86dce849649150ef9e9f7ef2333f2bc
h312.mlive.com/plugin/plugin/ 		137 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/plugin/plugin/d86dce849649150ef9e9f7ef2333f2bc
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-75.fra56.r.cloudfront.net
Software
- /
Resource Hash
78dd4a0eb6b43531064b50c6e8253895c70b0dc5c69f59e55220bef4db409275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 14:13:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
age
658194
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
37199
x-xss-protection
1; mode=block
last-modified
Mon, 26 Sep 2022 14:13:25 GMT
server
-
etag
d86dce849649150ef9e9f7ef2333f2bc
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
K4NKhaK9lB_syS5RZxfppUONuaCvEqeELVcyxyqeg5FTcK4r063zJg==
expires
Wed, 27 Sep 2023 14:13:25 GMT
LB-Zone-2
h312.mlive.com/DG/DEFAULT/rest/rpc/691/ 		354 B
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/691/LB-Zone-2?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=57d8ba92-8db0-44ab-9680-b02eee1c76e4&overruleReferrer=&time=2022-10-05T05%3A03%3A19%2B00%3A00&ts=1664946199275
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-75.fra56.r.cloudfront.net
Software
- /
Resource Hash
1b9331247bd52359d450c555ed4505dbadc2e641961d76f3f021d2a3971add39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
232
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
5uV9sUWTVadUJ5o-gbr5D7fTHWcZYQX-gMPktxm7Ed1pD8t54Bp0vA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=Microdata&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1664946199369&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22og%3Adescription%22%3A%22Get%20the%20latest%20Michigan%20Local%20News%2C%20Sports%20News%20%26amp%3B%20US%20breaking%20News.%20View%20daily%20MI%20weather%20updates%2C%20watch%20videos%20and%20photos%2C%20join%20the%20discussion%20in%20forums.%20Find%20more%20news%20articles%20and%20stories%20online%20at%20MLive.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia.mlive.com%2Fstatic%2Fmlive%2Fstatic%2Fimg%2Flogos%2Flogo_fb.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22og%3Asite_name%22%3A%22mlive%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%22%7D%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=2&o=30&fbp=fb.1.1664946198823.455937927&it=1664946198247&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 05 Oct 2022 05:03:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=Microdata&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1664946199371&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22og%3Adescription%22%3A%22Get%20the%20latest%20Michigan%20Local%20News%2C%20Sports%20News%20%26amp%3B%20US%20breaking%20News.%20View%20daily%20MI%20weather%20updates%2C%20watch%20videos%20and%20photos%2C%20join%20the%20discussion%20in%20forums.%20Find%20more%20news%20articles%20and%20stories%20online%20at%20MLive.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia.mlive.com%2Fstatic%2Fmlive%2Fstatic%2Fimg%2Flogos%2Flogo_fb.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22og%3Asite_name%22%3A%22mlive%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%22%7D%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=2&o=30&fbp=fb.1.1664946198823.455937927&it=1664946198247&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 05 Oct 2022 05:03:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js
pagead2.googlesyndication.com/bg/ Frame E114 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62b7414a3cdf2077188582e66af852c8efc4841acb516a71e7291d2fb1fd2aa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 17:26:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41784
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16054
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 17:26:55 GMT
2d556cfd6bd629f982cd54c3b0df7eab
h312.mlive.com/plugin/library/ 		317 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/plugin/library/2d556cfd6bd629f982cd54c3b0df7eab
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-75.fra56.r.cloudfront.net
Software
- /
Resource Hash
9f40461c8c607d5bdb6c485325b66b30d3d3a431b9d0c0d1be47fb4fcd1b072b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 20:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
age
1067893
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
102118
x-xss-protection
1; mode=block
last-modified
Wed, 21 Sep 2022 20:25:06 GMT
server
-
etag
2d556cfd6bd629f982cd54c3b0df7eab
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
Lu82ujVn1p86b7vyvhe-tgJmpOFG5_m1PjgcTTWg8a5QnYm12O_6QQ==
expires
Fri, 22 Sep 2023 20:25:06 GMT
LB-Zone-2
h312.mlive.com/DG/DEFAULT/rest/rpc/691/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/691/LB-Zone-2?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=57d8ba92-8db0-44ab-9680-b02eee1c76e4&overruleReferrer=&time=2022-10-05T05%3A03%3A19%2B00%3A00&ts=1664946199381
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-75.fra56.r.cloudfront.net
Software
- /
Resource Hash
4a825ce5bde98f2be7a61a13fa9f6a98a810053aa343e7bf7c79b189fd27cbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1236
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
8KhOoQ7L7hOLMLokolia-DI8UzQDU-D9StzQGec_YGEvA6z158QEbw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 040D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092901&jk=588194251405630&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 05 Oct 2022 05:03:19 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
5
content-length
0
date
Wed, 05 Oct 2022 05:03:19 GMT
server
nginx
pubcid.min.js
id.sharedid.org/lib/ 		732 B
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/lib/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.23.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-23-219.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
cache-control
public, max-age=86400
last-modified
Tue, 4 Oct 2022 10:30:55 GMT
accept-ranges
bytes
content-length
732
vary
accept-encoding
content-type
application/javascript
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 05:47:41 GMT
content-encoding
gzip
age
1811738
x-guploader-uploadid
ADPycdvqYWr4XlcgogWQv1CUKqMPpl5vfnpXVcXgwGPC8Zdt9c3EaH1AN9TP9qap5Fs6TeD5UJ3zYNvH-rbYbZWiqGonRQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 14 Sep 2023 05:47:41 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9608ec4ea86f70691860daf1b477654e08357662b2fdc33568a376b0fcbdf5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
QHFT6EZESVEF3FKF
age
657
etag
W/"52bb09fbb0a7c9360d68135b7668a1d7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
75539c32bc789b22-FRA
x-amz-id-2
bswbzwTihHt9KtNRp+WlgSbRCVUWb3tYFGypd16G/FXyxgIQIeUL3hSc/+bfcdXz1mhpNY/lNAo=
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 02:50:20 GMT
content-encoding
gzip
via
1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
last-modified
Tue, 19 Jul 2022 18:12:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
7984
x-amz-server-side-encryption
AES256
etag
W/"2fa1275c04d6208db458c1ec8559f92d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
Zf2h7lFbh4F4MwOBghN_9cTNHWUrwOlQlI-wSloqEyWv9IvdJx48Bg==
publishertag.ids.js
static.criteo.net/js/ld/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a097f145b7b5399d1f8e9c86b6f4a36e43f5553fa77c7b2951504731914535ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-a1fb"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 06 Oct 2022 05:03:19 GMT
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.134.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-134-122.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
cache-control
public, max-age=86400
last-modified
Tue, 17 May 2022 17:30:07 GMT
accept-ranges
bytes
content-length
4559
vary
accept-encoding
content-type
application/javascript
container.html
c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7FB5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 05:03:18 GMT
expires
Thu, 05 Oct 2023 05:03:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
event
prebid-a.rubiconproject.com/ 		61 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.87.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-87-135.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 05 Oct 2022 05:03:19 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.87.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-87-135.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 05 Oct 2022 05:03:19 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
map
bcp.crwdcntrl.net/6/ 		20 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.218.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-218-252.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

expires
0
pragma
no-cache
date
Wed, 05 Oct 2022 05:03:19 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.10.188
access-control-allow-credentials
true
content-length
20
x-consent
absent
increment
id5-sync.com/api/esp/ 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 05 Oct 2022 05:03:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
generate_204
tpc.googlesyndication.com/ Frame E114 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?IqbubA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 7FB5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxB6UFxA9Y47KCeKqrATlkJOACpjn_41cjLDP3vIJwI23ARABIABglQKCARdjYS1wdWItMjkzNzQ5NDU2Nzk0OTI3OKAB3-HozwLIAQngAgCoAwGqBI8CT9Cxc4ULfTnuqo--JAB1BXqUR5TNiaKlFg748Q3Z9Lpw08jTOp4CLRnmHrHSAHKabuDyk9AOV-UI-aUuBShZRPCGUsr1UkFKyeD3VKJGWT61qNBAGv14RDg4-YZEzFQ2Xz7mLERecYahokeggo6Z2gtPBZeO7HU1DKqiMlo_K3Hz_R4hb51vvdEDoFSpNHA062d20NAF5TtPTK9redkJ9_TWFi9B2wSdCRDcjs3RkLWRi8alqInjgV_Mp_fHwYOHbs2xdWTNbPJeUuUaLh3xEcdAiw6rYM1eu7jL7g3QceLvfDb63pWe9wtBCHf21fEqdzfPVMFcPzxQwzlDAVcKlIQqu1OB1jhGjE88rArkYOAEAYAGsL6KnoPsv_4GoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yOTM3NDk0NTY3OTQ5Mjc4GN-RHw&sigh=GzWvuCTkPDc&uach_m=[UACH]&cid=CAQSOwCsnQUxP59gcD5dL_2w18TNHPgMlCF6hF1jr_0Q5t3VlfYu3VkOU04SH-dJlqFnG9VWU_o6DxkEOX2SGAEgEw
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
butler
b.sharethrough.com/ Frame 7FB5 		95 B
411 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b.sharethrough.com/butler?type=s2s-win&arid=3732dd8c-2b67-4ae6-8a5a-b6cd108670d3
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-92.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:40:00 GMT
via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 16:38:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
73400
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
y49XC87oebPfL-QePvNSfbZiHW8Xz5K5CLXSr0CF8ZEeTpi0Qf3gTg==
sfp.js
native.sharethrough.com/assets/ Frame 7FB5 		266 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://native.sharethrough.com/assets/sfp.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-5.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28117001f598a085aa8367fd5f5535205540a3edd9ec694fc122310916bbf61e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:47:22 GMT
content-encoding
gzip
via
1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
last-modified
Thu, 29 Sep 2022 13:32:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
958
etag
W/"513093fcc020f7dc2157d2330abc59fb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
DuU75mriBtuhSRbX7n6nl0vvFcr_ZrWCpSObFWmx_5I4-wkeUsMdMw==
expires
Thu, 29 Sep 2022 14:32:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 7FB5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:54:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
522
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 04:54:37 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 069A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29770
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 20:47:09 GMT
etag
48472445140208031
expires
Wed, 05 Oct 2022 20:47:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 7FB5 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:52:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
677
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 04:52:02 GMT
l
www.google.com/ads/measurement/ Frame 7FB5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqJiCjR1RW3AtWSseAnxD2TA0YO6JMplscbie-2UC6DzOSFFn6S3JLMfGkeTJXKAgKY0kOTgzPFi9wmMdXGftsRjwtuw
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7FB5 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:55:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68869
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 04 Oct 2023 09:55:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7FB5 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44883
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664796838458510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:03:19 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
85 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
Protocol
H3
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
de82ce901d3d527a614f4b425e26d21ee1e57c8201d85a2bba9931e1d8f1e9ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-WcwJ6Zjt3i25g7kCOJZKr4ZPjcs"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 05 Oct 2022 05:03:19 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.mlive.com
location
/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 069A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOHx-pkMsJhh81z0H1o3Vjg&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOHx-pkMsJhh81z0H1o3Vjg&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWxaYzRHU2oxT0ZXeVg1&google_gid=CAESEOHx-pkMsJhh81z0H1o3Vjg&google_cver=1&google_push=AZmPxg_63C3zZpFeoGB6JEBiebcBlocexZFHFSYDrmcEsZS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWxaYzRHU2oxT0ZXeVg1&google_gid=CAESEOHx-pkMsJhh81z0H1o3Vjg&google_cver=1&google_push=AZmPxg_63C3zZpFeoGB6JEBiebcBlocexZFHFSYDrmcEsZSlebC9bbzDYoAHva90jkm1GdywDHpI1o2Wta67TSIT-EMvwTOcm_k
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:19 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0b4514da13a8bc28c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWxaYzRHU2oxT0ZXeVg1&google_gid=CAESEOHx-pkMsJhh81z0H1o3Vjg&google_cver=1&google_push=AZmPxg_63C3zZpFeoGB6JEBiebcBlocexZFHFSYDrmcEsZSlebC9bbzDYoAHva90jkm1GdywDHpI1o2Wta67TSIT-EMvwTOcm_k
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 069A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGKd_Gp15hzy4P7YpOZuv6Q&google_cver=1&google_push=AZmPxg8a7HVOPBaud6rXP-voei9zYXDf-lqClLcdlunKLjQ5g5cOD40c4y2UELp4rSbnkFLP0PE2ac8bW4bEgzSD_a3Kp7k...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg8a7HVOPBaud6rXP-voei9zYXDf-lqClLcdlunKLjQ5g5cOD40c4y2UELp4rSbnkFLP0PE2ac8bW4bEgzSD_a3Kp7k5Ok9L&google_hm=MjM2MDY3MjAyMTAwODMyMz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg8a7HVOPBaud6rXP-voei9zYXDf-lqClLcdlunKLjQ5g5cOD40c4y2UELp4rSbnkFLP0PE2ac8bW4bEgzSD_a3Kp7k5Ok9L&google_hm=MjM2MDY3MjAyMTAwODMyMzk1Ng%3D%3D
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 05 Oct 2022 05:03:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg8a7HVOPBaud6rXP-voei9zYXDf-lqClLcdlunKLjQ5g5cOD40c4y2UELp4rSbnkFLP0PE2ac8bW4bEgzSD_a3Kp7k5Ok9L&google_hm=MjM2MDY3MjAyMTAwODMyMzk1Ng%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame 069A
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEMprPZvZcXp_HOgFFo6UzNw&google_cver=1&google_push=AZmPxg8D4jZ6_Sd9QHmhDK9WHGc3-WGhtlhSfDWqYft7CKuKIlnzIIPMqY8Q9cjLKtZjF8xYUhqpTM4LaQt6sXMJwzWlh187ip9b
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg8D4jZ6_Sd9QHmhDK9WHGc3-WGhtlhSfDWqYft7CKuKIlnzIIPMqY8Q9cjLKtZjF8xYUhqpTM4LaQt6sXMJwzWlh187ip9b&google_hm=ZzIxZTIzOWZjMWRmNTBk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg8D4jZ6_Sd9QHmhDK9WHGc3-WGhtlhSfDWqYft7CKuKIlnzIIPMqY8Q9cjLKtZjF8xYUhqpTM4LaQt6sXMJwzWlh187ip9b&google_hm=ZzIxZTIzOWZjMWRmNTBkN2VmOTg=
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:19 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg8D4jZ6_Sd9QHmhDK9WHGc3-WGhtlhSfDWqYft7CKuKIlnzIIPMqY8Q9cjLKtZjF8xYUhqpTM4LaQt6sXMJwzWlh187ip9b&google_hm=ZzIxZTIzOWZjMWRmNTBkN2VmOTg=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 069A
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPbUZU6Q3wVNSE1Griuazsk&google_cver=1&google_push=AZmPxg_EtMzVeQ-1bOiBRAo93ZPCqpVzgQHNCCUZxDRbGH2YXDa8w5Zqy_Pn5Izn6XIhBzMQlCbzY96NhvxAcRUQrnqsnl4C_Qvg
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg_EtMzVeQ-1bOiBRAo93ZPCqpVzgQHNCCUZxDRbGH2YXDa8w5Zqy_Pn5Izn6XIhBzMQlCbzY96NhvxAcRUQrnqsnl4C_Qv...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODA2NzczMjg4ODUwMDk5NjIzNzUy&google_push=AZmPxg_EtMzVeQ-1bOiBRAo93ZPCqpVzgQHNCCUZxDRbGH2YXDa8w5Zqy_Pn5Izn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODA2NzczMjg4ODUwMDk5NjIzNzUy&google_push=AZmPxg_EtMzVeQ-1bOiBRAo93ZPCqpVzgQHNCCUZxDRbGH2YXDa8w5Zqy_Pn5Izn6XIhBzMQlCbzY96NhvxAcRUQrnqsnl4C_Qvg
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODA2NzczMjg4ODUwMDk5NjIzNzUy&google_push=AZmPxg_EtMzVeQ-1bOiBRAo93ZPCqpVzgQHNCCUZxDRbGH2YXDa8w5Zqy_Pn5Izn6XIhBzMQlCbzY96NhvxAcRUQrnqsnl4C_Qvg
date
Wed, 05 Oct 2022 05:03:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 069A
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESELnGkwYNkJhcGpdhTKjlgJE&google_cver=1&google_push=AZmPxg_m0p-W5sxBevGloiZv2e25Cu7OBNEWiZ-dxY409Yrbz-f4XcBsd1Im37o1rU_Z_vIPhzqLRma_NtHbyp1U8vW66objb57z
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA3OTQ3Nzk5ODIxNDk3MjAwMFYxMA%3d%3d&mn_hm=MzA3OTQ3Nzk5ODIxNDk3MjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_m0p-W5sxBevGloiZv2e25Cu7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA3OTQ3Nzk5ODIxNDk3MjAwMFYxMA%3d%3d&mn_hm=MzA3OTQ3Nzk5ODIxNDk3MjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_m0p-W5sxBevGloiZv2e25Cu7OBNEWiZ-dxY409Yrbz-f4XcBsd1Im37o1rU_Z_vIPhzqLRma_NtHbyp1U8vW66objb57z&gdpr=&gdpr_consent=
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:19 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA3OTQ3Nzk5ODIxNDk3MjAwMFYxMA%3d%3d&mn_hm=MzA3OTQ3Nzk5ODIxNDk3MjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_m0p-W5sxBevGloiZv2e25Cu7OBNEWiZ-dxY409Yrbz-f4XcBsd1Im37o1rU_Z_vIPhzqLRma_NtHbyp1U8vW66objb57z&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Wed, 05 Oct 2022 05:03:19 GMT
v1
match.sharethrough.com/E4rooAtA/ Frame 069A 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEBuFwCuFyqi9CmlcJZjfWMk&google_cver=1&google_push=AZmPxg8So8RxiTujYyFdESBOlUso3_qrIaFsbIYegdm6EzHuJCsUo0pZkcX1rHBFyiNm5_tIecXbu1X2vTXdRr9QpgrwJWMoWy19Nw
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.233.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-233-51.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
/
onetag-sys.com/match/ Frame 069A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF_AAGxw__9aEBrm4YRkZwk&google_cver=1&google_push=AZmPxg8on4mTbdnTFSkNgayaIJLgbRUJ8Fm3EhUa2jV5WhibCSLa9W5OcSPxbGP5-j8MHv9OsoIp-wkz-Jz...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8on4mTbdnTFSkNgayaIJLgbRUJ8Fm3EhUa2jV5WhibCSLa9W5OcSPxbGP5-j8MHv9OsoIp-wkz-JzGbhWimU9t9DZFOhpd
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 069A 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IOVmxh14zTX6PPz4rbaXCjefv4DkbhUPsZVa3sO8Xh9WFQ-CYNNt7kJ3snDAkdxIgzPTAVbs4
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 7FB5 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c711f5f12a09bc2c5ea19aa7a0553459114a339ff90bf2a6c1b66ba2422250bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
syncframe
gum.criteo.com/ Frame 82BB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mlive.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3c194ef9dbec4dcbd08cd14e2a2ee0f88368e8ca11b6c6600cf47019d16680c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 05:03:19 GMT
server
Kestrel
server-processing-duration-in-ticks
328086
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
trk.gif
jadserve.postrelease.com/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=386,387,388,389&ntv_r1=1089&ntv_r2=1089&ntv_r3=1089&ntv_r4=1089&ntv_pl=773533&ntv_it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.246.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-246-173.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:19 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		66 B
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?bcsessionid=57d8ba92-8db0-44ab-9680-b02eee1c76e4&&callback=bc_json693
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.43.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-43-237.compute-1.amazonaws.com
Software
- /
Resource Hash
dd47e8a73598474ab4202c5ec0a40d294485c339e65de4e975dc90ff7e4086b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
70a0164e323b7b25a914d9a83a023e02f7.jpg
zem.outbrainimg.com/p/srv/sha/00/c5/8f/ Frame 7FB5 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/00/c5/8f/70a0164e323b7b25a914d9a83a023e02f7.jpg?w=48&h=48&fit=crop&crop=center&fm=jpg
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
e08a419f52c7a17c04b370b17e935f497e2bc297f470a8217ec2eb98a88cb61c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
3019803
x-cache
HIT, MISS, HIT
x-imgix-id
66fc99acbc0f9c84ff3622ed4b5494d1f2aa1ce4
cross-origin-resource-policy
cross-origin
content-length
4919
x-served-by
cache-sjc10025-SJC, cache-hhn4038-HHN, cache-hhn4046-HHN
x-imgix-render-farm
01.1
last-modified
Wed, 31 Aug 2022 06:13:16 GMT
server
imgix
x-timer
S1664946200.786222,VS0,VE0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
11
7dd59700e3cd678e722d50ba399112777e.jpg
zem.outbrainimg.com/p/srv/sha/fc/00/03/ Frame 7FB5 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/fc/00/03/7dd59700e3cd678e722d50ba399112777e.jpg?w=300&h=250&fit=crop&crop=center&fm=jpg
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
39aef0db130e9ff36d4ea8eeea2fdbcb5d7f9d5ac6eb9937c5230adf97b755cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
1114860
x-cache
HIT, MISS, HIT
x-imgix-id
47690b4fd98b08e5955c8b40c25d70c68fca155c
cross-origin-resource-policy
cross-origin
content-length
12448
x-served-by
cache-sjc10059-SJC, cache-hhn4040-HHN, cache-hhn4046-HHN
x-imgix-render-farm
01.592
last-modified
Thu, 22 Sep 2022 07:22:19 GMT
server
imgix
x-timer
S1664946200.786237,VS0,VE1
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1
adchoice.png
sdk.sharethrough.com/ Frame 7FB5 		593 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sdk.sharethrough.com/adchoice.png
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-110.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed5ad0eec04e553eba9d52dd0ebc0dae503878399641b8ba9ef9b7e3d8efe69d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:32:44 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
last-modified
Thu, 29 Sep 2022 13:32:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
1836
etag
"df4be15f5ec2528ff22bef4b5e166ded"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
593
x-amz-cf-id
l7ti8WdhK16NLLuMejA80BmjHWCl-sBFOBenxmFrVOxrNgMtL1Y7xg==
expires
Thu, 29 Sep 2022 14:32:22 GMT
butler
b.sharethrough.com/ Frame 7FB5 		95 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.sharethrough.com/butler?type=impressionReceived&arid=3732dd8c-2b67-4ae6-8a5a-b6cd108670d3&pkey=pL3B8PdPLobRSs1fqmGAthx5&supplyId=E4rooAtA&tkey=300x250-mpu&ckey=a7935305814f8c5e2a34ba54-92203735&vkey=&umtime=1664946199713&bootTime=192.20&benchmarkBoot=39.799999952316284&butlerLatency=8.000&awid=a835a3b1-1a98-4045-bbf4-87f31b07ccdb&sourceId=a7935305814f8c5e2a34ba54&deal_id=GLJC8DEZ2M1ppdRDzKL95PzP&action=clickout&isVast=false&bwidth=300&bheight=250&ploc=https%253A%252F%252Fwww.mlive.com&renderEnv=safeframe&version=gc-811-de0ba920-eu
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-92.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:40:00 GMT
via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 16:38:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
73400
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
Pt19v0HUedMYPJKTKPbFUoF7h2LdqCfR1tHwudWJy9ujc2YVR5XqVA==
butler
b.sharethrough.com/ Frame 7FB5 		95 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.sharethrough.com/butler?type=groundControlPresent&arid=3732dd8c-2b67-4ae6-8a5a-b6cd108670d3&pkey=pL3B8PdPLobRSs1fqmGAthx5&supplyId=E4rooAtA&tkey=300x250-mpu&ckey=a7935305814f8c5e2a34ba54-92203735&vkey=&umtime=1664946199714&awid=a835a3b1-1a98-4045-bbf4-87f31b07ccdb&sourceId=a7935305814f8c5e2a34ba54&deal_id=GLJC8DEZ2M1ppdRDzKL95PzP&action=clickout&isVast=false&pwidth=300&pheight=0&pxoff=1135&pyoff=901&twidth=0&theight=0&bwidth=300&bheight=250&ploc=https%253A%252F%252Fwww.mlive.com&renderEnv=safeframe&version=gc-811-de0ba920-eu
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-92.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:40:00 GMT
via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 16:38:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
73400
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
KA5OH1m1Uav6lJdkSefSZ0Mm3q7kHve2Equq187nqQCtfoyLovCS1w==
butler
b.sharethrough.com/ Frame 7FB5 		95 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.sharethrough.com/butler?type=impression&arid=3732dd8c-2b67-4ae6-8a5a-b6cd108670d3&pkey=pL3B8PdPLobRSs1fqmGAthx5&supplyId=E4rooAtA&tkey=300x250-mpu&ckey=a7935305814f8c5e2a34ba54-92203735&vkey=&umtime=1664946199726&renderLatency=16.90&awid=a835a3b1-1a98-4045-bbf4-87f31b07ccdb&sourceId=a7935305814f8c5e2a34ba54&deal_id=GLJC8DEZ2M1ppdRDzKL95PzP&action=clickout&isVast=false&pwidth=300&pheight=250&pxoff=1135&pyoff=901&twidth=298&theight=167.625&bwidth=300&bheight=250&ploc=https%253A%252F%252Fwww.mlive.com&renderEnv=safeframe&version=gc-811-de0ba920-eu
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-92.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:40:00 GMT
via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 16:38:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
73400
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
Gr_H_ihy8Z9z4hXqnXsmtbt0oLxhbC-CZVOu-stwae9SAtTqcbSyLg==
/
b1-eudc1.zemanta.com/bidder/win/sharethrough/074910e3-446b-11ed-a526-1fd3d6ec9bba/2.98/5BITJBUANZ73NQ52DZFKEZYMLJGNXFNOXZFV4JMBRPBLZ4GM37AVNYI4JWQD2MXXVBFGU2G3NR3G5ZSUKCPUITMJSX4G5TAXB2JLOPM3BYMTBU... Frame 7FB5 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-eudc1.zemanta.com/bidder/win/sharethrough/074910e3-446b-11ed-a526-1fd3d6ec9bba/2.98/5BITJBUANZ73NQ52DZFKEZYMLJGNXFNOXZFV4JMBRPBLZ4GM37AVNYI4JWQD2MXXVBFGU2G3NR3G5ZSUKCPUITMJSX4G5TAXB2JLOPM3BYMTBUMDRC3OOUXWOE7IQEJYRR6SCTRHBUHFKNTDP4PILSKPPB3SVFNGXVB3V2WBZQKJ5VN4H7C4STICEXZMY6RG55UKJBZQ5HJV6X2K7363TZM5W577OKMUPI4VHKBGJ7LDMPPGPB6XLY4B7FC7ZLBCPOJJIW6IOAROC3GSXF5QV7V5WO6VMGQCGL6XHOYLJ67ESQFMFKYJ76BZPLIRXH25RQADHWBURBZZM5TVOUGJA5CJDIJ3INTE2IKBETWQGMRL7LBJKCKXSULQQM2TWGMCOGSRDKBEZ5XDAAISQA6JZQSQ5SKFPYM2HKTJSRAMZ6WX5GANFDPT6J5KUIQ56BARQ7NTSK3ANVJZL2MWGX35LSHQI6WT4SQY3BWNAEOATKYLZCIYFCNSMO2X243ZRZSPG2PNCWCXGKNNFGY62FNRVWQGWFLSJ3PZFOLJP4LD5YGOJAZ5K6T7LFXUQPHYENT4/?
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Oct 2022 05:03:19 GMT
Content-Length
0
/
b1t-eudc1.zemanta.com/t/imp/impression/4I7QK4HDIOEGEUNVZUWH5FX4QCQPCIBA564IQGZLCNQXNSWFVPRKSQOOPHMJWH64XWQUMHR7DR5SVGXGCKOIQVU6L5PJU6YRFAV2UZBU2R72KO24ZO33UWABETVHC73LAG6M34L6DI2AQTWSAIGG35E4LBW6EP... Frame 7FB5 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/4I7QK4HDIOEGEUNVZUWH5FX4QCQPCIBA564IQGZLCNQXNSWFVPRKSQOOPHMJWH64XWQUMHR7DR5SVGXGCKOIQVU6L5PJU6YRFAV2UZBU2R72KO24ZO33UWABETVHC73LAG6M34L6DI2AQTWSAIGG35E4LBW6EP6VOLNN7QX3AXJEOKM7Q2CKAL5P2PJ7Y7DRQIB5YGUS5KVL4D2R3SXNVMQYGECMSRNPXCBGQC7Z6SB7ALPYQL3TLY2D2SJ7FZM5IEKNXFTXQHEFIMJAT26OGXKICGTL5RTPQLLUIP5WZJS73FX5PDFRJEBUSULAYQ7UI665XJVG2BPXVS3BSN46THGTJUFFEWBXXVJEDP5JX5GONGOOP7FPXVT3JSJHRRM3FSD3ZF4NIDIM4GV5JSZKI5DJ6U/?
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:03:19 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
691
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/691?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=57d8ba92-8db0-44ab-9680-b02eee1c76e4&bctempid=&overruleReferrer=&time=2022-10-05T05%3A03%3A19%2B00%3A00&ts=1664946199820
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-75.fra56.r.cloudfront.net
Software
- /
Resource Hash
fe8eea5b01554064e9bf753e31a5de2ad92d19ad19d08e08d1d8b93603e081f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
3411
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
e3T8--AAtvLq-WhpfJZL4Puoz_1jCfg-lk9wa9c1uFF4ZYPN6fhULw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
predict
h312.mlive.com/rest/custom/frontend/listener_realtime_model/ 		2 B
897 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/rest/custom/frontend/listener_realtime_model/predict?itemId=93193c90-1299-460a-add2-602384af02fc&profileId=57d8ba92-8db0-44ab-9680-b02eee1c76e4
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/plugin/plugin/d86dce849649150ef9e9f7ef2333f2bc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-75.fra56.r.cloudfront.net
Software
- /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
2
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, no-cache="Set-Cookie"
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
FV7kKThyVfus5BGxv62VGrW6wl55C8nmgNKzO2U3RBSF1-574rhWbA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
691
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		365 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/691?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=57d8ba92-8db0-44ab-9680-b02eee1c76e4&bctempid=&overruleReferrer=&time=2022-10-05T05%3A03%3A19%2B00%3A00&ts=1664946199858
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-75.fra56.r.cloudfront.net
Software
- /
Resource Hash
b1a987ea6465f4632dd10459054e785c276ed4119bef00dab071379cf9ca9969
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
173
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
NRZfHo_BiKwAC3xwp7OGf8PJA7Nt9Wz5QWVNyQcmMT3Z3MiqIIxu_A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
691
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/691?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=57d8ba92-8db0-44ab-9680-b02eee1c76e4&bctempid=&overruleReferrer=&time=2022-10-05T05%3A03%3A19%2B00%3A00&ts=1664946199858
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-75.fra56.r.cloudfront.net
Software
- /
Resource Hash
c4ebc1661e8aa01913a6e7bc94a969638a670adc8fb2f4114a4ea7cf3a59d83a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
163
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
p7-lvxpQkwkzEt5_rTKGbJWnSY3PaJTorCLtcwDDau9Uj1twey6RwA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1557562236&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blueconic&ea=segments&_u=aDDAAEABAAQCACgFK~&jid=&gjid=&cid=1198089221.1664946198&tid=UA-16643585-16&_gid=1128824650.1664946199&gtm=2wga30TLXFLCR&cd1=undefined&cd2=1---&cd3=undefined&cd4=undefined&cd6=&cd9=263b9a43-6608-4e0b-b647-4e66800023e9&cd10=undefined&cd11=&cd13=Weekday&cd14=undefined&cd15=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=mlive&cd21=undefined&cd23=undefined&cd25=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd32=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd38=No%20Referrer&cd39=undefined&cd40=undefined&cd43=false&cd44=undefined&cd45=undefined&cd46=homepage-beta&cd47=desktop&cd48=undefined&cd50=Blueconic%20-%20event%20call&cd51=undefined&cd52=undefined&cd53=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd59=undefined&cd60=&cd62=undefined&cd64=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd86=undefined&cd87=sub-group-a&cd88=true&cd61=1198089221.1664946198&cd76=a0002%2Ca0016%2Ca0022%2Ca0037&cd77=undefined&cd78=undefined&cd79=undefined&cd80=undefined&cd85=undefined&cd89=undefined&cd96=1&cm1=undefined&cm2=undefined&cm3=undefined&cm4=undefined&z=1210509197
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 16:55:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43667
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
691
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/691?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=57d8ba92-8db0-44ab-9680-b02eee1c76e4&bctempid=&overruleReferrer=&time=2022-10-05T05%3A03%3A19%2B00%3A00&ts=1664946199866
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-75.fra56.r.cloudfront.net
Software
- /
Resource Hash
3a85872f3bc6df6bdcaa2783a800b3de04a50eaa053ae742902dc02d139dcfcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
163
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
oKeMgyKAwYabjeraGyAz8Z2k3iWiKcucmM2ELDCxQtXBjd55J0eDwA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
butler
b.sharethrough.com/ Frame 7FB5 		95 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.sharethrough.com/butler?type=winNotificationFail&arid=3732dd8c-2b67-4ae6-8a5a-b6cd108670d3&pkey=pL3B8PdPLobRSs1fqmGAthx5&supplyId=E4rooAtA&tkey=300x250-mpu&ckey=a7935305814f8c5e2a34ba54-92203735&vkey=&umtime=1664946199869&nurl=%2F%2Fb1-eudc1.zemanta.com%2Fbidder%2Fwin%2Fsharethrough%2F074910e3-446b-11ed-a526-1fd3d6ec9bba%2F2.98%2F5BITJBUANZ73NQ52DZFKEZYMLJGNXFNOXZFV4JMBRPBLZ4GM37AVNYI4JWQD2MXXVBFGU2G3NR3G5ZSUKCPUITMJSX4G5TAXB2JLOPM3BYMTBUMDRC3OOUXWOE7IQEJYRR6SCTRHBUHFKNTDP4PILSKPPB3SVFNGXVB3V2WBZQKJ5VN4H7C4STICEXZMY6RG55UKJBZQ5HJV6X2K7363TZM5W577OKMUPI4VHKBGJ7LDMPPGPB6XLY4B7FC7ZLBCPOJJIW6IOAROC3GSXF5QV7V5WO6VMGQCGL6XHOYLJ67ESQFMFKYJ76BZPLIRXH25RQADHWBURBZZM5TVOUGJA5CJDIJ3INTE2IKBETWQGMRL7LBJKCKXSULQQM2TWGMCOGSRDKBEZ5XDAAISQA6JZQSQ5SKFPYM2HKTJSRAMZ6WX5GANFDPT6J5KUIQ56BARQ7NTSK3ANVJZL2MWGX35LSHQI6WT4SQY3BWNAEOATKYLZCIYFCNSMO2X243ZRZSPG2PNCWCXGKNNFGY62FNRVWQGWFLSJ3PZFOLJP4LD5YGOJAZ5K6T7LFXUQPHYENT4%2F%3F&awid=a835a3b1-1a98-4045-bbf4-87f31b07ccdb&sourceId=a7935305814f8c5e2a34ba54&deal_id=GLJC8DEZ2M1ppdRDzKL95PzP&action=clickout&isVast=false&bwidth=300&bheight=250&ploc=https%253A%252F%252Fwww.mlive.com&renderEnv=safeframe&version=gc-811-de0ba920-eu
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-92.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:40:00 GMT
via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 16:38:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
73400
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
GIychK709iBsDKfEarFhAv-_2HtbuxMN5pYcLtpBwTbM1p_P3izeOQ==
container.html
c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2505 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 05:03:18 GMT
expires
Thu, 05 Oct 2023 05:03:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.87.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-87-135.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 05 Oct 2022 05:03:19 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		61 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.87.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-87-135.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 05 Oct 2022 05:03:19 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
691
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/691?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=57d8ba92-8db0-44ab-9680-b02eee1c76e4&bctempid=&overruleReferrer=&time=2022-10-05T05%3A03%3A19%2B00%3A00&ts=1664946199877
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-75.fra56.r.cloudfront.net
Software
- /
Resource Hash
223d5afc8626d478b7ca4c122e8eae7252e13f176422e770eb097020942dbb13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4211
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
IRLUwjuGhfwmRtO0gEjqcqcIf7AwrDPkeAsOw-bYy94VkZ8kNXO9Iw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2505 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=COSXHFxA9Y_HdGoHF3gPk9If4CMH2so9ctpfEmY8FwI23ARABIABglQKCARdjYS1wdWItMjkzNzQ5NDU2Nzk0OTI3OKABrreJlwPIAQngAgCoAwGqBI0CT9ArfDRaZJps9w__Q-ki8pNiMbOfy6wQJQVHdl34SmxKSMdnV-86U0yf21tpyHZiKvQF2wApkSyHHN1jAF9Ye0xPXN2TmrfPyalUhhafsF4Z-NPVKV03_qERIzZsyOJGt_uHIugvBNuDSmuVtCOw81oRTAlH8_eA6MMyOgBgIzNMe8wTT3CjMW9HzMSt76OXEG-rfD6bMp07Sbf5NRjnrVe9JuvHLMZdmL6IyXB0B5lKUgpGIvL4xtZ4RnU4QafJHGCiVeN5-i1wyunmCPLin-cZ-Li38SJlTfe4Dg4p2Xc_aryRkXi6kDuh8aIG8fSTagfbcLfXhhKhl7-HMWTpMfmb9crNVCPTk83qOgTgBAGABsrbm9i2rKfkD6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjkzNzQ5NDU2Nzk0OTI3OBjfkR8&sigh=GBEaCR91pUg&uach_m=[UACH]&cid=CAQSOwCsnQUxmbH_W5y1-f72oIhooCrt2JSjHwG9SF9h5dk8LSjrvHypUJXhQ4jqs9iC9FxzLXwECcX8O5DnGAEgEw&tpd=AGWhJms2hxJLNX06I0J3BU0cKFmbQ0C-z9ynlsJVaPpJbozJkEDtUcX__0pWt-eB62gOqTxqQMPq1pgz1KZz-EKQ-9y4NLQgWUWCzoYZh31UjjZNtMUF7iFUtTJUYZ0rodCqg4rLER0evz2OMugtNj_aRwd4Uix0kR-c08a_x13rW_uHeuPXcPbrPcZamZTldfOSpl3kwiRzOoddzMDPNvRKUhWsy7gtvN8wqhcKkCOXi3UAWGserWAYpZa_r0WbWWOggsmA40KMNsCiuL_F7YuNYnV3H136hVo0386q2Q3uzbcNMlVZU-xFDDv4Psn6AZmaZf7sZ8VM71NzlvjlsFiUHBbWbQrIrW_prWs7YjbngwitO5X_pRWyP605fN8o5lxzWFw7P3ZiFnJQMjIaG4w5viRDuMU
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
js
a-ams.1rx.io/rtbdeliver/ Frame 2505 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a-ams.1rx.io/rtbdeliver/js?excid=rmpssp&pickup=08a6cf5bd7d3a0d98125738c7c6e80af&zrk=b2321f13ee8e6ab28d11bf12698975f6&imp=0174fda5d99924103aa119768a50620263&bet=MTY2NDk0OTc5OTU1Ng&pv=1&prc=ZX0.9473774500237568&rtbserve=1&zclkredir=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUyxwFxA9Y_HdGoHF3gPk9If4CMH2so9ctpfEmY8FwI23ARABIABglQKCARdjYS1wdWItMjkzNzQ5NDU2Nzk0OTI3OKABrreJlwPIAQngAgCoAwGqBJACT9ArfDRaZJps9w__Q-ki8pNiMbOfy6wQJQVHdl34SmxKSMdnV-86U0yf21tpyHZiKvQF2wApkSyHHN1jAF9Ye0xPXN2TmrfPyalUhhafsF4Z-NPVKV03_qERIzZsyOJGt_uHIugvBNuDSmuVtCOw81oRTAlH8_eA6MMyOgBgIzNMe8wTT3CjMW9HzMSt76OXEG-rfD6bMp07Sbf5NRjnrVe9JuvHLMZdmL6IyXB0B5lKUgpGIvL4xtZ4RnU4QafJHGCiVeN5-i1wyunmCPLin-cZ-Li38SJlTfe4Dg4p2Xc_aryRkXi6kHmj0TCmdi-o3dzl4F7bEtMDq5eOH3xOtwiXYQFmSg_LMW4pAbOnaObgBAGABsrbm9i2rKfkD6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3JHIje2ILRAqzgGZRHxO951uxwEA%26client%3Dca-pub-2937494567949278%26adurl%3D&extra=1
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.47 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
661c7f17ac699225139cd1c6ac3e4a3bd59f9026f8c4730e050db96951791334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
content-length
1461
content-type
text/javascript
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 2505 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:54:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
522
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 04:54:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 2505 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:52:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
677
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 04:52:02 GMT
l
www.google.com/ads/measurement/ Frame 2505 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuOYFGLjfjIsuZYjul9dNv6bD4LUHn_7RCcdVyH8n1CLH5Svsnm6f_g--WnecF4SyKS1VdnZMOAhXEVyKIr9i4cSaojA
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2505 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:55:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68869
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 04 Oct 2023 09:55:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2505 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44883
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664796838458510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:03:19 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 0726 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 05 Oct 2022 05:03:19 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
js
a-ams.1rx.io/rtbdeliver/ Frame 2505 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a-ams.1rx.io/rtbdeliver/js?excid=rmpssp&pickup=08a6cf5bd7d3a0d98125738c7c6e80af&zrk=b2321f13ee8e6ab28d11bf12698975f6&imp=0174fda5d99924103aa119768a50620263&bet=MTY2NDk0OTc5OTU1Ng&pv=1&prc=ZX0.8444913896905148&zclkredir=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CUyxwFxA9Y_HdGoHF3gPk9If4CMH2so9ctpfEmY8FwI23ARABIABglQKCARdjYS1wdWItMjkzNzQ5NDU2Nzk0OTI3OKABrreJlwPIAQngAgCoAwGqBJACT9ArfDRaZJps9w__Q-ki8pNiMbOfy6wQJQVHdl34SmxKSMdnV-86U0yf21tpyHZiKvQF2wApkSyHHN1jAF9Ye0xPXN2TmrfPyalUhhafsF4Z-NPVKV03_qERIzZsyOJGt_uHIugvBNuDSmuVtCOw81oRTAlH8_eA6MMyOgBgIzNMe8wTT3CjMW9HzMSt76OXEG-rfD6bMp07Sbf5NRjnrVe9JuvHLMZdmL6IyXB0B5lKUgpGIvL4xtZ4RnU4QafJHGCiVeN5-i1wyunmCPLin-cZ-Li38SJlTfe4Dg4p2Xc_aryRkXi6kHmj0TCmdi-o3dzl4F7bEtMDq5eOH3xOtwiXYQFmSg_LMW4pAbOnaObgBAGABsrbm9i2rKfkD6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_3JHIje2ILRAqzgGZRHxO951uxwEA&client=ca-pub-2937494567949278&adurl=&pg=https%3A%2F%2Fc3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&pgao=https%3A%2F%2Fwww.mlive.com&refer=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: a-ams.1rx.io
URL: https://a-ams.1rx.io/rtbdeliver/js?excid=rmpssp&pickup=08a6cf5bd7d3a0d98125738c7c6e80af&zrk=b2321f13ee8e6ab28d11bf12698975f6&imp=0174fda5d99924103aa119768a50620263&bet=MTY2NDk0OTc5OTU1Ng&pv=1&prc=ZX0.9473774500237568&rtbserve=1&zclkredir=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUyxwFxA9Y_HdGoHF3gPk9If4CMH2so9ctpfEmY8FwI23ARABIABglQKCARdjYS1wdWItMjkzNzQ5NDU2Nzk0OTI3OKABrreJlwPIAQngAgCoAwGqBJACT9ArfDRaZJps9w__Q-ki8pNiMbOfy6wQJQVHdl34SmxKSMdnV-86U0yf21tpyHZiKvQF2wApkSyHHN1jAF9Ye0xPXN2TmrfPyalUhhafsF4Z-NPVKV03_qERIzZsyOJGt_uHIugvBNuDSmuVtCOw81oRTAlH8_eA6MMyOgBgIzNMe8wTT3CjMW9HzMSt76OXEG-rfD6bMp07Sbf5NRjnrVe9JuvHLMZdmL6IyXB0B5lKUgpGIvL4xtZ4RnU4QafJHGCiVeN5-i1wyunmCPLin-cZ-Li38SJlTfe4Dg4p2Xc_aryRkXi6kHmj0TCmdi-o3dzl4F7bEtMDq5eOH3xOtwiXYQFmSg_LMW4pAbOnaObgBAGABsrbm9i2rKfkD6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3JHIje2ILRAqzgGZRHxO951uxwEA%26client%3Dca-pub-2937494567949278%26adurl%3D&extra=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.47 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
2577ca01095edf5d97f62afc072a6d9876b7ad7c0e45b3ec549574504f3cdb8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
content-length
8692
content-type
text/javascript
widget.js
widgets.outbrain.com/n2d/widget/ Frame 2505 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/widget.js
Requested by
Host: a-ams.1rx.io
URL: https://a-ams.1rx.io/rtbdeliver/js?excid=rmpssp&pickup=08a6cf5bd7d3a0d98125738c7c6e80af&zrk=b2321f13ee8e6ab28d11bf12698975f6&imp=0174fda5d99924103aa119768a50620263&bet=MTY2NDk0OTc5OTU1Ng&pv=1&prc=ZX0.8444913896905148&zclkredir=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CUyxwFxA9Y_HdGoHF3gPk9If4CMH2so9ctpfEmY8FwI23ARABIABglQKCARdjYS1wdWItMjkzNzQ5NDU2Nzk0OTI3OKABrreJlwPIAQngAgCoAwGqBJACT9ArfDRaZJps9w__Q-ki8pNiMbOfy6wQJQVHdl34SmxKSMdnV-86U0yf21tpyHZiKvQF2wApkSyHHN1jAF9Ye0xPXN2TmrfPyalUhhafsF4Z-NPVKV03_qERIzZsyOJGt_uHIugvBNuDSmuVtCOw81oRTAlH8_eA6MMyOgBgIzNMe8wTT3CjMW9HzMSt76OXEG-rfD6bMp07Sbf5NRjnrVe9JuvHLMZdmL6IyXB0B5lKUgpGIvL4xtZ4RnU4QafJHGCiVeN5-i1wyunmCPLin-cZ-Li38SJlTfe4Dg4p2Xc_aryRkXi6kHmj0TCmdi-o3dzl4F7bEtMDq5eOH3xOtwiXYQFmSg_LMW4pAbOnaObgBAGABsrbm9i2rKfkD6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_3JHIje2ILRAqzgGZRHxO951uxwEA&client=ca-pub-2937494567949278&adurl=&pg=https%3A%2F%2Fc3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&pgao=https%3A%2F%2Fwww.mlive.com&refer=https%3A%2F%2Fwww.mlive.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
355fbc238e6109f1d2d33a6afd64fa3e355f8085e0a80f21b0f57432d20ed71d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 10:39:35 GMT
server
AkamaiNetStorage
etag
"96727b9fa165963a4c04f1d333fedac5:1664448420.447072"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
9433
expires
Wed, 05 Oct 2022 09:03:20 GMT
rtbtrkd
a-ams.1rx.io/ Frame 2505 		0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-ams.1rx.io/rtbtrkd?excid=rmpssp&pickup=08a6cf5bd7d3a0d98125738c7c6e80af&zrk=b2321f13ee8e6ab28d11bf12698975f6&imp=0174fda5d99924103aa119768a50620263&bet=MTY2NDk0OTc5OTU1Ng&pv=1&asb=0&prc=ZX0.5161299157875807&pg=https%3A%2F%2Fc3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&pgao=https%3A%2F%2Fwww.mlive.com&refer=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.47 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 05 Oct 2022 05:03:20 GMT
access-control-allow-credentials
true
container.html
c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CB48 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 05:03:18 GMT
expires
Thu, 05 Oct 2023 05:03:18 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
event
prebid-a.rubiconproject.com/ 		61 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.87.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-87-135.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 05 Oct 2022 05:03:20 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.87.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-87-135.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 05 Oct 2022 05:03:20 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092901&jk=588194251405630&bg=!YGOlYyfNAAYQgTJdMIE7ACkAdvg8WuIFw--4n-UoEN9sUkbfBVoKV7upVVuRkd_dDdbHKJC4C8vCQgIAAAB9UgAAAAJoAQcKABU7wq8nAFBRpeptfc8dCflM_V1zccCZAq190tcmJljYLOjTLiK6ftVWWAUtqr4PfYuZaAHe2Rz_ZDb2RAkiBG2bJq-w01V1AzKc7t7tMsqogGQr14agrQPs4NWPORHqrogH-9LxWufHdfEq0H7tQ9ocCSB8oNOyrzvmqqulRfDomDqf-32TopB-vnDT3Fc0YLf6ToCqw6J3-KEh_KiSFSYIc5XSQMkmGcvcFOZXD4GTT7OsOqRDqfp_Qetrrrvq3YqRqxlg6ew7WJb5O4WUNFsRiy7Eq-08hKgUAMucmOprRAblnfiK-n3dXu79EwSmYUHY4tR2aYLfPFDdolic8AsMhxBePKlv9XgJmTBp3gIqLsPTvbU-y3pRmuocM9eulr5DLFhQ2qcsCUfVqc8kCXfxhLYtODE6wMIAjBpWqqp0H_C2_q7Haw8pIs5F0HubN0XHMco-J76rjaLMP9Xb-eDvP7ou_qF5AD8IeM8cf6N6T1rloYYA3z-AqHF3m3RsioiuaNpbXTdyzHvvjAp4g__VLnXZexwHU8aiaoCXBxIuUaBuGVabdBW5-WYTH_ZiiVhZlXYC4shUWsZRgIqL2N-E3tPXduQBts3g_nKsQiFNrsfYiA3ahj2hujDfUUxZpOhcudwQaPZVUYgT3vTvN49hZ7NqyhsL9kqVM_pDBqfyUM5jH_lxZSdk8_K8bSzg7ZVfiqNVoQBRp_Ev3MAK6E9FhO-besDR4SxLDe4AECL1ATWknA1jghqabX4oUq_1o3t4r0ot3lJUB7kFCR1u3Rhk95Bvu0rxmgmzkk3_s_gGashPI4_UGK0aIqdszm-biXzjn7bB2WgdK8niqGdtspND1UrE57vMV1veFLS2vjHLfOSy9vssG-KNzUwTCZuevyyKN7LiARJ7l3gLgMdULjgQK_jXLxgfwgEZY6a4xFatzsb1_0Xf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame CB48 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-ytmFxA9Y-_JM4LF3gO_z7PQApjn_41cjLDP3vIJwI23ARABIABglQKCARdjYS1wdWItMjkzNzQ5NDU2Nzk0OTI3OKAB3-HozwLIAQngAgCoAwGqBI8CT9BDkfEyy2iWm6cg3HF84p98sdtxx8305sXqD86D1-HgKD3kezE84jNRE10CtQkFWlKy_CqoFcCJ8ab7J8qkjh7fJuZP-X7DGg7lccvR-FUgLNCUgUkrNw7EM0Y2dy_lul-jEtYtTDZ7JaWhbZ3fQtJGOZW_m4jADokU7W0Bcwn27PC8Bftp-YK9aIGbJdg7MEF53VLUQITaIKiw6eLVwdLnj5UL82D1m9DfRqWBeRq7Pb6BHp0PbENsIya3ZR9WK1vvUNun8DaLkdzV64SEJt-eBHvcjGZ8EJtgJ2C_ujO1nixwyRwYwQ6WFHnu5HTPO4Gupot5z7cea5VsPqsDU-gkcMlouNFRA9KNUxbJ7eAEAYAGsL6KnoPsv_4GoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yOTM3NDk0NTY3OTQ5Mjc4GN-RHw&sigh=t_vEvGk8_Ng&uach_m=[UACH]&cid=CAQSOwCsnQUxrwSxcqP2qCAnH3cR1nEA2YGFp2CMPsmivMLX7W5NaSlyz1u2EP6ZaqzmobUUCdm-zIMd_yxRGAEgEw
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
butler
b.sharethrough.com/ Frame CB48 		95 B
410 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b.sharethrough.com/butler?type=s2s-win&arid=89ba052f-d3d2-4423-8478-77d511c271ad
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-92.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:40:00 GMT
via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 16:38:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
73401
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
34ew8IUagpHOY3bwnVLuNeobz27po3UgUjqZJkmjgNaJIfkyI60Fqw==
sfp.js
native.sharethrough.com/assets/ Frame CB48 		266 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://native.sharethrough.com/assets/sfp.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-5.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28117001f598a085aa8367fd5f5535205540a3edd9ec694fc122310916bbf61e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:47:22 GMT
content-encoding
gzip
via
1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
last-modified
Thu, 29 Sep 2022 13:32:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
959
etag
W/"513093fcc020f7dc2157d2330abc59fb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
5gOaToVAy5gTQK7JM_m8TnkxLm-GuBohFaQhWvDc2rfDRWspZ2SHCQ==
expires
Thu, 29 Sep 2022 14:32:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame CB48 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:54:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
523
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 04:54:37 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 019B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29771
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 20:47:09 GMT
etag
48472445140208031
expires
Wed, 05 Oct 2022 20:47:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame CB48 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:52:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
678
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 04:52:02 GMT
l
www.google.com/ads/measurement/ Frame CB48 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6qwdtFmcSFF8t-s-FFh8Ve1RgNmDQmREpZd0R_gJroFhdprqVXDJrdPJj5Q_ex-XDoE6xB0pQOkQVk4D2W7O6S9JXyw
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CB48 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:55:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68870
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 04 Oct 2023 09:55:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB48 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44883
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664796838458510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 05:03:20 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 2505 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Fri, 04 Nov 2022 05:03:20 GMT
/
b1-eudc1.zemanta.com/bidder/win/rhythmone_display/076cd697-446b-11ed-8c76-cd50916cc44a/3.8066/F2OSFOSVY65ZI2TGGVRWYIYZXRVL3AUNJ6QEN3EBRPBLZ4GM37A6DRR66MMHDA3RL4UB5URVAK5JVXO6NVSMNF4RLFCPVQ7BENF65WI... Frame 2505 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-eudc1.zemanta.com/bidder/win/rhythmone_display/076cd697-446b-11ed-8c76-cd50916cc44a/3.8066/F2OSFOSVY65ZI2TGGVRWYIYZXRVL3AUNJ6QEN3EBRPBLZ4GM37A6DRR66MMHDA3RL4UB5URVAK5JVXO6NVSMNF4RLFCPVQ7BENF65WIGSFCUAL2DZTMIDHIMEIZWEUH55VGX3JXVT52CILZVUHEAFP6CP3WC54WYJALA6Q6CXD4WTB3PT4AEWORPFTE7YVFUHRF7DXMSCXCDXXPV4RQLZWW64SRYYEJ3BEQMX7PXYAMDKHZDGAPGV3UF5K724IBR4DAX3MNSQ4AL4LUFT3KM57YJMNPKZTD3H3XMEPEQEX77ZKMZY4QFDXQX4IL32DA3J2GT2WJJJN3EIJNXXHJL36UBA6AI7PIZRLHHDHASYNOZTILO7OVQZT5NP2MA2KG7H4T2VIRB34CBCUKDQ3YEKB4W7XCOBUE5UNRCWRH7PD7IH62MZSGMBGVQXSERQKE3EY5VPVZXTDTE6NU62FMFOMU22KNR5UK3DLNANMKXETW7SK4WS7YS37Q62UCIPDSYFEWK6DIENFQOU/?
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Oct 2022 05:03:20 GMT
Content-Length
0
/
b1t-eudc1.zemanta.com/t/imp/impression/4I7QK4HDIOEGEBUR62PNWUPXOOQPCIBA564IQGZJZHSJSKZYGW7FZSSCTVI437ELDWK4VSXHUGDBNPZHOMG4TMZMLDVAW3KHOPB32L5QN377K4PGLFHPRBRQXCPMYBQ45VUOKLH3GCT6PIGHHAGWSJZCHF3ZZD... Frame 2505 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/4I7QK4HDIOEGEBUR62PNWUPXOOQPCIBA564IQGZJZHSJSKZYGW7FZSSCTVI437ELDWK4VSXHUGDBNPZHOMG4TMZMLDVAW3KHOPB32L5QN377K4PGLFHPRBRQXCPMYBQ45VUOKLH3GCT6PIGHHAGWSJZCHF3ZZDEMKP4T3FNIYRYZNYWA6V4IHQD6SM7U2OMI4DVXNVSCJNO7HXFE2U4YFXV7JK37ZGJNHUSD5INM322ASRZMXMRP3COWKUAELCTVF7U63C3HGKQLBJTD6MHMC2DTTLCCZFPA4WFK5ZM34Z3TKWJY5CO5KRQUBBVFZCKTOKH72NAZNRFURTQ6U2DYOJMY7S47MXU4PIQXJEDTYHLPRJ7VPI4AFBETGVHULUA4AENYLSIYOCNOW/?
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:03:20 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
7dd59700e3cd678e722d50ba399112777e.jpg
zem.outbrainimg.com/p/srv/sha/fc/00/03/ Frame 2505 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/fc/00/03/7dd59700e3cd678e722d50ba399112777e.jpg?w=298&h=133&fit=crop&crop=center&fm=jpg
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
4d979399b9747795a0edb3140444402211836aaf09873119b9f54c0038b3b14c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
632811
x-cache
HIT, MISS, HIT
x-imgix-id
dcbfae8b02c03c7c5cb245f5cd9abeaf5bab8063
cross-origin-resource-policy
cross-origin
content-length
7606
x-served-by
cache-sjc10050-SJC, cache-hhn4067-HHN, cache-hhn4046-HHN
x-imgix-render-farm
01.592
last-modified
Tue, 27 Sep 2022 21:16:29 GMT
server
imgix
x-timer
S1664946200.174411,VS0,VE12
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 31D9 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29771
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 20:47:09 GMT
etag
48472445140208031
expires
Wed, 05 Oct 2022 20:47:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2505 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77c368a53a242e76f690d29ccf64b337027f631a26d3497425cbd1c9e75854bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame CB48 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0ca3fee0fffde0371f89154c90594ef360214129f8b3cca93e2eea290567c7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 019B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOHx-pkMsJhh81z0H1o3Vjg&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWxaYzRHU2oxT0ZXeVg1&google_gid=CAESEOHx-pkMsJhh81z0H1o3Vjg&google_cver=1&google_push=AZmPxg8AtjEbIweKmYpb-BBB3lithVTGpbP35tbRtdotiBo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWxaYzRHU2oxT0ZXeVg1&google_gid=CAESEOHx-pkMsJhh81z0H1o3Vjg&google_cver=1&google_push=AZmPxg8AtjEbIweKmYpb-BBB3lithVTGpbP35tbRtdotiBoo3Igou6mcaZWmWUZ_ebeJ7YgBQmsQKxOUa2W3R5q3zwgbbF_IX2Jc
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:19 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-09d402fd386b2a89c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aWxaYzRHU2oxT0ZXeVg1&google_gid=CAESEOHx-pkMsJhh81z0H1o3Vjg&google_cver=1&google_push=AZmPxg8AtjEbIweKmYpb-BBB3lithVTGpbP35tbRtdotiBoo3Igou6mcaZWmWUZ_ebeJ7YgBQmsQKxOUa2W3R5q3zwgbbF_IX2Jc
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 019B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGKd_Gp15hzy4P7YpOZuv6Q&google_cver=1&google_push=AZmPxg93HE5Ox__5LfltCj60EOydpnfAG8e-kIm7ZpThldI0DrzxPUD5vjaR5439kIl4pL7-lDWzsc0dvEBkrNQJX2rF1fW...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg93HE5Ox__5LfltCj60EOydpnfAG8e-kIm7ZpThldI0DrzxPUD5vjaR5439kIl4pL7-lDWzsc0dvEBkrNQJX2rF1fW95qGH&google_hm=MjM2MDY3MjAyMTAwODMyMz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg93HE5Ox__5LfltCj60EOydpnfAG8e-kIm7ZpThldI0DrzxPUD5vjaR5439kIl4pL7-lDWzsc0dvEBkrNQJX2rF1fW95qGH&google_hm=MjM2MDY3MjAyMTAwODMyMzk1Ng%3D%3D
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 05 Oct 2022 05:03:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg93HE5Ox__5LfltCj60EOydpnfAG8e-kIm7ZpThldI0DrzxPUD5vjaR5439kIl4pL7-lDWzsc0dvEBkrNQJX2rF1fW95qGH&google_hm=MjM2MDY3MjAyMTAwODMyMzk1Ng%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame 019B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHKom1X51H6FeKI85ykNDow&google_cver=1&google_push=AZmPxg94qJR6OaaJ7xxxWmzSaHmXVNCi4SkB-pkszbYSbbEv4WLGrP70qrsOiWOs5FaFi2gYex69zyv-...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHKom1X51H6FeKI85ykNDow&google_cver=1&google_push=AZmPxg94qJR6OaaJ7xxxWmzSaHmXVNCi4SkB-pkszbYSbbEv4WLGrP70qrsOiWOs5FaFi2gYex6...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc0NjczOTQ4MDk0NTcwNTkwMw&google_push=AZmPxg94qJR6OaaJ7xxxWmzSaHmXVNCi4SkB-pkszbYSbbEv4WLGrP70qrsOiWOs5FaFi2gYex69zy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc0NjczOTQ4MDk0NTcwNTkwMw&google_push=AZmPxg94qJR6OaaJ7xxxWmzSaHmXVNCi4SkB-pkszbYSbbEv4WLGrP70qrsOiWOs5FaFi2gYex69zyv-SiJURKf0nr0N38CQFdk
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc0NjczOTQ4MDk0NTcwNTkwMw&google_push=AZmPxg94qJR6OaaJ7xxxWmzSaHmXVNCi4SkB-pkszbYSbbEv4WLGrP70qrsOiWOs5FaFi2gYex69zyv-SiJURKf0nr0N38CQFdk
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 019B
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEMprPZvZcXp_HOgFFo6UzNw&google_cver=1&google_push=AZmPxg8IMgPja2n06fIZvUa9O9yg_RwrJAUf7JnQr22jhqt1OZQmjO9qCe-ikXRH7TMHAMarAxc9P1b-Q66xsZFDfSZ3YhaM_r54
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg8IMgPja2n06fIZvUa9O9yg_RwrJAUf7JnQr22jhqt1OZQmjO9qCe-ikXRH7TMHAMarAxc9P1b-Q66xsZFDfSZ3YhaM_r54&google_hm=ZzIxZTIzOWZjMWRmNTBk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg8IMgPja2n06fIZvUa9O9yg_RwrJAUf7JnQr22jhqt1OZQmjO9qCe-ikXRH7TMHAMarAxc9P1b-Q66xsZFDfSZ3YhaM_r54&google_hm=ZzIxZTIzOWZjMWRmNTBkN2VmOTg=
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:20 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg8IMgPja2n06fIZvUa9O9yg_RwrJAUf7JnQr22jhqt1OZQmjO9qCe-ikXRH7TMHAMarAxc9P1b-Q66xsZFDfSZ3YhaM_r54&google_hm=ZzIxZTIzOWZjMWRmNTBkN2VmOTg=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 019B
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESELnGkwYNkJhcGpdhTKjlgJE&google_cver=1&google_push=AZmPxg8QoIId8L-nxr7dfJIrNutRPl1JqkyJCCbCkr5wAFFGqgA0LsW98fq-wUDD4HFslzJraaqnG0AZndree5DxrSoSQ0sahKDk
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA3OTQ3Nzk5ODIxNDk3MjAwMFYxMA%3d%3d&mn_hm=MzA3OTQ3Nzk5ODIxNDk3MjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8QoIId8L-nxr7dfJIrNutRPl1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA3OTQ3Nzk5ODIxNDk3MjAwMFYxMA%3d%3d&mn_hm=MzA3OTQ3Nzk5ODIxNDk3MjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8QoIId8L-nxr7dfJIrNutRPl1JqkyJCCbCkr5wAFFGqgA0LsW98fq-wUDD4HFslzJraaqnG0AZndree5DxrSoSQ0sahKDk&gdpr=&gdpr_consent=
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:20 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA3OTQ3Nzk5ODIxNDk3MjAwMFYxMA%3d%3d&mn_hm=MzA3OTQ3Nzk5ODIxNDk3MjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg8QoIId8L-nxr7dfJIrNutRPl1JqkyJCCbCkr5wAFFGqgA0LsW98fq-wUDD4HFslzJraaqnG0AZndree5DxrSoSQ0sahKDk&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Wed, 05 Oct 2022 05:03:20 GMT
v1
match.sharethrough.com/E4rooAtA/ Frame 019B 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEBuFwCuFyqi9CmlcJZjfWMk&google_cver=1&google_push=AZmPxg8wTTOomEuS_nQF21z9TYKMA_j5nGW5UqGGjha7TNgrorTvOpJIBT6OwRoS7b92pSr2lVxtfeu3S7G2ykucdMU2O7a5sCmE4w
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.233.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-233-51.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
/
onetag-sys.com/match/ Frame 019B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF_AAGxw__9aEBrm4YRkZwk&google_cver=1&google_push=AZmPxg8LrfzJeR7IchCn0HnDnntfr0f9ahe2HQLIOMr4qxvIFi-7R_ImvO4otncUH8E3IR_Bqvkjbhosrie...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8LrfzJeR7IchCn0HnDnntfr0f9ahe2HQLIOMr4qxvIFi-7R_ImvO4otncUH8E3IR_Bqvkjbhosriehrf6OJSxTrN3-JlrPdg
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 019B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I0t-1cdcrlCP7-yp3HLEaTNSqtxCAGkWnumgXVNyqG07TO8rbG8jwGsg1YHDT59GKo8EGEPzM
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
70a0164e323b7b25a914d9a83a023e02f7.jpg
zem.outbrainimg.com/p/srv/sha/00/c5/8f/ Frame CB48 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/00/c5/8f/70a0164e323b7b25a914d9a83a023e02f7.jpg?w=48&h=48&fit=crop&crop=center&fm=jpg
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
e08a419f52c7a17c04b370b17e935f497e2bc297f470a8217ec2eb98a88cb61c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
3019804
x-cache
HIT, MISS, HIT
x-imgix-id
66fc99acbc0f9c84ff3622ed4b5494d1f2aa1ce4
cross-origin-resource-policy
cross-origin
content-length
4919
x-served-by
cache-sjc10025-SJC, cache-hhn4038-HHN, cache-hhn4046-HHN
x-imgix-render-farm
01.1
last-modified
Wed, 31 Aug 2022 06:13:16 GMT
server
imgix
x-timer
S1664946200.246466,VS0,VE0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
12
7dd59700e3cd678e722d50ba399112777e.jpg
zem.outbrainimg.com/p/srv/sha/fc/00/03/ Frame CB48 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/fc/00/03/7dd59700e3cd678e722d50ba399112777e.jpg?w=300&h=250&fit=crop&crop=center&fm=jpg
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
39aef0db130e9ff36d4ea8eeea2fdbcb5d7f9d5ac6eb9937c5230adf97b755cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
1114860
x-cache
HIT, MISS, HIT
x-imgix-id
47690b4fd98b08e5955c8b40c25d70c68fca155c
cross-origin-resource-policy
cross-origin
content-length
12448
x-served-by
cache-sjc10059-SJC, cache-hhn4040-HHN, cache-hhn4046-HHN
x-imgix-render-farm
01.592
last-modified
Thu, 22 Sep 2022 07:22:19 GMT
server
imgix
x-timer
S1664946200.247944,VS0,VE0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
2
adchoice.png
sdk.sharethrough.com/ Frame CB48 		593 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sdk.sharethrough.com/adchoice.png
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-110.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed5ad0eec04e553eba9d52dd0ebc0dae503878399641b8ba9ef9b7e3d8efe69d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 04:32:44 GMT
via
1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
last-modified
Thu, 29 Sep 2022 13:32:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
1837
etag
"df4be15f5ec2528ff22bef4b5e166ded"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
593
x-amz-cf-id
1ulPAlzTUgdTwsztz0cFq9A4u5rtkwOfEIcwKsm-Jp7FDH6404e1zQ==
expires
Thu, 29 Sep 2022 14:32:22 GMT
butler
b.sharethrough.com/ Frame CB48 		95 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.sharethrough.com/butler?type=impressionReceived&arid=89ba052f-d3d2-4423-8478-77d511c271ad&pkey=pL3B8PdPLobRSs1fqmGAthx5&supplyId=E4rooAtA&tkey=300x250-mpu&ckey=a7935305814f8c5e2a34ba54-92203735&vkey=&umtime=1664946200235&bootTime=122.10&benchmarkBoot=24.09999990463257&butlerLatency=3.600&awid=5184fafb-9273-4118-a64c-ad149bf86f1f&sourceId=a7935305814f8c5e2a34ba54&deal_id=GLJC8DEZ2M1ppdRDzKL95PzP&action=clickout&isVast=false&bwidth=300&bheight=250&ploc=https%253A%252F%252Fwww.mlive.com&renderEnv=safeframe&version=gc-811-de0ba920-eu
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-92.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:40:00 GMT
via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 16:38:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
73401
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
dIY9KNKpHCKJHn21riqdHK76bcrsC_mlRgG8FZDOhyEoaSQqawzQUQ==
butler
b.sharethrough.com/ Frame CB48 		95 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.sharethrough.com/butler?type=groundControlPresent&arid=89ba052f-d3d2-4423-8478-77d511c271ad&pkey=pL3B8PdPLobRSs1fqmGAthx5&supplyId=E4rooAtA&tkey=300x250-mpu&ckey=a7935305814f8c5e2a34ba54-92203735&vkey=&umtime=1664946200236&awid=5184fafb-9273-4118-a64c-ad149bf86f1f&sourceId=a7935305814f8c5e2a34ba54&deal_id=GLJC8DEZ2M1ppdRDzKL95PzP&action=clickout&isVast=false&pwidth=300&pheight=0&pxoff=165&pyoff=887&twidth=0&theight=0&bwidth=300&bheight=250&ploc=https%253A%252F%252Fwww.mlive.com&renderEnv=safeframe&version=gc-811-de0ba920-eu
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-92.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:40:00 GMT
via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 16:38:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
73401
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
6d5LRaNP7c80U-Rys7MS7PoSSex-rKk-I2YJoDSA0XjI_0oPxq2R_g==
butler
b.sharethrough.com/ Frame CB48 		95 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.sharethrough.com/butler?type=impression&arid=89ba052f-d3d2-4423-8478-77d511c271ad&pkey=pL3B8PdPLobRSs1fqmGAthx5&supplyId=E4rooAtA&tkey=300x250-mpu&ckey=a7935305814f8c5e2a34ba54-92203735&vkey=&umtime=1664946200239&renderLatency=4.800&awid=5184fafb-9273-4118-a64c-ad149bf86f1f&sourceId=a7935305814f8c5e2a34ba54&deal_id=GLJC8DEZ2M1ppdRDzKL95PzP&action=clickout&isVast=false&pwidth=300&pheight=250&pxoff=165&pyoff=887&twidth=298&theight=167.625&bwidth=300&bheight=250&ploc=https%253A%252F%252Fwww.mlive.com&renderEnv=safeframe&version=gc-811-de0ba920-eu
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-92.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:40:00 GMT
via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 16:38:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
73401
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
eRGUH7mDXxXwtuSc-66ltOsnWxgQojqrlV_TxuqS_hzJmRJAw-NeoQ==
/
b1-eudc1.zemanta.com/bidder/win/sharethrough/07ae75a2-446b-11ed-8dc6-86ac3234b8df/3/WXISUSRFYHZTIKDBDAYPHFKH2XCIZ4EL2GZ5Y6EBRPBLZ4GM37AQKE4WI3ZQX5DHWKOQQCDXBMQXXO4VJMPFG4VAOP4G5TAXB2JLOPM3BYMTBUMDR... Frame CB48 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-eudc1.zemanta.com/bidder/win/sharethrough/07ae75a2-446b-11ed-8dc6-86ac3234b8df/3/WXISUSRFYHZTIKDBDAYPHFKH2XCIZ4EL2GZ5Y6EBRPBLZ4GM37AQKE4WI3ZQX5DHWKOQQCDXBMQXXO4VJMPFG4VAOP4G5TAXB2JLOPM3BYMTBUMDRC3OOUXWOE7IQEJY53FUD5KBPPL6YN5CQWUBC4PSYXWC54WYJALA6Q6CXD4WTB3PT4AGBSDE2IFG4POF2FSUUMBAK5JD6AHNQDGXE7DDPO6IEZR26LC6BHJN3YQEMJCFCUHHCKLTHO7MWM3CT6EU4FSRQ6MQ6BF2MVDETJMEBXXHDL57OQCS2BVR6PUUH7DCOILKBUEYNM5PL7CMVL74EH45NHEEG4COAMC6MW246ETIGP2EULVJ7KA25ZIOZNCLJXUN3CNMVP7FB7LCT4W6ELE7SWG7AROJ4VM55EM4SDNPGPWURN2V2HH3TWEF4AMG2TOCIQMIP6DPGUIQGXH4OFP5XBUXJ3BQ6XAVQNO2B2IDVP73UFMIGAS5PYKYVO74ABZWG665T3MNXNYMQW76ENF4AMV6XF7HQSOT7WGOWFAA6A44VI2VBDCTE4LAT3LFX5FQ/?
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 05 Oct 2022 05:03:20 GMT
Content-Length
0
/
b1t-eudc1.zemanta.com/t/imp/impression/4I7QK4HDIOEGEOYIGK5RUIFRG6QPCIBA564IQG2W3NNMRJ4UCFOLPRLGCYEQOVGRWU5QD6BUW2Q3NCS4CZJHT3HUWXGJ7E6M2CD3SV32EEXY2AJFEVXO35QGD3L7TW4W7G7FUWLQ4JMLATWSAIGG35E4LBW6EP... Frame CB48 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/4I7QK4HDIOEGEOYIGK5RUIFRG6QPCIBA564IQG2W3NNMRJ4UCFOLPRLGCYEQOVGRWU5QD6BUW2Q3NCS4CZJHT3HUWXGJ7E6M2CD3SV32EEXY2AJFEVXO35QGD3L7TW4W7G7FUWLQ4JMLATWSAIGG35E4LBW6EP6VOLNN7QX3AXJEOKM7Q2CKAL5P2PJ7Y7DRQIB5YGUS5KVL4D2R3SXNVMQYGECMSRNPXCBGQC7Z6SB7ALPYQL3TLY2D2SJ7FZM5UFMBE77BPBORYRLHBKG5G3G6GROTA2JX5M7FUSIXCITH3OVOJ5QMIGMAV7HHBN456HTJT5K4NQKGNQWWIMAIPTOQHON3FVOS3KEDOVYWCMIOPR6WCDI4JQJVHZRKFRKUMBCQTXABWKI7K/?
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:03:20 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame 31D9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGKd_Gp15hzy4P7YpOZuv6Q&google_cver=1&google_push=AZmPxg-FeGr8TLGhVu6pDGVZjCVZQTwFU6hFbIn7ECEVJ7EXxSLwY9kEjSdq1UWdvccv2OTWvHZ5i0vXb3fggzA1l9ePM-1...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-FeGr8TLGhVu6pDGVZjCVZQTwFU6hFbIn7ECEVJ7EXxSLwY9kEjSdq1UWdvccv2OTWvHZ5i0vXb3fggzA1l9ePM-1s1wjb&google_hm=MjM2MDY3MjAyMTAwODMyMz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-FeGr8TLGhVu6pDGVZjCVZQTwFU6hFbIn7ECEVJ7EXxSLwY9kEjSdq1UWdvccv2OTWvHZ5i0vXb3fggzA1l9ePM-1s1wjb&google_hm=MjM2MDY3MjAyMTAwODMyMzk1Ng%3D%3D
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 05 Oct 2022 05:03:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-FeGr8TLGhVu6pDGVZjCVZQTwFU6hFbIn7ECEVJ7EXxSLwY9kEjSdq1UWdvccv2OTWvHZ5i0vXb3fggzA1l9ePM-1s1wjb&google_hm=MjM2MDY3MjAyMTAwODMyMzk1Ng%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame 31D9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHKom1X51H6FeKI85ykNDow&google_cver=1&google_push=AZmPxg8BzO8M6bQULmxMYPPTB0vtYkAudoxWQfchYRz1dvjUqaohFrxhg7V6e38uzmxbzZR-cbBMGh8T...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHKom1X51H6FeKI85ykNDow&google_cver=1&google_push=AZmPxg8BzO8M6bQULmxMYPPTB0vtYkAudoxWQfchYRz1dvjUqaohFrxhg7V6e38uzmxbzZR-cbB...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDUxMDAxNzk3ODEzMjkyNDU4MA&google_push=AZmPxg8BzO8M6bQULmxMYPPTB0vtYkAudoxWQfchYRz1dvjUqaohFrxhg7V6e38uzmxbzZR-cbBMGh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDUxMDAxNzk3ODEzMjkyNDU4MA&google_push=AZmPxg8BzO8M6bQULmxMYPPTB0vtYkAudoxWQfchYRz1dvjUqaohFrxhg7V6e38uzmxbzZR-cbBMGh8Tal4_ID1rbZAqPQoNFcI
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDUxMDAxNzk3ODEzMjkyNDU4MA&google_push=AZmPxg8BzO8M6bQULmxMYPPTB0vtYkAudoxWQfchYRz1dvjUqaohFrxhg7V6e38uzmxbzZR-cbBMGh8Tal4_ID1rbZAqPQoNFcI
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 31D9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_push=AZ...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_hm=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB&google_nid=index&google_push=AZmPxg--7LPJ4qOBXP5npr0L9TQUjwraEZy8e...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_hm=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB&google_nid=index&google_push=AZmPxg--7LPJ4qOBXP5npr0L9TQUjwraEZy8eGeq4FOh4S_lrCXwmWfcerMHah4ZadATyNa_XgYUUfvFfbFBsC8lAgbDYOYFQNX7
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ai0N55Ew7HUuDI6El1gzUQ9yVlKpE9SVtsCKcqyeopUff4xTy9iK9DF6Zkk2M4iMGHU7BkcGl4MblIuWNEueeqIFBzWKGGeZI5%2BssX9FZbOfRQRsZKtT94pDf6i3JMzxfKp0sSNoucXZkw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_hm=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB&google_nid=index&google_push=AZmPxg--7LPJ4qOBXP5npr0L9TQUjwraEZy8eGeq4FOh4S_lrCXwmWfcerMHah4ZadATyNa_XgYUUfvFfbFBsC8lAgbDYOYFQNX7
cache-control
no-cache
cf-ray
75539c386cc8bb53-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 31D9
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGbUHGOBBQ11h2z8S1uZeN8&google_cver=1&google_push=AZmPxg-bSbk8I26cMPJHuuvy265UcbeFduYLxDSk-7hgMUKAOqXWBfbF3dpZQHxG1jssjhIY7Y3Zgk8kyc4uQaYW...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-bSbk8I26cMPJHuuvy265UcbeFduYLxDSk-7hgMUKAOqXWBfbF3dpZQHxG1jssjhIY7Y3Zgk8kyc4uQaYWOEgwdbBAZHnv
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-bSbk8I26cMPJHuuvy265UcbeFduYLxDSk-7hgMUKAOqXWBfbF3dpZQHxG1jssjhIY7Y3Zgk8kyc4uQaYWOEgwdbBAZHnv
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 05 Oct 2022 05:03:20 GMT
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-bSbk8I26cMPJHuuvy265UcbeFduYLxDSk-7hgMUKAOqXWBfbF3dpZQHxG1jssjhIY7Y3Zgk8kyc4uQaYWOEgwdbBAZHnv
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
GkVHoJjKKe4ApUrgD4yQOiZJ1OO8hav6tCOHbozly2VJjmWd28lMUQ==
pixel
cm.g.doubleclick.net/ Frame 31D9
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPbUZU6Q3wVNSE1Griuazsk&google_cver=1&google_push=AZmPxg-M1HXWwoOfm0H7VQcYM92fnc2aLLwdxzTKMPExs6zVHI8jmWt9duAJEPq4Xmpaa8wz2w9JXbYxh58f7_dVZADufeFz94hE
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODA2NzczMjg4ODUwMDk5NjIzNzUy&google_push=AZmPxg-M1HXWwoOfm0H7VQcYM92fnc2aLLwdxzTKMPExs6zVHI8jmWt9duAJEPq4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODA2NzczMjg4ODUwMDk5NjIzNzUy&google_push=AZmPxg-M1HXWwoOfm0H7VQcYM92fnc2aLLwdxzTKMPExs6zVHI8jmWt9duAJEPq4Xmpaa8wz2w9JXbYxh58f7_dVZADufeFz94hE
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODA2NzczMjg4ODUwMDk5NjIzNzUy&google_push=AZmPxg-M1HXWwoOfm0H7VQcYM92fnc2aLLwdxzTKMPExs6zVHI8jmWt9duAJEPq4Xmpaa8wz2w9JXbYxh58f7_dVZADufeFz94hE
date
Wed, 05 Oct 2022 05:03:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame 31D9 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAOQ05xQHvogC0TxMuJTk-k&google_cver=1&google_push=AZmPxg893X1sXgl4PJ_Q5En4kkTXLyrZOYKw8btp2Y1JwTqe6qNdbtbNkzwrCEwBKjoR5sGmpd_2vADUsA_DHhu-0wcOwda7w_TB
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:19 GMT
content-length
0
/
onetag-sys.com/match/ Frame 31D9
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF_AAGxw__9aEBrm4YRkZwk&google_cver=1&google_push=AZmPxg-dldSGo1LhxZVrEhwM_YqcnOGobnwl0jTxHxTe_fbwIfeClIUD0CeBPZr77RPV8DJJmFrRY0z9iyG...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-dldSGo1LhxZVrEhwM_YqcnOGobnwl0jTxHxTe_fbwIfeClIUD0CeBPZr77RPV8DJJmFrRY0z9iyG0C6m0t4BQUdDOZO-WHg
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 31D9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LMhnG-DOo8mEDZFIJuMo2NKcfdRUnfmnCBjhmPtvkJZBBy8Yz6vMdhA2Nka66tkhL_dnzd-w
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
691
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/691?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=57d8ba92-8db0-44ab-9680-b02eee1c76e4&bctempid=&overruleReferrer=&time=2022-10-05T05%3A03%3A20%2B00%3A00&ts=1664946200257
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-75.fra56.r.cloudfront.net
Software
- /
Resource Hash
e280d83e0a8745035f567d7cf9bdd5d6a6ff2cab11ac57ff5bd2f2c7572ef9e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4207
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
bOp11HaAYl3PbCogocFQEnrBHy0Fk0_GGNxbP9xoYFvB-gwgcDVysw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
butler
b.sharethrough.com/ Frame CB48 		95 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.sharethrough.com/butler?type=winNotificationFail&arid=89ba052f-d3d2-4423-8478-77d511c271ad&pkey=pL3B8PdPLobRSs1fqmGAthx5&supplyId=E4rooAtA&tkey=300x250-mpu&ckey=a7935305814f8c5e2a34ba54-92203735&vkey=&umtime=1664946200267&nurl=%2F%2Fb1-eudc1.zemanta.com%2Fbidder%2Fwin%2Fsharethrough%2F07ae75a2-446b-11ed-8dc6-86ac3234b8df%2F3%2FWXISUSRFYHZTIKDBDAYPHFKH2XCIZ4EL2GZ5Y6EBRPBLZ4GM37AQKE4WI3ZQX5DHWKOQQCDXBMQXXO4VJMPFG4VAOP4G5TAXB2JLOPM3BYMTBUMDRC3OOUXWOE7IQEJY53FUD5KBPPL6YN5CQWUBC4PSYXWC54WYJALA6Q6CXD4WTB3PT4AGBSDE2IFG4POF2FSUUMBAK5JD6AHNQDGXE7DDPO6IEZR26LC6BHJN3YQEMJCFCUHHCKLTHO7MWM3CT6EU4FSRQ6MQ6BF2MVDETJMEBXXHDL57OQCS2BVR6PUUH7DCOILKBUEYNM5PL7CMVL74EH45NHEEG4COAMC6MW246ETIGP2EULVJ7KA25ZIOZNCLJXUN3CNMVP7FB7LCT4W6ELE7SWG7AROJ4VM55EM4SDNPGPWURN2V2HH3TWEF4AMG2TOCIQMIP6DPGUIQGXH4OFP5XBUXJ3BQ6XAVQNO2B2IDVP73UFMIGAS5PYKYVO74ABZWG665T3MNXNYMQW76ENF4AMV6XF7HQSOT7WGOWFAA6A44VI2VBDCTE4LAT3LFX5FQ%2F%3F&awid=5184fafb-9273-4118-a64c-ad149bf86f1f&sourceId=a7935305814f8c5e2a34ba54&deal_id=GLJC8DEZ2M1ppdRDzKL95PzP&action=clickout&isVast=false&bwidth=300&bheight=250&ploc=https%253A%252F%252Fwww.mlive.com&renderEnv=safeframe&version=gc-811-de0ba920-eu
Requested by
Host: c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-92.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:40:00 GMT
via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 16:38:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
73401
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
G4ha4dTyA3vRD2STqLtkrrFiioerbq3yudfN969o4dOvKepc-LFuPw==
execute
c2.piano.io/xbuilder/experience/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b442aa857face90065f92fd0a7b7e0e3d3d2267cbcc29f60441f408aaa01df7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
y5mq0p4qxq
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
75539c382d3291e1-FRA
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		585 B
776 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fa681d88021e20d2ff3da3a13af144ad13cabecaf3ab7a43003554bfd8d1329
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Mkpk9jrmwZh
pragma
no-cache
wn
prod-dash-10-0-140-20
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.002
cache-control
no-cache, no-store, must-revalidate
cf-ray
75539c397e9a9b51-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame A22B 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b6133884e4c1b3ed333519344a7638eb8ef596fb5d1eb1f084db3b2aa1f4940
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
75539c397b53bb47-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Wed, 05 Oct 2022 05:03:20 GMT
expires
Wed, 05 Oct 2022 05:18:20 GMT
last-modified
Wed, 05 Oct 2022 05:03:20 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.007
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-130-158
x-forwarded-https
on
x-request-id
Mkpk9jrOnaO
x-xss-protection
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metered=1%7C7&metername=Support%20Meter&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=f453f026-60c5-409c-a84a-ae559eab34a5&pid=50fcbba8-709f-470e-8bbb-88e93cd2211a&dtm=1664946200525&qnm=_matherq&visible=1&tabid=810d7aaf-ff6b-4e6a-8d94-fd0ef8eb65fc&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x11820&tofa=1664946198&vid=1&lvidt=1664946198&duid=865d874800ff589e&fp=2509661442&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoidGVtcGxhdGUiLCJkYXRhIjp7IjAiOnsidGVtcGxhdGVJZCI6Ik9UQzE3WDMyQkpDSSIsImRpc3BsYXlNb2RlIjoiaW5saW5lIiwiZXhwZXJpZW5jZUFjdGlvbklkIjoic2hvd1RlbXBsYXRlMU9EU0xBR1pYN1dYNzEiLCJleHBlcmllbmNlSWQiOiJFWEtFVTdZWDNaQUwiLCJvZmZlcklkIjoiZmFrZU9mZmVySWQiLCJzaG93Q2xvc2VCdXR0b24iOiIwIn19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTE5ODA4OTIyMSIsInJlZlRpbWUiOiIxNjY0OTQ2MjAwNTI0In1dfQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.38.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-38-131.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Wed, 05 Oct 2022 05:03:20 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sid
mug.criteo.com/ Frame 82BB
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=mlive.com&sn=ChromeSyncframe&so=0&topUrl=www.mlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=ZFdZmHxQRjRMV2phUGE0bWFPRDQyaXlxNXU4NjZiVzNWbkg5eVJwazRFZnMwMjAzVXVJT3RJRVJoTUtteGxJRGZ1eWJlSW9hZkZZTGloRXVqdmZFQm5pNHRYRnlpdTR6Q3YwVjBjTHNESUQvSXdtR1lzYnE1UkRnQ0pxYV...
431 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ZFdZmHxQRjRMV2phUGE0bWFPRDQyaXlxNXU4NjZiVzNWbkg5eVJwazRFZnMwMjAzVXVJT3RJRVJoTUtteGxJRGZ1eWJlSW9hZkZZTGloRXVqdmZFQm5pNHRYRnlpdTR6Q3YwVjBjTHNESUQvSXdtR1lzYnE1UkRnQ0pxYVBMZTlFbGZZQi9CTytvRFJ3aXJMWjVjMVBhbDQyR0J3OTFkZFJSODgwVncrS0IyRjNqTkNEVSs2T1JROVdGcEJhMWt4RXZvaTlhYmt0UnNHSVhGMytrc1UxRDFJVnBibHZwNmlkTE5tRHdTeDR2L2kxMmIrQUtMTjVlRHlDN1J6bEFVaTRvNC9RR0FDRmFsVjJJQ1ZPNWdoNmtHNmlYdz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dfd0c29447e3a45150de79a2016728d67e9a427ed5810755c2e5e2f93e1f90f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:20 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2367036
expires
0

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=ZFdZmHxQRjRMV2phUGE0bWFPRDQyaXlxNXU4NjZiVzNWbkg5eVJwazRFZnMwMjAzVXVJT3RJRVJoTUtteGxJRGZ1eWJlSW9hZkZZTGloRXVqdmZFQm5pNHRYRnlpdTR6Q3YwVjBjTHNESUQvSXdtR1lzYnE1UkRnQ0pxYVBMZTlFbGZZQi9CTytvRFJ3aXJMWjVjMVBhbDQyR0J3OTFkZFJSODgwVncrS0IyRjNqTkNEVSs2T1JROVdGcEJhMWt4RXZvaTlhYmt0UnNHSVhGMytrc1UxRDFJVnBibHZwNmlkTE5tRHdTeDR2L2kxMmIrQUtMTjVlRHlDN1J6bEFVaTRvNC9RR0FDRmFsVjJJQ1ZPNWdoNmtHNmlYdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
325813
content-length
0
expires
0
/
b1t-eudc1.zemanta.com/t/imp/view/4I7QK4HDIOEGEBUR62PNWUPXOOQPCIBA564IQGZJZHSJSKZYGW7FZSSCTVI437ELDWK4VSXHUGDBNPZHOMG4TMZMLDVAW3KHOPB32L5QN377K4PGLFHPRBRQXCPMYBQ45VUOKLH3GCT6PIGHHAGWSJZCHF3ZZDEMKP4T... Frame 2505 		0
0
/
b1t-eudc1.zemanta.com/t/imp/view/4I7QK4HDIOEGEBUR62PNWUPXOOQPCIBA564IQGZJZHSJSKZYGW7FZSSCTVI437ELDWK4VSXHUGDBNPZHOMG4TMZMLDVAW3KHOPB32L5QN377K4PGLFHPRBRQXCPMYBQ45VUOKLH3GCT6PIGHHAGWSJZCHF3ZZDEMKP4T... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://b1t-eudc1.zemanta.com/t/imp/view/4I7QK4HDIOEGEBUR62PNWUPXOOQPCIBA564IQGZJZHSJSKZYGW7FZSSCTVI437ELDWK4VSXHUGDBNPZHOMG4TMZMLDVAW3KHOPB32L5QN377K4PGLFHPRBRQXCPMYBQ45VUOKLH3GCT6PIGHHAGWSJZCHF3ZZDEMKP4T3FNIYRYZNYWA6V4IHQD6SM7U2OMI4DVXNVSCJNO7HXFE2U4YFXV7JK37ZGJNHUSD5INM322ASRZMXMRP3COWKUAELCTVF7U63C3HGKQLBJTD6MHMC2DTTLCCZFPA4WFK5ZM34Z3TKWJY5CO5KRQUBBVFZCKTOKH72NAZNRFURTQ6U2DYOJMY7S47MXU4PIQXJEDTYHLPRJ7VPI4AFBETGVHULUA4AENYLSIYOCNOW/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Allow
GET, HEAD, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Wed, 05 Oct 2022 05:03:20 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame A22B 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
7158
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 03 Oct 2022 01:55:48 GMT
wn
prod-dash-10-0-92-145
server
cloudflare
etag
W/"27358-1664762148000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
75539c3a9c88bb47-FRA
expires
Wed, 05 Oct 2022 07:03:20 GMT
piano-frame.css
static.advance.net/static/common/css/ Frame A22B 		126 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.advance.net/static/common/css/piano-frame.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5ad9cbf3c077e9651509c488f680cd8a2c867e495a81756864eda01aa00e4fce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 05 Oct 2022 05:03:20 GMT
x-shield-cache-expires
10
x-amz-request-id
XF8P29J9HTHDR8S4
age
573
x-cache
HIT, HIT
content-length
20438
x-served-by
cache-iad-kjyo7100159-IAD, cache-hhn4061-HHN
last-modified
Tue, 27 Sep 2022 15:07:34 GMT
x-timer
S1664946201.798137,VS0,VE1
etag
"7ce8a6bf164937e1084a4a583ec0bb9a"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame A22B 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2891873
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOZlvPX8bJ0EaAHlvltTsZSallQAS%2FjUX8ZtpEGH9%2BWvIUqBHTxbRa%2FGJw9GGFNbC%2BrInFuwchNLI06dhOdt4%2B%2FfeB3S3smWailK8SAQiXo0U74Ffyz6D%2BVBoBPFG2Dkk7%2BEisTBn0AnK%2Bj9Fwk%2BwIzO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75539c3add91bbbb-FRA
expires
Mon, 25 Sep 2023 05:03:20 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame A22B 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8974815
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pS9XDndOD2rVENnW3qh3WimC4KySun9bAclfyN%2BCZHaTp7VUZa9PO9gwg8MujWa1aegS8sbH0fXszoZGF%2FFcYiljlX%2BwYLRGJJ7jakItd9un07biue2HFGl2rWPuiUjrdULBfY2TIZu4U1N5jFOm7Sgw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75539c3add95bbbb-FRA
expires
Mon, 25 Sep 2023 05:03:20 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame A22B 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1331757
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aire56USWdcgSVGdeezUuFkMRs%2BC1%2Bfzc0ND8fKLp1TcTrZQSRFN4SGR%2BUD0iFMvO8YSO1PJDiCs5yXAEgZW5r2SeRyZAdHfFHw8XiJx4RqBUUAdisbb6SSXjOYgeOSnS3S8C5q8%2Fbgc0tNNEJUh%2BqYH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75539c3add96bbbb-FRA
expires
Mon, 25 Sep 2023 05:03:20 GMT
angular-animate.min.js
ajax.googleapis.com/ajax/libs/angularjs/1.2.22/ Frame A22B 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/angularjs/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 17:31:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127924
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4430
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 17:31:16 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame A22B 		825 B
780 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1335328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIUI4U21%2BJ3Xk%2FNDM%2FW9HoRB%2FJoUhMR1EyXLMKZuSeh%2BXlHYbpCdeTh4%2BWWJF9fyws4s7qaIhTVhTvngGiQEkOz9rcQOsF2GfQt%2BtHoWgGEP7yTupqSmwjcP9soYpaYs8pRxYTUEbEHD1rWXwpXViMrg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75539c3afdcfbbbb-FRA
expires
Mon, 25 Sep 2023 05:03:20 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame A22B 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8972879
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOn%2Bn%2FzoLgE9FK%2BU5Xkd%2FSf%2F2qycmN%2FXyJIDtG0PVZKgeippUj6TyH8ymxtFq1WryGAiMJXVsf7IA7YqMVsFjozvztPLQYVVL0C%2F328BIrxUtL%2Bxo5sUZYFYWptbbCm7C3A2%2BO8iQhVFkiRna3smSDqb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75539c3add9cbbbb-FRA
expires
Mon, 25 Sep 2023 05:03:20 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame A22B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5391379
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iYgufznuulcy9MC0USkdtBfGYhaDq%2BFGmhC%2F3RaBqY19Mvv%2BXuKh05j3twJwNxEvl0vwUEwlNZyqrpPkCuAXgK%2B10Q%2BIdlInZWjZqFBEnu8u7n9H%2FK8eRl3C5FJofmcga4blkgU6iXgMXBHPKiWkaDG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75539c3add9dbbbb-FRA
expires
Mon, 25 Sep 2023 05:03:20 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame A22B 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3657986
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLTCQmbkitriFoVCm0%2Bf9Wk2XpM4S%2BQi96GFyrDCTkiAqCQVX3bemv%2FEd2%2FQ0FXm%2Fh%2FH34Z0lJi58RGqhvWnJesbZ7eB4%2FBQ67Z4%2Fz5yPFQSnA9Z7cqhsrop6LAZBw26y0s6oQ%2Bj545KwlGldseQiqH5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75539c3add97bbbb-FRA
expires
Mon, 25 Sep 2023 05:03:20 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame A22B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2251656
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFxc6kO9kJztkfwXtDKbUhoVOnrR0MUSq%2BsrITHbL0%2FLU3vFI%2BxUwXteWVQ9C3WWg015FYc31clBaVGOqsnRwZz%2B%2FwTQpaoVj2Sw4mniYltZEAIwhRTGdnCUbpbfSHzK5Jp6jUlSxLbeTJwhKNT8t8%2FZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75539c3add9bbbbb-FRA
expires
Mon, 25 Sep 2023 05:03:20 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame A22B 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6602987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yWcr8%2FecCzWtutlmpESdSlHfEDTFTlBsIZMtC0RxVyw0GPZoIoEIx%2FcWvuLg7r24Z5xxLkmypbUoC9gbts4SZdzlCc23HqkvmCK%2BLZeWMXCJNe0stwmN6GaiLwtf%2BeIqo2hPi3m%2BWtmbLSyUhJ4IFJ4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75539c3add98bbbb-FRA
expires
Mon, 25 Sep 2023 05:03:20 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame A22B 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.14.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd8b319c86a058a75705b7dabf9ddd59c0e5695bfae479b186432c123d6136ae
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:20 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
253
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 03 Oct 2022 13:19:48 GMT
wn
prod-dash-10-0-116-237
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=604547
x-optimized-by
_sam
cf-ray
75539c3a9c92bb47-FRA
expires
Wed, 12 Oct 2022 04:59:07 GMT
logo-mlive-inverse.svg
static.advance.net/static/common/img/paywall/lmg/ Frame A22B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/paywall/lmg/logo-mlive-inverse.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 05 Oct 2022 05:03:20 GMT
x-shield-cache-expires
10
x-amz-request-id
W54NR3RA1G6XS46A
age
3215
x-cache
HIT, HIT
content-length
879
x-served-by
cache-iad-kjyo7100102-IAD, cache-hhn4061-HHN
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1664946201.837909,VS0,VE95
etag
"eddae84ef46240dace31d24e6e3f4dae"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
logo-mlive.svg
static.advance.net/static/common/img/paywall/lmg/ Frame A22B 		2 KB
997 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/paywall/lmg/logo-mlive.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 05 Oct 2022 05:03:20 GMT
x-shield-cache-expires
10
x-amz-request-id
PH6C8SM95P12KZA3
age
1454
x-cache
HIT, HIT
content-length
879
x-served-by
cache-iad-kiad7000178-IAD, cache-hhn4061-HHN
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1664946201.841113,VS0,VE93
etag
"eddae84ef46240dace31d24e6e3f4dae"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cannabisinsider-nj.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame A22B 		19 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/cannabisinsider-nj.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6066054d8669e8ca3c9a1ca53af6b3e80dba9361b59f023c82d7b55542b36fb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 05 Oct 2022 05:03:20 GMT
x-shield-cache-expires
10
x-amz-request-id
6DSFE0MSM14YY3GP
age
18660
x-cache
HIT, HIT
content-length
14248
x-served-by
cache-iad-kiad7000063-IAD, cache-hhn4061-HHN
last-modified
Thu, 03 Mar 2022 17:31:43 GMT
x-timer
S1664946201.846980,VS0,VE1
etag
"aefa848511ed2323f5f7292cad413d91"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cannabisinsider-newyorkupstate.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame A22B 		16 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/cannabisinsider-newyorkupstate.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3b2ce9e63a7f14001e6af32ad0d3b19b045b916cf8073180d25688e4b3f49e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 05 Oct 2022 05:03:20 GMT
x-shield-cache-expires
10
x-amz-request-id
XJBDSPFMTZAZDKBQ
age
20325
x-cache
HIT, HIT
content-length
3492
x-served-by
cache-iad-kjyo7100096-IAD, cache-hhn4061-HHN
last-modified
Mon, 07 Mar 2022 18:18:54 GMT
x-timer
S1664946201.847719,VS0,VE1
etag
"67c5456929bc3d85c2333fc91a450c71"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
syracuse-cny.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame A22B 		64 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/syracuse-cny.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
924e4b297681729162fa238a756db89acf5a1dc0cd23c1204c9a4e4407493822

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 05 Oct 2022 05:03:20 GMT
x-shield-cache-expires
10
x-amz-request-id
97NR8XWJWKTAC426
age
18507
x-cache
HIT, HIT
content-length
48413
x-served-by
cache-iad-kjyo7100176-IAD, cache-hhn4061-HHN
last-modified
Tue, 04 Jan 2022 20:10:53 GMT
x-timer
S1664946201.847703,VS0,VE1
etag
"30947d9aefcf59c3095181bf0123a29f"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
al-thelede.svg
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame A22B 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/al-thelede.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
30e382a9546c4b436b0568f463e7c3274696c3c59f7aa871af91a33a967f05c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 05 Oct 2022 05:03:20 GMT
x-shield-cache-expires
10
x-amz-request-id
KYXVF8F0X7HWFEWT
age
3739
x-cache
HIT, HIT
content-length
2079
x-served-by
cache-iad-kjyo7100069-IAD, cache-hhn4061-HHN
last-modified
Tue, 24 May 2022 18:14:31 GMT
x-timer
S1664946201.847694,VS0,VE1
etag
"1527b5427a70175541ef142224302fa8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
logo-lede_bhm-al.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame A22B 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/logo-lede_bhm-al.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70c0b487552a9a2ea102ed22ae505177c567320390f5136bcef5dd56d48d4f02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 05 Oct 2022 05:03:20 GMT
x-shield-cache-expires
10
x-amz-request-id
3RQXXMNDGJ0J3ATG
age
11195
x-cache
HIT, HIT
content-length
44631
x-served-by
cache-iad-kjyo7100157-IAD, cache-hhn4061-HHN
last-modified
Fri, 20 May 2022 13:44:08 GMT
x-timer
S1664946201.847682,VS0,VE1
etag
"a683a2407cd20aa2076aed1087f11b61"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
logo-lede_hsv-al.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame A22B 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/logo-lede_hsv-al.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c1a3cf6c5fae33a0a2b627a9785b585148970346adbbcc204a4519d05f9a089

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 05 Oct 2022 05:03:20 GMT
x-shield-cache-expires
10
x-amz-request-id
M4ERCMWAGEJEKBW0
age
9693
x-cache
HIT, HIT
content-length
42755
x-served-by
cache-iad-kcgs7200040-IAD, cache-hhn4061-HHN
last-modified
Fri, 20 May 2022 13:44:08 GMT
x-timer
S1664946201.847692,VS0,VE1
etag
"1dc34579a74c449327a76697d00bb180"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
logo-lede_mob-al.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame A22B 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/logo-lede_mob-al.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d2b28582d25b3aa38daf12c501c7abc9297ae74d035ee343941f0938adec0524

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 05 Oct 2022 05:03:20 GMT
x-shield-cache-expires
10
x-amz-request-id
DSWWFJ2F30SCZKE3
age
22405
x-cache
HIT, HIT
content-length
42953
x-served-by
cache-iad-kiad7000082-IAD, cache-hhn4061-HHN
last-modified
Fri, 20 May 2022 13:44:08 GMT
x-timer
S1664946201.847650,VS0,VE1
etag
"563af4d5a587fe270e3c6e43be6f32ec"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
penn-truecrime.png
static.advance.net/static/common/img/piano/dynamic-offer/logos/ Frame A22B 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/dynamic-offer/logos/penn-truecrime.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d86ce55edee7f570d7fc315f84814e3b1171edef20e3778e10066727092638b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 05 Oct 2022 05:03:20 GMT
x-shield-cache-expires
10
x-amz-request-id
XYW1GWC993KKDBBA
age
2389
x-cache
HIT, HIT
content-length
7289
x-served-by
cache-iad-kcgs7200065-IAD, cache-hhn4061-HHN
last-modified
Tue, 05 Jul 2022 18:14:11 GMT
x-timer
S1664946201.847620,VS0,VE16
etag
"b3623ac64851022e99375a518b7bb87c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=36000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
close-icon-black.svg
static.advance.net/static/common/img/piano/ Frame A22B 		1 KB
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/close-icon-black.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVV6RCOZRR96&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_4b9001a98c8ac131619a-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eef57151e6646e4f59ca6a1d749631ee2f89bf4d1b736fb4620b784cedbe0de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 05 Oct 2022 05:03:20 GMT
x-shield-cache-expires
10
x-amz-request-id
4S9WX73D60G65H7H
age
3189
x-cache
HIT, HIT
content-length
610
x-served-by
cache-iad-kjyo7100168-IAD, cache-hhn4061-HHN
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1664946201.859095,VS0,VE1
etag
"35ec888ec074218ee36fea53d51653a8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
butler
b.sharethrough.com/ Frame 7FB5 		95 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.sharethrough.com/butler?type=visible&arid=3732dd8c-2b67-4ae6-8a5a-b6cd108670d3&pkey=pL3B8PdPLobRSs1fqmGAthx5&supplyId=E4rooAtA&tkey=300x250-mpu&ckey=a7935305814f8c5e2a34ba54-92203735&vkey=&umtime=1664946200732&awid=a835a3b1-1a98-4045-bbf4-87f31b07ccdb&sourceId=a7935305814f8c5e2a34ba54&deal_id=GLJC8DEZ2M1ppdRDzKL95PzP&action=clickout&isVast=false&bwidth=300&bheight=250&ploc=https%253A%252F%252Fwww.mlive.com&renderEnv=safeframe&version=gc-811-de0ba920-eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-92.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:40:00 GMT
via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 16:38:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
73401
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
C6WADCLqMHEUwYP9pxcWUF6MxJvjzLWPIMUobvkYXaOr6RTnTwZ0kA==
/
b1t-eudc1.zemanta.com/t/imp/view/4I7QK4HDIOEGEUNVZUWH5FX4QCQPCIBA564IQGZLCNQXNSWFVPRKSQOOPHMJWH64XWQUMHR7DR5SVGXGCKOIQVU6L5PJU6YRFAV2UZBU2R72KO24ZO33UWABETVHC73LAG6M34L6DI2AQTWSAIGG35E4LBW6EP6VOLNN... Frame 7FB5 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/view/4I7QK4HDIOEGEUNVZUWH5FX4QCQPCIBA564IQGZLCNQXNSWFVPRKSQOOPHMJWH64XWQUMHR7DR5SVGXGCKOIQVU6L5PJU6YRFAV2UZBU2R72KO24ZO33UWABETVHC73LAG6M34L6DI2AQTWSAIGG35E4LBW6EP6VOLNN7QX3AXJEOKM7Q2CKAL5P2PJ7Y7DRQIB5YGUS5KVL4D2R3SXNVMQYGECMSRNPXCBGQC7Z6SB7ALPYQL3TLY2D2SJ7FZM5IEKNXFTXQHEFIMJAT26OGXKICGTL5RTPQLLUIP5WZJS73FX5PDFRJEBUSULAYQ7UI665XJVG2BPXVS3BSN46THGTJUFFEWBXXVJEDP5JX5GONGOOP7FPXVT3JSJHRRM3FSD3ZF4NIDIM4GV5JSZKI5DJ6U/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:03:20 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
piano-frame.js
static.advance.net/static/common/js/ Frame A22B 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.advance.net/static/common/js/piano-frame.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2b968d910bbef836f267a12299e32649d9f2ed87f59ecefceb3d9a4900ec590f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Wed, 05 Oct 2022 05:03:20 GMT
x-shield-cache-expires
10
x-amz-request-id
ES9DN9ZW46DMXTJK
age
563
x-cache
HIT, HIT
content-length
10969
x-served-by
cache-iad-kcgs7200070-IAD, cache-hhn4061-HHN
last-modified
Mon, 11 Jul 2022 14:51:02 GMT
x-timer
S1664946201.882857,VS0,VE1
etag
"6b72a322454afa161f35111151436495"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 7FB5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuoXqdmNL9uu8pSYmTmVSfgHvPDaOa3OQp90gkbhkIb6Mu1W-dVvUcte9CP9YmRG90QONss1FYyQTVn_wkhYBFUDC7Z&sig=Cg0ArKJSzAEHEN8gPR39EAE&cid=CAASF-RoevRh1mIcKVJ13oKf8d_GiVSA_v6_&id=lidar2&mcvt=1002&p=901,1135,1151,1435&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=455907384&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664946199473&rpt=417&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logAutoMicroConversion
api-v3.tinypass.com/api/v3/conversion/ 		49 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-v3.tinypass.com/api/v3/conversion/logAutoMicroConversion?tracking_id=%7Bkpdx%7DAAABEHvgxTfw_wIKCjhHdTJaOFJDdloSEGw4djV6OHBzdXBrOHU1MTIaDEVYS0VVN1lYM1pBTCIlMTgwNThlMDBiZy0wMDAwMzB0NmdyZm00NTF0MWxna2hiamIxNCoac2hvd1RlbXBsYXRlMU9EU0xBR1pYN1dYNzEwAToMT1RDMTdYMzJCSkNJQg1PVFZWNlJDT1pSUjk2Ukt2LTIwMjItMTAtMDUtMDUtMDMtMTgtNTA0LUJ5N3hNQ28xOEt6Vjg5N08tNjg3ZjFmNGMzY2JlMjlmZWY0N2I2OTM3NWZjODliNmVaJDIwMDE6MWI2MDoxMDEwOjM6MTAxMTo0YTg1OmM1OTU6ZTdjZWIDZHdjaJjD-ZkGcAx4BA&event_type=EXTERNAL_EVENT&event_group_id=config&custom_params=%7B%22config%22%3A%22%7B%5C%22type%5C%22%3A%5C%22bottomfixed%5C%22%2C%5C%22version%5C%22%3A%5C%22subscribe%5C%22%2C%5C%22placement%5C%22%3A%5C%22bottom-fixed%5C%22%2C%5C%22newsletterId%5C%22%3A%5C%22%5C%22%2C%5C%22closable%5C%22%3A%5C%22true%5C%22%7D%22%7D&callback=jsonp1781
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5615841f292fcb91eae80ce9295292ff2c8a724615b5aeee10b45467da5594de
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:21 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
75539c3bde309bca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
8afe5fe7e1f6681df572f5de44d447d4
expires
0
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
5
content-length
0
date
Wed, 05 Oct 2022 05:03:20 GMT
server
nginx
tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 05 Oct 2022 05:03:21 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1557562236&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=onboarding&ea=bottomfixed_shown&el=type%3A%20%22bottomfixed%22%7C%7Cvariant%3A%20%22OTVV6RCOZRR96%22%7C%7Cexperience%3A%20%22EXKEU7YX3ZAL%22%7C%7Cclosable%3A%20%22true%22%7C%7Cversion%3A%20%22subscribe%22%7C%7CmeterName%3A%20%22Support%20Meter%22%7C%7CtotalViews%3A%201%7C%7CmaxViews%3A%207&ev=0&_u=aDDAAEABAAQCACgFK~&jid=&gjid=&cid=1198089221.1664946198&tid=UA-16643585-16&_gid=1128824650.1664946199&gtm=2wga30TLXFLCR&cd1=undefined&cd2=1---&cd3=undefined&cd4=undefined&cd6=&cd9=263b9a43-6608-4e0b-b647-4e66800023e9&cd10=undefined&cd11=&cd13=Weekday&cd14=undefined&cd15=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=mlive&cd21=undefined&cd23=undefined&cd25=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd32=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd38=No%20Referrer&cd39=undefined&cd40=undefined&cd43=false&cd44=undefined&cd45=undefined&cd46=homepage-beta&cd47=desktop&cd48=undefined&cd50=GA%20-%20event%20call&cd51=undefined&cd52=undefined&cd53=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd59=undefined&cd60=&cd62=undefined&cd64=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd86=undefined&cd87=sub-group-a&cd88=true&cd61=1198089221.1664946198&cd98=meterName%3A%20%22Support%20Meter%22%7C%7CtotalViews%3A%201%7C%7CmaxViews%3A%207&z=810639731
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 16:55:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43668
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metered=1%7C7&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=5d4d8daf-e4b0-4713-9d49-4a0ab40dc368&pid=50fcbba8-709f-470e-8bbb-88e93cd2211a&dtm=1664946200936&qnm=_matherq&visible=1&tabid=810d7aaf-ff6b-4e6a-8d94-fd0ef8eb65fc&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x1200&tofa=1664946198&vid=1&lvidt=1664946198&duid=865d874800ff589e&fp=2509661442&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJjdXN0b21fZXZlbnQiLCJhY3Rpb24iOiJjb25maWciLCJkYXRhIjp7ImV2ZW50TmFtZSI6ImNvbmZpZyIsInBhcmFtcyI6eyJjb25maWciOiJ7XCJ0eXBlXCI6XCJib3R0b21maXhlZFwiLFwidmVyc2lvblwiOlwic3Vic2NyaWJlXCIsXCJwbGFjZW1lbnRcIjpcImJvdHRvbS1maXhlZFwiLFwibmV3c2xldHRlcklkXCI6XCJcIixcImNsb3NhYmxlXCI6XCJ0cnVlXCJ9In19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTE5ODA4OTIyMSIsInJlZlRpbWUiOiIxNjY0OTQ2MjAwOTM2In1dfQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.38.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-38-131.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Wed, 05 Oct 2022 05:03:20 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
farnhamheadline-semi-bold.woff
fonts.advance.net/fonts/v1/farnham-headline-semi-bold/ Frame A22B 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/v1/farnham-headline-semi-bold/farnhamheadline-semi-bold.woff
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 05 Oct 2022 05:03:21 GMT
x-shield-cache-expires
10
x-amz-request-id
RCD3P7X9PVWT5T02
age
80201
x-cache
HIT, HIT
content-length
37160
x-served-by
cache-iad-kiad7000030-IAD, cache-hhn4050-HHN
last-modified
Wed, 19 Sep 2018 19:27:30 GMT
x-timer
S1664946201.016696,VS0,VE2
etag
"c9a8222fbabe6b700baacd21dd7a1f61"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
s-maxage-ignore=86400, no-store
448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
fonts.advance.net/fonts/v1/benton-sans-medium/ Frame A22B 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/v1/benton-sans-medium/448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 05 Oct 2022 05:03:21 GMT
x-shield-cache-expires
10
x-amz-request-id
TWA9Q4BE9WCW2D61
age
1605085
x-cache
HIT, HIT
content-length
54040
x-served-by
cache-iad-kiad7000115-IAD, cache-hhn4050-HHN
last-modified
Mon, 10 Jun 2019 14:09:26 GMT
x-timer
S1664946201.016681,VS0,VE2
etag
"00b8650c0e6992c5c9ced8f621e43ffd"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
s-maxage-ignore=2629800, no-store
166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
fonts.advance.net/fonts/v1/benton-sans-regular/ Frame A22B 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/v1/benton-sans-regular/166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Wed, 05 Oct 2022 05:03:21 GMT
x-shield-cache-expires
10
x-amz-request-id
KT4GH1QJ3ZCNBQVZ
age
0
x-cache
HIT, HIT
content-length
55125
x-served-by
cache-iad-kjyo7100036-IAD, cache-hhn4050-HHN
last-modified
Tue, 16 Jul 2019 16:35:54 GMT
x-timer
S1664946201.016665,VS0,VE92
etag
"63c3700153fd19bac6ac63c816251c03"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
maxage=600
115
check.analytics.rlcdn.com/check/ 		25 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-57.fra50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:03:21 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amzn-trace-id
Root=1-633d1019-4da26e20092f5dab02864165
x-amzn-requestid
0c1692a2-9a18-4f62-8bf4-ee2c0aa54f5e
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
Zg9z9EVajoEFncQ=
content-length
25
x-amz-cf-id
axD8nQUWu9uOpNTXvA2I_QV_Zfj17qWXif4mTcbXGWSVk6WCOdxmEw==
115
check.analytics.rlcdn.com/check/ 		25 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-57.fra50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:03:21 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amzn-trace-id
Root=1-633d1019-16b8ea3e74269d7e37d3a9a9
x-amzn-requestid
ae100eb2-2608-4187-a3b2-742f064a213f
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
Zg9z9FZBjoEF0vg=
content-length
25
x-amz-cf-id
S9Nf1Fkw8SxNQAuTK_2bNjq2rpDWM9V_xPLpc3ESltWM1d7YA-6eHg==
115
check.analytics.rlcdn.com/check/ 		25 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-57.fra50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:03:21 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amzn-trace-id
Root=1-633d1019-578fba2635f7bad01be98cf1
x-amzn-requestid
f6e044e2-8344-489d-9dfe-c61fcfa400a5
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
Zg9z-GcXjoEFlTA=
content-length
25
x-amz-cf-id
ea2FX1KeZNWDRQbriIpU-wVfLtI2gjJqcDYe76RTxWZYxSoxMIMe4w==
activeview
pagead2.googlesyndication.com/pcs/ Frame 2505 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaNuWpeqhHHLfzLS21m4w_mITGUytcrDQ1AbI0PAP5WJm8WnU5PK8ZfW6pEDJrEbvEAvCk35hVLG53Vp1P-vFuqJfo&sig=Cg0ArKJSzNeCH3hiS0ZaEAE&cid=CAASF-RoDZSRPzYT-Ih5N93PqV75g9Pm5scC&id=lidar2&mcvt=1000&p=155,1135,405,1435&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=197823414&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664946199873&rpt=368&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
butler
b.sharethrough.com/ Frame CB48 		95 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.sharethrough.com/butler?type=visible&arid=89ba052f-d3d2-4423-8478-77d511c271ad&pkey=pL3B8PdPLobRSs1fqmGAthx5&supplyId=E4rooAtA&tkey=300x250-mpu&ckey=a7935305814f8c5e2a34ba54-92203735&vkey=&umtime=1664946201256&awid=5184fafb-9273-4118-a64c-ad149bf86f1f&sourceId=a7935305814f8c5e2a34ba54&deal_id=GLJC8DEZ2M1ppdRDzKL95PzP&action=clickout&isVast=false&bwidth=300&bheight=250&ploc=https%253A%252F%252Fwww.mlive.com&renderEnv=safeframe&version=gc-811-de0ba920-eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-92.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:40:00 GMT
via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 16:38:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
73402
etag
"71a50dbba44c78128b221b7df7bb51f1"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
JEjM7ZOmDP5W5AUtJdtzJL-CImqvRh3Gvp9fSoFmZ0whrt-TlsXYtg==
/
b1t-eudc1.zemanta.com/t/imp/view/4I7QK4HDIOEGEOYIGK5RUIFRG6QPCIBA564IQG2W3NNMRJ4UCFOLPRLGCYEQOVGRWU5QD6BUW2Q3NCS4CZJHT3HUWXGJ7E6M2CD3SV32EEXY2AJFEVXO35QGD3L7TW4W7G7FUWLQ4JMLATWSAIGG35E4LBW6EP6VOLNN... Frame CB48 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/view/4I7QK4HDIOEGEOYIGK5RUIFRG6QPCIBA564IQG2W3NNMRJ4UCFOLPRLGCYEQOVGRWU5QD6BUW2Q3NCS4CZJHT3HUWXGJ7E6M2CD3SV32EEXY2AJFEVXO35QGD3L7TW4W7G7FUWLQ4JMLATWSAIGG35E4LBW6EP6VOLNN7QX3AXJEOKM7Q2CKAL5P2PJ7Y7DRQIB5YGUS5KVL4D2R3SXNVMQYGECMSRNPXCBGQC7Z6SB7ALPYQL3TLY2D2SJ7FZM5UFMBE77BPBORYRLHBKG5G3G6GROTA2JX5M7FUSIXCITH3OVOJ5QMIGMAV7HHBN456HTJT5K4NQKGNQWWIMAIPTOQHON3FVOS3KEDOVYWCMIOPR6WCDI4JQJVHZRKFRKUMBCQTXABWKI7K/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:03:21 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame CB48 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuT6T_VkU3QrRyNcnY3MvQCn5aqczIg3wac2CTaWw85YXiKE_75N14nMWv7kNwXm6jgWaEDI3SWBSOZV3idRuu5T8Gw&sig=Cg0ArKJSzPZa84O6oCIsEAE&cid=CAASF-RoP3wHEdJrVExdoZofILUufu-v2I3F&id=lidar2&mcvt=1000&p=887,165,1137,465&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=197823415&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664946200085&rpt=203&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CG%24%3D!!t.PKmKjefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-VYfZFj9Dn5ips3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-0wIGJxNzs6uFgA%3D%3D&sc=1&os=1-2w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=11820&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=11820&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1664946198275&de=890723720420&rx=596129050217&cu=1664946198275&m=5815&ar=220b545db30-clean&iw=0fe1c466&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A366%3A366%3A1713%3A423&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5115&cd=0&ah=5115&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=200409&na=1601626838&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 05 Oct 2022 05:03:24 GMT
envelope
lexicon.33across.com/v1/ 		49 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000001PAW0LAAX&gdpr=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:03:23 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
expires
Sat, 26 Jul 1997 05:00:00 GMT
392.json
id5-sync.com/g/v2/ 		216 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/392.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
732fc39be2728e4f4b99079663af3a3c32d3ec0b881e4b612829262be40d820e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Wed, 05 Oct 2022 05:03:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		63 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.218.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-218-252.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
17f23337c3302d90ea6f452473e4c1cf2a052430fa17d6421842fb335554275f

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.21.15
access-control-allow-credentials
true
content-length
63
expires
0
envelope
api.rlcdn.com/api/identity/ 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 05 Oct 2022 05:03:24 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
ixmatch.html
js-sec.indexww.com/um/ Frame CA1A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 Oct 2022 05:03:24 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B40F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=52901
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 05 Oct 2022 05:03:24 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 05 Oct 2022 19:45:05 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 70B2 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 Oct 2022 05:03:24 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 9E48 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e37ae79fb4d1c01672b574b8b078712e4391b9e79c11d65227f730b7a18652a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7833
content-type
text/html; charset=UTF-8
date
Wed, 05 Oct 2022 05:03:24 GMT
expires
Fri, 07 Oct 2022 05:03:24 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
checksync.php
contextual.media.net/ Frame 7CD0 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e37ae79fb4d1c01672b574b8b078712e4391b9e79c11d65227f730b7a18652a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7833
content-type
text/html; charset=UTF-8
date
Wed, 05 Oct 2022 05:03:24 GMT
expires
Fri, 07 Oct 2022 05:03:24 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 0B52 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 Oct 2022 05:03:24 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B2E8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=52901
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 05 Oct 2022 05:03:24 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 05 Oct 2022 19:45:05 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D4F6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=52901
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 05 Oct 2022 05:03:24 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 05 Oct 2022 19:45:05 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 42A0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 Oct 2022 05:03:24 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 3AE2 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e37ae79fb4d1c01672b574b8b078712e4391b9e79c11d65227f730b7a18652a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7833
content-type
text/html; charset=UTF-8
date
Wed, 05 Oct 2022 05:03:24 GMT
expires
Fri, 07 Oct 2022 05:03:24 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.js
eus.rubiconproject.com/ Frame 0B52 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 05:03:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=59926
Connection
keep-alive
Content-Length
9421
Expires
Wed, 05 Oct 2022 21:42:10 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame B40F 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=22451761&p=159879&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0de0694e0c68a01605ddf36dc1e644691b02ddc833dbba36d5deeaa993f3c198

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 05 Oct 2022 05:03:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
log
c21lg-d.media.net/ Frame 9E48 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3079477998214972000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Wed, 05 Oct 2022 05:03:24 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 0E87 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f387a9ecb4ce07902c6d19f2b4261d962ce1bd1983b854970c34506db401ecb6

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75539c50dcc9bb53-FRA
content-encoding
br
content-type
text/html
date
Wed, 05 Oct 2022 05:03:24 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z38SktPCYDmTYyt9W59uQBgh%2BIlqREy0DfwF1OPu1dXxhCZZAm1mrYSPtdM6W8x1oPT25Mi3nq9C47POaCFnt5kdUsBnQaZRQE7QVNou40aSZdDbUsXbuVi1L8F%2FDT9nqeRRyF1rtu1Mvg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame B49F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aea9e3bde7203cdb78bd78ce4ed214ce8902e1a056170004e66ad0870d50ec0

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75539c50dcd2bb53-FRA
content-encoding
br
content-type
text/html
date
Wed, 05 Oct 2022 05:03:24 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdSx%2BS0FqOZpjb%2FhCj5eL2pWcrzGlBVip%2BmUuY6zehiBP2LnUtT9AXPX%2F6NoTIpPKzVjNEzOGM8qgVyGSx4qpRq7FggY5cnOJrW16qodRS%2Bpmv%2FfhT4MhKnLE2sFzA9626erRrxhY7GUSw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame A81B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63f7fd42b74e7dddb1672533a2b506b55c763a3cd656b421d72058e4d05f9d7f

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75539c50dcd9bb53-FRA
content-encoding
br
content-type
text/html
date
Wed, 05 Oct 2022 05:03:24 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXDuqtd8N7QehzNZljJki%2BgMT2b1o9yCpOF0%2B%2FakO5U7TX%2BVQJZwJgSv3ZtRIRKyg%2BCbhvbeaOQpAcAvmHgsSesGXtc9lg00IG6dA4ts6OarVVkLWA8M8HBTa87UaXK10BxgtZuxRjBNeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
crum
dsum-sec.casalemedia.com/ Frame 0E87
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yz0QGLuyisWmzPrKTdGlvwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAUzZnrEmg9lCHjNqZ9qa0c&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAUzZnrEmg9lCHjNqZ9qa0c&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAUzZnrEmg9lCHjNqZ9qa0c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 0E87
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evZaCCON1ilSSi5lhrxuxstl0KjcOqj5KVTO9cledjOU2Z7Fc6x37CipkDsCUMHYreqBbZ073KYIv0gk%2FGAQsnAtEDrhFsNV08URPJ8CJJ2hTyjrpLwIKKt1RXLTYV55jVBZaUZ3ybqNHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75539c515d6fbb53-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 0E87 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 0E87
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9VSKGBWGDEFGD6AHPFXP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D49X01X3H2BTVK9TNJVB
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
csync.loopme.me/ Frame 0E87 		0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ad6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75539c51ac74bb9b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
crum
dsum-sec.casalemedia.com/ Frame 0E87
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 0E87
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=jrJB74mxQ-iVt0q73bhf6d7gE-2VuBe_j7fpBU4G
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=jrJB74mxQ-iVt0q73bhf6d7gE-2VuBe_j7fpBU4G
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=jrJB74mxQ-iVt0q73bhf6d7gE-2VuBe_j7fpBU4G
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0E87
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3133487591381184866
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3133487591381184866
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3133487591381184866
pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
htw-pixel.gif
cdn.indexww.com/ht/ Frame 0E87 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yz0QGLuyisWmzPrKTdGlvwAA%261110
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:24 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
234
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75539c51aec6bbb5-FRA
content-length
43
expires
Wed, 05 Oct 2022 09:03:24 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame B49F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8QMkj0Ezd%2FORHgaJ1dIauSn95eVJYg7JsD7qMmkLWW%2FhlfSVC%2BlBvic%2FtXaeqZ0lZVwtY8tKTfpkVFAmG0WUQs5t07rm6AmT0FLDwOtLXU9slMrQX54Rfjnd9HeeVRrsc%2BFe%2F6yYkgz1dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75539c516d77bb53-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B49F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yz0QGLuyisWmzPrKTdGlvwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAUzZnrEmg9lCHjNqZ9qa0c&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAUzZnrEmg9lCHjNqZ9qa0c&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAUzZnrEmg9lCHjNqZ9qa0c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B49F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9341VBQB1N1QGTPPTZ7T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0HVF4R5PMDHAZVBVPR88
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame B49F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B49F 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:2446:243c:2b31:890f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum.casalemedia.com/ Frame B49F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8161604650859879892
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8161604650859879892
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
AN-X-Request-Uuid
bf2674b7-d4dd-42e8-b7c8-1a230bacaaeb
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8161604650859879892
Connection
keep-alive
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B49F
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

date
Wed, 05 Oct 2022 05:03:24 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum-sec.casalemedia.com/ Frame B49F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame B49F 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yz0QGLuyisWmzPrKTdGlvwAA%261110
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:24 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
234
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75539c51aec7bbb5-FRA
content-length
43
expires
Wed, 05 Oct 2022 09:03:24 GMT
crum
dsum-sec.casalemedia.com/ Frame A81B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2002323948792627444
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2002323948792627444
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
AN-X-Request-Uuid
790e0561-45fc-4860-8bcc-04927952ed10
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2002323948792627444
Connection
keep-alive
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A81B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=55b2633d-101c-4a00-8e9b-f0db3a3a164e
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=55b2633d-101c-4a00-8e9b-f0db3a3a164e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 05 Oct 2022 05:03:24 GMT
Server
MT3 4525 e1952b7 master cdg-pixel-x28 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=55b2633d-101c-4a00-8e9b-f0db3a3a164e
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 05 Oct 2022 05:03:23 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame A81B 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-cache-hits
0
pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1664946204.423677,VS0,VE0
x-cache
MISS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4073-HHN
ie
match.prod.bidr.io/cookie-sync/ Frame A81B 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.152.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-152-75.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame A81B
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yz0QGLuyisWmzPrKTdGlvwAA%261110?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Yz0QGLuyisWmzPrKTdGlvwAA%261110
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Yz0QGLuyisWmzPrKTdGlvwAA%261110
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.49.84.111 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v044-0d690d0dc.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
CF1NvXmbRvM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v044-03b75489a.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
LIztWGC5RPE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Yz0QGLuyisWmzPrKTdGlvwAA%261110
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame A81B
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=cb7392c7-1b66-4b22-96c4-04caf70b4ced
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=cb7392c7-1b66-4b22-96c4-04caf70b4ced
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=cb7392c7-1b66-4b22-96c4-04caf70b4ced
date
Wed, 05 Oct 2022 05:03:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
usermatchredir
ssum-sec.casalemedia.com/ Frame A81B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yz0QGLuyisWmzPrKTdGlvwAABFYAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_cver=1
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2EbYZJAnjbDtkq%2BBGPO6JqOuGS76G1mcWBQ%2BYm4pzpuXrxJEZBNgjPZQTbzCb98DtgKVWgTbN%2FjQRCYbZsAwlOMcR9YphHWkzxaJtOnzJ1AzzEI73HYqGS%2Bva%2FDJYamsMRw7wsYqKgVthA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75539c517d8ebb53-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAmRqODXWL_lYNguWFij6Ro&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame A81B 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.251.13.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-251-13-39.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:24 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
htw-pixel.gif
cdn.indexww.com/ht/ Frame A81B 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yz0QGLuyisWmzPrKTdGlvwAA%261110
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:24 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
234
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
75539c51aec8bbb5-FRA
content-length
43
expires
Wed, 05 Oct 2022 09:03:24 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0B52
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=abPNWTAYTkOTDI0jg-5yAw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=abPNWTAYTkOTDI0jg-5yAw
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=abPNWTAYTkOTDI0jg-5yAw
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QH7KSVYRTXS994EBHFE8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=abPNWTAYTkOTDI0jg-5yAw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0B52
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjgxZWJmNzdmMjUxYzY4NmYwMjM1ZDU0MDM3ZTc2MzExNjgxZTk4MA&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjgxZWJmNzdmMjUxYzY4NmYwMjM1ZDU0MDM3ZTc2MzExNjgxZTk4MA&us_privacy=1---
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjgxZWJmNzdmMjUxYzY4NmYwMjM1ZDU0MDM3ZTc2MzExNjgxZTk4MA&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0B52
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAUpMTndec_gZaV-HuuVJ8k&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAUpMTndec_gZaV-HuuVJ8k&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAUpMTndec_gZaV-HuuVJ8k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 0B52 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 0B52
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhWNVo4WlQtTy1MWDBZ&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhWNVo4WlQtTy1MWDBZ&us_privacy=1---
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhWNVo4WlQtTy1MWDBZ&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 0B52
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=kMjMhpF0Tv-8hDDDpol4cw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=kMjMhpF0Tv-8hDDDpol4cw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=kMjMhpF0Tv-8hDDDpol4cw
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WY2V5EKNVF2YZ40AKKD0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=kMjMhpF0Tv-8hDDDpol4cw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 0B52
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8V5Z8ZT-O-LX0Y&us_privacy=1---
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8V5Z8ZT-O-LX0Y&us_privacy=1---
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:24 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B052A711174F4E0A9F2C8002A8E7B52A Ref B: FRAEDGE1217 Ref C: 2022-10-05T05:03:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXqQn8XqSm1usE6Ljn9vw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8V5Z8ZT-O-LX0Y&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0B52
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/KFlC9BQoUm1bS0du1zQ5fQ?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2360672021008323956
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2360672021008323956
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 05 Oct 2022 05:03:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2360672021008323956
content-length
0
match
c1.adform.net/serving/cookie/ Frame 29AD 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=4A6719EB-F3B4-437E-ABDB-7FA4AA85366E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 05 Oct 2022 05:03:24 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 4EC9
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6647946735075619217
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6647946735075619217
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 05 Oct 2022 05:03:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6647946735075619217
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 82CC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:15df633d-101c-4f00-ba55-f67012fd5781&gdpr=0&gdpr_consent=
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:15df633d-101c-4f00-ba55-f67012fd5781&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 05 Oct 2022 05:03:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 05 Oct 2022 05:03:24 GMT
Expires
Wed, 05 Oct 2022 05:03:23 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4525 e1952b7 master cdg-pixel-x35 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:15df633d-101c-4f00-ba55-f67012fd5781&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 6E0F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 05 Oct 2022 05:03:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 05:03:24 GMT
expires
Wed, 05 Oct 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1812990
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 9DE6
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4A6719EB-F3B4-437E-ABDB-7FA4AA85366E&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4A6719EB-F3B4-437E-ABDB-7FA4AA85366E&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4A6719EB-F3B4-437E-ABDB-7FA4AA85366E&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 05 Oct 2022 05:03:24 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Y5PXA9VJHVAX3PXAX2KE

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 05 Oct 2022 05:03:24 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4A6719EB-F3B4-437E-ABDB-7FA4AA85366E&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
6Y8K42QF411H3DGTENS2
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B40F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SmcZ6_O0Q36r23-kqoU2bg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:24 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=52901
accept-ranges
bytes
content-length
5549
expires
Wed, 05 Oct 2022 19:45:05 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame B40F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b429633d-101c-4400-80d8-ad39442d9378
0
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b429633d-101c-4400-80d8-ad39442d9378
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 05 Oct 2022 05:03:24 GMT
Server
MT3 4525 e1952b7 master cdg-pixel-x9 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b429633d-101c-4400-80d8-ad39442d9378
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 05 Oct 2022 05:03:23 GMT
generic
match.adsrvr.org/track/cmf/ Frame B40F
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=4A6719EB-F3B4-437E-ABDB-7FA4AA85366E
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame B40F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEE2NzE5RUItRjNCNC00MzdFLUFCREItN0ZBNEFBODUzNjZF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 05 Oct 2022 05:03:24 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B40F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIHkAzbTJUANzNLqAKB_mgk&google_cver=1
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIHkAzbTJUANzNLqAKB_mgk&google_cver=1
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 05 Oct 2022 05:03:24 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIHkAzbTJUANzNLqAKB_mgk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame B40F 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 05:03:24 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 04 Oct 2022 05:03:24 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B40F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4510017978132924580
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4510017978132924580
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 05 Oct 2022 05:03:24 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4510017978132924580
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame B40F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame B40F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5559769979328845738&gdpr=0&gdpr_consent=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5559769979328845738&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 05 Oct 2022 05:03:24 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 05 Oct 2022 05:03:24 GMT
AN-X-Request-Uuid
5fa37ec3-c688-408a-91ab-d454a869b7ee
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5559769979328845738&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=2oea30&_p=1557562236&cid=1198089221.1664946198&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1664946198&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&en=blueconic&ep.headline=undefined&ep.author=undefined&ep.page_type=homepage&ep.product=homepage-beta&ep.platform=desktop&ep.page_path=%2F&ep.user_subscription_status=undefined&ep.ab_test_group_user=undefined&ep.ga_bc_1=a0002%2Ca0016%2Ca0022%2Ca0037&ep.ga_bc_2=undefined&ep.ga_bc_3=undefined&ep.ga_bc_4=undefined&ep.ga_bc_5=undefined&ep.clavis_interest_topics=undefined&ep.site_cdp_segments=undefined&ep.bc_visit_number=1&_et=1541
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 05:03:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
b1t-eudc1.zemanta.com
URL
https://b1t-eudc1.zemanta.com/t/imp/view/4I7QK4HDIOEGEBUR62PNWUPXOOQPCIBA564IQGZJZHSJSKZYGW7FZSSCTVI437ELDWK4VSXHUGDBNPZHOMG4TMZMLDVAW3KHOPB32L5QN377K4PGLFHPRBRQXCPMYBQ45VUOKLH3GCT6PIGHHAGWSJZCHF3ZZDEMKP4T3FNIYRYZNYWA6V4IHQD6SM7U2OMI4DVXNVSCJNO7HXFE2U4YFXV7JK37ZGJNHUSD5INM322ASRZMXMRP3COWKUAELCTVF7U63C3HGKQLBJTD6MHMC2DTTLCCZFPA4WFK5ZM34Z3TKWJY5CO5KRQUBBVFZCKTOKH72NAZNRFURTQ6U2DYOJMY7S47MXU4PIQXJEDTYHLPRJ7VPI4AFBETGVHULUA4AENYLSIYOCNOW/?

Verdicts & Comments Add Verdict or Comment

606 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| admiral object| googletag object| sophi object| sophiSegments object| BOOMR_mq string| BOOMR_API_key object| BOOMR string| environment object| adiData object| dataLayer object| Fusion object| OneTrustStub object| webpackChunksnowplow_tracker_javascript_new object| $OPHI_GN function| sophiTag string| sophiGlobalVariable object| Snowplow object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| react object| React object| ReactDOM object| PropTypes object| StyledComponents object| regeneratorRuntime function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| idl object| teads_analytics string| bcHostname object| pArray function| adiGetLotameValue object| lotameSegments object| atsScript boolean| isOriginalIDL undefined| revgenDebug string| bcAffiliateProp string| logStyle function| handleProfileProperties function| debouncedHandleProfileProperties function| loadValuesFromBlueConic function| debounce function| storeIDLInfo function| setOriginalIDL function| retry function| retryGetProfileProps function| emitIDLInfo function| retryEmitIDLInfo function| setLiveRampsIDL function| waitForBcPageView function| waitForATS function| waitForAuth0 function| waitForWall function| waitForBC function| pathValue object| IDLExists object| isIDLReportingPending object| isProfileUpdatePending object| atsPromise object| profilePromise object| loginAuth0Promise object| emailWallPromise object| pianoScript number| a string| GoogleAnalyticsObject function| ga object| PARSELY object| _comscore function| fbq function| _fbq string| meterContentType object| _linkedin_data_partner_ids boolean| _already_called_lintrk function| twq function| setImmediate function| clearImmediate object| adiTrackPromise object| adiTrack function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| otCcpaOptOut function| dnsfeed object| CDP object| PQ object| apstag object| pbjs boolean| bcDFPCallbackCalled function| bcDFPCallback object| lotame_963 object| burtApi object| AdManager function| adhesionInit object| Advance object| tp string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData function| 4dm1r11545242527 object| COMSCORE function| udm_ object| ns_p function| lintrk function| ttd_dom_ready function| TTDUniversalPixelApi object| gaplugins object| twttr object| ats object| __otccpaooLocation object| blueConicPreListeners function| BCClass object| blueConicClient boolean| dv-data-transparency-tag-active function| dv-data-transparency-top-level-monitoring object| ggeac object| google_js_reporting_queue function| lotameIsCompatible function| lt963_ba function| lt963_b undefined| lt963_c undefined| lt963_ca undefined| lt963_da function| lt963_ea object| lt963_e function| lt963_fa function| lt963_ga object| lt963_ object| lt963_ka object| lt963_la object| lt963_Pa object| lt963_Qa object| lt963_7 function| lt963_aa function| lt963_a function| lt963_d function| lt963_f function| lt963_g function| lt963_h function| lt963_i function| lt963_j function| lt963_k function| lt963_ia function| lt963_ha function| lt963_l function| lt963_m function| lt963_ja function| lt963_n function| lt963_o function| lt963_p function| lt963_q function| lt963_r function| lt963_pa function| lt963_ma function| lt963_na function| lt963_t function| lt963_oa function| lt963_u function| lt963_v function| lt963_w function| lt963_x function| lt963_s function| lt963_y function| lt963_z function| lt963_A function| lt963_B function| lt963_qa function| lt963_C function| lt963_D function| lt963_ra function| lt963_E function| lt963_F function| lt963_G function| lt963_sa function| lt963_I function| lt963_J function| lt963_H function| lt963_ta function| lt963_K function| lt963_L function| lt963_ua function| lt963_va function| lt963_M function| lt963_wa function| lt963_xa function| lt963_ya function| lt963_Ca function| lt963_za function| lt963_Aa function| lt963_Ba function| lt963_Da function| lt963_Fa function| lt963_Ea function| lt963_N function| lt963_Ga function| lt963_Ha function| lt963_Ia function| lt963_Ja function| lt963_Ka function| lt963_La function| lt963_Ma function| lt963_Na function| lt963_Oa function| lt963_O function| lt963_Ra function| lt963_P function| lt963_Q function| lt963_R function| lt963_S function| lt963_Sa function| lt963_T function| lt963_U function| lt963_Ta function| lt963_Ua function| lt963_V function| lt963_W function| lt963_X function| lt963_Y function| lt963_Va function| lt963_Wa function| lt963_Z function| lt963__ function| lt963_0 function| lt963_1 function| lt963_4 function| lt963_Ya function| lt963__a function| lt963_Za function| lt963_1a function| lt963_0a function| lt963_2 function| lt963_2a function| lt963_3a function| lt963_3 function| lt963_Xa function| lt963_4a function| lt963_5a function| lt963_6a function| lt963_7a function| lt963_5 function| lt963_6 function| lt963_8a function| lt963_9a function| lt963_$a function| lt963_ab function| lt963_bb function| lt963_cb function| lt963_db function| lt963_eb function| lt963_fb function| lt963_gb function| lt963_8 function| lt963_jb function| lt963_kb function| lt963_ib function| lt963_hb function| lt963_mb function| lt963_lb function| lt963_ob function| lt963_nb function| lt963_pb function| lt963_qb function| lt963_rb function| lt963_sb function| lt963_tb function| lt963_ub function| lt963_wb function| lt963_zb function| lt963_yb function| lt963_vb function| lt963_Cb function| lt963_xb function| lt963_Ab function| lt963_Eb function| lt963_Db function| lt963_Fb function| lt963_Bb function| lt963_Gb function| lt963_Hb function| lt963_Ib function| lt963_9 function| lt963_Jb function| lt963_Kb function| lt963_Lb function| lt963_Mb function| lt963_Nb function| lt963_$ function| lt963_Ob function| lt963_Pb function| lt963_Qb function| lt963_Rb function| lt963_Sb function| lt963_Tb function| lt963_Ub function| lt963_Vb function| lt963_Xb function| lt963_Yb function| lt963_Zb function| lt963_Wb undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 boolean| apstagLOADED function| onYouTubeIframeAPIReady object| gaGlobal undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| pbjsChunk object| _pbjsGlobals object| mnet object| __li__evt_bus object| liQ object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadedadvanceddigitalheader640552616592 object| lotame_sync_16576 object| _mather number| _zid object| _matherq object| tid function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp string| url string| ptitle object| default_gsi object| google object| closure_lm_944703 object| __G_ID_CLIENT__ object| gaData undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| ID5 object| PublisherCommonId object| Optanon object| OneTrust function| sync16576_c function| sync16576_d undefined| sync16576_e undefined| sync16576_f undefined| sync16576_g function| sync16576_h object| sync16576_j function| sync16576_k function| sync16576_l object| sync16576_ object| sync16576_la function| sync16576_a function| sync16576_b function| sync16576_i function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_aa function| sync16576_q function| sync16576_r function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_ba function| sync16576_ca function| sync16576_v function| sync16576_da function| sync16576_w function| sync16576_x function| sync16576_y function| sync16576_ea function| sync16576_z function| sync16576_A function| sync16576_B function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_fa function| sync16576_J function| sync16576_K function| sync16576_ga function| sync16576_ha function| sync16576_L function| sync16576_M function| sync16576_ia function| sync16576_ja function| sync16576_ka function| sync16576_N function| sync16576_O function| sync16576_P function| sync16576_Q function| sync16576_R function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Z function| sync16576_Y function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_4 function| sync16576_5 function| sync16576_ma function| sync16576_3 function| sync16576_7 function| sync16576_6 function| sync16576_na function| sync16576_8 function| sync16576_oa function| sync16576_9 function| sync16576_pa function| sync16576_$ function| sync16576_qa object| bc_json692 object| filteredSegments object| filteredAudIndividual object| filteredAudVoter object| filteredAudMidterm2022 number| BOOMR_onload object| GoogleGcLKhOms function| sync16589_c function| sync16589_d undefined| sync16589_e undefined| sync16589_f undefined| sync16589_g function| sync16589_h object| sync16589_j function| sync16589_k function| sync16589_l object| sync16589_ object| sync16589_la function| sync16589_a function| sync16589_b function| sync16589_i function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_aa function| sync16589_q function| sync16589_r function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_ba function| sync16589_ca function| sync16589_v function| sync16589_da function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_ea function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_fa function| sync16589_J function| sync16589_K function| sync16589_ga function| sync16589_ha function| sync16589_L function| sync16589_M function| sync16589_ia function| sync16589_ja function| sync16589_ka function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Z function| sync16589_Y function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_4 function| sync16589_5 function| sync16589_ma function| sync16589_3 function| sync16589_7 function| sync16589_6 function| sync16589_na function| sync16589_8 function| sync16589_oa function| sync16589_9 function| sync16589_pa function| sync16589_$ function| sync16589_qa object| lotame_sync_16589 object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_130 object| Criteo object| Criteo_identitytag_130 function| $ object| _bcp object| justDetectAdblock function| BlueConicEngagement function| RuleService object| bcConnectionUtil function| BlueConicDataLayerUtil object| JSONPath function| md5 string| _contentURL string| _title object| bcSegmentsArray number| bcchunkSize number| num string| chunkString object| bcGASegment string| bcGASegmentName undefined| dcrSegmentsMI object| bc_json693 function| __esp_getUID2Async object| __uid2 object| google_image_requests object| PianoESPConfig

107 Cookies

Domain/Path Name / Value
h312.mlive.com/DG/DEFAULT Name: BCSessionID
Value: 57d8ba92-8db0-44ab-9680-b02eee1c76e4
advancelocal.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 57d8ba92-8db0-44ab-9680-b02eee1c76e4
.mlive.com/ Name: AKA_A2
Value: A
.mlive.com/ Name: sophiTagses.073a
Value: *
.mlive.com/ Name: _sp_duid
Value: cc3fc5b3-de3d-4134-a2ed-e41de56590af
.mlive.com/ Name: _gcl_au
Value: 1.1.1872555138.1664946198
.mlive.com/ Name: utag_vnum
Value: 1667538197833&vn=1
.mlive.com/ Name: utag_invisit
Value: true
www.mlive.com/ Name: last_visit_bc
Value: 1664946198253
.mlive.com/ Name: lotame_domain_check
Value: mlive.com
www.mlive.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.mlive.com/ Name: _li_dcdm_c
Value: .mlive.com
.mlive.com/ Name: _lc2_fpi
Value: 94c49eadf2ac--01gek8dnv2gzd9padg1f08hbmd
.mlive.com/ Name: pbjs_pubcommonID
Value: d490561c-a459-4765-ab24-252f008de9fa
.linkedin.com/ Name: UserMatchHistory
Value: AQKKMmi5Zsi7FQAAAYOmhtdFMxt7KPwuzkliJ-tYH4EwACqtrM98oRz8a3VvH2RB4eTlZnyfhD3MaA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQILqJymwca5aQAAAYOmhtdFYwN4x5vLtaVYPCZCcIoC2z1I6UcdvHzedsTvILZ5fXKbKdkTPh5w-Z_NYul2qw
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&3c5a9fe6-1058-4d11-8e8b-83deb366c748"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2728:u=1:x=1:i=1664946198:t=1665032598:v=2:sig=AQFc9WmkplRPnxFtbJPPcnVzvd3I6B6C"
.twitter.com/ Name: guest_id_marketing
Value: v1%3A166494619834796346
.twitter.com/ Name: guest_id_ads
Value: v1%3A166494619834796346
.twitter.com/ Name: personalization_id
Value: "v1_xHB7HvX6D9wvUdNiltyK+Q=="
.twitter.com/ Name: guest_id
Value: v1%3A166494619834796346
.t.co/ Name: muc_ads
Value: 183d3167-3fcc-4468-ac68-3a6bafeeb1bb
.mlive.com/ Name: _ml_ses
Value: *
.mlive.com/ Name: _pprv
Value: eyJjb25zZW50Ijp7IjAiOnsibW9kZSI6Im9wdC1pbiJ9LCIxIjp7Im1vZGUiOiJvcHQtaW4ifSwiMiI6eyJtb2RlIjoib3B0LWluIn0sIjMiOnsibW9kZSI6Im9wdC1pbiJ9LCI0Ijp7Im1vZGUiOiJvcHQtaW4ifSwiNSI6eyJtb2RlIjoib3B0LWluIn0sIjYiOnsibW9kZSI6Im9wdC1pbiJ9LCI3Ijp7Im1vZGUiOiJvcHQtaW4ifX19
.postrelease.com/ Name: opt_out
Value: 1
.mlive.com/ Name: _pctx
Value: %7Bu%7DN4IgDghg5gpgagSxgdwJIBMQC4QBsAcAbgKwBe%2BYAzgK5gDW%2B1xAjAEwgA0I1lMATpWwA7arlxce-AMoAXCDJ7YQEIQHshnEJQQyYGYaNwBfIA
.mlive.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.mlive.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1664946198531%2C%22slts%22:0}
.mlive.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=7ad66d38efe144c80ed1b0ea3e402be2%22%2C%22session_count%22:1%2C%22last_session_ts%22:1664946198531}
.mlive.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.mlive.com/ Name: _ga
Value: GA1.2.1198089221.1664946198
.mlive.com/ Name: _gid
Value: GA1.2.1128824650.1664946199
.mlive.com/ Name: _gat_UA-16643585-16
Value: 1
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20221005050318a63afe05-634e-4433-86f4-fb80cf8c1c11AQGR7m5ImwPN6K_RRkFLPpXmaf0I02PK"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjQ5NDYxOTg7MjswMjFbY6mWtczCR1zTIHgNGKXVF3gC0Qjo7t+vQxaEDP0jAg==
www.mlive.com/ Name: authsource_origin
Value: false
www.mlive.com/ Name: ntvSession
Value: {"id":8077633,"placementID":773533,"lastInteraction":1664946198625,"sessionStart":1664946198625,"sessionEndDate":1665014400000,"trackUserSessionTime":true,"experiment":""}
www.mlive.com/ Name: _lr_geo_location
Value: DE
www.mlive.com/ Name: usprivacy
Value: 1---
.mlive.com/ Name: _awl
Value: 2.1664946198.0.5-348c8650c1c42c8af8f28e58382dcd01-6763652d6575726f70652d7765737431-0
.mlive.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Wed+Oct+05+2022+05%3A03%3A18+GMT%2B0000+(GMT)&version=202208.1.0&hosts=&consentId=989d2e04-a4d5-47c6-a56c-37082f11cbbd&interactionCount=0&landingPath=https%3A%2F%2Fwww.mlive.com%2F&groups=1912%3A1%2CC0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
.liadm.com/ Name: lidid
Value: ca5dbe49-9d49-4bd9-9825-265f947d91da
.mlive.com/ Name: _fbp
Value: fb.1.1664946198823.455937927
.doubleclick.net/ Name: IDE
Value: AHWqTUmbe9VPsGGr75kEO5nXuvVJ9LpNY95pq8Prr053RhqaPctSboxgsQai1KczXhQ
.mlive.com/ Name: __gads
Value: ID=7e414bd2430918d6:T=1664946198:S=ALNI_Mb6n6xgrSU8k99Y4IclEzUDl7bhAw
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrvFHbrHTpMzszzH/SUMvpGs1wMD2ZZQDJcmto/E7oIO1uN4KReLxlD9TNBETKI889ymPvo8pleP2I8HLg48+aBlR/vOG5O9jg=
.rubiconproject.com/ Name: khaos
Value: L8V5Z8ZT-O-LX0Y
.postrelease.com/ Name: visitor
Value: ""
.postrelease.com/ Name: status
Value: 0
.postrelease.com/ Name: ver
Value: 1
.mlive.com/ Name: __li_idex_cache
Value: %7B%22unifiedId%22%3A%22EKUkCeH9rpBOeDsyYzzp598nsyYoYSLSS1oCxw%22%7D
.3lift.com/ Name: tluid
Value: 806773288850099623752
www.mlive.com/ Name: BCSessionID
Value: 57d8ba92-8db0-44ab-9680-b02eee1c76e4
.w55c.net/ Name: wfivefivec
Value: ilZc4GSj1OFWyX5
.w55c.net/ Name: matchgoogle
Value: 5
.yahoo.com/ Name: A3
Value: d=AQABBBcQPWMCEM0i-016aAQQaUOPJJDFQuwFEgEBAQFhPmNGYwAAAAAA_eMAAA&S=AQAAAn1v2eCQmjz-0WVeuqvHwQU
.yieldmo.com/ Name: yieldmo_id
Value: g21e239fc1df50d7ef98%7C1664946199723%7C0%7C
.openx.net/ Name: i
Value: 7bf17d34-f753-47ac-8a2c-7ffd38a65da2|1664946199
advancelocal.blueconic.net/ Name: AWSALBCORS
Value: XCm6lBg76YeiM67ZqRlzXZyq6QK3eApCMCtwYmVO2SZYIMD00mnPvg9S/Eb//lojccVe2PgHMh4hJh3KmigFmPj8wp2aChMKao6WXAfHls8r2mDoKTpIhigiOEF+
.mlive.com/ Name: utag_dslv_s
Value: Less than 1 day
.mlive.com/ Name: _ga_GG8B674XK4
Value: GS1.1.1664946198.1.0.1664946199.0.0.0
.mlive.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22l8v5z8psufah35mi%22%7D
.casalemedia.com/ Name: CMID
Value: Yz0QGLuyisWmzPrKTdGlvwAA
.casalemedia.com/ Name: CMPS
Value: 1110
.casalemedia.com/ Name: CMPRO
Value: 1110
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 4510017978132924580
.criteo.com/ Name: uid
Value: a53c2a8f-7a02-4792-853f-581d80acb66d
.piano.io/ Name: __cf_bm
Value: J3OIx6f6h3diZjtfvxouVP1ZXJuwlw3LFCT8obQgsNI-1664946200-0-AdHs72/dBqa30x6brQaD44SIT0r3U5mu54NveDmcF8mbBROODwY9evzP6bmVidni8dH0pqly1KkeYXbeUxSjyQw=
.mlive.com/ Name: __tbc
Value: %7Bkpex%7DiLq-EchQVHpYYgZs539EkLW19I6NjXsNTB3nk9wNwITPHfKQI14EOM7Jk2Vg3Faz
.mlive.com/ Name: __pat
Value: -14400000
.mlive.com/ Name: __pvi
Value: eyJpZCI6InYtMjAyMi0xMC0wNS0wNS0wMy0xOC01MDQtQnk3eE1DbzE4S3pWODk3Ty02ODdmMWY0YzNjYmUyOWZlZjQ3YjY5Mzc1ZmM4OWI2ZSIsImRvbWFpbiI6Ii5tbGl2ZS5jb20iLCJ0aW1lIjoxNjY0OTQ2MjAwNTEzfQ%3D%3D
.mlive.com/ Name: xbc
Value: %7Bkpex%7DW3H3qYUxAK-HkXi4Pbaku8ezgJzTv0Ur5egnXmgKlOuvfUwQNzBP6XTsA6cHSaP_HAa17CoqHl4COLvtJ5p4FPRfJA8ImU2LX9jxNowcoLMVC9bQJE73gfQxazTvH6MIR0nCguyTk_KUyXgE9zE5cHtz03x7ZhP3iOdJTOVRgMPCGUIR8DoMX8Ga_wfXZCTTFIyYzDRtIP3ZxCPNzHaO0UE8bdM6jCZAZZdRC13dEXVzAIeDJk_kLUjybcLwYohVx-hiO4yrbg3ow4F-o_nRO7yz2bjcntJ7fLo0VvyA2RiDNHZsaY_8w1tDDfzsMUJRfBRRkWTu3iJiKd7FfZg1Iy350lxRqpp44xj7IiCGVqvCiCf4EmsKlRF18YeRTtgsCEdyZpoap0ftCDNx5Dk3MxmDgdAjy3W1-U57Svhk5Xm3RzWXNzYCihk9ZzRMYEOVETjBSt1a0Q5P4TfSB4vwr20CbuOtBC7MEGKBmU27NOx6yC02XrUjq292rAR1DHNAZl772qTynFR6KE670GJN8JtrqNLcHnaEXj046W63eITeGqPwMqXT2ZVy_917UAXzNijT6z5kHS4E36QTtVlHmNX_7QyqX_xzqHYmf-nYWZYhNSZbd4C2tezJAyH5yTZuYpjFS_go3_yWgpBIZChHFEJ0S7yAJmynKb0Mz9Ul0VVWa3YUWhf4DqwtRLyWKUCpoZ8E4RARg4QbPENNoqwfKSTsBhh2W94tCLy81iVk1t6mq6_y07CQrjvUhTITzeY_O0oZuWVOjiVFkn83vPiKW-Jczmj9_bGJblxXNV3RKfKdYUOX28PHDblbMKy2cJ9AxjoKwdthc0KkyQIKoLyebW__toOkyAywo9z5hCXlPLXebLUZiQgAfqzZY8SXvIbhRy1zdkOJ7nUUzjnTFKaI8Cj2XtD6BpGboaotRX7t444DoPUSdcOausntvDPZ3kq6jM-XeCGgw744m-wlo8aEsw-N1byfQfGvjMbbM2eBSrMXG6toYUgMtF4rX6Xd9xM5
.mlive.com/ Name: _ml_id
Value: 865d874800ff589e.1664946198.1.1664946201.1664946198
.www.mlive.com/ Name: _pc_sup_support_acq-sup2
Value: 10
h312.mlive.com/ Name: AWSALB
Value: wTGMLJ6uG3A3EI1q2D4eqraB15md049++5k4pOq6UXK6d295W4OqQMtG6ifav8jnysDLLUW5n2XRCl1SUstv1NB4/P+CUdZCPE345U7xqWAgLp8doF3fKbCt6thJ
h312.mlive.com/ Name: AWSALBCORS
Value: wTGMLJ6uG3A3EI1q2D4eqraB15md049++5k4pOq6UXK6d295W4OqQMtG6ifav8jnysDLLUW5n2XRCl1SUstv1NB4/P+CUdZCPE345U7xqWAgLp8doF3fKbCt6thJ
.mlive.com/ Name: utag_vs
Value: 3
.mlive.com/ Name: utag_dslv
Value: 1664946200924
.mlive.com/ Name: sophiTagid.073a
Value: cc3fc5b3-de3d-4134-a2ed-e41de56590af.1664946198.1.1664946201.1664946198.b93ca175-bd69-4b95-b29d-85e3b0234753
www.mlive.com/ Name: offer_config
Value: %257B%2522type%2522%253A%2522bottomfixed%2522%252C%2522version%2522%253A%2522subscribe%2522%252C%2522placement%2522%253A%2522bottom-fixed%2522%252C%2522newsletterId%2522%253A%2522%2522%252C%2522closable%2522%253A%2522true%2522%257D
.mlive.com/ Name: cto_bundle
Value: gEsLLF9WMjlKUWNpblB5ZTBvbktyRWtJYlB3JTJCdlhTJTJGRHBWSUpnWHlaUmNyb2w3TFVjcllUVUJ4SFhOMEJXa0VvYVhqVnk1bFY5aElyNXVPVVh3TllSRk4yUUtoUkI4NzBWUVBRUFcxNWNkNkdvWDRPb0wyciUyQmJkcGc4Q09Ta2JYVTJkZHdRSU9MTGFZTjBYM24wZVRhNyUyQkRkdyUzRCUzRA
www.mlive.com/ Name: _lr_sampling_rate
Value: 100
www.mlive.com/ Name: pbjs_li_nonid
Value: %7B%22unifiedId%22%3A%22EKUkCeH9rpBOeDsyYzzp598nsyYoYSLSS1oCxw%22%7D
www.mlive.com/ Name: _lr_retry_request
Value: true
www.mlive.com/ Name: _lr_env_src_ats
Value: false
.mlive.com/ Name: panoramaId_expiry
Value: 1665032604146
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4A6719EB-F3B4-437E-ABDB-7FA4AA85366E
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 159879:2
.pubmatic.com/ Name: DPSync3
Value: 1666137600%3A201_197_219%7C1665014400%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1666137600%3A21_7_56_54_251_3_220_13_161%7C1666224000%3A35
.quantserve.com/ Name: d
Value: EH0BDQGhJ7jvsQA
.quantserve.com/ Name: mc
Value: 633d101c-680e9-bfaaf-9e476
.turn.com/ Name: uid
Value: 3133487591381184866
.onaudience.com/ Name: cookie
Value: cb57d7768fa13b0f
.onaudience.com/ Name: done_redirects147
Value: 1
.mathtag.com/ Name: uuid
Value: b429633d-101c-4400-80d8-ad39442d9378
.adnxs.com/ Name: uuid2
Value: 2002323948792627444
.simpli.fi/ Name: suid
Value: F12B83161A0D47D1B4EC69F4D674BE01
.de17a.com/ Name: guid
Value: 1.6647946735075619217
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.casalemedia.com/ Name: CMTS
Value: 3295
.amazon-adsystem.com/ Name: ad-id
Value: AyjvPGKoXkV9heRWtU7j07I|t

5 Console Messages

Source Level URL
Text
network error URL: https://pub.doubleverify.com/signals/pub.json?ctx=20823471&cmp=DV460143&signals=ids,bsc&url=https%3A%2F%2Fwww.mlive.com%2F
Message:
Failed to load resource: the server responded with a status of 401 ()
javascript error URL: https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Message:
Access to fetch at 'https://b1t-eudc1.zemanta.com/t/imp/view/4I7QK4HDIOEGEBUR62PNWUPXOOQPCIBA564IQGZJZHSJSKZYGW7FZSSCTVI437ELDWK4VSXHUGDBNPZHOMG4TMZMLDVAW3KHOPB32L5QN377K4PGLFHPRBRQXCPMYBQ45VUOKLH3GCT6PIGHHAGWSJZCHF3ZZDEMKP4T3FNIYRYZNYWA6V4IHQD6SM7U2OMI4DVXNVSCJNO7HXFE2U4YFXV7JK37ZGJNHUSD5INM322ASRZMXMRP3COWKUAELCTVF7U63C3HGKQLBJTD6MHMC2DTTLCCZFPA4WFK5ZM34Z3TKWJY5CO5KRQUBBVFZCKTOKH72NAZNRFURTQ6U2DYOJMY7S47MXU4PIQXJEDTYHLPRJ7VPI4AFBETGVHULUA4AENYLSIYOCNOW/?' from origin 'https://c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://b1t-eudc1.zemanta.com/t/imp/view/4I7QK4HDIOEGEBUR62PNWUPXOOQPCIBA564IQGZJZHSJSKZYGW7FZSSCTVI437ELDWK4VSXHUGDBNPZHOMG4TMZMLDVAW3KHOPB32L5QN377K4PGLFHPRBRQXCPMYBQ45VUOKLH3GCT6PIGHHAGWSJZCHF3ZZDEMKP4T3FNIYRYZNYWA6V4IHQD6SM7U2OMI4DVXNVSCJNO7HXFE2U4YFXV7JK37ZGJNHUSD5INM322ASRZMXMRP3COWKUAELCTVF7U63C3HGKQLBJTD6MHMC2DTTLCCZFPA4WFK5ZM34Z3TKWJY5CO5KRQUBBVFZCKTOKH72NAZNRFURTQ6U2DYOJMY7S47MXU4PIQXJEDTYHLPRJ7VPI4AFBETGVHULUA4AENYLSIYOCNOW/?
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=115
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

68794912.akstat.io
a-ams.1rx.io
a.teads.tv
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
accounts.google.com
ad.turn.com
ads.pubmatic.com
ads.rubiconproject.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
advancelocal.blueconic.net
ajax.googleapis.com
ampcid.google.com
ampcid.google.de
analytics.twitter.com
api-v3.tinypass.com
api.rlcdn.com
apps.sophi.io
at.teads.tv
ats.rlcdn.com
b.sharethrough.com
b1-eudc1.zemanta.com
b1sync.zemanta.com
b1t-eudc1.zemanta.com
bcp.crwdcntrl.net
buy.tinypass.com
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
c2.piano.io
c21lg-d.media.net
c3862b9175b9bbfba559e4221bd8433a.safeframe.googlesyndication.com
cdn.cookielaw.org
cdn.id5-sync.com
cdn.indexww.com
cdn.parsely.com
cdn.sophi.io
cdn.tinypass.com
cdnjs.cloudflare.com
check.analytics.rlcdn.com
cm.g.doubleclick.net
collector2.sophi.io
connect.facebook.net
contextual.media.net
cs.media.net
csync.loopme.me
d.adroll.com
d1z2jf7jlzjs58.cloudfront.net
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
ead.mlive.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
exchange.postrelease.com
experience.tinypass.com
fastlane.rubiconproject.com
fonts.advance.net
geo.privacymanager.io
geolocation.onetrust.com
google-bidout-d.openx.net
gu.dyntrk.com
gum.criteo.com
h312.mlive.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.sharedid.org
id5-sync.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
jadserve.postrelease.com
js-sec.indexww.com
js.adsrvr.org
js.matheranalytics.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
micro.rubiconproject.com
mug.criteo.com
native.sharethrough.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.media.net
privacy.crwdcntrl.net
prod.uidapi.com
pub.doubleverify.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
s.ad.smaato.net
s.amazon-adsystem.com
s.go-mpulse.net
s.ntv.io
satisfycork.com
sb.scorecardresearch.com
sdk.sharethrough.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
snap.licdn.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.advance.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
t.co
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
vtrk.doubleverify.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.linkedin.com
www.mlive.com
z.moatads.com
zem.outbrainimg.com
b1t-eudc1.zemanta.com
104.18.18.126
104.18.19.126
104.244.42.197
104.244.42.67
107.178.250.234
108.138.15.119
108.138.17.94
108.138.4.10
108.138.4.150
108.138.7.5
108.138.7.53
13.107.42.14
13.248.245.213
13.32.121.108
13.32.121.37
141.94.171.212
141.95.33.111
141.95.98.71
142.250.185.226
143.204.89.57
151.101.114.132
151.101.130.133
151.101.194.133
151.101.2.49
162.19.80.91
178.250.0.157
178.250.0.163
18.203.164.244
18.66.100.58
18.66.112.25
18.66.122.48
18.66.122.92
18.66.147.110
18.66.92.109
185.29.134.248
185.64.189.112
185.64.190.78
185.64.190.80
185.80.39.216
185.86.137.121
198.47.127.20
199.232.136.157
2.18.232.7
2.18.235.93
2001:41d0:701:1000::2fb3
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.181
213.19.147.47
213.227.153.222
213.227.153.223
23.205.235.133
23.205.246.164
23.206.210.112
23.35.228.23
23.35.236.201
23.35.236.247
23.35.237.151
23.35.237.64
23.35.237.86
2406:2600:4::b
2600:1901:0:802f::1
2600:1901:0:8344::
2600:1f18:730:b130:1296:7358:4f0d:4115
2600:9000:223f:7200:1b:5138:8a40:93a1
2600:9000:223f:d000:8:48e:53c0:93a1
2602:803:c003:200::41
2606:4700:10::6816:3556
2606:4700:4400::6812:2962
2606:4700::6810:9540
2606:4700::6810:f015
2606:4700::6811:180e
2606:4700::6811:b8b1
2606:4700::6812:a6e0
2606:4700::6812:d4c
2606:4700::6813:ad6c
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:802::2001
2a00:1450:4001:802::2008
2a00:1450:4001:802::200a
2a00:1450:4001:806::2004
2a00:1450:4001:806::200d
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:830::200e
2a00:1450:400c:c1b::9c
2a02:2638::3
2a02:26f0:3500:16::215:14a0
2a02:26f0:480:293::11a6
2a02:26f0:64:6b5::11a6
2a02:26f0:64::210:6a92
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3601:2446:243c:2b31:890f
3.120.25.48
3.134.134.122
3.211.220.40
3.219.38.131
3.228.43.237
3.251.13.39
3.33.220.150
3.65.87.135
34.102.146.192
34.107.148.139
34.120.133.55
34.120.135.53
34.251.218.252
34.91.62.186
34.95.81.168
34.98.64.218
37.157.4.25
37.252.172.123
37.252.173.22
51.89.9.252
52.16.246.173
52.212.137.183
52.222.236.75
52.223.1.76
52.30.152.75
52.36.23.219
52.46.155.104
52.49.201.206
52.49.84.111
52.57.233.51
52.95.126.160
54.146.241.124
54.155.18.159
54.82.150.226
64.202.112.191
69.173.144.138
69.173.144.139
96.16.141.156
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
068cf947b74519ce07ead56793d4e6cab4508408ded0069b1cd3805b61812671
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
085e9fdbf9637b10315f46861b2f9240397e5b2574f2014a561cde5721ec3194
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92
096a0419a3787b284e7105edeebc7cf4915cb9549f3b433258f65483acc24510
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19
0b442aa857face90065f92fd0a7b7e0e3d3d2267cbcc29f60441f408aaa01df7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c6140abe08611f7d073f94a58707dac4f2da4904f0807a35e0d006ac793860e
0de0694e0c68a01605ddf36dc1e644691b02ddc833dbba36d5deeaa993f3c198
0dfcc344fa6177e7d2f476aee8d452e2e29bc86958708ee4ee0103db60d54411
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
13f3f835b91d712852bf68a1bbd224341fd1a1af01cbac4580d0e14d0881efa1
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
17f23337c3302d90ea6f452473e4c1cf2a052430fa17d6421842fb335554275f
1b9331247bd52359d450c555ed4505dbadc2e641961d76f3f021d2a3971add39
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1ca7d45c26841657f394d905623d5e5c9c7f32aecc66d66ff8401388ffc43097
1cb614c81c491878e5b6256098b31fb4f68b7bbde5e60b21334d085db7e37549
1fed9efcd59ece931725e3812ca15607be3f9c43bbbffcd71a5089dca6657528
208a558b824a74bef4889e62df2d8e25fea00f36a49a602a5853bf553ee437bc
223d5afc8626d478b7ca4c122e8eae7252e13f176422e770eb097020942dbb13
2577ca01095edf5d97f62afc072a6d9876b7ad7c0e45b3ec549574504f3cdb8a
25c3fb46576f9c03a7aa53f9e84261623a1a1d7aef5cc0024641d040a89c02ea
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
28117001f598a085aa8367fd5f5535205540a3edd9ec694fc122310916bbf61e
2a3493f0ccfe2c01adca092d40d99c62c80938188044917f7f5e714cb894f76a
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2b8428cbf00154ce20a92f39dd45f6245e1420fa353b02accb01e2c86bf2beb1
2b968d910bbef836f267a12299e32649d9f2ed87f59ecefceb3d9a4900ec590f
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2e014f4f56d1747802ba8c20a908590067e763f2a6ecdd67a4f0b3181f4e7fe3
30d5a08f1e8b8d8e59fbc8606607bcd4d3631718fec42458d02329e13fb2a514
30e382a9546c4b436b0568f463e7c3274696c3c59f7aa871af91a33a967f05c4
338392f3acfa46f608276904e9ddf900e17f355c83592300eb95377faba917e0
3499c2bfdc525e4672c8a2d78d7fb89e7cadd4b4c84a58daf8c30f3a2c7cee59
34d350644f6cb8c6ef6b786bf59766e7d6db7432519e4f0c0b949e2e5b179134
355fbc238e6109f1d2d33a6afd64fa3e355f8085e0a80f21b0f57432d20ed71d
36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90
374f9c06d09ab99531c9c37efe289e6977f00135eaa61065d2cb3803a93e9bdc
39aef0db130e9ff36d4ea8eeea2fdbcb5d7f9d5ac6eb9937c5230adf97b755cb
3a85872f3bc6df6bdcaa2783a800b3de04a50eaa053ae742902dc02d139dcfcd
3b2ce9e63a7f14001e6af32ad0d3b19b045b916cf8073180d25688e4b3f49e40
3b3a16ba63a872a5a157f8abd95651ad7ceac43d8c5d0d659b50e456882ef351
3b6133884e4c1b3ed333519344a7638eb8ef596fb5d1eb1f084db3b2aa1f4940
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c194ef9dbec4dcbd08cd14e2a2ee0f88368e8ca11b6c6600cf47019d16680c9
3d9f4a868c875927eb927249c0aaa7184ea7c8ae171e926f2d0de886689d502d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fa681d88021e20d2ff3da3a13af144ad13cabecaf3ab7a43003554bfd8d1329
3fc70270a527227c6493bc5a1c703f4bef2373f857cb7606b711b4d2fa14684a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4047e25e8c59454000bb44a2cfcc0d650dfb1e809e9368124a1ac814ba7661b8
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45169abf0c7bb67cf7708983ec00a7c62c8beddb556112ec1ae79de86c8c9681
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
4749ec6c3b796c444c0368b8bdab63d4335e19d3f871ac105e51215c01036547
47f95f34231c92bb607aa3430a80d39dbe748061dd096b401f0ae7fbc9b448ef
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a9cf6c98a634bd55afef686350df27b3dcb6878e03653921f719cd78bd55a2
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
498a4f26f8d624968218b46ae564d5f00cacae7bb4e835f84422e4754092b920
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a1400466be8225f33ab32a8cf0ec4d00f632c11ed7e6017b1e33f53323a787d
4a825ce5bde98f2be7a61a13fa9f6a98a810053aa343e7bf7c79b189fd27cbe6
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4c4348beae53315b1a64396ac79ad1597cba44c70133e5cc3f635e98482b2799
4d979399b9747795a0edb3140444402211836aaf09873119b9f54c0038b3b14c
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54a6606bed93bee86d6763cdc2f435c3501de5b129044f7896fda2080e9d5caa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5615841f292fcb91eae80ce9295292ff2c8a724615b5aeee10b45467da5594de
57892851463ef81bb83acf3455ba9a5bc75921ee0e49b277d3c1eb393f901065
5ad9cbf3c077e9651509c488f680cd8a2c867e495a81756864eda01aa00e4fce
5b05a58583763aa5e68b791791af2fc5c18b12fd67009bd10f202e866e18a02b
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628
5e66d44dc25582d91b69f73c0d7a3fa909be35fe322155708554c15a42d673ee
5ec4f813ce8f006e01f0888e4c5871b4064b64585face027d84aee807f059907
5f26dfc3f5d603822dd5eb17c772720fd8d984f3fa596f757973dabe24ebda6e
600269ac050f6d3dc320784f2c235bb52164651a7152a3afaf97df98412a6326
600496c9d462f04667666e8eae937e6e1a2c4d8a351fbf18267ac60ac37975cb
6066054d8669e8ca3c9a1ca53af6b3e80dba9361b59f023c82d7b55542b36fb0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b7414a3cdf2077188582e66af852c8efc4841acb516a71e7291d2fb1fd2aa8
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
63f7fd42b74e7dddb1672533a2b506b55c763a3cd656b421d72058e4d05f9d7f
661c7f17ac699225139cd1c6ac3e4a3bd59f9026f8c4730e050db96951791334
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68b5df8a16ee7bbfd4789f8533b7f9882f9095625a8be1f56e352bc10710484d
6ac2fb7982bdb2e734577c41d22881dfa8083b9dbb250b3cfefc24b1647daddf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d1ca6f9679e9e05dc78fea68bd959549ab79cc90e0cba4067db0a3a6fb4e3ae
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
70c0b487552a9a2ea102ed22ae505177c567320390f5136bcef5dd56d48d4f02
732fc39be2728e4f4b99079663af3a3c32d3ec0b881e4b612829262be40d820e
7748a8a89ad6eda90f0a2885e274d040e488baa0ec132eb6249f09e8287b8a0c
77c368a53a242e76f690d29ccf64b337027f631a26d3497425cbd1c9e75854bf
78dd4a0eb6b43531064b50c6e8253895c70b0dc5c69f59e55220bef4db409275
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85519160a67188998f0ecf9e9ef9f6a577b05c7ca0005f0979a027810e14acc7
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
89582a837a48f5a3f2a66ceed44689dd268c4c8fa8bbc9a3f53295b7e066302b
89fe4a21a57c9ff62b12b759aba1b6ed3165cd7ca8d1f63484e82627bfe7fb9e
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c55309a53040af74da529a7303297ec0ad82eef914b1526c02b01c7eb7d6fce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
924e4b297681729162fa238a756db89acf5a1dc0cd23c1204c9a4e4407493822
9347c1d8c30a6dab610953c8568d20ddff10e1e41021fb6cc3aea9098c842065
95613789b7b011dfc55db22e3d097d5ba69503aed17e96b99923c86ed9746b9e
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
9818c708635746c2f31b7644602e761d35a04f2cd9d6ff0f77f001268e448196
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aea9e3bde7203cdb78bd78ce4ed214ce8902e1a056170004e66ad0870d50ec0
9c1a3cf6c5fae33a0a2b627a9785b585148970346adbbcc204a4519d05f9a089
9caa3cc1d49a06322b567450c3e217a93c5f4ca9cf512cc8bae3e95215b5398f
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303
9f40461c8c607d5bdb6c485325b66b30d3d3a431b9d0c0d1be47fb4fcd1b072b
9f8bba3185dc65a7168148a020df7fea04e09e96a393a00bc159a002c56637ab
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a097f145b7b5399d1f8e9c86b6f4a36e43f5553fa77c7b2951504731914535ad
a0e243e9b5013996c5ab54dd8838f270d8f39f8b2249e5de7a391f12814ae8c6
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
a44c9386a4662ec7a0fbc4951ed4fb3b5a909afc91ab50b2bf6e5cc8c4b796d3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5493fa486c3fa2b4c68b2b3698fb1bcd618dce2542727c2b893cbfef57951d4
a5807816b537a2cb612263a34d1f9df01b66a79cbb700e60f975089147b8e881
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7725228f4c82b6a0acc1e8dc04ceb4d404af9feae06069becd809da49eae48a
a7e702f15b65f58d32945e27b8416dac2811afad1a828a9a617d5c0c1cc85b21
a9fad541e10caeebefedf8a2e64eb955f2168545c2368b38e42e79ce1f04025b
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afe47171747a2bd220313a3b7ef68648cbda2191f3c4767e4e1d2af32495ac09
b0766007565870c9a9ce93e31236bc0119fd01fff87ed569848a2a486e931c0c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a987ea6465f4632dd10459054e785c276ed4119bef00dab071379cf9ca9969
b2f55de14adcf334ea708b3e35825d6744f7f399edfd275c4afac6347c0c7d97
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b82156a924667c27e8e9ddb51cdc88678f9a7adca51d09a6b8c6962852571c4c
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bd013222501bc93b09582d52af29b0fce252f36e90d00e28f05e252445110ecc
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf42506762114c6a7fe8e76e59177032c9e369af8c98f19fe40d13a9e74b32d6
c0ca3fee0fffde0371f89154c90594ef360214129f8b3cca93e2eea290567c7d
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8
c4b71f2cb31acb1eb34b365c91e09f73e7f4919b9b218c4605d371c1ea75b734
c4ebc1661e8aa01913a6e7bc94a969638a670adc8fb2f4114a4ea7cf3a59d83a
c616c7d1604c445eee93e6ae45ecf32acf52df523f4cd7859d0d350fc3c112a4
c711f5f12a09bc2c5ea19aa7a0553459114a339ff90bf2a6c1b66ba2422250bd
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd8b319c86a058a75705b7dabf9ddd59c0e5695bfae479b186432c123d6136ae
cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4
cefa8e6a0b857087049d072d5079786b0d58d2a3e779a28e50e6cb9396a501a2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2b28582d25b3aa38daf12c501c7abc9297ae74d035ee343941f0938adec0524
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43
d668f82f398ea679cc5913c2eebc7cf9db9be07bf086e55fd30b2799fb43aa08
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d72fedbaaf092cb4f52b8190bc56d4ad2b279ae8947dd7ba5476fd5a32f41538
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887
d82b3b69ed27853344397a159429cced7fa5019fa56412c0a3d627471ef709ef
d86ce55edee7f570d7fc315f84814e3b1171edef20e3778e10066727092638b9
d9608ec4ea86f70691860daf1b477654e08357662b2fdc33568a376b0fcbdf5c
db3699951500433a3e215f129084f85a9f67bb5231deb4a7d3c02367f961b5ff
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd47e8a73598474ab4202c5ec0a40d294485c339e65de4e975dc90ff7e4086b3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de82ce901d3d527a614f4b425e26d21ee1e57c8201d85a2bba9931e1d8f1e9ca
dfd0c29447e3a45150de79a2016728d67e9a427ed5810755c2e5e2f93e1f90f4
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
e08a419f52c7a17c04b370b17e935f497e2bc297f470a8217ec2eb98a88cb61c
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
e280d83e0a8745035f567d7cf9bdd5d6a6ff2cab11ac57ff5bd2f2c7572ef9e6
e2e0f512b3e73b001bb215647199804c65654416b1c125b9f12eb7317137fb83
e37ae79fb4d1c01672b574b8b078712e4391b9e79c11d65227f730b7a18652a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a4b4314fe4ff50b8d1dfe0897bd14b279830e3e3a537d6b42080e4a7c7b125
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
e7261fe5ce66c71ad531ce6da47cd76b7b875cea04c6fe7cfe616b0cad05cd3b
e73a140c69c1bc697cacc30b095e0adbe7153c61bb8d94b3b550e34601c4b042
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed5ad0eec04e553eba9d52dd0ebc0dae503878399641b8ba9ef9b7e3d8efe69d
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eef57151e6646e4f59ca6a1d749631ee2f89bf4d1b736fb4620b784cedbe0de6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0bdcaa3bbe53b812fdd28a255aa84af054dc9acd24c7df1bec215876e8a7add
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
f2d2bdb0e0f76e1d69582fbb9c34f18d505b5044637eb000a3243d126e8c6af0
f34ef19ccd1022b10f4fd7128e043646814d31868f55a49175ee4514d65daea6
f387a9ecb4ce07902c6d19f2b4261d962ce1bd1983b854970c34506db401ecb6
f46f61ef3f736d0b6e10920f20aba2dc720b17ccfddc1869df68f88d093370af
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fbaacd40862bf1ea965f26571bf04a2609f80f3ba82af73ccd0d840bb19db1c2
fe8eea5b01554064e9bf753e31a5de2ad92d19ad19d08e08d1d8b93603e081f6