urlscan.io logo urlscan.io
SecurityTrails logo

www.mlive.com Open in urlscan Pro
2a02:26f0:ef::5c7b:c2b9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://aslxp.prmegninc.mcnaheja.com/sign
Effective URL: https://www.mlive.com/
Submission: On February 08 via manual from CR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 98 IPs in 12 countries across 68 domains to perform 313 HTTP transactions. The main IP is 2a02:26f0:ef::5c7b:c2b9, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.mlive.com. The Cisco Umbrella rank of the primary domain is 51167.
TLS certificate: Issued by R3 on January 6th 2022. Valid for: 3 months.
This is the only time www.mlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 111.90.159.230 45839 (SHINJIRU-...)
1 1 34.199.56.222 14618 (AMAZON-AES)
1 36 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
1 2a04:4e42:800... 54113 (FASTLY)
7 2606:4700::68... 13335 (CLOUDFLAR...)
3 35.190.58.50 15169 (GOOGLE)
1 13.32.121.87 16509 (AMAZON-02)
1 18.66.122.48 16509 (AMAZON-02)
2 2a02:26f0:710... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
9 142.250.184.226 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.92.74.8 16625 (AKAMAI-AS)
6 108.156.255.177 16509 (AMAZON-02)
3 18.66.248.90 16509 (AMAZON-02)
10 52.222.236.26 16509 (AMAZON-02)
5 2.18.235.40 16625 (AKAMAI-AS)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.32.99.23 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 52.222.250.70 16509 (AMAZON-02)
3 184.87.213.83 16625 (AKAMAI-AS)
1 3 13.32.121.37 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 151.101.64.239 54113 (FASTLY)
1 108.157.1.118 16509 (AMAZON-02)
4 3.33.189.65 16509 (AMAZON-02)
2 34.202.75.127 14618 (AMAZON-AES)
1 52.30.140.199 16509 (AMAZON-02)
1 5 63.35.242.195 16509 (AMAZON-02)
1 13.32.99.35 16509 (AMAZON-02)
2 54.194.157.24 16509 (AMAZON-02)
1 104.111.219.144 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
1 18.66.245.59 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
9 3.217.216.1 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 52.0.143.56 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 34.107.148.139 15169 (GOOGLE)
3 2602:803:c003... 26667 (RUBICONPR...)
3 3.221.220.112 14618 (AMAZON-AES)
3 23.0.33.234 16625 (AKAMAI-AS)
3 185.64.189.112 62713 (AS-PUBMATIC)
2 51.89.7.199 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 34.205.109.6 14618 (AMAZON-AES)
2 52.2.129.5 14618 (AMAZON-AES)
1 92.123.225.65 20940 (AKAMAI-ASN1)
3 6 69.173.144.138 26667 (RUBICONPR...)
2 35.244.174.68 15169 (GOOGLE)
1 34.232.82.222 14618 (AMAZON-AES)
1 2 159.122.14.34 36351 (SOFTLAYER)
2 2 54.86.119.171 14618 (AMAZON-AES)
1 2600:1f18:444... 14618 (AMAZON-AES)
6 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f11... 32934 (FACEBOOK)
1 104.111.249.62 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 3.215.194.18 14618 (AMAZON-AES)
10 2a00:1450:400... 15169 (GOOGLE)
6 18.185.214.32 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.98 15169 (GOOGLE)
1 69.169.85.6 29838 (AMC)
3 8 35.71.131.137 16509 (AMAZON-02)
1 2 184.86.251.221 20940 (AKAMAI-ASN1)
1 1 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
1 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
3 18.66.112.72 16509 (AMAZON-02)
1 34.233.77.103 14618 (AMAZON-AES)
1 34.120.133.55 15169 (GOOGLE)
4 2.18.233.180 16625 (AKAMAI-AS)
3 104.90.185.183 16625 (AKAMAI-AS)
6 24 184.87.213.8 16625 (AKAMAI-AS)
2 23.37.42.132 16625 (AKAMAI-AS)
1 185.64.190.78 62713 (AS-PUBMATIC)
3 3 185.29.132.241 30419 (MEDIAMATH...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
8 13 172.217.18.98 15169 (GOOGLE)
2 151.101.130.49 54113 (FASTLY)
3 5 37.157.3.29 198622 (ADFORM)
4 204.237.133.120 3257 (GTT-BACKB...)
2 2 213.155.156.185 1299 (TWELVE99 ...)
4 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 104.36.113.24 62713 (AS-PUBMATIC)
3 3 51.222.80.231 16276 (OVH)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 185.33.220.243 29990 (ASN-APPNEX)
3 6 209.54.180.144 16509 (AMAZON-02)
2 2 52.50.101.149 16509 (AMAZON-02)
2 2 135.125.160.160 16276 (OVH)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 52.6.103.226 14618 (AMAZON-AES)
1 1 66.155.71.25 13768 (COGECO-PEER1)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 3.124.34.143 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
313 98
1    111.90.159.230 (Malaysia)

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: narateksil.id
aslxp.prmegninc.mcnaheja.com
1    34.199.56.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-56-222.compute-1.amazonaws.com
mlive.com
36    2a02:26f0:ef::5c7b:c2b9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.mlive.com
1    2a04:4e42:800::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
7    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    35.190.58.50 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 50.58.190.35.bc.googleusercontent.com
satisfycork.com
1    13.32.121.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-87.fra60.r.cloudfront.net
cdn.sophi.io
1    18.66.122.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-48.fra60.r.cloudfront.net
apps.sophi.io
2    2a02:26f0:7100:199::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
0217991d.akstat.io
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
9    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2606:4700::6812:a6e0 (United States)

ASN13335 (CLOUDFLARENET, US)
pub.doubleverify.com
2    104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
6    108.156.255.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-255-177.dus51.r.cloudfront.net
c.amazon-adsystem.com
3    18.66.248.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-90.dus51.r.cloudfront.net
tags.crwdcntrl.net
10    52.222.236.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-26.fra56.r.cloudfront.net
h312.mlive.com
5    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
3    2606:4700::6811:b9b1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
1    13.32.99.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net
ats.rlcdn.com
1    2600:9000:223f:6e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.222.250.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-70.fra60.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
3    184.87.213.83 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-213-83.deploy.static.akamaitechnologies.com
s.ntv.io
3    13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net
sb.scorecardresearch.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    151.101.64.239 (United States)

ASN54113 (FASTLY, US)
pixel.condenastdigital.com
1    108.157.1.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-1-118.dus51.r.cloudfront.net
js.adsrvr.org
4    3.33.189.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: ab5547fe103db6c64.awsglobalaccelerator.com
collector.sophi.io
2    34.202.75.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-75-127.compute-1.amazonaws.com
advancelocal.blueconic.net
1    52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
privacy.crwdcntrl.net
5    63.35.242.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    13.32.99.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-35.fra60.r.cloudfront.net
geo.privacymanager.io
2    54.194.157.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-157-24.eu-west-1.compute.amazonaws.com
vtrk.doubleverify.com
1    104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
1    18.66.245.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-245-59.dus51.r.cloudfront.net
cdn.parsely.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
9    3.217.216.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-216-1.compute-1.amazonaws.com
jadserve.postrelease.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    2600:1f18:730:b120:5b38:df27:617f:9396 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    52.0.143.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-143-56.compute-1.amazonaws.com
rp4.liadm.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com
3    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
3    2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    3.221.220.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-220-112.compute-1.amazonaws.com
exchange.postrelease.com
3    23.0.33.234 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-33-234.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    51.89.7.199 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p21.id5-sync.com
id5-sync.com
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a02:26f0:6c00:1bb::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
1    34.205.109.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-109-6.compute-1.amazonaws.com
infinityid.condenastdigital.com
2    52.2.129.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-129-5.compute-1.amazonaws.com
4d.condenastdigital.com
1    92.123.225.65 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-65.deploy.static.akamaitechnologies.com
ntvcld-a.akamaihd.net
6    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
1    34.232.82.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-82-222.compute-1.amazonaws.com
thrtle.com
2    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
2    54.86.119.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-119-171.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:444a:4680:b988:ecc0:9832:67ce (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
6    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
6    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    104.111.249.62 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-249-62.deploy.static.akamaitechnologies.com
ead.mlive.com
1    2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
2    3.215.194.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-194-18.compute-1.amazonaws.com
capture.condenastdigital.com
10    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
6    18.185.214.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-214-32.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
2    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
12    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
12    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net
1    69.169.85.6 (Cranford, United States)

ASN29838 (AMC, US)
global.ib-ibi.com
8    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
2    184.86.251.221 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-221.deploy.static.akamaitechnologies.com
trial-eum-clientnsv4-s.akamaihd.net
3fajornyk3552yqczlaq-pjjyo3-e9ccc1578-clientnsv4-s.akamaihd.net
1    2a02:26f0:ef::5c7b:c241 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
trial-eum-clienttons-s.akamaihd.net
1    2a02:26f0:ef::5c7b:c244 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
eaaqvsaaea6qakqce3yab3yaabrafswa-pjjyo3-7f5fcd17c-clienttons-s.akamaihd.net
3    18.66.112.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-72.fra56.r.cloudfront.net
check.analytics.rlcdn.com
1    34.233.77.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-77-103.compute-1.amazonaws.com
idx.liadm.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
4    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    104.90.185.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-185-183.deploy.static.akamaitechnologies.com
contextual.media.net
24    184.87.213.8 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-213-8.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
13    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
cm.g.doubleclick.net
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    204.237.133.120 (Philadelphia, United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
2    213.155.156.185 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com
4    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    104.36.113.24 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
3    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh
pixel.onaudience.com
2    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
6    209.54.180.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    52.50.101.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-101-149.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
gu.dyntrk.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    52.6.103.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-103-226.compute-1.amazonaws.com
rtb.adentifi.com
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    3.124.34.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-34-143.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2620:116:800d:21:fcb8:22d2:d390:5f1b (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    2a05:d018:d29:3601:1b80:454b:1747:2be1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
Apex Domain
Subdomains		 Transfer
48 mlive.com
mlive.com — Cisco Umbrella Rank: 44659
www.mlive.com — Cisco Umbrella Rank: 51167
h312.mlive.com — Cisco Umbrella Rank: 86472
ead.mlive.com — Cisco Umbrella Rank: 109780
1 MB
30 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
211 KB
26 googlesyndication.com
13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
150 KB
21 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 461
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
23 KB
19 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2482
fastlane.rubiconproject.com — Cisco Umbrella Rank: 467
token.rubiconproject.com — Cisco Umbrella Rank: 689
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3605
eus.rubiconproject.com — Cisco Umbrella Rank: 541
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
138 KB
17 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
ads.pubmatic.com — Cisco Umbrella Rank: 473
image6.pubmatic.com — Cisco Umbrella Rank: 595
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image2.pubmatic.com — Cisco Umbrella Rank: 1032
image4.pubmatic.com — Cisco Umbrella Rank: 848
simage4.pubmatic.com Failed
39 KB
12 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1117
exchange.postrelease.com — Cisco Umbrella Rank: 5249
9 KB
12 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 281
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
47 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 324
221 KB
9 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1531
insight.adsrvr.org — Cisco Umbrella Rank: 624
match.adsrvr.org — Cisco Umbrella Rank: 329
5 KB
9 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 2221
privacy.crwdcntrl.net — Cisco Umbrella Rank: 39740
bcp.crwdcntrl.net — Cisco Umbrella Rank: 673
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
24 KB
8 google.com
ampcid.google.com — Cisco Umbrella Rank: 1722
adservice.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 13
2 KB
7 condenastdigital.com
pixel.condenastdigital.com — Cisco Umbrella Rank: 15157
infinityid.condenastdigital.com — Cisco Umbrella Rank: 20813
4d.condenastdigital.com — Cisco Umbrella Rank: 15194
capture.condenastdigital.com — Cisco Umbrella Rank: 12394
17 KB
7 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1554
idsync.rlcdn.com — Cisco Umbrella Rank: 316
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4187
api.rlcdn.com — Cisco Umbrella Rank: 812
id.rlcdn.com — Cisco Umbrella Rank: 738
39 KB
7 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 496
126 KB
6 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 636
6 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
1 KB
6 media.net
prebid.media.net — Cisco Umbrella Rank: 1360
contextual.media.net — Cisco Umbrella Rank: 516
24 KB
6 liadm.com
rp.liadm.com — Cisco Umbrella Rank: 2775
rp4.liadm.com — Cisco Umbrella Rank: 10903
i.liadm.com — Cisco Umbrella Rank: 512
i6.liadm.com — Cisco Umbrella Rank: 1514
idx.liadm.com — Cisco Umbrella Rank: 6022
3 KB
6 sophi.io
cdn.sophi.io — Cisco Umbrella Rank: 22672
apps.sophi.io — Cisco Umbrella Rank: 68261
collector.sophi.io — Cisco Umbrella Rank: 21707
45 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 608
2 KB
5 akamaihd.net
ntvcld-a.akamaihd.net — Cisco Umbrella Rank: 6589
trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 1891
3fajornyk3552yqczlaq-pjjyo3-e9ccc1578-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 1888
eaaqvsaaea6qakqce3yab3yaabrafswa-pjjyo3-7f5fcd17c-clienttons-s.akamaihd.net
45 KB
5 moatads.com
z.moatads.com — Cisco Umbrella Rank: 361
px.moatads.com — Cisco Umbrella Rank: 391
83 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
4 doubleverify.com
pub.doubleverify.com — Cisco Umbrella Rank: 9634
vtrk.doubleverify.com — Cisco Umbrella Rank: 1916
18 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1510
1 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
2 KB
3 google.de
ampcid.google.de — Cisco Umbrella Rank: 44635
adservice.google.de — Cisco Umbrella Rank: 8028
1 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1872
id5-sync.com — Cisco Umbrella Rank: 596
12 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
202 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 138
2 KB
3 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3423
117 KB
3 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 7120
cdn.tinypass.com — Cisco Umbrella Rank: 5110
buy.tinypass.com — Cisco Umbrella Rank: 4136
81 KB
3 satisfycork.com
satisfycork.com — Cisco Umbrella Rank: 26659
27 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1261
850 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 524
1 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
2 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1427
mwzeom.zeotap.com — Cisco Umbrella Rank: 1680
900 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5889
637 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
237 B
2 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 913
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
1 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
197 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 745
1017 B
2 blueconic.net
advancelocal.blueconic.net — Cisco Umbrella Rank: 24262
2 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 743
853 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
149 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1253
c.go-mpulse.net — Cisco Umbrella Rank: 542
51 KB
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 424
506 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
220 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 1809
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
299 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1228
88 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
425 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 702
777 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1751
501 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 691
362 B
1 akstat.io
0217991d.akstat.io — Cisco Umbrella Rank: 51735
201 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1497
72 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
38 KB
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 4133
4 KB
1 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1139
1 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2931
21 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 2705
17 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1747
592 B
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 533
483 B
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1387
580 B
1 mcnaheja.com
aslxp.prmegninc.mcnaheja.com
406 B
313 68
Domain Requested by
36 www.mlive.com 1 redirects www.mlive.com
13 cm.g.doubleclick.net 8 redirects ssum-sec.casalemedia.com
12 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
12 pagead2.googlesyndication.com 13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.mlive.com
securepubads.g.doubleclick.net
www.googletagservices.com
12 tpc.googlesyndication.com www.mlive.com
13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 h312.mlive.com www.mlive.com
h312.mlive.com
9 jadserve.postrelease.com s.ntv.io
www.mlive.com
bcp.crwdcntrl.net
9 securepubads.g.doubleclick.net www.mlive.com
securepubads.g.doubleclick.net
7 match.adsrvr.org 3 redirects ssum-sec.casalemedia.com
7 cdn.cookielaw.org www.mlive.com
cdn.cookielaw.org
6 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
6 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
6 js-sec.indexww.com ads.rubiconproject.com
ssum-sec.casalemedia.com
6 prebid-a.rubiconproject.com ads.rubiconproject.com
6 www.facebook.com www.mlive.com
6 c.amazon-adsystem.com www.mlive.com
c.amazon-adsystem.com
5 c1.adform.net 3 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
5 www.google.com 2 redirects www.mlive.com
tpc.googlesyndication.com
5 googleads.g.doubleclick.net www.mlive.com
13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com
4 image2.pubmatic.com ads.pubmatic.com
4 simage2.pubmatic.com ads.pubmatic.com
4 ads.pubmatic.com ads.rubiconproject.com
4 token.rubiconproject.com 3 redirects bcp.crwdcntrl.net
4 bcp.crwdcntrl.net tags.crwdcntrl.net
bcp.crwdcntrl.net
4 collector.sophi.io cdn.sophi.io
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.mlive.com
3 pixel.onaudience.com 3 redirects
3 sync.mathtag.com 3 redirects
3 contextual.media.net ads.rubiconproject.com
3 check.analytics.rlcdn.com ads.rubiconproject.com
3 px.moatads.com www.mlive.com
3 hbopenbid.pubmatic.com ads.rubiconproject.com
3 htlb.casalemedia.com ads.rubiconproject.com
3 exchange.postrelease.com ads.rubiconproject.com
3 fastlane.rubiconproject.com ads.rubiconproject.com
3 prebid.media.net ads.rubiconproject.com
3 connect.facebook.net www.mlive.com
connect.facebook.net
3 sb.scorecardresearch.com 1 redirects www.mlive.com
3 s.ntv.io www.mlive.com
s.ntv.io
3 tags.crwdcntrl.net www.mlive.com
tags.crwdcntrl.net
3 satisfycork.com www.mlive.com
satisfycork.com
2 gu.dyntrk.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 ib.adnxs.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync-tm.everesttech.net ssum-sec.casalemedia.com
2 pixel.rubiconproject.com
2 eus.rubiconproject.com ads.rubiconproject.com
eus.rubiconproject.com
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 s0.2mdn.net www.mlive.com
13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com
2 capture.condenastdigital.com www.mlive.com
2 i.liadm.com 2 redirects
2 um.simpli.fi 1 redirects
2 4d.condenastdigital.com pixel.condenastdigital.com
2 id5-sync.com cdn.id5-sync.com
ads.rubiconproject.com
2 13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 vtrk.doubleverify.com pub.doubleverify.com
2 advancelocal.blueconic.net h312.mlive.com
2 pixel.condenastdigital.com www.mlive.com
2 z.moatads.com www.mlive.com
z.moatads.com
2 ads.rubiconproject.com www.mlive.com
ads.rubiconproject.com
2 pub.doubleverify.com www.mlive.com
pub.doubleverify.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 www.googletagmanager.com www.mlive.com
www.googletagmanager.com
1 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
1 pixel.quantserve.com 1 redirects
1 x.bidswitch.net ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 pixel-sync.sitescout.com 1 redirects
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 ad.turn.com 1 redirects
1 p.rfihub.com 1 redirects
1 mwzeom.zeotap.com
1 spl.zeotap.com 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 image4.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 ads.yahoo.com
1 id.rlcdn.com
1 image6.pubmatic.com ads.pubmatic.com
1 api.rlcdn.com ads.rubiconproject.com
1 idx.liadm.com ads.rubiconproject.com
1 eaaqvsaaea6qakqce3yab3yaabrafswa-pjjyo3-7f5fcd17c-clienttons-s.akamaihd.net
1 trial-eum-clienttons-s.akamaihd.net 1 redirects
1 3fajornyk3552yqczlaq-pjjyo3-e9ccc1578-clientnsv4-s.akamaihd.net
1 trial-eum-clientnsv4-s.akamaihd.net 1 redirects
1 0217991d.akstat.io s.go-mpulse.net
1 insight.adsrvr.org js.adsrvr.org
1 global.ib-ibi.com www.mlive.com
1 www.googletagservices.com 13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com
1 c2.piano.io cdn.tinypass.com
1 ead.mlive.com www.mlive.com
1 i6.liadm.com bcp.crwdcntrl.net
1 thrtle.com bcp.crwdcntrl.net
1 idsync.rlcdn.com bcp.crwdcntrl.net
1 ntvcld-a.akamaihd.net www.mlive.com
1 infinityid.condenastdigital.com pixel.condenastdigital.com
1 c.go-mpulse.net s.go-mpulse.net
1 stats.g.doubleclick.net www.google-analytics.com
1 rp4.liadm.com www.mlive.com
1 rp.liadm.com 1 redirects
1 ampcid.google.de www.google-analytics.com
1 buy.tinypass.com cdn.tinypass.com
1 ampcid.google.com www.google-analytics.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 cdn.id5-sync.com www.mlive.com
1 secure.cdn.fastclick.net www.mlive.com
1 geo.privacymanager.io ats.rlcdn.com
1 privacy.crwdcntrl.net tags.crwdcntrl.net
1 cdn.tinypass.com experience.tinypass.com
1 js.adsrvr.org www.googletagmanager.com
1 d1z2jf7jlzjs58.cloudfront.net www.mlive.com
1 static.adsafeprotected.com www.mlive.com
1 ats.rlcdn.com www.mlive.com
1 experience.tinypass.com www.mlive.com
1 s.go-mpulse.net www.mlive.com
1 apps.sophi.io www.mlive.com
1 cdn.sophi.io www.mlive.com
1 polyfill.io www.mlive.com
1 mlive.com 1 redirects
1 aslxp.prmegninc.mcnaheja.com 1 redirects
0 simage4.pubmatic.com Failed ads.pubmatic.com
313 126
Subject Issuer Validity Valid
advancelocal.web.arc-cdn.net
R3		 2022-01-06 -
2022-04-06		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
satisfycork.com
R3		 2021-12-24 -
2022-03-24		 3 months crt.sh
cdn.sophi.io
Amazon		 2021-11-18 -
2022-12-16		 a year crt.sh
apps.sophi.io
Amazon		 2021-05-17 -
2022-06-15		 a year crt.sh
akstat.io
DigiCert SHA2 Secure Server CA		 2021-06-08 -
2022-06-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-05-09 -
2022-05-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
d323.pennlive.com
Amazon		 2021-05-11 -
2022-06-09		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA		 2021-08-19 -
2022-09-18		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-18 -
2022-02-16		 3 months crt.sh
*.admagazine.fr
GlobalSign Atlas R3 DV TLS CA 2020		 2021-07-22 -
2022-08-23		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
collector.sophi.io
R3		 2022-01-06 -
2022-04-06		 3 months crt.sh
*.blueconic.net
Amazon		 2021-08-07 -
2022-09-05		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
vtrk.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2021-12-03 -
2023-01-04		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
cdn.id5-sync.com
R3		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.parsely.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
conde.io
Amazon		 2021-06-30 -
2022-07-29		 a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2021-03-22 -
2022-04-23		 a year crt.sh
li.lisecurelink.com
R3		 2021-11-23 -
2022-02-21		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.ib-ibi.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-03-08		 a year crt.sh
analytics.rlcdn.com
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
*.liadm.com
Amazon		 2021-10-31 -
2022-11-28		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh

This page contains 31 frames:

Primary Page: https://www.mlive.com/
Frame ID: 9A528E604563609D3E3019626607947E
Requests: 183 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 1ED3F96029B8F5A75DF3E9C7EF651CEF
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=963
Frame ID: 33C195A9F0BB673F611563E76242FEE0
Requests: 1 HTTP requests in this frame

Frame: https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DCE4ACFF635E5F551D91C022D2ED403A
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=31%2C86%2C14%2C125%2C123%2C122&c=963
Frame ID: E1318F57C51927514EC3D24927EF2F4E
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: 3964653C28C829240091D1E9FD3EC9B6
Requests: 14 HTTP requests in this frame

Frame: https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E719C9046B36020ECBFB63FCC37F8067
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLuAtAIQ-v65Ahiz8MW-ATAB&v=APEucNX6m9U_PQooGegZ7UOLm1e9BsZZjvupE4lqjmYEw3JhkxiRZJSUaAMXzwy5jN8tFAXlG8G4RK8DPqVSsbXBGOGsNHw73A
Frame ID: C17272D19F4B17C12B500BF75E072A45
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9F4275EB24F5143559BFF6217939B406
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: F56F50D7887A2FD8EEC7704938CEFEF3
Requests: 13 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=4pdxx2d&ref=https%3A%2F%2Fwww.mlive.com%2F&upid=p5qqvcp&upv=1.1.0
Frame ID: 39F33DCFCC81FB10DC31B0DCB515FC0B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C467A3097973D3C42BCE7362DE3A633D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8D6BE2FB177E58B818F00A177B84756E
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Frame ID: FC252ADE0460EBE8FE684122054D1470
Requests: 12 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 0AA2A3D3164FAA4473058BE2C03219F7
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A15F5430608E09B2E6C0CBB7622B0AC8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Frame ID: 4A61A5286E216FA2EDABDA3E2633B2A3
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: DCAF7787435932959DEA4B04C17CF921
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 50FE877B3EEF300793CC3B6DDDCF05F4
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 7B1F14CE88AA44CA3AC80AD3E4D043A0
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: E86798620F120F290DF9FDB6B79F3482
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Frame ID: 9C305AE3B76524904FA3564A842A1807
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: DEBDB694BA0706ABBE87BEFA4BFDEECB
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: AD880F052A4E4743852B81BE819F8F0F
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: E7240121D3A794F7E70578F5222AF209
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 133DC43332E549CEB8779C3134DB75A8
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=137B9565-5C53-4DF6-A5B2-3A3A4DED1A89
Frame ID: 71B8857BC434535B2C460EED92B83BCD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b2696202-cac3-4200-86ea-8d4b8f552c7f&gdpr=0&gdpr_consent=
Frame ID: C9F369C161EA05D00F3EC7AF76E8790C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4943898809691418192
Frame ID: 1CDBF6B97466BAD7A0784D559FD5C5D0
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: ADAAD5C7F3A25CC2BD45B3D758387F91
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7062430108842129559
Frame ID: CAF476D2BFCB406E830D1264A35A701B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Michigan Local News, Breaking News, Sports & WeatherLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. https://aslxp.prmegninc.mcnaheja.com/sign HTTP 307
    https://mlive.com/ HTTP 301
    https://www.mlive.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

313
Requests

88 %
HTTPS

34 %
IPv6

68
Domains

126
Subdomains

98
IPs

12
Countries

3719 kB
Transfer

10534 kB
Size

119
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aslxp.prmegninc.mcnaheja.com/sign HTTP 307
    https://mlive.com/ HTTP 301
    https://www.mlive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83
  • https://sb.scorecardresearch.com/b?c1=2&c2=6034988&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&ns__t=1644350142454&ns_c=UTF-8&cv=3.5&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&c7=https%3A%2F%2Fwww.mlive.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6034988&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&ns__t=1644350142454&ns_c=UTF-8&cv=3.5&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&c7=https%3A%2F%2Fwww.mlive.com%2F&c9=
Request Chain 92
  • https://rp.liadm.com/j?wpn=prebid&pu=https%3A%2F%2Fwww.mlive.com%2F&duid=94c49eadf2ac--01fvdefy4dnmxpes5s5h625fwd&se=e30&dtstmp=1644350142607 HTTP 302
  • https://rp4.liadm.com/j?wpn=prebid&pu=https%3A%2F%2Fwww.mlive.com%2F&duid=94c49eadf2ac--01fvdefy4dnmxpes5s5h625fwd&se=e30&dtstmp=1644350142607&i6=MjAwMTphYzg6MjA6M2QwMDoxMDExOjMzZjQ6NDIzMzo0MTQ4&n3pc=true
Request Chain 142
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=6361AB28088B4B2A93D44EABCE021194
Request Chain 143
  • https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=9382a4e9a3424a75f523f9c49f17b8fd HTTP 303
  • https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=9382a4e9a3424a75f523f9c49f17b8fd&_li_chk=true&previous_uuid=3d03d1ddc48a49e0bc9aae23b84fc4a4 HTTP 303
  • https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=9382a4e9a3424a75f523f9c49f17b8fd
Request Chain 159
  • https://www.mlive.com/infinityid HTTP 301
  • https://www.mlive.com/infinityid/
Request Chain 186
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 218
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 232
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pjjyo3d69 HTTP 302
  • https://3fajornyk3552yqczlaq-pjjyo3-e9ccc1578-clientnsv4-s.akamaihd.net/eum/results.txt
Request Chain 233
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pjjyo3d69 HTTP 302
  • https://eaaqvsaaea6qakqce3yab3yaabrafswa-pjjyo3-7f5fcd17c-clienttons-s.akamaihd.net/eum/results.txt
Request Chain 257
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 258
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 259
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 262
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=17946202-cac4-4500-9b8d-7415d6e94b56
Request Chain 263
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1--- HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZEJMAFW-1A-F8IS&sigv=1&esig=2~b0af61e7acf9acda3353f1ac3d9b6deb38c8e4ea&us_privacy=1---
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPl76o6vXfmkTE9ajDq12O0&google_cver=1
Request Chain 265
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzQyNDNlODViNTVlNjk5NDA4NmZmYTI5NmMzYWM4MTNhMTFkMzA3Zg&us_privacy=1---
Request Chain 268
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pFSk1BRlctMUEtRjhJUw==&us_privacy=1---
Request Chain 269
  • https://c1.adform.net/serving/cookie/match?party=14&cid=137B9565-5C53-4DF6-A5B2-3A3A4DED1A89 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=137B9565-5C53-4DF6-A5B2-3A3A4DED1A89
Request Chain 270
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b2696202-cac3-4200-86ea-8d4b8f552c7f&gdpr=0&gdpr_consent=
Request Chain 271
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4943898809691418192
Request Chain 273
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7062430108842129559
Request Chain 274
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=E3uVZVxTTfalsjo6Te0aiQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 275
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b50c6202-cac3-4f00-ae69-dbc2a4a2c869
Request Chain 276
  • https://pixel.onaudience.com/?partner=214&mapped=137B9565-5C53-4DF6-A5B2-3A3A4DED1A89 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=b2cb4905-0b17-4c4e-8ded-568295165229&icm HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=9382a4e9a3424a75f523f9c49f17b8fd HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=ddb64b51c0473a60 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=acaeda2e-dfbb-4d39-6b4c-e4f66a338b67&reqId=dfd9ad6c-febb-4a03-5ab4-6f3df70217a7&zcluid=ddb64b51c0473a60&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEFTmXyXwaOUztKW7tbK34NE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=acaeda2e-dfbb-4d39-6b4c-e4f66a338b67&reqId=dfd9ad6c-febb-4a03-5ab4-6f3df70217a7&zcluid=ddb64b51c0473a60&zdid=1332
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTM3Qjk1NjUtNUM1My00REY2LUE1QjItM0EzQTRERUQxQTg5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMbc9jCDyHMbfxhC2E8N_7c&google_cver=1
Request Chain 280
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7305077954368423666
Request Chain 281
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b2cb4905-0b17-4c4e-8ded-568295165229
Request Chain 282
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6069859781023518013&gdpr=0&gdpr_consent=
Request Chain 283
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgLKxGnsLsugWs-5pvhO0QAABKEAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgLKxGnsLsugWs-5pvhO0QAABKEAAAAB&dcc=t
Request Chain 286
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgLKxGnsLsugWs.5pvhOzgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHnL8TAiUlc3kCmZxH3LqU8&google_cver=1&gdpr=1&google_hm=2
Request Chain 287
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADVwk7EBZYAABNgc3XZaw&expiration=1645559748&gdpr=1
Request Chain 288
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 289
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210819725231934
Request Chain 292
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgLKxGnsLsugWs.5pvhOzgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHnL8TAiUlc3kCmZxH3LqU8&google_cver=1&gdpr=1&google_hm=2
Request Chain 295
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgLKxGnsLsugWs-5pvhOzwAABJgAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgLKxGnsLsugWs-5pvhOzwAABJgAAAAB&dcc=t
Request Chain 296
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7235798622051936861
Request Chain 298
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1646942148
Request Chain 301
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgLKxGnsLsugWs-5pvhOzgAABGIAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgLKxGnsLsugWs-5pvhOzgAABGIAAAIB&dcc=t
Request Chain 304
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgLKxGnsLsugWs.5pvhOzgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHnL8TAiUlc3kCmZxH3LqU8&google_cver=1&gdpr=1&google_hm=2
Request Chain 306
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=4aoDz7T5UMn6rwPE4aEez-avUJv6-wTL5KE-JORM

313 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mlive.com/
Redirect Chain
  • https://aslxp.prmegninc.mcnaheja.com/sign
  • https://mlive.com/
  • https://www.mlive.com/
425 KB
78 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
8ec663eef0e255ee649d1288d04749afa7700cb754873a8cef21353bf84b44bb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
server
openresty
content-encoding
gzip
etag
W/"693e1-p9O+eKgWX2ngbamDVCodWQIqrBQ"
last-modified
Tue, 08 Feb 2022 19:54:15 GMT
vary
Accept-Encoding
x-akamai-transformed
9 77498 0 pmb=mRUM,2
cache-control
private, max-age=60
expires
Tue, 08 Feb 2022 19:56:40 GMT
date
Tue, 08 Feb 2022 19:55:40 GMT
server-timing
cdn-cache; desc=HIT edge; dur=109
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade

Redirect headers

server
AkamaiGHost
content-length
0
location
https://www.mlive.com/
cache-control
private, max-age=0
expires
Tue, 08 Feb 2022 19:55:40 GMT
date
Tue, 08 Feb 2022 19:55:40 GMT
server-timing
cdn-cache; desc=HIT edge; dur=1
content-security-policy
upgrade-insecure-requests
referrer-policy
no-referrer-when-downgrade
polyfill.min.js
polyfill.io/v3/ 		101 B
580 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:800::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1304853
detected-user-agent
Chrome/97.0.4692
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
94
referrer-policy
origin-when-cross-origin
last-modified
Mon, 24 Jan 2022 14:41:41 GMT
date
Tue, 08 Feb 2022 19:55:41 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/97.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
default.css
www.mlive.com/pf/dist/components/combinations/ 		378 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/combinations/default.css?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
6ea3fa5d2d66a4f0e248fa993f3c700c1b70b0fd1b465ebab9ed26ab9c46a94e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:40 GMT
content-encoding
gzip
x-amz-request-id
FPWBVKDHVE9C9RMN
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
58498
x-amz-id-2
J+PT4aNBjwViqxhaDTdQCAU25HefXOpzD3bcmZNedubGwgsVgykr1hbXh0hBqyO0gX6LMsRgirs=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:34:27 GMT
server
openresty
etag
W/"f79e13cb9b253e8519b1e107df2202d5"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Wed, 08 Feb 2023 19:55:40 GMT
style.css
www.mlive.com/pf/resources/dist/mlive/css/ 		2 KB
963 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
33ec4fb2db644010a2d5373e40e2636e5c0158400106c5e5ec480e7f0b0e3828
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:40 GMT
content-encoding
gzip
x-amz-request-id
FPW5761R09HMJ2AR
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
500
x-amz-id-2
11ehPlxpzR+iAtqmksKAUOuCHc64d2NWbhqwLODxkTh7VYzzHU5s70Qgfb58JjREb/wCh+8b6TI=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:34:25 GMT
server
openresty
etag
W/"e99f24c0595aada0d42a01100eae015b"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Wed, 08 Feb 2023 19:55:40 GMT
react.js
www.mlive.com/pf/dist/engine/ 		344 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/engine/react.js?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a29d79605ef3435c0f542c159c7982ed04a7246e8f9525bb72d93324498f87be
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
gzip
x-amz-request-id
FPWB84Z3MSJQ9Q6P
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
104694
x-amz-id-2
6fYoF10fbuu7e7Sl7IZWuaHcAvmr8WyeAInXpAaMtUyLB3+v+Sf2BP093rP5S27/lIO+4DCT3aI=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:34:27 GMT
server
openresty
etag
W/"a2346d1485f75951a06dab03af53150c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Wed, 08 Feb 2023 19:55:41 GMT
default.js
www.mlive.com/pf/dist/components/combinations/ 		1 MB
328 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/combinations/default.js?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
ffc2a8d22edf3bbb98c20a2574ebf4ec76db104058ff9e500c367b6bfc7d45c9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
gzip
etag
W/"a590c0bd5363d458bfcb1d7972b9ebe6"
x-amz-request-id
FPW627KN8QQBARR3
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=15
content-length
334974
x-amz-id-2
VfaMty4xKDpxj9jQiJXUt/4hRnido0DyReGZSERqypaaNK8a1L5HT2iBfN6KTpRDRrn55wGj6uY=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:34:27 GMT
server
openresty
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Wed, 08 Feb 2023 19:55:41 GMT
166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
www.mlive.com/pf/resources/fonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:40 GMT
content-encoding
gzip
x-amz-request-id
FPWA44NXDHERD4J8
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
54391
x-amz-id-2
Lo08OBvH1E//DXCaOKDFfKE9xAiU4ZEYKz9lllinxF+mDq03VvJU0IRr+RQQukpX7VxVJ4zZJnQ=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:34:27 GMT
server
openresty
etag
W/"63c3700153fd19bac6ac63c816251c03"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Wed, 08 Feb 2023 19:55:40 GMT
448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
www.mlive.com/pf/resources/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:40 GMT
content-encoding
gzip
x-amz-request-id
FPW03D10Z8FXXB7C
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
53376
x-amz-id-2
eMggWOvopIiKmWfE0fsaQZTnAcEQkX80VngDq/ruFCM1rr5UdGdW9EOmweqDqj5eyU+4V97+PTk=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:34:27 GMT
server
openresty
etag
W/"00b8650c0e6992c5c9ced8f621e43ffd"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Wed, 08 Feb 2023 19:55:40 GMT
a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff
www.mlive.com/pf/resources/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:40 GMT
content-encoding
gzip
x-amz-request-id
FPWD0S7PNEDKFB19
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
53862
x-amz-id-2
6RhTw1qlWD+BxMaw6tr/sfutkmf5mVvAFatz2f9w3QCOHHcu+dqrtkQhINK/EWlQrGoRmOxRm80=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:34:27 GMT
server
openresty
etag
W/"527a99c70868c89d6be3cc11a8feb999"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Wed, 08 Feb 2023 19:55:40 GMT
farnhamheadline-medium.woff
www.mlive.com/pf/resources/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/farnhamheadline-medium.woff?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:40 GMT
content-encoding
gzip
x-amz-request-id
FPWAHMPJ9XHXEJQR
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
36831
x-amz-id-2
+ymuzSr7sexLWxgalNAQrF9hvgUaOmd/8RZ0s9Jz/ke34x+zCRc2j5oNvF/tkObtFpg28bWiz7Y=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:34:27 GMT
server
openresty
etag
W/"05b85684cbf3bc11490297c50cfd67c3"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Wed, 08 Feb 2023 19:55:40 GMT
farnhamheadline-semi-bold.woff
www.mlive.com/pf/resources/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/farnhamheadline-semi-bold.woff?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
gzip
x-amz-request-id
FPWCNTBDMGWJHKXH
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
37066
x-amz-id-2
+z4kEPVplZBGzAJWrDy/bsrXTrmtN66ZHw17HCyPRawYBLbHZrz7pFjnSIMAo8BUAxjm7hhK0K8=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:34:27 GMT
server
openresty
etag
W/"c9a8222fbabe6b700baacd21dd7a1f61"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Wed, 08 Feb 2023 19:55:41 GMT
NWIVLHSIU5CU5OKNJYAGGFV44U.JPG
www.mlive.com/resizer/_u_njvSmfrv7Y51b5RXUCz6sksM=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/_u_njvSmfrv7Y51b5RXUCz6sksM=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/NWIVLHSIU5CU5OKNJYAGGFV44U.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
509692773db809ced611d6091fe935a88e218d9a41dd36d26c1893de20b82997
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 17:22:15 GMT
server
Akamai Image Manager
etag
"30412c91b6d5bcb23b99d7bd8f1b80f054e6120c"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31526823
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=17
content-length
39621
expires
Wed, 08 Feb 2023 17:22:44 GMT
iabCcpaIntegrationScript-noGAM.js
cdn.cookielaw.org/opt-out/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ZkLmnzyu8aoAQNwZHm6Yqw==
age
11882
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Tue, 21 Dec 2021 17:26:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fd264179-701e-0156-1592-f676c3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6da76abece183758-MXP
logo_main.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_main.svg?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
gzip
x-amz-request-id
FPW0PA1ADR883RYD
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
660
x-amz-id-2
3jJDTpWnSV4J+YXju1ys+6aqQ+zqA9u9+e07lDPFarZIsocxfgCToTRszw8o4noJ+LsjDK5LUuE=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:34:25 GMT
server
openresty
etag
W/"351c57e1a77c618772f5966a7f2094ee"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Wed, 08 Feb 2023 19:55:41 GMT
logo_main_sm.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_main_sm.svg?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
gzip
x-amz-request-id
FPWF4PNT6S25M28V
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
902
x-amz-id-2
39ZrZR71MF+WMUh5fqaaVPNwxBU9Lwkx2h6O4gIQbELU6I4BsmugmCqpspqp8Xy6iv20IaiBkNE=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:34:25 GMT
server
openresty
etag
W/"cb98cda61d359616349bbc2a92540ddb"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Wed, 08 Feb 2023 19:55:41 GMT
social-monochrome.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/social-monochrome.svg?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
gzip
x-amz-request-id
6PXFVWK2Z4DRZEEN
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
603
x-amz-id-2
7geSQxznmxe1MIycCPAKaEYXcUasOYBMgP1D8xpfBOzQyr9qc0zhAgszIET/XgmYwDPPmrgBjNU=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:34:25 GMT
server
openresty
etag
W/"7819fa78e2e7770bb40587187d83cb87"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Wed, 08 Feb 2023 19:55:41 GMT
logo_footer.png
www.mlive.com/pf/resources/images/mlive/logos/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_footer.png?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
fbaacd40862bf1ea965f26571bf04a2609f80f3ba82af73ccd0d840bb19db1c2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
referrer-policy
no-referrer-when-downgrade
x-check-cacheable
YES
server
Akamai Image Manager
etag
W/"be8042e858f0c6b5cd87834c8aafe76d"
x-serial
1627
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31524583
last-modified
Tue, 08 Feb 2022 16:45:30 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=225
content-length
2314
expires
Wed, 08 Feb 2023 16:45:24 GMT
footer-logo-advance.svg
www.mlive.com/pf/resources/images/common/logos/ 		18 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/logos/footer-logo-advance.svg?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
25c3fb46576f9c03a7aa53f9e84261623a1a1d7aef5cc0024641d040a89c02ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
gzip
x-amz-request-id
FPW4GJ1J6YSH4KEZ
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
5265
x-amz-id-2
g/ggz/WpLSpk7CNt+V4VKoboKq9GUKZhG/oZHy6BIC9+Kbhi+M9d7aSeKIPXV7kBG2UpAnsUAJ0=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:34:27 GMT
server
openresty
etag
W/"165b66ce6f4daa48f02b4871f04b31e4"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Wed, 08 Feb 2023 19:55:41 GMT
ad-choices-arrow.png
www.mlive.com/pf/resources/images/common/logos/ 		190 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/logos/ad-choices-arrow.png?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:45:03 GMT
server
Akamai Image Manager
etag
W/"c6e75cc6be8dcb2f2d1ab36209f3c3b7"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31524587
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=14
content-length
190
expires
Wed, 08 Feb 2023 16:45:28 GMT
v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
satisfycork.com/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.58.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.58.190.35.bc.googleusercontent.com
Software
/
Resource Hash
0c4df94a69039a4d57372f2710e43c3ed82def316c23cb14e60de1ece9f53661
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"e1222385426a17f23e680be59fc584e08d58913f841965cb50dbb72f11dd5ea6"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-m8j1
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Tue, 08 Feb 2022 19:55:41 GMT
x-buildnumber
466245667
timing-allow-origin
*
sophi.min.js
cdn.sophi.io/latest/ 		120 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sophi.io/latest/sophi.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-87.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bfc44039c36dd275b360e61673c760eafc880b5374e93b40b2f5bf09a07798a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
bBiKDPaR9zp_wsZ_AER7fdhyQ6rI_82K
content-encoding
gzip
etag
W/"d3372f19a04914dad0bc228d6edc1164"
last-modified
Thu, 20 Jan 2022 19:07:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
cache-control
max-age=0
date
Tue, 08 Feb 2022 19:55:42 GMT
x-amz-cf-id
0BOA3vtvUP8anagiEmZ3uuj7xEBNjWst2KiVtandLrPOHBzxyiSR3w==
al-mlive.segments.min.js
apps.sophi.io/latest/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.sophi.io/latest/al-mlive.segments.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-48.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55238144a1ead5e52b2d8016a8aa4894d2c4cbe1edbc371f4060c197997e4f8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
.lDsOdHdh8gRIOiPqICgK8I.1Q2saWMA
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 19:33:22 GMT
server
AmazonS3
age
163
etag
W/"c5d5e01cc3964ee10b1b60fe39922ad1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
cache-control
max-age=0
date
Tue, 08 Feb 2022 19:55:41 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
mr-fABT8YrAWpJ2Kg8pZKvna5MAUlfppYmCb89P9HI03h8SaNWmJQQ==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
zadN1tnUFXNBOXe6vsJdDg==
age
10698
vary
Accept-Encoding
content-length
6456
x-ms-lease-status
unlocked
last-modified
Mon, 07 Feb 2022 03:35:31 GMT
server
cloudflare
etag
0x8D9E9EAE465636F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b9560d3b-901e-0058-4cdf-1bdc9d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6da76abece1c3758-MXP
SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
s.go-mpulse.net/boomerang/ 		205 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:199::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
br
last-modified
Mon, 17 Jan 2022 23:18:18 GMT
x-n
S
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
gtm.js
www.googletagmanager.com/ 		320 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
50673b21d117587d655440481d70dbe8d541cacf0910b22b249ff49908382fb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88871
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 19:26:57 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 08 Feb 2022 19:55:41 GMT
01.png
www.mlive.com/pf/resources/images/common/weather/tiny/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/weather/tiny/01.png?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=749
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
3fc70270a527227c6493bc5a1c703f4bef2373f857cb7606b711b4d2fa14684a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=749
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:46:48 GMT
server
Akamai Image Manager
etag
W/"943580722d571b890fa63310005293d9"
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31524577
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=11
content-length
1372
expires
Wed, 08 Feb 2023 16:45:18 GMT
chevron-white.svg
www.mlive.com/pf/resources/images/common/arrows/ 		864 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/arrows/chevron-white.svg?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=749
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=749
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
gzip
x-amz-request-id
7N5JQ78MB1C5P84G
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=12
content-length
486
x-amz-id-2
lLGb5mnwWRMZyy12D5gngzLst9YLP6pyl3HfOcTaLRP+x9YYXb9pC0iwyN8+UZsx3UfmlMT/n6I=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:34:25 GMT
server
openresty
etag
W/"691552a6377a1dfc9eeae87d6aeb8931"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Wed, 08 Feb 2023 19:55:41 GMT
podcast.svg
www.mlive.com/pf/resources/images/mlive/promo/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/promo/podcast.svg?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=749
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
b396ae4c9dc4cec9c79931da5c8993ffb15d5d6ed98a14fc00bb4d159c7dd739
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=749
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
gzip
x-amz-request-id
6PXFNVQJW5HV7WEH
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=23
content-length
2589
x-amz-id-2
x4AaIH0GNQWoyZjv4403lZXSLQEYSvk1eklVNIFRk+otGNpFYdY4QW10/S80F35igWD3XKDjik4=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:34:25 GMT
server
openresty
etag
W/"562343e31998148153bc8be55796e6e1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Wed, 08 Feb 2023 19:55:41 GMT
chevron-black-right.svg
www.mlive.com/pf/resources/images/common/arrows/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/arrows/chevron-black-right.svg?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=749
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=749
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
gzip
x-amz-request-id
6PX13PEJ1PMRGD1M
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=5
content-length
746
x-amz-id-2
gltZ2y2h0zUMqLxvSGTe72cdew3BtQBDbwLct2+9tgsUFUq/XKeHyxJgDkjQlsSyxY2h2+4yBfY=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:34:25 GMT
server
openresty
etag
W/"4347be806f2c6a630a5407afb75ab920"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Wed, 08 Feb 2023 19:55:41 GMT
7SVU3S6NXFEILIO6INA7GBZCEQ.jpg
www.mlive.com/resizer/azqhvmp2sjeH7CN-ldrMqC27wL0=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/azqhvmp2sjeH7CN-ldrMqC27wL0=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/7SVU3S6NXFEILIO6INA7GBZCEQ.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
03af77368dc90f24fdd266433cfdb9627c944961b1a6de92b7520ce26da124a5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
referrer-policy
no-referrer-when-downgrade
x-check-cacheable
YES
x-serial
1265
etag
"5256316e98c8256ebb84c07d98a76c8dface6913"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31531914
last-modified
Tue, 08 Feb 2022 18:47:43 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=234
content-length
31967
server
Akamai Image Manager
expires
Wed, 08 Feb 2023 18:47:35 GMT
IUDXZ5T6SZBYXLYEP7NRQ4VCN4.jpg
www.mlive.com/resizer/XSuTjHL4qFSYUmEG4G14_cwAF94=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/XSuTjHL4qFSYUmEG4G14_cwAF94=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/IUDXZ5T6SZBYXLYEP7NRQ4VCN4.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7535dd078645e0ca9b54dcef771e05d56c8f75d07252bdc88ac0862d59881efc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 31 Jan 2022 03:50:04 GMT
server
Akamai Image Manager
etag
"2e7023f5220af9103e404d58d61b35428deb5e4b"
content-type
image/jpeg
cache-control
private, no-transform, max-age=30786826
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=83
content-length
61631
expires
Tue, 31 Jan 2023 03:49:27 GMT
OJE5L4W33ZGV5NV6CDKXQKCPBY.JPG
www.mlive.com/resizer/R_5Tv5DlFRuj8SUj6RIXLd1iPdY=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/R_5Tv5DlFRuj8SUj6RIXLd1iPdY=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/OJE5L4W33ZGV5NV6CDKXQKCPBY.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
13b189ee01867752e3bbcd292354276979cbb57204edb83ba894de56c4f87bf2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 18:31:48 GMT
server
Akamai Image Manager
etag
"c74b4b26717522d0de5b549bc854e9b11e35191a"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31530850
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=110
content-length
46849
expires
Wed, 08 Feb 2023 18:29:51 GMT
AHGLEKES5ZBDFLTYJLFQJ2JWOI.jpg
www.mlive.com/resizer/mo1PWMEgekRAskliKPp7otv1jrw=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/mo1PWMEgekRAskliKPp7otv1jrw=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/AHGLEKES5ZBDFLTYJLFQJ2JWOI.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
43a63bb8a00fc7dbf74a7688c95c9663808744b472cb7b5cf61469064d124113
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
referrer-policy
no-referrer-when-downgrade
x-check-cacheable
YES
x-serial
1289
etag
"fd279286d3b7ea70e6b8c48d7370439312f16939"
content-type
image/jpeg
cache-control
private, no-transform, max-age=30932955
last-modified
Tue, 01 Feb 2022 20:24:44 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=286
content-length
32846
server
Akamai Image Manager
expires
Wed, 01 Feb 2023 20:24:56 GMT
LA4GB6D2BZCKPORSEANQ5CTB5M.jpg
www.mlive.com/resizer/8_6OHBff-6fFoeC1AKEbGJlDMHw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/8_6OHBff-6fFoeC1AKEbGJlDMHw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/LA4GB6D2BZCKPORSEANQ5CTB5M.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
f063fe4ff49f57adeacc01c11ae72578534e5d96d13e8849a03a80166ee84ed0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 18:11:37 GMT
server
Akamai Image Manager
etag
"fb2b0eac8d832784ee97e54334e9f25de5e5f6b0"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31529784
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=95
content-length
31519
expires
Wed, 08 Feb 2023 18:12:05 GMT
YMH6P6F2LVFQROSDL4DGNMOFYA.jpg
www.mlive.com/resizer/rOwu249yj7A7MUmbzN5bsqzgA1o=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/rOwu249yj7A7MUmbzN5bsqzgA1o=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/YMH6P6F2LVFQROSDL4DGNMOFYA.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
a117a2b6db2584c68719d79275bcf8ac9a3b8499a5a695131f147105799bb69e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
referrer-policy
no-referrer-when-downgrade
x-check-cacheable
YES
x-serial
1451
etag
"dfd5091115ca4127770dec6796168f1f5e839e20"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31524617
last-modified
Tue, 08 Feb 2022 16:47:50 GMT
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=MISS, edge; dur=1, origin; dur=241
content-length
40171
server
Akamai Image Manager
expires
Wed, 08 Feb 2023 16:45:58 GMT
OAS3SPLH6BCDTJXBYQRPSWOZIE.jpg
www.mlive.com/resizer/VzxiFl1MtLRjFWAHSGKGoMEQBUw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/VzxiFl1MtLRjFWAHSGKGoMEQBUw=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/OAS3SPLH6BCDTJXBYQRPSWOZIE.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
72bfab5900549c186a6eabe8d6e8b0224c70d3f51536e1584a39a89327d42f9a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:42 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Feb 2022 17:52:46 GMT
server
Akamai Image Manager
etag
"f07e63cc3e29eedd396435aad0d88ee26afb1ea4"
content-type
image/jpeg
cache-control
private, no-transform, max-age=30923698
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=654
content-length
32041
expires
Wed, 01 Feb 2023 17:50:40 GMT
763KYHK5KFDRLDLKXNFMEJPNXU.JPG
www.mlive.com/resizer/gbm7y80rXqxYx7DTDGOpKqjs9vs=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/gbm7y80rXqxYx7DTDGOpKqjs9vs=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/763KYHK5KFDRLDLKXNFMEJPNXU.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
800740aa8895247461f70187dcade41eccad5fd2ece9e9fe08685ee7bed9a277
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 17:12:16 GMT
server
Akamai Image Manager
etag
"eca275559451f23ce9d329f9da2f1738d702666f"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31526150
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=82
content-length
23782
expires
Wed, 08 Feb 2023 17:11:31 GMT
P6MKSPBEYZBYZG222ZX4BZ7Y7M.png
www.mlive.com/resizer/2J3_lvC6qJDGHMnc8rvCnDZjTvM=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/2J3_lvC6qJDGHMnc8rvCnDZjTvM=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/P6MKSPBEYZBYZG222ZX4BZ7Y7M.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
aaff80595c44bf7d7d946271484a7b6186022f0225fc40a833a9273d5486221e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 18:16:12 GMT
server
Akamai Image Manager
etag
"1c3bafe40b6b8d46e6049a1fa232f616e40f3299"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31530017
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=262
content-length
79041
expires
Wed, 08 Feb 2023 18:15:58 GMT
5S3URDLD6BHCHCCPNQ6WG55TKM.jpg
www.mlive.com/resizer/P33SbZqijJPc5aOQGLbILHdhMhA=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/P33SbZqijJPc5aOQGLbILHdhMhA=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/5S3URDLD6BHCHCCPNQ6WG55TKM.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
74babd62da2030b3632694ab8100321cf908aacb7f106e0cdd599cb92aef771f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 13:40:51 GMT
server
Akamai Image Manager
etag
"01c05c5cc9c7ab7fefa3d55fd1810392d9ebb68a"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31513448
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=57
content-length
55585
expires
Wed, 08 Feb 2023 13:39:49 GMT
ND5CZ75SOJAS7CXD4WEVQLGKXA.JPG
www.mlive.com/resizer/lYaF26Az0VYwNbmu-5ygTcvYleE=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/lYaF26Az0VYwNbmu-5ygTcvYleE=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ND5CZ75SOJAS7CXD4WEVQLGKXA.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7fe7c7f4af959b8704519840ab53792932a56a43329efb5d9c2449224816589b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:04:22 GMT
server
Akamai Image Manager
etag
"3e25156863bb82af5029f121ac43c1a057996f6b"
content-type
image/webp
cache-control
private, no-transform, max-age=31522123
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=61
content-length
27810
expires
Wed, 08 Feb 2023 16:04:24 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		191 B
396 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fd429b95adc1755ffb3f7d831ac7e33dad31379239750f32c49c98f7019e45f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6da76ac12d300f86-MXP
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=749
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
d806ed2d1dee72c1ad65db632d63e6eac53a9c43f28010490dfd53cb76467554
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27180
x-xss-protection
0
server
sffe
etag
"1126 / 776 of 1000 / last-modified: 1644340328"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 08 Feb 2022 19:55:41 GMT
pub.js
pub.doubleverify.com/signals/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=749
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ee49a30cc6244e9cefb2bac9580da6a9768c49692d1a8988572254f4ff7d2bf
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
br
vary
Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Server-Timing,cf-ray
cache-control
private, max-age=14400, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
server-timing
total;dur=0
cf-ray
6da76ac18dd683af-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
10071_MI_Desktop_Mobile.js
ads.rubiconproject.com/prebid/ 		425 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=749
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c876ceb0bbe52cd760a39d8b7ef89f1dfa899449fdc18814860003360e5eec2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
gzip
last-modified
Tue, 08 Feb 2022 17:41:14 GMT
server
Apache
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=9763
access-control-allow-credentials
true
accept-ranges
bytes
content-length
116983
expires
Tue, 08 Feb 2022 22:38:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=749
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
285
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0JHGQXRPC85TTJ5NW6XQ
date
Tue, 08 Feb 2022 19:51:12 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
9QFwQog01EhuYN45SdRfJRvR-zr7HTAlt3yyzlf_pJ3SjE0yLEuWgQ==
lt.min.js
tags.crwdcntrl.net/lt/c/963/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=749
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-90.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40195704da1d1e2ddba98cdc6e4726197707f2f37fee1a729d22bafae1fc5d8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 08 Feb 2022 14:11:53 GMT
content-encoding
gzip
last-modified
Tue, 30 Nov 2021 19:45:20 GMT
server
AmazonS3
age
20629
etag
W/"5e5fb1561298077c035efb70a22ef750"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
vckc1gCHhuR9JDW8XGFOdnbp0Fxf-Ghh0loFFmlXIKWrMrBRWqpHew==
main-menu-hamburger-white.svg
www.mlive.com/pf/resources/images/common/icons/ 		1 KB
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/main-menu-hamburger-white.svg?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=749
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
1cb614c81c491878e5b6256098b31fb4f68b7bbde5e60b21334d085db7e37549
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=749
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
gzip
x-amz-request-id
7N5S7H40BGVPTHMV
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=11
content-length
455
x-amz-id-2
XZOn0tBhSNLkzLUgMb+JGgvpRMtIsCYz+MYFxZ/c7+6N0xwQ/WoZmdPeTvi27bHmE6jaG+1B8Ow=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:34:25 GMT
server
openresty
etag
W/"4c13e35767d4f1fc45fe58d883b78893"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Wed, 08 Feb 2023 19:55:41 GMT
user-white.svg
www.mlive.com/pf/resources/images/common/icons/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/user-white.svg?d=749
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=749
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=749
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
gzip
x-amz-request-id
7N5SWYTN50HC5D3X
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=6
content-length
2508
x-amz-id-2
itoFsAEQbygkOYUVtf9qWSR/Mhi1Osmmyb4zdHsvmTnpbd5y5YCMI2w1nPvC5LcdY4ZIv6mPGGw=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 16:34:25 GMT
server
openresty
etag
W/"fdc13d9553130cf8463df06e8ba5682d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Wed, 08 Feb 2023 19:55:41 GMT
script.js
h312.mlive.com/ 		146 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/script.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
c0d208be1e2c1d854a6e322b219474ecbbbdeaaeec2c17cc8d45a28381f39ead
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:51:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
266
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
45302
x-xss-protection
1; mode=block
last-modified
Tue, 08 Feb 2022 05:58:33 GMT
server
-
etag
c487c1f68d29d4e154b63523be59ad50
content-type
text/javascript; charset=utf-8
via
1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
cache-control
public, no-cache="Set-Cookie", max-age=600
x-amz-cf-pop
FRA56-P4
x-robots-tag
noindex, nofollow
x-amz-cf-id
KNUY48YrGSBO5Ew1vqQ-d1b5K0EH9HJPUVcd1RxDBSNQOHa8trd2rQ==
expires
Tue, 08 Feb 2022 20:01:15 GMT
moatheader.js
z.moatads.com/advanceddigitalheader640552616592/ 		232 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
47dafe72435d0fe4f3d7cc7d589c76c9889575220b0f4921485f8e1a9edb68db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
gzip
last-modified
Tue, 08 Feb 2022 16:24:47 GMT
server
AmazonS3
x-amz-request-id
EGNZ5VT0BN3DX6HW
etag
"385bee73910f1e7f1914f4f117d26046"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=53338
accept-ranges
bytes
content-length
81764
x-amz-id-2
CvVF5FRdqBhDFWJTzlDkhHNrLRSVILeEKoDK6gr57eY4TgzP95CQJNvz43u6mOhRQoxk3KQGUeY=
load
experience.tinypass.com/xbuilder/experience/ 		338 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
362
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Cre407rnxjx
wn
prod-exp-10-0-112-65
last-modified
Tue, 08 Feb 2022 19:49:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1800
cf-ray
6da76ac33b053755-MXP
expires
Tue, 08 Feb 2022 20:25:41 GMT
ats.js
ats.rlcdn.com/ 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 02:31:24 GMT
content-encoding
gzip
age
62658
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
vary
Accept-Encoding
x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA60-P3
content-type
application/x-javascript
x-amz-cf-id
GczQqKWyew5-Fo1cd4V2mimxj4nF5KUvk-FEqZi958nrm7pdQwZvHg==
92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9238394ecfd8f36d642000a6118e033c21a0b997f5686f937e2dc094d3a1e031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
R/wCaCbJka3rVEVM4OUsVg==
age
2480
vary
Accept-Encoding
content-length
1204
x-ms-lease-status
unlocked
last-modified
Mon, 10 May 2021 14:27:35 GMT
server
cloudflare
etag
0x8D913BFC1A2F34E
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
85069cdf-801e-0125-4c17-b60600000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6da76ac33ced0e26-MXP
expires
Tue, 08 Feb 2022 23:55:41 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
age
16083667
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
SGsCJYwLmPRMJRCDOm9g5CxiqqWRvvghqx1Z9LvbpslcXtaljbVGDw==
js
www.googletagmanager.com/gtag/ 		166 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ffc610143ad5d6336b7f5c4ba523835afeb83ad51dc535cd7887801d2f21d37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:41 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62624
x-xss-protection
0
expires
Tue, 08 Feb 2022 19:55:41 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6650
date
Tue, 08 Feb 2022 18:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 08 Feb 2022 20:04:52 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-70.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
public
Date
Tue, 08 Feb 2022 14:32:41 GMT
Via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
Age
19381
ETag
"5eb31be4-3a2"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
FRA60-P3
Content-Length
930
X-Amz-Cf-Id
nIGdtb2orRgFj3PitfLNnaYFzQOy_aiOnrAoNO_vBQwWpLDtVblHNA==
Expires
Wed, 09 Feb 2022 14:32:41 GMT
load.js
s.ntv.io/serve/ 		391 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.83 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-83.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8b8234cf8ab3052448812e8e8ecc975bd6f9bddccd84a8d2727fd606cd71af47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 19:55:42 GMT
Content-Encoding
gzip
x-amz-request-id
CAQW8ZWF3WAFB13K
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
ybOPXp56bwLciKobwvAFAdrruFt6X+ZOa19NUYgutKchRaEh4ZiNulRYrW6hxMAzixkUmZBgj3A=
Last-Modified
Fri, 21 Jan 2022 02:47:15 GMT
Server
AmazonS3
ETag
"4348c568061f705b68f72be489c53c85"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 08 Feb 2022 05:37:41 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
51482
etag
W/"1827f116c73f319409b97f10b8a58ade"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
Z6oSKbgU6HrZt4yRkGVMCwSYRSljpfLbxTk3MGn_ATU6EHyCeHXMKQ==
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
0FtagZTYLjTsmxmRNUQaqsZVrDVI9/o7g1aTqjRPN/igI7LWzX5DTh3ThacqwBpib0icV2kv+u3siLz4vyMa7w==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 08 Feb 2022 19:55:42 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
mlive.config.js
pixel.condenastdigital.com/config/ 		256 B
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.condenastdigital.com/config/mlive.config.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82c2a5e07e28fdca5963dd87e0c1020db794578b22c6e0d204b3ea28905845ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 19:55:42 GMT
Content-Encoding
gzip
Age
602836
X-Cache
HIT, HIT, HIT
Connection
keep-alive
Content-Length
200
x-amz-id-2
GUjaXAE2pXrzgZEwyx0NOK781KH10ZWPSaBGrP5RA22gIRgaUwjYtCvggR1p+cOv7JqCxlNr1mk=
X-Served-By
cache-bwi5124-BWI, cache-iad-kcgs7200025-IAD, cache-hhn4078-HHN
Access-Control-Allow-Origin
*
Last-Modified
Mon, 06 Jul 2020 16:20:47 GMT
Server
AmazonS3
X-Timer
S1644350142.264812,VS0,VE1
ETag
"dab2f4477f92ab120c62502fdacf6595"
Vary
Accept-Encoding
x-amz-request-id
PMH5F157FRWH1P1P
Via
1.1 varnish, 1.1 varnish, 1.1 varnish
Expires
Thu, 18 Nov 2021 12:02:35 GMT
Cache-Control
no-cache, public, max-age=604800
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
1, 10, 1
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-1-118.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 06:00:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
50099
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-P2
X-Amz-Cf-Id
3upOtUfg7Gh0_ca3v7OKld37-PQF3je6QFjvtbykT0q03aFZeHDFqQ==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		182 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6da76ac41f0383a9-MXP
access-control-allow-headers
Content-Type
tp2
collector.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.189.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab5547fe103db6c64.awsglobalaccelerator.com
Software
sophi /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Tue, 08 Feb 2022 19:55:42 GMT
server
sophi
vary
Accept-Encoding
p3p
policyref="", CP="This is not a P3P policy"
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
content-length
2
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		16 B
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?&callback=bc_json440
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.75.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-75-127.compute-1.amazonaws.com
Software
- /
Resource Hash
ab76c42b8003ee0887e35b8c7a031ff86041a3a62420a62a732ca52a8dca78a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
content-type
text/javascript; charset=utf-8
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
tinypass.min.js
cdn.tinypass.com/api/ 		275 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc4870f2c42b9be5a4c21ea31f5618b47e82979ea557a58b5432bdd98b63a738
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
957
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn
prod-dash-10-0-139-22
last-modified
Tue, 08 Feb 2022 17:01:04 GMT
server
cloudflare
etag
W/"281441-1644339664000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.001
cache-control
public, max-age=7200
cf-ray
6da76ac44e093755-MXP
expires
Tue, 08 Feb 2022 21:55:42 GMT
pub.json
pub.doubleverify.com/signals/ 		178 B
600 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.json?ctx=20823471&cmp=DV460143&signals=ids,bsc&url=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94a0e9d47acddfcc03b22ec5c34c245cc30925db2bf572a5a2998c9d7af92573
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
br
vary
User-Agent, Referer, Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/json
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
Server-Timing,cf-ray
cache-control
private, max-age=900, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
server-timing
total;dur=94, ids;desc="ids iqc";dur=94, bsc;desc="bsc iqc/hc";dur=80, rauth;desc="rauth kv";dur=66
cf-ray
6da76ac53d2b599b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pubads_impl_2022020301.js
securepubads.g.doubleclick.net/gpt/ 		351 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
05ed7424c6f3c3d2aec5dfe7fa92e5f617afe58a01666c1c584d342a8b57a0e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 18:47:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4072
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122037
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 09:34:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 08 Feb 2023 18:47:50 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		193 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
07fada31a0b4fea116a90cce8778dd7160c8839118718c8185c71292f6d23bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119
x-xss-protection
0
expires
Tue, 08 Feb 2022 19:55:42 GMT
10071-pbjs-floors.json
ads.rubiconproject.com/floors/ 		58 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/10071-pbjs-floors.json
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f8e216a8ab74a2c3a2a5562e1661adff971c519a08291d0ac0e892f89c5b7f9

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
last-modified
Tue, 08 Feb 2022 18:41:01 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
6832
tp2
collector.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.189.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab5547fe103db6c64.awsglobalaccelerator.com
Software
sophi /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-origin
https://www.mlive.com
access-control-max-age
5
date
Tue, 08 Feb 2022 19:55:42 GMT
server
sophi
vary
Accept-Encoding
content-length
0
iframe.html
z.moatads.com/hd09824092/ Frame 1ED3 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/

Response headers

x-amz-id-2
tXhAc64MXavoo2Ys7gL4K0CHvWdnnjW6yMDYhattkSwkbmjydK4ZTHB9EYLhbnHzR5lAnVYPFb8=
x-amz-request-id
7Y2H1YDSCY2G4ZCG
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
accept-ranges
bytes
content-type
text/html
content-length
1374
server
AmazonS3
cache-control
max-age=2260
date
Tue, 08 Feb 2022 19:55:42 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3178&u=https%3A%2F%2Fwww.mlive.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
db4aa1849103a3b106eb59a2f8b26ba0b10263198666dab37e45675026450b3d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 14:42:39 GMT
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
server
Server
age
18782
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-P2
content-length
1358
x-amz-cf-id
tpqbtyqnWQ2eAiFzxZ-kbQnl0U1YEcTHcuAXeldPqQ9WgcBrDe8sCg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
55307
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
date
Tue, 08 Feb 2022 04:33:56 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
D61grxSF3tjaZZDb61Cb-p23YUHw4f9ojHFBV9dDstKWDgOvqIA_Vg==
set
privacy.crwdcntrl.net/consent/ 		301 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy.crwdcntrl.net/consent/set?ct=skip&ca=1&ccd=1&cds=1&cta=1&c=963
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
158c2f4d2747aaba656211837d94993e7a6715f180d3a62abefd95358fdc9524

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.22.252
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
301
expires
0
data
bcp.crwdcntrl.net/6/ 		528 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
bfc7c0cff1c3d1602ace06b10946928c177ab8da0f5629cf812b5b017e742cb2

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.31.154
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
528
expires
0
/
geo.privacymanager.io/ 		28 B
592 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-35.fra60.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 05:02:47 GMT
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront), 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
age
53575
x-amzn-requestid
f835b9ad-7399-4258-a856-d898721a61a4
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6201f977-17e956960695029b09130960;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1, FRA60-P3
x-amz-apigw-id
NNPqpGcKjoEFSBQ=
content-length
28
x-amz-cf-id
aLeImHA9OOPtZpKhsu5i9G6Fkvuciy3469c0iB2KQ_h_thJQiX1SVA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=2oe270&_p=1293055894&sr=1600x1200&ul=en-us&cid=819984878.1644350142&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sid=1644350141&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
vtrk.doubleverify.com/ 		0
182 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=5cb3849e-925d-47ca-8294-16534177b420&z=32787794246&ctx=20823471&cd160=3910673e-e0b5-4f91-90e4-d82e3b231375&cd161=https%3A%2F%2Fwww.mlive.com%2F&ea=load-pq&cd180=network&cm180=94&cm181=1&cm182=19&cm183=26&cm184=44&cm185=4&cm186=467&cm191=0&cmp=DV460143
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.157.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-157-24.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Tue, 08 Feb 2022 19:55:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.17.0/ 		377 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
66Z8bY5FXXAAikIS37tpYA==
age
8718841
vary
Accept-Encoding
content-length
85833
x-ms-lease-status
unlocked
last-modified
Thu, 29 Apr 2021 01:57:14 GMT
server
cloudflare
etag
0x8D90AB21C520644
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
75a73de8-a01e-0097-23d9-cdbb2f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6da76ac6593b3758-MXP
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Tue, 08 Feb 2022 20:10:42 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
60d76e5d3d47c3f67063f6ad8c4c19906031164734d901e60a8842d0a292a1cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Tue, 08 Feb 2022 19:16:05 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10638
x-request-id
489619926
p.js
cdn.parsely.com/keys/mlive.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/mlive.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.245.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-245-59.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
7029cb11a303810b007f2740712dcfc27813ddefc2cb91398cea7a29346267d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Tue, 08 Feb 2022 04:56:27 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 21:42:44 GMT
server
nginx
age
53955
etag
W/"61afd554-df3e"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
eNatgkxUxuJTNh5O2b5wUJ_09UH4etvCLrmLun5IbYMg4FBeHepESQ==
expires
Wed, 09 Feb 2022 04:56:27 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6034988&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&ns__t=1644350142454&ns_c=UTF-8&cv=3.5&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6034988&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&ns__t=1644350142454&ns_c=UTF-8&cv=3.5&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6034988&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&ns__t=1644350142454&ns_c=UTF-8&cv=3.5&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&c7=https%3A%2F%2Fwww.mlive.com%2F&c9=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:42 GMT
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
OTP0Kb8ZhZsutNcxgA0VNqLXkEEC79RhbpwXvYbAuIsCxSCqpzel7A==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 08 Feb 2022 19:55:42 GMT
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6034988&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&ns__t=1644350142454&ns_c=UTF-8&cv=3.5&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&c7=https%3A%2F%2Fwww.mlive.com%2F&c9=
content-length
269
x-amz-cf-id
mhUc6_y5gqR6PQ4CDQDG2MPR82cxS0pwjd--MMd9s8TFqqtrtNaqzw==
120978121945017
connect.facebook.net/signals/config/ 		308 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/120978121945017?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3ddb385b8647230183f31b59114b03ff2290ab80ca426e8e594afb12362dd742
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89660
x-xss-protection
0
pragma
public
x-fb-debug
c7BFxDDi2Z1UdlDZUbViIS0Gxab/VwuyNq+MBmUNWzRDl6YfH0oUmQOjto5ky41ZEaYtNPIW2H5E5QUbEb9N6g==
x-frame-options
DENY
date
Tue, 08 Feb 2022 19:55:42 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sparrow.min.js
pixel.condenastdigital.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.condenastdigital.com/sparrow.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cff3ff7513a42187f914df965c0006c8756f549dc13ffb64540767042902a748

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 19:55:42 GMT
Content-Encoding
gzip
Age
484696
X-Cache
HIT, HIT, HIT
Connection
keep-alive
Content-Length
13370
x-amz-id-2
9IE1XFLhUZqEbeKFiVGbH05pLDORsexvRApvw0DmjWLw20Y6Lome+ghxYd+FNTqFRmH8nOGUZNg=
X-Served-By
cache-bwi5122-BWI, cache-iad-kjyo7100120-IAD, cache-hhn4078-HHN
Access-Control-Allow-Origin
*
Last-Modified
Mon, 18 Oct 2021 11:33:31 GMT
Server
AmazonS3
X-Timer
S1644350142.466787,VS0,VE0
ETag
"e6b88c6f7c41eb887a206c62c62867a9"
Vary
Accept-Encoding
x-amz-request-id
EBEXQT0GEV9FPCDC
Via
1.1 varnish, 1.1 varnish, 1.1 varnish
Expires
Thu, 18 Nov 2021 11:29:56 GMT
Cache-Control
no-cache, public, max-age=604800
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
1, 4654, 30725
t
jadserve.postrelease.com/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.mlive.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
965f26668728b651d97baac3dbcf9c8c5e5660316dbfac9a07c15af91a9f00ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
3835
expires
Mon, 1 Jan 1990 12:00:00 GMT
get.js
buy.tinypass.com/api/v3/anon/captcha/ 		153 B
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
757f80abf7072089594b6c1ce349b9d12a16b948082e85ce317ad13abf04896c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:43 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Cuo407rcIrr
pragma
wn
prod-dash-10-0-87-122
last-modified
Tue, 08 Feb 2022 19:49:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.006
cache-control
public, max-age=1200
cf-ray
6da76ac6ed773755-MXP
expires
Tue, 08 Feb 2022 20:15:43 GMT
439
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		78 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/439?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2022-02-08T19%3A55%3A42%2B00%3A00&ts=1644350142527
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
868788735b388b15160e66100de21c0689bb3412707e9c022480374d88f24f1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
17856
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.mlive.com
server
-
content-type
application/json; charset=utf-8
via
1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
zlpKaRaWhWfeynqI315M8oaLzK3vkfvsL1TYcTWZPK2Q2kgLVeeKIA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
/
vtrk.doubleverify.com/ 		0
181 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=5cb3849e-925d-47ca-8294-16534177b420&z=856752916364&ctx=20823471&cd160=ed605550-c282-4864-bd2e-fa61b134a788&cd161=https%3A%2F%2Fwww.mlive.com%2F&ea=load-signals&cd191=6da76ac53d2b599b&cd180=network&cm180=310&cm181=0&cm182=0&cm183=157&cm184=149&cm185=0&cm186=353&cm170=1&cd187=ids%20iqc&cm187=94&cd171=84122004%2C84121001&cd188=bsc%20iqc%2Fhc&cm188=80&cm190=66&cd190=rauth%20kv&cm191=94&cd175=%7B%7D&cmp=DV460143
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.157.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-157-24.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Tue, 08 Feb 2022 19:55:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 33C1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=963
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-90.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/

Response headers

content-type
text/html
date
Tue, 08 Feb 2022 14:10:32 GMT
last-modified
Mon, 01 Feb 2021 20:35:17 GMT
etag
W/"6fcf4f5197ab24c92d090f6ac8d87e01"
x-amz-server-side-encryption
AES256
cache-control
max-age: 86400
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
f8LUs3KFlyNvb7FfGaeI_rnzN1G9_DsUvPjYbjq8hhwK-MQ6RaO-Wg==
age
20711
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?wpn=prebid&pu=https%3A%2F%2Fwww.mlive.com%2F&duid=94c49eadf2ac--01fvdefy4dnmxpes5s5h625fwd&se=e30&dtstmp=1644350142607
  • https://rp4.liadm.com/j?wpn=prebid&pu=https%3A%2F%2Fwww.mlive.com%2F&duid=94c49eadf2ac--01fvdefy4dnmxpes5s5h625fwd&se=e30&dtstmp=1644350142607&i6=MjAwMTphYzg6MjA6M2QwMDoxMDExOjMzZjQ6NDIzMzo0MTQ4&n3...
42 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?wpn=prebid&pu=https%3A%2F%2Fwww.mlive.com%2F&duid=94c49eadf2ac--01fvdefy4dnmxpes5s5h625fwd&se=e30&dtstmp=1644350142607&i6=MjAwMTphYzg6MjA6M2QwMDoxMDExOjMzZjQ6NDIzMzo0MTQ4&n3pc=true
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
52.0.143.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-143-56.compute-1.amazonaws.com
Software
/
Resource Hash
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:43 GMT
x-pixel-event-id
1d189c0b-86f8-41a4-83c4-f8b047e3b45c
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
null
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
a28f8fac91330d36
request-time
1
content-length
42
x-content-type-options
nosniff

Redirect headers

date
Tue, 08 Feb 2022 19:55:42 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
vary
Origin
location
https://rp4.liadm.com/j?wpn=prebid&pu=https%3A%2F%2Fwww.mlive.com%2F&duid=94c49eadf2ac--01fvdefy4dnmxpes5s5h625fwd&se=e30&dtstmp=1644350142607&i6=MjAwMTphYzg6MjA6M2QwMDoxMDExOjMzZjQ6NDIzMzo0MTQ4&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://www.mlive.com
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
4f3e5343b9571154
request-time
2
content-length
0
x-content-type-options
nosniff
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		440 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2092353358045060&correlator=2765271886243505&output=ldjh&impl=fifs&eid=31063377%2C31063871%2C44752540&vrg=2022020301&ptt=17&sc=1&sfv=1-0-38&ecs=20220208&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x91%7C970x91&fsbs=1&prev_scp=rg_adslot%3DInFeed_Center_Wide_Adhesion%26rg_atf%3Dtrue%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Center_Wide_Adhesion%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_a9%3DAdvance_MI_ATF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta&eri=1&cust_params=IDS%3D1%26BSC%3D84122004%252C84121001%26pts_pid%3D5cb3849e-925d-47ca-8294-16534177b420%26amznbid%3D0%26amznp%3D0%26ccaud%3D%26rg_auth%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26rg_pvid%3Dffa033c5-a002-40da-ba2c-713f6c1e55cf&cookie_enabled=1&bc=31&abxe=1&dt=1644350142634&lmt=1644350055&dlt=1644350140643&idt=1928&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=12530&adks=2024654923&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.mlive.com%2F&vis=1&scr_x=0&scr_y=0&psz=728x4&msz=728x0&ga_vid=819984878.1644350142&ga_sid=1644350143&ga_hid=1293055894&ga_fc=true&fws=4&ohw=728&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
efcc3e4d015f8e425823e64a70184f37419f96b25b0eae02da2ec3967c426d4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
231
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DCE4 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 08 Feb 2022 19:55:42 GMT
expires
Wed, 08 Feb 2023 19:55:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
v2idvo9guulYzftupCm8LsWYj0DJpYdVletEsKL_Rzf4wJnLfLcNSV2r534uAO2liDI4gAtUk
satisfycork.com/ 		209 B
644 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/v2idvo9guulYzftupCm8LsWYj0DJpYdVletEsKL_Rzf4wJnLfLcNSV2r534uAO2liDI4gAtUk
Requested by
Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.58.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.58.190.35.bc.googleusercontent.com
Software
/
Resource Hash
21aaf432181952e5d39d79010da478d64312d92d84eca53e0288a9d76fd9d04f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Tue, 08 Feb 2022 19:55:42 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-m8j1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
466245667
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
209
expires
Tue, 08 Feb 2022 19:55:41 GMT
en.json
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/15b3a173-7f5a-4c81-83f1-992f0f468038/ 		48 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/15b3a173-7f5a-4c81-83f1-992f0f468038/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
542b09098fe487cada39500790129355d09f49f8d6a9417258a7a1a1296d79b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
iFrXu7f9PkRC2AxzPGQFxg==
age
2480
vary
Accept-Encoding
content-length
9902
x-ms-lease-status
unlocked
last-modified
Mon, 10 May 2021 14:27:39 GMT
server
cloudflare
etag
0x8D913BFC3DCD525
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
33102310-901e-001c-3c17-b600f1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6da76ac7af390e26-MXP
expires
Tue, 08 Feb 2022 23:55:42 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1293055894&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAQCAC~&jid=1804409988&gjid=431167575&cid=819984878.1644350142&tid=UA-16643585-16&_gid=1529590759.1644350143&_r=1&gtm=2wg270TLXFLCR&cd1=undefined&cd2=undefined&cd3=undefined&cd4=undefined&cd7=undefined&cd8=undefined&cd9=ffa033c5-a002-40da-ba2c-713f6c1e55cf&cd10=undefined&cd11=undefined&cd12=undefined&cd13=Weekday&cd14=undefined&cd15=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=mlive&cd21=undefined&cd23=undefined&cd24=undefined&cd25=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd32=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd38=No%20Referrer&cd39=undefined&cd40=undefined&cd43=false&cd44=undefined&cd45=undefined&cd46=homepage-beta&cd47=desktop&cd48=undefined&cd50=GA%20pageview%20-%20template%20-%20All%20Pages&cd51=undefined&cd52=undefined&cd53=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd65=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd86=undefined&cd87=sophi_exp&cd88=true&cd61=819984878.1644350142&z=471335810
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.mlive.com%2F&pid=EKFg9GtFJ17IE&cb=0&ws=1600x1200&v=7.72.0&t=1500&slots=%5B%7B%22sd%22%3A%22ad-small-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:42 GMT
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P2
x-amz-rid
BRYQ0V4KH8VQ1PF4BQGX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
7fyq2mrtk6IfzW5qwoJy8ic_y94aP47oadC3YXZM1qWBgT7gOMLjsQ==
prebid
prebid.media.net/rtb/ 		330 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7bb20cdf10327d48d3c09aabd4efa10368389313e38adc4706a16d1ebadff586

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
fastlane.json
fastlane.rubiconproject.com/a/api/ 		464 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311380&zone_id=1940286&size_id=15&eid_pubcid.org=f7c98f6b-d791-4254-a15a-e7901bd748da%5E1&rf=https%3A%2F%2Fwww.mlive.com%2F&tg_i.bsc=84122004%2C84121001&tg_i.aupname=344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right_Tall%2Crg_platform%3Ddesktop&tg_i.dfp_ad_unit_code=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&tg_i.pbadslot=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&tk_flint=dmpbjs_v5.20.0&x_source.tid=956985cf-4bbc-4030-b9b9-0056321cd608&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.46&rp_maxbids=1&slots=1&rand=0.40679336045565484
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
9480812b1b6570365a4e8256c2d2bc150c740b9f46b4c93decab315679735e9c

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:42 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.mlive.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
464
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
exchange.postrelease.com/ 		0
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1134023&ntv_pb_rid=5ca6025bb2f2f4&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiYWQtc21hbGwtMiIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fV19&ntv_dbr=eyJhZC1zbWFsbC0yIjowfQ==&ntv_url=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.220.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-220-112.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://www.mlive.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
cygnus
htlb.casalemedia.com/ 		36 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=488240&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2271422e24d082e4%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.mlive.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228cb7db44f33d39%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22488240%22%2C%22dfp_ad_unit_code%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%22%7D%2C%22bidfloor%22%3A0.46%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-33-234.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
87f6b6dfec32f36f6ad56b2c68fff7138b9e692a9c952267e46c49b3d60282e7

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.69], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.mlive.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Tue, 08 Feb 2022 19:55:42 GMT
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Tue, 08 Feb 2022 19:55:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.mlive.com%2F&pid=EKFg9GtFJ17IE&cb=1&ws=1600x1200&v=7.72.0&t=1500&slots=%5B%7B%22sd%22%3A%22ad-small-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:42 GMT
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P2
x-amz-rid
FJRR7SNNWASR148APT3H
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
x3B9CWKoIHFThHFPsCvCHsQpkfQAXrT1WNP0VwnKJzv4Ny_4Zju-pQ==
cygnus
htlb.casalemedia.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=488238&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211ae282f0c74f1a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.mlive.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212dbaebaa074875%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22488238%22%2C%22dfp_ad_unit_code%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-33-234.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b3c3af8ca228ce6a363372466841bcfb55f23a62b5a1acb083310802b4af8b39

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.69], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.mlive.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1080
x-ak-client-geo
12
expires
Tue, 08 Feb 2022 19:55:42 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		463 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311380&zone_id=1940284&size_id=15&eid_pubcid.org=f7c98f6b-d791-4254-a15a-e7901bd748da%5E1&rf=https%3A%2F%2Fwww.mlive.com%2F&tg_i.bsc=84122004%2C84121001&tg_i.aupname=344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Left_Tall%2Crg_platform%3Ddesktop&tg_i.dfp_ad_unit_code=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&tg_i.pbadslot=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&tk_flint=dmpbjs_v5.20.0&x_source.tid=beb0af18-0175-4367-b3df-d39a86588644&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.39090095866824326
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
80baabccfc3f3429683befc58758f9e4c3323f1557d355c9fa09e59bb0c0bd2e

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:42 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.mlive.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
463
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
exchange.postrelease.com/ 		0
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1134020&ntv_pb_rid=158895281bd65e3&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiYWQtc21hbGwtMSIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fV19&ntv_dbr=eyJhZC1zbWFsbC0yIjowLCJhZC1zbWFsbC0xIjowfQ==&ntv_url=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.220.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-220-112.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://www.mlive.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Tue, 08 Feb 2022 19:55:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		330 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a36d062d102f3e72e70c8902c1b3840a116e3ca816196515b70bf013b0d548e0

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.mlive.com%2F&pid=EKFg9GtFJ17IE&cb=2&ws=1600x1200&v=7.72.0&t=1500&slots=%5B%7B%22sd%22%3A%22ad-large-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:42 GMT
via
1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P2
x-amz-rid
NGYA61NBAKBQBWMEZM3T
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
djxZdl8_gKTMNMVR2G3X8bljxTGuWnPTapcSGTYWFO4YM6diU9YtuA==
prebid
exchange.postrelease.com/ 		0
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1134023&ntv_pb_rid=21b9cae866fabd1&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiYWQtbGFyZ2UtMSIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fV19&ntv_dbr=eyJhZC1zbWFsbC0yIjowLCJhZC1zbWFsbC0xIjowLCJhZC1sYXJnZS0xIjowfQ==&ntv_url=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.220.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-220-112.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://www.mlive.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
prebid
prebid.media.net/rtb/ 		330 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
aedc4e754e8c4eefbdfe2fbda8574e181714e923fd6a38b145971dcb038e8573

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
cygnus
htlb.casalemedia.com/ 		37 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=488240&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2225f5412e6e6a55d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.mlive.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2226c65854b759597%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22488240%22%2C%22dfp_ad_unit_code%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%22%7D%2C%22bidfloor%22%3A0.4%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-33-234.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f1115ea4fa5283b2a44b521b64e6afad27cfa5cba8b493fb8a8f4faae9476adf

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.69], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.mlive.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Tue, 08 Feb 2022 19:55:42 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Tue, 08 Feb 2022 19:55:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		464 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311380&zone_id=1940286&size_id=15&eid_pubcid.org=f7c98f6b-d791-4254-a15a-e7901bd748da%5E1&rf=https%3A%2F%2Fwww.mlive.com%2F&tg_i.bsc=84122004%2C84121001&tg_i.aupname=344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right_Tall%2Crg_platform%3Ddesktop&tg_i.dfp_ad_unit_code=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&tg_i.pbadslot=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf&tk_flint=dmpbjs_v5.20.0&x_source.tid=f409db8b-663e-4f93-b3fd-c4d012727abc&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.4&rp_maxbids=1&slots=1&rand=0.019913885420346666
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
74e8705211e24ce83adfe19859a2e7dc010dbe54a2d32885a384fad71a9fdeb6

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:42 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.mlive.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
464
Expires
Wed, 17 Sep 1975 21:32:10 GMT
392.json
id5-sync.com/g/v2/ 		213 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/392.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.199 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p21.id5-sync.com
Software
/
Resource Hash
f6ce51a0a60d4b8b26dadcf77b27864d4f774df2a288b9dd26724b48dc86fb4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.mlive.com
Date
Tue, 08 Feb 2022 19:55:42 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
230823541501762
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/230823541501762?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
12ad3a993ed0c706ed6fcc1224adfaea775fbd583e470cb53b3c8798104a7447
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
M2CXxLRJpnvBfNI6KE1FhHHP1A4tlT7hQe+BukCDjMuAkU5OQw5v68+AqhBCY12ndTdzn2xOxc8+5KEKVfu27Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 08 Feb 2022 19:55:42 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
tp2
collector.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.189.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab5547fe103db6c64.awsglobalaccelerator.com
Software
sophi /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Tue, 08 Feb 2022 19:55:42 GMT
server
sophi
vary
Accept-Encoding
p3p
policyref="", CP="This is not a P3P policy"
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
content-length
2
tp2
collector.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.189.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab5547fe103db6c64.awsglobalaccelerator.com
Software
sophi /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-origin
https://www.mlive.com
access-control-max-age
5
date
Tue, 08 Feb 2022 19:55:42 GMT
server
sophi
vary
Accept-Encoding
content-length
0
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16643585-16&cid=819984878.1644350142&jid=1804409988&gjid=431167575&_gid=1529590759.1644350143&_u=aADAAEAAAAQCAC~&z=982555793
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 08 Feb 2022 19:55:42 GMT
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2rggl3-QeiFZ3VrUEg31NzZs3YFwpDKratGYgfdZe5zzGdsbzn-2H7XiFODzUmmn1qc5tcQ4
satisfycork.com/ 		3 B
37 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://satisfycork.com/v2rggl3-QeiFZ3VrUEg31NzZs3YFwpDKratGYgfdZe5zzGdsbzn-2H7XiFODzUmmn1qc5tcQ4
Requested by
Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.58.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.58.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Tue, 08 Feb 2022 19:55:42 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-m8j1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
x-buildnumber
466245667
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
otFlat.json
cdn.cookielaw.org/scripttemplates/6.17.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.17.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
iBHq0PTHfG30UZUmEXHGnw==
age
9751668
vary
Accept-Encoding
content-length
2938
x-ms-lease-status
unlocked
last-modified
Thu, 29 Apr 2021 01:57:06 GMT
server
cloudflare
etag
0x8D90AB2173E15E6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
4bf3da78-601e-0160-3274-c4db91000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6da76ac8b9b20e26-MXP
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.17.0/assets/ 		62 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.17.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b70dbbd3110e9643943cf22014e280cf8ae7e01d2e0165ad09bdb988fc79efd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 08 Feb 2022 19:55:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
r/nm/Kt9tdjXHtMK2zGH9Q==
age
2480
vary
Accept-Encoding
content-length
14755
x-ms-lease-status
unlocked
last-modified
Thu, 29 Apr 2021 01:57:06 GMT
server
cloudflare
etag
0x8D90AB217A74BD0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a4d0f9fd-e01e-0018-577b-18f573000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6da76ac8b9b60e26-MXP
pixels
bcp.crwdcntrl.net/ Frame E131 		762 B
956 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?s=31%2C86%2C14%2C125%2C123%2C122&c=963
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
47873019a38cf2b22d685aee8cdc42e0b9aa8533022939144243fafcb42d89df

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tags.crwdcntrl.net/

Response headers

date
Tue, 08 Feb 2022 19:55:42 GMT
content-type
text/html
content-length
762
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.21.135
server
Jetty(9.4.38.v20210224)
config.json
c.go-mpulse.net/api/ 		781 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ&d=www.mlive.com&t=5481167&v=1.720.0&sl=0&si=1718a628-ab45-4e96-aa79-08833678ad76-r704on&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=468260
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2ac05dc8c8622174355992467e6c1810eb2fad121f262368da076323fcb532a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 08 Feb 2022 19:55:42 GMT
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
781
Content-Type
application/json
/
infinityid.condenastdigital.com/ 		36 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://infinityid.condenastdigital.com/?rand=1644350142859
Requested by
Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.109.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-109-6.compute-1.amazonaws.com
Software
nginx/1.15.8 /
Resource Hash
7b238f7be9a7301d83c67fa2d8461b1aeb846f06d303b6a0dbf913d3fa386ccd

Request headers

Accept
text/plain
Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 19:55:43 GMT
content-encoding
gzip
Server
nginx/1.15.8
vary
origin,accept-encoding
Content-Type
text/plain; charset=utf-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
Connection
keep-alive
transfer-encoding
chunked
expires
0
content
4d.condenastdigital.com/ 		222 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4d.condenastdigital.com/content?url=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-129-5.compute-1.amazonaws.com
Software
/
Resource Hash
f1435acbdd44aa8df69c5dcf7568e84f603724b6359518e1fb562629809f9c9d

Request headers

Accept
text/plain
Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 19:55:43 GMT
content-encoding
gzip
transfer-encoding
chunked
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
Connection
keep-alive
click-out-icon.css
s.ntv.io/css/ 		618 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/css/click-out-icon.css
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.83 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-83.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8e41a8e6b02e146fe25fa71262a12a24c80ee7e0debfcae0757a4fe6c67de5a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 19:55:42 GMT
Last-Modified
Wed, 13 Sep 2017 22:37:26 GMT
Server
AmazonS3
x-amz-request-id
14EF8BE55F67AB44
ETag
"43c31858c9aac81661d142577cb1fc68"
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
618
x-amz-id-2
7hdXfpVuDDZrIO+5xhe3uhBCBXHz+FCTgXXP7bl4IPObbtqDEVlBFcdqkBD4vdzZADxhJ/wWo5E=
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=7403315&ntv_pl=773533
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=de003727-f4cb-4672-b70e-29ca0f3976c1&ntv_fl=CF4se3gYGjAPzQcMJoAeWZUQVo5DG91-c74TWkfoy9i9OikdJK65w6zPZCJME2L30fGO-6PjQQSU_sSk5cGqfeBJcFZw6c7rWqpDT0WDrKk9cqn-75cUEeiH-hSj_aRt7BFe6NLY16pUW06D9WwTMB8a1_cduSOnIrNsXEi1nUw=&ntv_ht=vsoCYgA&ntv_at=303,302&ntv_a=AAAAAAAAAAUr0QA&ord=1644350142922&ntv_dpl=1009,1027,1011,1028,1050,1003,1019,1006,1007&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=0657c4b3-1e06-4220-ab0e-53e536a5b3f2&ntv_fl=CF4se3gYGjAPzQcMJoAeWcuE46o5vVTIOR-6KENHQutl-6N7z1bNRNpke1j-UQ6oMqeebDVOLtbFGSaFDVtYp5qJdGnG09dtvHIEudb_d07FxkpxwL_rCH5Vw6pds_cEv3cQ9iAQV494ux00-EzkJjct8QHv0CahEmDdFUpkj4k=&ntv_ht=vsoCYgA&ntv_at=303&ntv_a=AAAAAAAAAAU70QA&ord=1644350142924&ntv_dpl=1009,1027,1011,1028,1050,1003,1019,1006,1007&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=bc760497-622c-4d6e-8080-fbb25d0ce524&ntv_fl=CF4se3gYGjAPzQcMJoAeWWpxqwTw-V3Eo2T1p6rakpotxiwlXqBGhxKHLXcvK7nmaU_qeGH63A2terdxUik6ocIwn6BNqDN4Th6eGCdN27DT87zPcFZibh009BsPfGLhM79hM9npoe9t7UI-UiEsPI6xL_4enACTqwZv7cLFZwg=&ntv_ht=vsoCYgA&ntv_at=303&ntv_a=AAAAAAAAAAVL0QA&ord=1644350142925&ntv_dpl=1009,1027,1011,1028,1050,1003,1019,1006,1007&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
E842DBFA564D42E3A33611A3F456E66B.jpg
ntvcld-a.akamaihd.net/image/upload/w_600,h_338,c_fill,g_auto:text,f_auto/assets/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntvcld-a.akamaihd.net/image/upload/w_600,h_338,c_fill,g_auto:text,f_auto/assets/E842DBFA564D42E3A33611A3F456E66B.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.123.225.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-65.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2f25964dfa5d408c978308cd6b405630463b6f5ff52f11d31c586394171046ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 19:55:43 GMT
X-Check-Cacheable
YES
X-Serial
303
ETag
"4fa7c78e2a05912f0c432a41ea328267"
Content-Type
image/webp
Cache-Control
private, no-transform, max-age=2368694
Last-Modified
Sun, 01 Aug 2021 06:00:38 GMT
Connection
keep-alive
Content-Length
44418
Server
Akamai Image Manager
Expires
Tue, 08 Mar 2022 05:53:57 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=46&ntv_ui=a430244b-77d4-4271-b72e-a07a60858564&ntv_a=vToHAK4hSAnc0LA&ntv_fl=CF4se3gYGjAPzQcMJoAeWe9XYsjP4wplmuW9TwJXucD91Br0hN8NauU5HQIVhdtNdC6s_J9rVSFOBwEj9EnoCTNydOckvz50GN02WKH_roDk6vTG1xOVuKzTmGrt1PPPBn5LQXatNOA8xkKZ3vM835zYN0cEH2FFctkaR36DSP0=&ord=807694886&ntv_ht=vsoCYgA&ntv_tad=16&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1097042&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
token
token.rubiconproject.com/ Frame E131 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=7&puid=9382a4e9a3424a75f523f9c49f17b8fd&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=31%2C86%2C14%2C125%2C123%2C122&c=963
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
5
jadserve.postrelease.com/dmp/ Frame E131 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/dmp/5?vk=9382a4e9a3424a75f523f9c49f17b8fd&ntv_r=https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=NTV_USER_ID
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=31%2C86%2C14%2C125%2C123%2C122&c=963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:42 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
382416.gif
idsync.rlcdn.com/ Frame E131 		42 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/382416.gif?partner_uid=9382a4e9a3424a75f523f9c49f17b8fd&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=31%2C86%2C14%2C125%2C123%2C122&c=963
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 08 Feb 2022 19:55:42 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
insync
thrtle.com/ Frame E131 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=9382a4e9a3424a75f523f9c49f17b8fd
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=31%2C86%2C14%2C125%2C123%2C122&c=963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.82.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-82-222.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
tpid=6361AB28088B4B2A93D44EABCE021194
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/ Frame E131
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=6361AB28088B4B2A93D44EABCE021194
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=6361AB28088B4B2A93D44EABCE021194
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=31%2C86%2C14%2C125%2C123%2C122&c=963
Protocol
H2
Server
63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:43 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.20.1
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Tue, 08 Feb 2022 19:55:42 GMT
x-content-type-options
nosniff
server
nginx
location
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=6361AB28088B4B2A93D44EABCE021194
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 07 Feb 2022 19:55:42 GMT
41715
i6.liadm.com/s/ Frame E131
Redirect Chain
  • https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=9382a4e9a3424a75f523f9c49f17b8fd
  • https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=9382a4e9a3424a75f523f9c49f17b8fd&_li_chk=true&previous_uuid=3d03d1ddc48a49e0bc9aae23b84fc4a4
  • https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=9382a4e9a3424a75f523f9c49f17b8fd
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=9382a4e9a3424a75f523f9c49f17b8fd
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=31%2C86%2C14%2C125%2C123%2C122&c=963
Protocol
HTTP/1.1
Server
2600:1f18:444a:4680:b988:ecc0:9832:67ce Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 19:55:43 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=9382a4e9a3424a75f523f9c49f17b8fd
Date
Tue, 08 Feb 2022 19:55:43 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
click-out-icon.ttf
s.ntv.io/font/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/font/click-out-icon.ttf?sjshwd
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/css/click-out-icon.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.83 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-83.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ee2214a948aa510978878e09453b21c85f1bcfe78a7c55412268ad85a5fb147d

Request headers

Referer
https://s.ntv.io/css/click-out-icon.css
Origin
https://www.mlive.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 19:55:43 GMT
Last-Modified
Tue, 04 Oct 2016 00:20:40 GMT
Server
AmazonS3
x-amz-request-id
5AABD4CD0696F190
ETag
"f587575d5d6dc5e7dc296da77fb11396"
Access-Control-Allow-Methods
GET
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
1092
x-amz-id-2
8juk4Zs1vr83LfcykwqftFI22RMJ3vVkhVueJlYlqZosScCcCipZwnw1WzM1I+X0vwg9FJef8k8=
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 08 Feb 2022 19:55:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mlive.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 08 Feb 2022 19:55:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		56 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2092353358045060&correlator=2765271886243505&output=ldjh&impl=fifs&eid=31063377%2C31063871%2C44752540&vrg=2022020301&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220208&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50%7C300x250&fluid=height&fsbs=1&prev_scp=rg_adslot%3DInFeed_Right_Tall%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_position%3Dundefined%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right_Tall%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right_Tall%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2&eri=1&cust_params=IDS%3D1%26BSC%3D84122004%252C84121001%26pts_pid%3D5cb3849e-925d-47ca-8294-16534177b420%26ccaud%3D%26rg_auth%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26rg_pvid%3Dffa033c5-a002-40da-ba2c-713f6c1e55cf&cookie=ID%3D751fd92d641135bc-22e187473acd0084%3AT%3D1644350142%3AS%3DALNI_Ma2CR1QocNT5F6yQp6FuknnE35WYg&bc=31&abxe=1&dt=1644350143054&lmt=1644350055&dlt=1644350140643&idt=1928&frm=20&biw=1600&bih=1200&oid=2&adxs=1135&adys=155&adks=197823414&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.mlive.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x24&msz=300x24&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=819984878.1644350142&ga_sid=1644350143&ga_hid=1293055894&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
70b1976ba50d09613ba7021b94e6db58d50b44c39cabdd3f9562be9b304673ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14066
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2092353358045060&correlator=2765271886243505&output=ldjh&impl=fifs&eid=31063377%2C31063871%2C44752540&vrg=2022020301&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220208&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50%7C300x250&fluid=height&fsbs=1&prev_scp=rg_adslot%3DInFeed_Right_Tall%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_position%3Dundefined%26rg_counter%3D2%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right_Tall%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right_Tall%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2&eri=1&cust_params=IDS%3D1%26BSC%3D84122004%252C84121001%26pts_pid%3D5cb3849e-925d-47ca-8294-16534177b420%26ccaud%3D%26rg_auth%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26rg_pvid%3Dffa033c5-a002-40da-ba2c-713f6c1e55cf&cookie=ID%3D751fd92d641135bc-22e187473acd0084%3AT%3D1644350142%3AS%3DALNI_Ma2CR1QocNT5F6yQp6FuknnE35WYg&bc=31&abxe=1&dt=1644350143061&lmt=1644350055&dlt=1644350140643&idt=1928&frm=20&biw=1600&bih=1200&oid=2&adxs=1135&adys=857&adks=455907384&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.mlive.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x24&msz=300x24&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=819984878.1644350142&ga_sid=1644350143&ga_hid=1293055894&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
1b2867f1f4e5ab62f392b34fc710d63aa0507e84c3714e150b315b6105e149d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7809
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
4d4811f64074f1413ff82467a3f7123d
h312.mlive.com/plugin/plugin/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/plugin/plugin/4d4811f64074f1413ff82467a3f7123d
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
96e04556e2965c4e115e96e0d60f70f3d19a1f75b0ff38aaa59ef77e3a5518db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 21:53:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
424944
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
31213
x-xss-protection
1; mode=block
last-modified
Wed, 02 Feb 2022 21:53:18 GMT
server
-
etag
4d4811f64074f1413ff82467a3f7123d
content-type
text/javascript; charset=utf-8
via
1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop
FRA56-P4
x-robots-tag
noindex, nofollow
x-amz-cf-id
yXEedFKkx4G_fYM4-WbTyE_YtQRjPZFcfIW9iiah-kkE7bedmeXi6Q==
expires
Fri, 03 Feb 2023 21:53:18 GMT
LB-Zone-2
h312.mlive.com/DG/DEFAULT/rest/rpc/439/ 		375 B
1001 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/439/LB-Zone-2?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=7cc54b5d-6173-4e4d-8639-804134e33837&overruleReferrer=&time=2022-02-08T19%3A55%3A43%2B00%3A00&ts=1644350143088
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
14cb1361ed92b1c32a5f695c5727bca434e172967cfa9b4c0d7575cd56de1b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 08 Feb 2022 19:55:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
245
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.mlive.com
server
-
content-type
application/json; charset=utf-8
via
1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
d3eJlh_1y_h7Jv2jrevh4za1YfcQvNsXOopsO_e2XBOPNK0aeppCLQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2092353358045060&correlator=2765271886243505&output=ldjh&impl=fifs&eid=31063377%2C31063871%2C44752540&vrg=2022020301&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220208&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50%7C300x250&fluid=height&fsbs=1&prev_scp=rg_adslot%3DInFeed_Left_Tall%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_position%3Dundefined%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Left_Tall%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Left_Tall%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26hb_format_ix%3Dbanner%26hb_size_ix%3D300x250%26hb_pb_ix%3D0.10%26hb_adid_ix%3D312370878833d2%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.10%26hb_adid%3D312370878833d2%26hb_bidder%3Dix&eri=1&cust_params=IDS%3D1%26BSC%3D84122004%252C84121001%26pts_pid%3D5cb3849e-925d-47ca-8294-16534177b420%26ccaud%3D%26rg_auth%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26rg_pvid%3Dffa033c5-a002-40da-ba2c-713f6c1e55cf&cookie=ID%3D751fd92d641135bc-22e187473acd0084%3AT%3D1644350142%3AS%3DALNI_Ma2CR1QocNT5F6yQp6FuknnE35WYg&bc=31&abxe=1&dt=1644350143098&lmt=1644350055&dlt=1644350140643&idt=1928&frm=20&biw=1600&bih=1200&oid=2&adxs=165&adys=887&adks=197823415&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.mlive.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x274&msz=300x274&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=819984878.1644350142&ga_sid=1644350143&ga_hid=1293055894&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a5c328808a013b510a6a041e4897451dff67cd4510aee65a7807b7505e6bc63e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10680
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1644350143117&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644350143115.1066817631&it=1644350142461&coo=false&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 08 Feb 2022 19:55:43 GMT
/
www.facebook.com/tr/ 		44 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1644350143119&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644350143115.1066817631&it=1644350142461&coo=false&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 08 Feb 2022 19:55:43 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1644350143120&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&cd[content_name]=undefined&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644350143115.1066817631&it=1644350142461&coo=false&tm=1&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 08 Feb 2022 19:55:43 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1644350143121&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&cd[content_name]=undefined&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644350143115.1066817631&it=1644350142461&coo=false&tm=1&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 08 Feb 2022 19:55:43 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=28&ntv_ui=a430244b-77d4-4271-b72e-a07a60858564&ntv_a=vToHAK4hSAnc0LA&ntv_fl=CF4se3gYGjAPzQcMJoAeWe9XYsjP4wplmuW9TwJXucD91Br0hN8NauU5HQIVhdtNdC6s_J9rVSFOBwEj9EnoCTNydOckvz50GN02WKH_roDk6vTG1xOVuKzTmGrt1PPPBn5LQXatNOA8xkKZ3vM835zYN0cEH2FFctkaR36DSP0=&ord=-408835442&ntv_ht=vsoCYgA&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:43 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
82b259737ac010b77143eee566d384ff
h312.mlive.com/plugin/library/ 		220 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/plugin/library/82b259737ac010b77143eee566d384ff
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
a38c62e63a55fae37c0a80be1813a69eca4b531bb0cd2eeb933c225fb9bfc84a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 08:42:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
4187606
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
69217
x-xss-protection
1; mode=block
last-modified
Tue, 21 Dec 2021 08:42:17 GMT
server
-
etag
82b259737ac010b77143eee566d384ff
content-type
text/javascript; charset=utf-8
via
1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop
FRA56-P4
x-robots-tag
noindex, nofollow
x-amz-cf-id
rALyl6KfK7sxqrvHExCbPN8UEzb-DT6bx3fIej_ZecNFD3hM3BsP9g==
expires
Thu, 22 Dec 2022 08:42:17 GMT
LB-Zone-2
h312.mlive.com/DG/DEFAULT/rest/rpc/439/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/439/LB-Zone-2?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=7cc54b5d-6173-4e4d-8639-804134e33837&overruleReferrer=&time=2022-02-08T19%3A55%3A43%2B00%3A00&ts=1644350143140
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
c9e3fcb234a774c8ebe444cf69ad05db15c58df2375f0b9aeca354019b5023df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 08 Feb 2022 19:55:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1114
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.mlive.com
server
-
content-type
application/json; charset=utf-8
via
1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
EF5V5o37cE_D-tb9HqZ3GA5e_AouLcjekUE2L7pMNirmfQ5RSX2W5A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.mlive.com/infinityid/
Redirect Chain
  • https://www.mlive.com/infinityid
  • https://www.mlive.com/infinityid/
124 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/infinityid/
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
2a02:26f0:ef::5c7b:c2b9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
7bfbfbae451f35d17b6286465c401284bf1375877b0d19e7eef73ca6f5bc4c91
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:43 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 19:55:32 GMT
server
openresty
etag
W/"1f0db-AZVn/N8rQxwRR27CzlDGCELxXko"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
private, max-age=111
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=124
content-length
18573
expires
Tue, 08 Feb 2022 19:57:34 GMT

Redirect headers

date
Tue, 08 Feb 2022 19:55:43 GMT
referrer-policy
no-referrer-when-downgrade
server
openresty
content-type
text/html
location
/infinityid/
cache-control
private, max-age=1
content-security-policy
upgrade-insecure-requests
server-timing
cdn-cache; desc=HIT, edge; dur=107
content-length
166
expires
Tue, 08 Feb 2022 19:55:44 GMT
user
4d.condenastdigital.com/ 		67 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4d.condenastdigital.com/user?xid=c5308a23-6d26-42eb-a0e0-785daf6da68b
Requested by
Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-129-5.compute-1.amazonaws.com
Software
/
Resource Hash
17cc933d85f5cea090df6410fc39836f34f65a3a57359c10ca5b48cec59f7fae

Request headers

Accept
text/plain
Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 19:55:43 GMT
content-encoding
gzip
transfer-encoding
chunked
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
Connection
keep-alive
baker
ead.mlive.com/ 		19 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ead.mlive.com/baker?dtstmp=1644350143399
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.249.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-249-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:43 GMT
Cache-Control
max-age=0, no-cache, no-store
Expires
Tue, 08 Feb 2022 19:55:43 GMT
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		66 B
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?bcsessionid=7cc54b5d-6173-4e4d-8639-804134e33837&&callback=bc_json441
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.75.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-75-127.compute-1.amazonaws.com
Software
- /
Resource Hash
f03bde4dfb05a4246c6550a900f7196ddf1a640d9d748d39fc694fc510f0f18d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
content-type
text/javascript; charset=utf-8
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
LB-Zone-2
h312.mlive.com/DG/DEFAULT/rest/rpc/439/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/439/LB-Zone-2?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=7cc54b5d-6173-4e4d-8639-804134e33837&bctempid=&overruleReferrer=&time=2022-02-08T19%3A55%3A43%2B00%3A00&ts=1644350143541
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
9d7568ab4a70b0d44a8c45b10be1c26f5b839320e37c3de66964d72b4ce70ab1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 08 Feb 2022 19:55:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
3104
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.mlive.com
server
-
content-type
application/json; charset=utf-8
via
1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
f8OVBGRPdkH9YuhWoPZGn0JIUW2wcX73LjHzWnm7FXWsRNFFDGKIQw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
LB-Zone-2
h312.mlive.com/DG/DEFAULT/rest/rpc/439/ 		407 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/439/LB-Zone-2?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=7cc54b5d-6173-4e4d-8639-804134e33837&bctempid=&overruleReferrer=&time=2022-02-08T19%3A55%3A43%2B00%3A00&ts=1644350143580
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
cc1b72953ea3b49d3a80ca9b06f1aa31d95ea8180b23d3dec3571f4a5469c856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 08 Feb 2022 19:55:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
187
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.mlive.com
server
-
content-type
application/json; charset=utf-8
via
1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
nv_3nAfmr1dsA4sNpwq6CWd7gS8jweazf4uKPC3upJW8yb_CzY9m0Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
LB-Zone-2
h312.mlive.com/DG/DEFAULT/rest/rpc/439/ 		204 B
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/439/LB-Zone-2?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=7cc54b5d-6173-4e4d-8639-804134e33837&bctempid=&overruleReferrer=&time=2022-02-08T19%3A55%3A43%2B00%3A00&ts=1644350143581
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
7ce770cddc4e0c93ac6dfd2f78ad222171080b726f0412b132610eb2ce3b3a17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 08 Feb 2022 19:55:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
177
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.mlive.com
server
-
content-type
application/json; charset=utf-8
via
1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
o6ZM9QUOe7jvVYlOOtrR_yo8Od2HsZZKHqrjVEnlLASrPnpqlk9z6A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1293055894&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blueconic&ea=segments&_u=aDDAAEABAAQCAC~&jid=&gjid=&cid=819984878.1644350142&tid=UA-16643585-16&_gid=1529590759.1644350143&gtm=2wg270TLXFLCR&cd1=undefined&cd2=1---&cd3=undefined&cd4=undefined&cd7=undefined&cd8=undefined&cd9=ffa033c5-a002-40da-ba2c-713f6c1e55cf&cd10=undefined&cd11=&cd12=&cd13=Weekday&cd14=undefined&cd15=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=mlive&cd21=undefined&cd23=undefined&cd24=&cd25=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd32=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd38=No%20Referrer&cd39=undefined&cd40=undefined&cd43=false&cd44=undefined&cd45=undefined&cd46=homepage-beta&cd47=desktop&cd48=undefined&cd50=Blueconic%20-%20event%20call&cd51=undefined&cd52=undefined&cd53=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=&cd62=undefined&cd63=&cd64=undefined&cd65=&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd86=undefined&cd87=sophi_exp&cd88=true&cd61=819984878.1644350142&cd76=a0002%2Ca0016%2Ca0022%2Ca0037&cd77=undefined&cd78=undefined&cd79=undefined&cd80=undefined&cd85=undefined&cd89=undefined&cd96=1&cm1=undefined&cm2=undefined&cm3=undefined&cm4=undefined&z=30736129
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 20:18:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
85013
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
execute
c2.piano.io/xbuilder/experience/ 		22 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63f0b4bd1b1481e911ce64b7e123291bbf6cb5381a80b39c6b6280f688213d5
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 08 Feb 2022 19:55:43 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
ce2vnqv422
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
6da76acdfead59ef-MXP
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-02-08T19%3A55%3A43.598Z&_t=pageview&cBr=mlive&cTi=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&cTy=website&pHr=https%3A%2F%2Fwww.mlive.com&pRt=referral&pHp=%2F&pRr=https%3A%2F%2Fwww.mlive.com%2F&pWw=1600&pWh=1200&pPw=1600&pPh=12400&pSw=1600&pSh=1200&uID=89edd9c6-7fa1-4b4b-8bc4-04dfded2e1ff&uNw=1&uUq=1&sID=c6e62c4e-1aa3-4295-9526-550c2f777b75&pID=a4f5868e-14e2-4c93-b5ed-7294aced6a24&uDt=desktop&_o=mlive&_c=general&xID=c5308a23-6d26-42eb-a0e0-785daf6da68b&org_id=4gKgcF5QZg8S9vbBuczznhapazGb&environment=prod&origin=mlive
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.194.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-194-18.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 08 Feb 2022 19:55:43 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
LB-Zone-2
h312.mlive.com/DG/DEFAULT/rest/rpc/439/ 		204 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/439/LB-Zone-2?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=7cc54b5d-6173-4e4d-8639-804134e33837&bctempid=&overruleReferrer=&time=2022-02-08T19%3A55%3A43%2B00%3A00&ts=1644350143610
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-26.fra56.r.cloudfront.net
Software
- /
Resource Hash
4ff1d5f3a72040f90b697f34413fb562dd6a7b949dbf1e1028d4dcb782c6aa0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 08 Feb 2022 19:55:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
177
x-xss-protection
1; mode=block
pragma
no-cache
access-control-allow-origin
https://www.mlive.com
server
-
content-type
application/json; charset=utf-8
via
1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
HkJL6t47AF6jzDJnNvE-pFl41iUNmoe5zQPofrwjAiOPG7QSnCkC7w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=Microdata&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1644350143620&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22og%3Adescription%22%3A%22Get%20the%20latest%20Michigan%20Local%20News%2C%20Sports%20News%20%26amp%3B%20US%20breaking%20News.%20View%20daily%20MI%20weather%20updates%2C%20watch%20videos%20and%20photos%2C%20join%20the%20discussion%20in%20forums.%20Find%20more%20news%20articles%20and%20stories%20online%20at%20MLive.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia.mlive.com%2Fstatic%2Fmlive%2Fstatic%2Fimg%2Flogos%2Flogo_fb.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22og%3Asite_name%22%3A%22mlive%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%22%7D%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=2&o=30&fbp=fb.1.1644350143115.1066817631&it=1644350142461&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Tue, 08 Feb 2022 19:55:43 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=Microdata&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1644350143623&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22og%3Adescription%22%3A%22Get%20the%20latest%20Michigan%20Local%20News%2C%20Sports%20News%20%26amp%3B%20US%20breaking%20News.%20View%20daily%20MI%20weather%20updates%2C%20watch%20videos%20and%20photos%2C%20join%20the%20discussion%20in%20forums.%20Find%20more%20news%20articles%20and%20stories%20online%20at%20MLive.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia.mlive.com%2Fstatic%2Fmlive%2Fstatic%2Fimg%2Flogos%2Flogo_fb.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22og%3Asite_name%22%3A%22mlive%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%22%7D%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=2&o=30&fbp=fb.1.1644350143115.1066817631&it=1644350142461&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Tue, 08 Feb 2022 19:55:43 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012201141909000/ Frame 3964 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
58663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61542
x-xss-protection
0
server
sffe
date
Tue, 08 Feb 2022 03:38:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"00d9ef7efeb287da"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 08 Feb 2023 03:38:00 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 3964 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
438265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5698
x-xss-protection
0
server
sffe
date
Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"919adc590e0ff503"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Feb 2023 18:11:18 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 3964 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
17735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29570
x-xss-protection
0
server
sffe
date
Tue, 08 Feb 2022 15:00:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c52208c2e07002d5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 08 Feb 2023 15:00:08 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 3964 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1851
x-xss-protection
0
server
sffe
date
Tue, 08 Feb 2022 15:23:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"76a8c96b6aaec2c9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 08 Feb 2023 15:23:25 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 3964 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
438265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13611
x-xss-protection
0
server
sffe
date
Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7aefe3fe93cc7383"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Feb 2023 18:11:18 GMT
truncated
/ Frame 3964 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8872084012af926d1d8ce52a85a24a4c28e039aac8b0e558544c9cf1865b94aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.214.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-214-32.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 08 Feb 2022 19:55:43 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
1667823801776250129
s0.2mdn.net/simgad/ Frame 3964 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1667823801776250129
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebb02d07f04c28f8a78408a8628a34e1dd9601ff2c6f623a44ec9a1914bca266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:25:25 GMT
x-content-type-options
nosniff
age
81018
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98501
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 08:11:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 07 Feb 2023 21:25:25 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3964 		42 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dh397tnlqvVACP5l7uBtXsAeB9FDIHrTZtxiFUawoPRyJHGLuSakzRlO7S4cNmi-X9-sCjGsNpFk4pd2ug_s4gpu4CF5cP9kUwzKZgLw-yjMmeCdtKyBLSv2m2_tpzLbCfzplDCyL4UneANBKDZoGG_13ufQ&dbm_d=AKAmf-BNBWkTNr24-_jAKPnzgO1mmm6JhO8HLdn2dYRHOsYCYxz2fdARZHPTlX9HyqlNGOT7MXLkzP9RMgKnY7BoJXsqpizp6df2ILIZOd3pTEzVKNJza2JGprg-P75iTJLjsYTHEzEgPfcNGrmK1YoFi-ZMwo5IxN2HZwfuhLDtjmuMtaiymXNVRQHWpZiT6_C9i-Bwt8YaSTZzoqXXjVfUS1rqx9X2Z70kvFQXafU8OG4QIIrcTRKhs91_I2Ki6AL-9JBi7HauaLMR-Od3AX6aIBm41E3smKr6ZsHCgC_8BvwGnHXtK1424VFy_IsJ9REZMGjWgB1HcOIYNGLXPTYxyX5QUn403-L16tBgZXs7N-DVw9M04dRYfaD6gQM9bepNvgPMp15XkUIG-r175CEfIVour11lBc65GVyB66hJpL_nm3vJgZe9tugXa1iiDraxSrcUBpDfZAEswFsVmagOas5jq_qlPjbkbfrcfX_2N5SKkM_PNK7uXw8HNxSMD5VIHZa3rAb-S9WKXTPmm6gOrTAuhp7V2KQLLuxNe8ua_Om7zK3zPlqb4zpQ33X1H0MYoKKZG7ZBkDnl7G8d9p_uax0TN4S07ACvufgIQZCTxYqYgfqDr9rVph53ujG8h6GEKPIAuHCjzOEIzKdGkHeBpaQSKF2UgVvv6bTGBTDsf-TQ8plul7mzgfSa6j4GH_RJ_vhIgvOiqJWwt6wbyPNa10hs0aPyCCmRlsFQ68DpNl_6ELreF61WD7vPrJ4ITcO799eYtJVKEN-tFWxW3cWBGJwnWDGuhhn1BueRSvcTwi_eA1w6Rbp49gGJacCSg9SG45UqINJT3RbKAxrBho-cEIhXn4OhX6OUslr2_p63jD-yjPHwSxLkisKmW-jTf-NwpL7oENy4L1Yp79sTcZWrQ1C4oQy7QDOgJk7-cvZneUM8XwezCovJYoRJQ4g_mB3ndCj9mIwqmYyV2dDdaIli6aIAPC251YZaOYRC18JFhx0az6O6wPj52lPMR3UfB6RvXevb6zlrPJnII9toOEH2i-Tr4P68XBhJZSotSswshUzpjK7K7hVy7Gsnkb9sLPOZ7yJb64dJl2nk3mdCf4tKz5ipmWJrVsJvRoehgsCicHMc8HRWL4LCILJ5aK9PIQpD5nLei0PNfCHq_6z4-ySk9lpNZGYVf6nWMaQTGB0YGeHxLUE3Zqa64h_1WFpr2fDp5Dd76rnJCBXhbdEHzb9hcH4ImcCyRMe2NUNWCxn7aaFpkUBx29GeeRDtnHA1Us0x6-ekV81Ht_r5V_YyuVwqB1mIB8SS8-AqEKYZpRd-lVX-oNh1NIcOo2SSuFGLV5XGknm6RtPRbFp0MfQ2-I29UCd8SL6RlaWyVsP_mjo5pwLHn_2YGEWg9pCaepgjHT04omHS7WgNbl6DKALD_rgYgtLZ75-DG-cmAWYCYin44aavO718bHxv8_V4hmQYsuk1Mw92pDjt5Ili3eF_MLnvDYT8b_gMVuG1givhUqysDz-0YAeGpzfGHq8mmYDA3s3Fs3ZyVQnQ8oZN5vbfykQ71CB8c-w60_CSO73gMd99_Avn9iNMNilgy3pub3EoudyKz8_Fz9OrOpDG_EEA3VG6W1Hmdhz3KYBXh62YfsEnTUQkdS5yFNe1esKY1i6HUcjepJ4QheMHdnxVwHRyQgX7FmhLjJHvIFb6rT9DSZ36OBjlX7ydgn_HJIxXGMlA7I3e46bcjkVjC-jZJwz1SNZkoSX2lgvCkhE2S567J9IcOd_COXBa18tOOyo7AV7vMQItElbFMl0yG7foe14F3ubqaW7-vEH28qm1dyNN5eNhLYaN7pTsRCKCijE0D1GczKNfPfZygk8CTH-ZzYKTIpjSRjCqm1hM_hRfnQdxQXjZRWM71SdVIf0Co6K43sa2ArWMW61sAHnHYGxyjmo6k90bWuoPKsc-rmxQHIwyz4VpvTHhEBW6yfb7uRWLcF5gxrFypQpL1i0J3buyN1_To6a4vvDyu6Y1OnT9XzIhpqpwMoopMGMAAG38R3yVu8zS7DdoXeW0zahLDunftbjwN9IioeSGO0n4IaaVzk67hwp1XJiR4_PqChUf57AaYbhednYvwFjl9ePP0t1gi6EJMcmJvwDuGEDjOS8_AJkaZeO3nNLxDV5gPQQy3L6Bdi9-EoQZEbOYAHLFSEqK4aGyplxA7iPUySFuKTfYi6zU0UjsuvQemYKxigyzFHoLTb5sov2N3kqm1n9sjzSuVnokHF4ZV-7BMi6rgs4E3ESIpMNwXvnazH8SS2zDW6g4Gq3XLwrln-xWpi-Ir6QdVyLWo41rHly3nU6K1_QOTP_nenbIUgYDj487sBBCPvYSQTvrrIYbALazvR9m5pWsHFgiHsU1hPXTx00bVw626E3OPhxthWR7fSs6PdFvbjuHsbyeWhGG8v8KWt2w61maK29pNTYYxtdK_7BPLMwsV3OeHB9JJBWBBBcjV0RJyL0Jjw3V4VNjcQ78VxincApRSOMdKlzUwpibp1qe6ILg_ZEDKPoCzxjVf5KUehCOtZI_a6NADlFsc-Fyp-vTOGTwxQD8vsNF3zr0kGy16BJmlVj4EXXdTq7qEUTC3RXtgb2fPbIdtTy-CCKeTKE0EnNEYtY_EM45OMpF0YMe3IvM3DUrEIMZ9kJbdu_WB-pEiKLvhgmHvzC7lOFN9-Wspu8FVEak0ZgYEgL3T4tHj_hskqj94hCVyRDNb_2BnHwN4l8FHm_R8DRHXq3Pmf0M1A0JJUfkuL9Cf6L4VXt_lVCP6AcRbg3QsC2eN8Dcae-jPV17xIv2KSAxi0YhhpWnACjRmenCo4TlQNicXzkwokz2ghFB492H6OdJdwtpKChoe4BUrML-6xqyixsk73GqhCA6YnYNfU0jGyvrZRjc1FrNLsaiYlp7uCPwtbxciGXspQywwMZJTppGp3c05GzgfEsEjimFhFZp025zxSr5TGYbV8S0LfovHunFwrGmyKP8_BeN4oZcFMo_tAg5GDYmS5Jniw581ATeLHAbVv6F_ZhbA8MhxG0tOtG5hkASmih8gal37oa-WHqFLgLiUSopkLp65gDRUFuea0O4CCNbmMNR4geahvbU6xgNNaJqN2BTQ73B3B3bkBtYlIe9MYDQe3PH8o0M38cdlDP_aowLLYuSrDHlGJioWfXNxXOzhaljQV_psQb7_DfFYzsA6304u1IN-QW3GgbkhdvApe_XNlmEB_Fc940uwl26P8FjwT-YT6XS_q19W89mQC-dMDH2pJaz9dHYlqLLIYwvD4TCM_Owg1syuCWG3bDhGy2X-1uDqJuyth8OoWEH61Kgo_cSDYvHSxC99Cn48k4OhNTGZQ&cid=CAASPeRoCJgj3rT3AUV28s4iFXwFcEzlW8Zq1n9Tk0gAY7uwrzVNr6xElyRGbTJFy6d6aE5eHVLDD7dKDR9lAP4
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3964 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CvSVGv8oCYpjzBc6ArASGi5O4B52slpBoxM2n3cAOr7a-z4gKEAEgt8jTR2CVspWCpAegAeWY7tcCyAEGqQJal5BC7iazPqgDAaoEhgJP0CG30ZaMPK_0cRkviLhdpVGbpaPhUDVmQTymmyiZmHkQWRwxEp0V5321Spm5GqzE1QfmKjsIyknVmHGY6P45PBhZ7qWDMh06ZqMpc9Lkqe7UiLo9f96BXQkBjDuyYMUhvHJFjfneup-_gLqAqqAGhmRAf0UVHSeLhRBFvR2WNdZmBeu0i1DVCPPycSTejup4mPTLoiWik89qKQn-mMT8FEYZy7qaFDTbaS5dXzgY8HDtXodXi74muh7s4Skc3NEshPLeRGsgC1aEqGdmb1EG8qOQuvljTaRxc7E91EDJCNSsnjGgs1lrebpMJ0ma_WOF0wPzZ8On0ny3YQDBJgZRrLAYr15XwASO3IG_7wPgBAOIBcrNjaE4kgUGCAMQARgBkgUGCBsQBRgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAeD55GoAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcKEMaZGxjCgpO5AdIICQiA4YBwEAEYHYAKA8gLAbAT3YmUDsgTpI3W3gPQEwDYEw2IFAPYFAHQFQGAFwGyFx4KHAgAEhRwdWItMjkzNzQ5NDU2Nzk0OTI3OBjfkR8&sigh=R6zDyPxQH8U&uach_m=[UACH]&cid=CAQSOwCNIrLMBMRCACXIMI7cl57Z6lmU7H0o17BQcOi5-YCU_clBBmICA4MMwcTNPPEXWDlTRGzG2JBd1xXo&template_id=509&vt=10
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame 3964 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQYuM1ZashzoOCkqqsmVd4rF91ZAdf69r6Dncx_znQCqx47dTLq_yypTqFGr9AuDdnzQwsq
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3964 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 18:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
3355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 09 Feb 2022 18:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3964 		295 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
51129
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 09 Feb 2022 05:43:34 GMT
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.214.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-214-32.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 08 Feb 2022 19:55:43 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3964
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date
Tue, 08 Feb 2022 19:55:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
container.html
13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E719 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 08 Feb 2022 19:55:42 GMT
expires
Wed, 08 Feb 2023 19:55:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.214.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-214-32.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 08 Feb 2022 19:55:44 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.214.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-214-32.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 08 Feb 2022 19:55:44 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame C172 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLuAtAIQ-v65Ahiz8MW-ATAB&v=APEucNX6m9U_PQooGegZ7UOLm1e9BsZZjvupE4lqjmYEw3JhkxiRZJSUaAMXzwy5jN8tFAXlG8G4RK8DPqVSsbXBGOGsNHw73A
Requested by
Host: 13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com
URL: https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 08 Feb 2022 19:55:44 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame E719 		57 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTms62hCp9_DKpphtbrhlRIONaq0rYa0as2IFh_BHYNCJ5Pfxyx3PqNhrGcMvvHS2QJPxeZKLx2DCou4i9p__yIMmRGOWOtjEuhopJrJFvjo3YOGVZj-M-5m8kA8w1wlW91vnhy6QvTMizJCO8M4MlavCt5A&dbm_d=AKAmf-Chhqn3KCXECQoh3132MkUsPu6HIOH4fPuoMBKLufTp8SUzWDyQyIGFYh7FuttTIr2BhP_XFdO6I2EfVXjwiV462xwczkUd1O69_julpdgUtvA7Zf5q0YI3BXc56ifIj78kgDlPVae4wjW5bkm4Hsrh7tWu6iuIB2iLqG0FgoBQUFjkIreC71f7cgIV7yvJ5asuz2-PaGe58wctDzZ4yhV0UtdaFPUxCk9-1F9I4VKdw1fQYphmCD6GGEPi-E9TJ64P8_QKH8BTpYWawRSLYizyp5jBsd499TqT_2TpFUpAxDu5uZICAhhD0ojFLEiq-Ew3BiS3rkWMeHANVqqFWuUsDnSTOCvu29gE01eIkApp7BCYcshQmXeWgg5BpEzdHHBgZezPhrG6fN-3tW1HAsyQswW-jIx3KdplDI2mzx3OuOsdGXLkBLfh-mXWZNRkRKEt3pl7RejO1iWGnRibSkSPHG-G8l6A-nR-alHvXWW6jo6HHjKWlCg2TIxFErLxk5aEcqIuc8IwNj5N4BEw642Y7KkzL6ccGmWUST7cODqhw_quN5dPqsBOBjEMJmu8dPHykN_SrSE6nDiCv9Fhlb8MjeLEQYwXbW1xW2wUuZBkAaLjWq09GUX6xIZrrOnhuy6v1_iB_5a24nNfXOapifMN3c7f_oy6UCnT6VGWmrTn0Wq-Sm0XS-3zuKhpu9mGptu1HQqL0UvNTPxqtY0Ygz9hg_6xVwOm0XRR0MfBpHEay50PGEXSiPcN7n06WzvbKZ418mg2mLQ3WYdKkwHBmJsjbOH_MJ8WYqAS6Woq8AnFo6CNes0yLxn6veKN9CPb0RBoWuvPsuZ18AS2_z9b_xIkd5B-hF_RAxdUzL0qs8f1OjrUqH7h5C-bZQ5Wb8_1Rp46Hn7uJnSUI63IV0ef1nCOQ8LfQgcWJQqV19odzdY5n2oCEo8Dar5laaXuqQqspRb37PNLsCsZeb4R-Wtvi0KaF-hQgMwOhvTx51jFyyerN5eJA3a3LTj2xhjjreo1hqb4A2N2XZsGyNaWtnK7XH8PJty-f3f-CoDrkWxkqlLJ3qGT0id1T_s8BPTcEjHTTUSxD-DRhZSOYif_Cf-3YZ66rLXLvWWzPvgFRrKjU0DlDMCm08YC8t82VSAVeuShInRA99WqnXnmohcyHsIHMXfpOAoPEy9VM5BNdyECTc1BWJkBduwiHEuGeKScb65LgcRQgOFLKHyxDL9JV4hNAqCbpIsTWygRM5QXQnMjSxMKegpwRxLDd9_1_lDnLz8Q7BGdSnEnGgvsxITtttvYcfGjcZzTV9RlZG0CRFAS0C7-8Id09JC38E5rrtBfpGsHBBEcALymHMOX1aepFbuN727l8uDV_d3inDrMPsrDvBx_8fAzOtWo722gDzwRiEorj0N6CYtaa5yBksqMAR4v_h4TXQSrK9Q0Bj74Suw-zMZy7I6r5xbMaFfkyM2FNzR4l0y1uHJTceSDxB-itmVoNffTdYNNXs-Yy2qeyoLLE55RzG-naGQvL7IEhjyTf_THiy4qwo_qp3eY5wS3UsfJKEd31WPFKe8-aV1sDpxRkc5yfrL-58J3v5osin3QVhlvlmQnNC-g8DaSYH73MzCrbDnJgAeVDMzIKDitkKmF74oMCaeOn46EURziP7YBJ3LjNuWv9j8COcdwU8U-qIxonWpEtgZTtTXBBF07KJfi3BHZaFESR9uvzaxzYJ7PhI0A81romBCgwjo85FQ-lsQU0Y4RnPmBvXZ7BXWK4hsuRSeJdoiKOwxY2AZmZtk25tyLm1_E4LyEgfrdH9Z_2ZatFGdgssBrcy5J6bWwa1JgUOEsYBy8C_SV9TJvJpFnCKaIkxz9GMz4ylmkauTzRaeSPeSCi_PEZiXk5w4Moc-oFIp8xOrINM9R_eqGF2GhhmlCqFScbX8CmlO6qGAbPZoQaDdoJccPuFxXwkSoS1ehs_x8mu6AsVe6s5FFT_wZrLZWRMRB2K3vv-N8_GNUx60y6BRXgW5rhRS1d-JrNrb9xC0karqiL4GdhX4rC2faGw_Ghwe2RXqzfMeF8VbBsU4UPo4YQ_SjT6i7Iq0Xzx86pTMrlvx5r7u0Yv9r9HyvbZ9zKAxR-BDqu6ywupmr1ZQEuT7TCnjYjhCMuUriZLQ_6DRmCat_o4UeH0ahxGrWfSvq0xuh6cxAnvgCyDbCy9duoGH-QE4bsxuRXzup6-GuyNiZqO_4DwXt-hew7g_mWnYqGfYWYx3-RCWn1GId2lnE55mN-2OM8sgpF8xOyoi-Dw2uSrWGpbqpZd8Vwjv8f0U70kUcck0MG6l7VdGoIeRPkxLBxHBfS21cVMhO6GDGqYigIb3igze_nb3nkzi2TurB44SH9AxXmngz-qgl5uNbrGsZqUUgaJqox-DXygxhLkajBWzaOpEdd_B9EWAMNkjXqOyWKxDmqC6k1z266AzXLt8KbfwiUtzAY-ixxKD9oaw-JVfC0C9qbyheH1heltKIiowBYitsyDq4NgbdSAk-ZQWsdUw-jwi1FjZacOOXIQ2CGcz0vQLr_OaFz78nNrW-4rtRnfQIr2w7GJlUdBf3ALvnMCKxonD3KT6-ZBcrwc3VOzqGBkaVBKSh2AyfZbOZAQjskwTECu6FMo2II66njsHbkLqEb3L_OzHJvQBx5V8Ns2k8G7fx9l6MuyKPXttjY46Erhq3T1yv1tRLMlX4Rrvp7UQSRRJ5MenGTWBXv2_oFRiVPQoMDZHyecUR65TH2WKLyN0x_cbieLTPQrsYII9DL9q6ZUX1dYVmFkr4I9bHq9SiS_fJO-zFCWQfW4WNd9G8JBqVIUJDDnz67AtFovOk_1ceIs01XIjbRvkxwLjUy7B51wFn87DDqSFLEC9q-bMtPy63h3A9u8ms27DUl8zLSAA_AOxS3aDSsQu8yhh-1hUjMYjTslrZVHRv1UjUmnW3_re3l5sJ72ctzKoUPNGJUpOZQyx2anP2J7FjJ2DSO8JElM9HvnZtQ1iusYQrRDUW5GGTYX1KvwzlDgBb5yC-14veI2o6FEN0xb1uFyN5ndv5q8I6bxunwZmNUKaN9NqdM3nxRcs7eR0lHDbXctzDHDsrL3rm5iGMW8Yll3UXMrIxGKzCd8dGXBinIIQULGw5O7Sz94cISERKSS-LbGFqOu_OGK_ZWsc8_ZxNaZXht6gReFgwZae2q9nfhA-PGZUXqFeePg7kIXLDKhDSLdJTa7kq1g&cid=CAASPeRoLkAOLelEQLfEej7MhQbQOGcBkLdR_PKt6TEyFkRISw9YrBA0CgE3dOWMyLT3T4Jeuhk9tDczIE3sZ4Q&rfl=1%2Chttps%253A%252F%252Fwww.mlive.com%252F%240
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bfcc5e825aff995b1fc055ef16dab0a16914e16f2ab24b4d28a52f41ba62b572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29078
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E719 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CuyH-bKgtHFY8LUJsyM40FRRdTP5QNH9oJIYDxN3lsbCRbBFcI7tupiRmET_82XDhYpqc3aZdSUHJnlv3dOXMrwCoHrnA9-uNHRxFLWwCKut2d_Bk
Requested by
Host: 13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com
URL: https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/ Frame E719 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/window_focus_fy2019.js
Requested by
Host: 13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com
URL: https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Feb 2022 19:53:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E719 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com
URL: https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38562
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644237382599929"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 08 Feb 2022 19:55:44 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/ Frame E719 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com
URL: https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0243d61ce86c672bb13744b9572ab45c1131e62f4f02ad2e1a1df54f02f2b1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
217
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6201
x-xss-protection
0
server
cafe
etag
16063203490821389409
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Feb 2022 19:52:07 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220203/r20110914/ Frame E719 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220203/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTms62hCp9_DKpphtbrhlRIONaq0rYa0as2IFh_BHYNCJ5Pfxyx3PqNhrGcMvvHS2QJPxeZKLx2DCou4i9p__yIMmRGOWOtjEuhopJrJFvjo3YOGVZj-M-5m8kA8w1wlW91vnhy6QvTMizJCO8M4MlavCt5A&dbm_d=AKAmf-Chhqn3KCXECQoh3132MkUsPu6HIOH4fPuoMBKLufTp8SUzWDyQyIGFYh7FuttTIr2BhP_XFdO6I2EfVXjwiV462xwczkUd1O69_julpdgUtvA7Zf5q0YI3BXc56ifIj78kgDlPVae4wjW5bkm4Hsrh7tWu6iuIB2iLqG0FgoBQUFjkIreC71f7cgIV7yvJ5asuz2-PaGe58wctDzZ4yhV0UtdaFPUxCk9-1F9I4VKdw1fQYphmCD6GGEPi-E9TJ64P8_QKH8BTpYWawRSLYizyp5jBsd499TqT_2TpFUpAxDu5uZICAhhD0ojFLEiq-Ew3BiS3rkWMeHANVqqFWuUsDnSTOCvu29gE01eIkApp7BCYcshQmXeWgg5BpEzdHHBgZezPhrG6fN-3tW1HAsyQswW-jIx3KdplDI2mzx3OuOsdGXLkBLfh-mXWZNRkRKEt3pl7RejO1iWGnRibSkSPHG-G8l6A-nR-alHvXWW6jo6HHjKWlCg2TIxFErLxk5aEcqIuc8IwNj5N4BEw642Y7KkzL6ccGmWUST7cODqhw_quN5dPqsBOBjEMJmu8dPHykN_SrSE6nDiCv9Fhlb8MjeLEQYwXbW1xW2wUuZBkAaLjWq09GUX6xIZrrOnhuy6v1_iB_5a24nNfXOapifMN3c7f_oy6UCnT6VGWmrTn0Wq-Sm0XS-3zuKhpu9mGptu1HQqL0UvNTPxqtY0Ygz9hg_6xVwOm0XRR0MfBpHEay50PGEXSiPcN7n06WzvbKZ418mg2mLQ3WYdKkwHBmJsjbOH_MJ8WYqAS6Woq8AnFo6CNes0yLxn6veKN9CPb0RBoWuvPsuZ18AS2_z9b_xIkd5B-hF_RAxdUzL0qs8f1OjrUqH7h5C-bZQ5Wb8_1Rp46Hn7uJnSUI63IV0ef1nCOQ8LfQgcWJQqV19odzdY5n2oCEo8Dar5laaXuqQqspRb37PNLsCsZeb4R-Wtvi0KaF-hQgMwOhvTx51jFyyerN5eJA3a3LTj2xhjjreo1hqb4A2N2XZsGyNaWtnK7XH8PJty-f3f-CoDrkWxkqlLJ3qGT0id1T_s8BPTcEjHTTUSxD-DRhZSOYif_Cf-3YZ66rLXLvWWzPvgFRrKjU0DlDMCm08YC8t82VSAVeuShInRA99WqnXnmohcyHsIHMXfpOAoPEy9VM5BNdyECTc1BWJkBduwiHEuGeKScb65LgcRQgOFLKHyxDL9JV4hNAqCbpIsTWygRM5QXQnMjSxMKegpwRxLDd9_1_lDnLz8Q7BGdSnEnGgvsxITtttvYcfGjcZzTV9RlZG0CRFAS0C7-8Id09JC38E5rrtBfpGsHBBEcALymHMOX1aepFbuN727l8uDV_d3inDrMPsrDvBx_8fAzOtWo722gDzwRiEorj0N6CYtaa5yBksqMAR4v_h4TXQSrK9Q0Bj74Suw-zMZy7I6r5xbMaFfkyM2FNzR4l0y1uHJTceSDxB-itmVoNffTdYNNXs-Yy2qeyoLLE55RzG-naGQvL7IEhjyTf_THiy4qwo_qp3eY5wS3UsfJKEd31WPFKe8-aV1sDpxRkc5yfrL-58J3v5osin3QVhlvlmQnNC-g8DaSYH73MzCrbDnJgAeVDMzIKDitkKmF74oMCaeOn46EURziP7YBJ3LjNuWv9j8COcdwU8U-qIxonWpEtgZTtTXBBF07KJfi3BHZaFESR9uvzaxzYJ7PhI0A81romBCgwjo85FQ-lsQU0Y4RnPmBvXZ7BXWK4hsuRSeJdoiKOwxY2AZmZtk25tyLm1_E4LyEgfrdH9Z_2ZatFGdgssBrcy5J6bWwa1JgUOEsYBy8C_SV9TJvJpFnCKaIkxz9GMz4ylmkauTzRaeSPeSCi_PEZiXk5w4Moc-oFIp8xOrINM9R_eqGF2GhhmlCqFScbX8CmlO6qGAbPZoQaDdoJccPuFxXwkSoS1ehs_x8mu6AsVe6s5FFT_wZrLZWRMRB2K3vv-N8_GNUx60y6BRXgW5rhRS1d-JrNrb9xC0karqiL4GdhX4rC2faGw_Ghwe2RXqzfMeF8VbBsU4UPo4YQ_SjT6i7Iq0Xzx86pTMrlvx5r7u0Yv9r9HyvbZ9zKAxR-BDqu6ywupmr1ZQEuT7TCnjYjhCMuUriZLQ_6DRmCat_o4UeH0ahxGrWfSvq0xuh6cxAnvgCyDbCy9duoGH-QE4bsxuRXzup6-GuyNiZqO_4DwXt-hew7g_mWnYqGfYWYx3-RCWn1GId2lnE55mN-2OM8sgpF8xOyoi-Dw2uSrWGpbqpZd8Vwjv8f0U70kUcck0MG6l7VdGoIeRPkxLBxHBfS21cVMhO6GDGqYigIb3igze_nb3nkzi2TurB44SH9AxXmngz-qgl5uNbrGsZqUUgaJqox-DXygxhLkajBWzaOpEdd_B9EWAMNkjXqOyWKxDmqC6k1z266AzXLt8KbfwiUtzAY-ixxKD9oaw-JVfC0C9qbyheH1heltKIiowBYitsyDq4NgbdSAk-ZQWsdUw-jwi1FjZacOOXIQ2CGcz0vQLr_OaFz78nNrW-4rtRnfQIr2w7GJlUdBf3ALvnMCKxonD3KT6-ZBcrwc3VOzqGBkaVBKSh2AyfZbOZAQjskwTECu6FMo2II66njsHbkLqEb3L_OzHJvQBx5V8Ns2k8G7fx9l6MuyKPXttjY46Erhq3T1yv1tRLMlX4Rrvp7UQSRRJ5MenGTWBXv2_oFRiVPQoMDZHyecUR65TH2WKLyN0x_cbieLTPQrsYII9DL9q6ZUX1dYVmFkr4I9bHq9SiS_fJO-zFCWQfW4WNd9G8JBqVIUJDDnz67AtFovOk_1ceIs01XIjbRvkxwLjUy7B51wFn87DDqSFLEC9q-bMtPy63h3A9u8ms27DUl8zLSAA_AOxS3aDSsQu8yhh-1hUjMYjTslrZVHRv1UjUmnW3_re3l5sJ72ctzKoUPNGJUpOZQyx2anP2J7FjJ2DSO8JElM9HvnZtQ1iusYQrRDUW5GGTYX1KvwzlDgBb5yC-14veI2o6FEN0xb1uFyN5ndv5q8I6bxunwZmNUKaN9NqdM3nxRcs7eR0lHDbXctzDHDsrL3rm5iGMW8Yll3UXMrIxGKzCd8dGXBinIIQULGw5O7Sz94cISERKSS-LbGFqOu_OGK_ZWsc8_ZxNaZXht6gReFgwZae2q9nfhA-PGZUXqFeePg7kIXLDKhDSLdJTa7kq1g&cid=CAASPeRoLkAOLelEQLfEej7MhQbQOGcBkLdR_PKt6TEyFkRISw9YrBA0CgE3dOWMyLT3T4Jeuhk9tDczIE3sZ4Q&rfl=1%2Chttps%253A%252F%252Fwww.mlive.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1abe7fbb028cc84f7b5374497875436a3d646eaf988f5e1cd62f63bdf4772605
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9508
x-xss-protection
0
server
cafe
etag
17799145174670003773
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Feb 2022 19:54:49 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220203/r20110914/elements/html/ Frame E719 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220203/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTms62hCp9_DKpphtbrhlRIONaq0rYa0as2IFh_BHYNCJ5Pfxyx3PqNhrGcMvvHS2QJPxeZKLx2DCou4i9p__yIMmRGOWOtjEuhopJrJFvjo3YOGVZj-M-5m8kA8w1wlW91vnhy6QvTMizJCO8M4MlavCt5A&dbm_d=AKAmf-Chhqn3KCXECQoh3132MkUsPu6HIOH4fPuoMBKLufTp8SUzWDyQyIGFYh7FuttTIr2BhP_XFdO6I2EfVXjwiV462xwczkUd1O69_julpdgUtvA7Zf5q0YI3BXc56ifIj78kgDlPVae4wjW5bkm4Hsrh7tWu6iuIB2iLqG0FgoBQUFjkIreC71f7cgIV7yvJ5asuz2-PaGe58wctDzZ4yhV0UtdaFPUxCk9-1F9I4VKdw1fQYphmCD6GGEPi-E9TJ64P8_QKH8BTpYWawRSLYizyp5jBsd499TqT_2TpFUpAxDu5uZICAhhD0ojFLEiq-Ew3BiS3rkWMeHANVqqFWuUsDnSTOCvu29gE01eIkApp7BCYcshQmXeWgg5BpEzdHHBgZezPhrG6fN-3tW1HAsyQswW-jIx3KdplDI2mzx3OuOsdGXLkBLfh-mXWZNRkRKEt3pl7RejO1iWGnRibSkSPHG-G8l6A-nR-alHvXWW6jo6HHjKWlCg2TIxFErLxk5aEcqIuc8IwNj5N4BEw642Y7KkzL6ccGmWUST7cODqhw_quN5dPqsBOBjEMJmu8dPHykN_SrSE6nDiCv9Fhlb8MjeLEQYwXbW1xW2wUuZBkAaLjWq09GUX6xIZrrOnhuy6v1_iB_5a24nNfXOapifMN3c7f_oy6UCnT6VGWmrTn0Wq-Sm0XS-3zuKhpu9mGptu1HQqL0UvNTPxqtY0Ygz9hg_6xVwOm0XRR0MfBpHEay50PGEXSiPcN7n06WzvbKZ418mg2mLQ3WYdKkwHBmJsjbOH_MJ8WYqAS6Woq8AnFo6CNes0yLxn6veKN9CPb0RBoWuvPsuZ18AS2_z9b_xIkd5B-hF_RAxdUzL0qs8f1OjrUqH7h5C-bZQ5Wb8_1Rp46Hn7uJnSUI63IV0ef1nCOQ8LfQgcWJQqV19odzdY5n2oCEo8Dar5laaXuqQqspRb37PNLsCsZeb4R-Wtvi0KaF-hQgMwOhvTx51jFyyerN5eJA3a3LTj2xhjjreo1hqb4A2N2XZsGyNaWtnK7XH8PJty-f3f-CoDrkWxkqlLJ3qGT0id1T_s8BPTcEjHTTUSxD-DRhZSOYif_Cf-3YZ66rLXLvWWzPvgFRrKjU0DlDMCm08YC8t82VSAVeuShInRA99WqnXnmohcyHsIHMXfpOAoPEy9VM5BNdyECTc1BWJkBduwiHEuGeKScb65LgcRQgOFLKHyxDL9JV4hNAqCbpIsTWygRM5QXQnMjSxMKegpwRxLDd9_1_lDnLz8Q7BGdSnEnGgvsxITtttvYcfGjcZzTV9RlZG0CRFAS0C7-8Id09JC38E5rrtBfpGsHBBEcALymHMOX1aepFbuN727l8uDV_d3inDrMPsrDvBx_8fAzOtWo722gDzwRiEorj0N6CYtaa5yBksqMAR4v_h4TXQSrK9Q0Bj74Suw-zMZy7I6r5xbMaFfkyM2FNzR4l0y1uHJTceSDxB-itmVoNffTdYNNXs-Yy2qeyoLLE55RzG-naGQvL7IEhjyTf_THiy4qwo_qp3eY5wS3UsfJKEd31WPFKe8-aV1sDpxRkc5yfrL-58J3v5osin3QVhlvlmQnNC-g8DaSYH73MzCrbDnJgAeVDMzIKDitkKmF74oMCaeOn46EURziP7YBJ3LjNuWv9j8COcdwU8U-qIxonWpEtgZTtTXBBF07KJfi3BHZaFESR9uvzaxzYJ7PhI0A81romBCgwjo85FQ-lsQU0Y4RnPmBvXZ7BXWK4hsuRSeJdoiKOwxY2AZmZtk25tyLm1_E4LyEgfrdH9Z_2ZatFGdgssBrcy5J6bWwa1JgUOEsYBy8C_SV9TJvJpFnCKaIkxz9GMz4ylmkauTzRaeSPeSCi_PEZiXk5w4Moc-oFIp8xOrINM9R_eqGF2GhhmlCqFScbX8CmlO6qGAbPZoQaDdoJccPuFxXwkSoS1ehs_x8mu6AsVe6s5FFT_wZrLZWRMRB2K3vv-N8_GNUx60y6BRXgW5rhRS1d-JrNrb9xC0karqiL4GdhX4rC2faGw_Ghwe2RXqzfMeF8VbBsU4UPo4YQ_SjT6i7Iq0Xzx86pTMrlvx5r7u0Yv9r9HyvbZ9zKAxR-BDqu6ywupmr1ZQEuT7TCnjYjhCMuUriZLQ_6DRmCat_o4UeH0ahxGrWfSvq0xuh6cxAnvgCyDbCy9duoGH-QE4bsxuRXzup6-GuyNiZqO_4DwXt-hew7g_mWnYqGfYWYx3-RCWn1GId2lnE55mN-2OM8sgpF8xOyoi-Dw2uSrWGpbqpZd8Vwjv8f0U70kUcck0MG6l7VdGoIeRPkxLBxHBfS21cVMhO6GDGqYigIb3igze_nb3nkzi2TurB44SH9AxXmngz-qgl5uNbrGsZqUUgaJqox-DXygxhLkajBWzaOpEdd_B9EWAMNkjXqOyWKxDmqC6k1z266AzXLt8KbfwiUtzAY-ixxKD9oaw-JVfC0C9qbyheH1heltKIiowBYitsyDq4NgbdSAk-ZQWsdUw-jwi1FjZacOOXIQ2CGcz0vQLr_OaFz78nNrW-4rtRnfQIr2w7GJlUdBf3ALvnMCKxonD3KT6-ZBcrwc3VOzqGBkaVBKSh2AyfZbOZAQjskwTECu6FMo2II66njsHbkLqEb3L_OzHJvQBx5V8Ns2k8G7fx9l6MuyKPXttjY46Erhq3T1yv1tRLMlX4Rrvp7UQSRRJ5MenGTWBXv2_oFRiVPQoMDZHyecUR65TH2WKLyN0x_cbieLTPQrsYII9DL9q6ZUX1dYVmFkr4I9bHq9SiS_fJO-zFCWQfW4WNd9G8JBqVIUJDDnz67AtFovOk_1ceIs01XIjbRvkxwLjUy7B51wFn87DDqSFLEC9q-bMtPy63h3A9u8ms27DUl8zLSAA_AOxS3aDSsQu8yhh-1hUjMYjTslrZVHRv1UjUmnW3_re3l5sJ72ctzKoUPNGJUpOZQyx2anP2J7FjJ2DSO8JElM9HvnZtQ1iusYQrRDUW5GGTYX1KvwzlDgBb5yC-14veI2o6FEN0xb1uFyN5ndv5q8I6bxunwZmNUKaN9NqdM3nxRcs7eR0lHDbXctzDHDsrL3rm5iGMW8Yll3UXMrIxGKzCd8dGXBinIIQULGw5O7Sz94cISERKSS-LbGFqOu_OGK_ZWsc8_ZxNaZXht6gReFgwZae2q9nfhA-PGZUXqFeePg7kIXLDKhDSLdJTa7kq1g&cid=CAASPeRoLkAOLelEQLfEej7MhQbQOGcBkLdR_PKt6TEyFkRISw9YrBA0CgE3dOWMyLT3T4Jeuhk9tDczIE3sZ4Q&rfl=1%2Chttps%253A%252F%252Fwww.mlive.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:48:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Feb 2022 19:48:49 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E719 		0
107 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuwlKa5V9ekL49Tzgf_ovpA1M20Vax4XBLEFXU3anoe8ONbYmqfwOtddVC0tDVKSr32_uAAf_owHKnnbUOtuA_48YNv2ppc2Ar47b5Zowakpyym7F0bWUSE89Rx-LFnNjgThC1k393UKZqjEqcKdMOVWXTJHXCkFd0Ge4QcLcC2B3jcmKeZIIBJxwdgx3GFxh7w4T1Me_zYt_WjLyjjMKoGAU2rSWDEQKeLYRcI55g0lyDh0uq6mKzph_5OnS6PbY6-sAt5fPB3JpLvZMOVhSNcr0DmShBzfVLWeQjRRD-EMRVhlq83_BIGrocGgcdYJ8fGx4BIvp9bJlseJ1WA1VOPIk2XJ0L87aaYFByxU81_B9p5RRwMOc5B9O9UVmdHdutnm8Oon6mqCzjHdK7e_hyIDV6LDWuJ-itLiwWmVMdH6iM1WtsSVhngh9eI9aot0HUFwROtlYt_-z2wysQDabCCM0hjyL7e4iNioLKYan4g3l_nwy7xG1E1t4XixmYKUrwoj6PfCFKJxkMm2PJ8vhvPkltyUWxWM8KRLZCPdgm1aA0YsOkAEBTQpJUN3u-7jTJ7i1VbtOBj0eP9-Kx6-fGNV8Hded3AVhzMvRJfWQFPkyq-aht4VQRKvkGHKbkmcAe5SFn0orPfhMvQfSyRIDmewZfcozvjNXRIlbmnSaalhCDN1dOByguFWK_5gAXXxYhuv1HlsheiV-ire-3rKbRPHMzHQZn_csG5wgwMoS2R6_2tri7xGUH3RvdvZ9Fm46GfcpLBZY07dyNzIqhOPhYZhYGv6Y83pH7Nlbx8_VsHxnKLnrUyQ-9qLl32nwSVjXPP6hygT-sGZGmgajaDXcLsX_4gID5neLEWgSh6_SVcyn92_QxRJ_4Bx7d4NTx7yiLIStfnIaiGC8wyXa70fd7jBiOhSJGIumj143LAFgixNWKpXa9zn8ozGbPdLQ3xV7HPy4_d7xAhlkn3ExLxgsktWucNrCkn4KKW8KUkucnM5g3SMAqCNNpuA-YAbNmzn0QxAIT2d1RVpQowF5_LGoTMIEwM08GKFVMbfPHwLF6bsIvcr04xkqKhN_qylGin2ePd2no7lxkwhipBg2kOsFbMZBJ69R1rHcbfACVIGNl8Uj1vhLuTajkQshHRPv4xhbqTuXcCvedWW2NjbbqL7yHiff9ug9dBgIKS6TBu-Uu7-QgRTibD-2lLHV6n7_9f4_T-WAcv8W7qcVn8&sai=AMfl-YTl-Pc2vk0bOcF-8bUauHjIv6T4Wq2cuPiG0XrBUwZhsyja3wjAd6O4lDkalZ1mXfAL6_Cy0SHx_Gu1McFD0ZwTEh0oc3CemgvK-lFKCrRBAob85AN_gEN3w9Ab3RQuIXJAE9MsKuBA05v8SUVdxpNMOddNEZ-pJ2I71cdtI97zq_QhfsAFa8uo1M31RWloGbbEHqNSolGM_Ix2fBU6Z5JfaTH5OTGdMjbnwCKoSg&sig=Cg0ArKJSzOc0vmKPptddEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220203.19433&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTms62hCp9_DKpphtbrhlRIONaq0rYa0as2IFh_BHYNCJ5Pfxyx3PqNhrGcMvvHS2QJPxeZKLx2DCou4i9p__yIMmRGOWOtjEuhopJrJFvjo3YOGVZj-M-5m8kA8w1wlW91vnhy6QvTMizJCO8M4MlavCt5A&dbm_d=AKAmf-Chhqn3KCXECQoh3132MkUsPu6HIOH4fPuoMBKLufTp8SUzWDyQyIGFYh7FuttTIr2BhP_XFdO6I2EfVXjwiV462xwczkUd1O69_julpdgUtvA7Zf5q0YI3BXc56ifIj78kgDlPVae4wjW5bkm4Hsrh7tWu6iuIB2iLqG0FgoBQUFjkIreC71f7cgIV7yvJ5asuz2-PaGe58wctDzZ4yhV0UtdaFPUxCk9-1F9I4VKdw1fQYphmCD6GGEPi-E9TJ64P8_QKH8BTpYWawRSLYizyp5jBsd499TqT_2TpFUpAxDu5uZICAhhD0ojFLEiq-Ew3BiS3rkWMeHANVqqFWuUsDnSTOCvu29gE01eIkApp7BCYcshQmXeWgg5BpEzdHHBgZezPhrG6fN-3tW1HAsyQswW-jIx3KdplDI2mzx3OuOsdGXLkBLfh-mXWZNRkRKEt3pl7RejO1iWGnRibSkSPHG-G8l6A-nR-alHvXWW6jo6HHjKWlCg2TIxFErLxk5aEcqIuc8IwNj5N4BEw642Y7KkzL6ccGmWUST7cODqhw_quN5dPqsBOBjEMJmu8dPHykN_SrSE6nDiCv9Fhlb8MjeLEQYwXbW1xW2wUuZBkAaLjWq09GUX6xIZrrOnhuy6v1_iB_5a24nNfXOapifMN3c7f_oy6UCnT6VGWmrTn0Wq-Sm0XS-3zuKhpu9mGptu1HQqL0UvNTPxqtY0Ygz9hg_6xVwOm0XRR0MfBpHEay50PGEXSiPcN7n06WzvbKZ418mg2mLQ3WYdKkwHBmJsjbOH_MJ8WYqAS6Woq8AnFo6CNes0yLxn6veKN9CPb0RBoWuvPsuZ18AS2_z9b_xIkd5B-hF_RAxdUzL0qs8f1OjrUqH7h5C-bZQ5Wb8_1Rp46Hn7uJnSUI63IV0ef1nCOQ8LfQgcWJQqV19odzdY5n2oCEo8Dar5laaXuqQqspRb37PNLsCsZeb4R-Wtvi0KaF-hQgMwOhvTx51jFyyerN5eJA3a3LTj2xhjjreo1hqb4A2N2XZsGyNaWtnK7XH8PJty-f3f-CoDrkWxkqlLJ3qGT0id1T_s8BPTcEjHTTUSxD-DRhZSOYif_Cf-3YZ66rLXLvWWzPvgFRrKjU0DlDMCm08YC8t82VSAVeuShInRA99WqnXnmohcyHsIHMXfpOAoPEy9VM5BNdyECTc1BWJkBduwiHEuGeKScb65LgcRQgOFLKHyxDL9JV4hNAqCbpIsTWygRM5QXQnMjSxMKegpwRxLDd9_1_lDnLz8Q7BGdSnEnGgvsxITtttvYcfGjcZzTV9RlZG0CRFAS0C7-8Id09JC38E5rrtBfpGsHBBEcALymHMOX1aepFbuN727l8uDV_d3inDrMPsrDvBx_8fAzOtWo722gDzwRiEorj0N6CYtaa5yBksqMAR4v_h4TXQSrK9Q0Bj74Suw-zMZy7I6r5xbMaFfkyM2FNzR4l0y1uHJTceSDxB-itmVoNffTdYNNXs-Yy2qeyoLLE55RzG-naGQvL7IEhjyTf_THiy4qwo_qp3eY5wS3UsfJKEd31WPFKe8-aV1sDpxRkc5yfrL-58J3v5osin3QVhlvlmQnNC-g8DaSYH73MzCrbDnJgAeVDMzIKDitkKmF74oMCaeOn46EURziP7YBJ3LjNuWv9j8COcdwU8U-qIxonWpEtgZTtTXBBF07KJfi3BHZaFESR9uvzaxzYJ7PhI0A81romBCgwjo85FQ-lsQU0Y4RnPmBvXZ7BXWK4hsuRSeJdoiKOwxY2AZmZtk25tyLm1_E4LyEgfrdH9Z_2ZatFGdgssBrcy5J6bWwa1JgUOEsYBy8C_SV9TJvJpFnCKaIkxz9GMz4ylmkauTzRaeSPeSCi_PEZiXk5w4Moc-oFIp8xOrINM9R_eqGF2GhhmlCqFScbX8CmlO6qGAbPZoQaDdoJccPuFxXwkSoS1ehs_x8mu6AsVe6s5FFT_wZrLZWRMRB2K3vv-N8_GNUx60y6BRXgW5rhRS1d-JrNrb9xC0karqiL4GdhX4rC2faGw_Ghwe2RXqzfMeF8VbBsU4UPo4YQ_SjT6i7Iq0Xzx86pTMrlvx5r7u0Yv9r9HyvbZ9zKAxR-BDqu6ywupmr1ZQEuT7TCnjYjhCMuUriZLQ_6DRmCat_o4UeH0ahxGrWfSvq0xuh6cxAnvgCyDbCy9duoGH-QE4bsxuRXzup6-GuyNiZqO_4DwXt-hew7g_mWnYqGfYWYx3-RCWn1GId2lnE55mN-2OM8sgpF8xOyoi-Dw2uSrWGpbqpZd8Vwjv8f0U70kUcck0MG6l7VdGoIeRPkxLBxHBfS21cVMhO6GDGqYigIb3igze_nb3nkzi2TurB44SH9AxXmngz-qgl5uNbrGsZqUUgaJqox-DXygxhLkajBWzaOpEdd_B9EWAMNkjXqOyWKxDmqC6k1z266AzXLt8KbfwiUtzAY-ixxKD9oaw-JVfC0C9qbyheH1heltKIiowBYitsyDq4NgbdSAk-ZQWsdUw-jwi1FjZacOOXIQ2CGcz0vQLr_OaFz78nNrW-4rtRnfQIr2w7GJlUdBf3ALvnMCKxonD3KT6-ZBcrwc3VOzqGBkaVBKSh2AyfZbOZAQjskwTECu6FMo2II66njsHbkLqEb3L_OzHJvQBx5V8Ns2k8G7fx9l6MuyKPXttjY46Erhq3T1yv1tRLMlX4Rrvp7UQSRRJ5MenGTWBXv2_oFRiVPQoMDZHyecUR65TH2WKLyN0x_cbieLTPQrsYII9DL9q6ZUX1dYVmFkr4I9bHq9SiS_fJO-zFCWQfW4WNd9G8JBqVIUJDDnz67AtFovOk_1ceIs01XIjbRvkxwLjUy7B51wFn87DDqSFLEC9q-bMtPy63h3A9u8ms27DUl8zLSAA_AOxS3aDSsQu8yhh-1hUjMYjTslrZVHRv1UjUmnW3_re3l5sJ72ctzKoUPNGJUpOZQyx2anP2J7FjJ2DSO8JElM9HvnZtQ1iusYQrRDUW5GGTYX1KvwzlDgBb5yC-14veI2o6FEN0xb1uFyN5ndv5q8I6bxunwZmNUKaN9NqdM3nxRcs7eR0lHDbXctzDHDsrL3rm5iGMW8Yll3UXMrIxGKzCd8dGXBinIIQULGw5O7Sz94cISERKSS-LbGFqOu_OGK_ZWsc8_ZxNaZXht6gReFgwZae2q9nfhA-PGZUXqFeePg7kIXLDKhDSLdJTa7kq1g&cid=CAASPeRoLkAOLelEQLfEej7MhQbQOGcBkLdR_PKt6TEyFkRISw9YrBA0CgE3dOWMyLT3T4Jeuhk9tDczIE3sZ4Q&rfl=1%2Chttps%253A%252F%252Fwww.mlive.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 08 Feb 2022 19:55:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E719 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTms62hCp9_DKpphtbrhlRIONaq0rYa0as2IFh_BHYNCJ5Pfxyx3PqNhrGcMvvHS2QJPxeZKLx2DCou4i9p__yIMmRGOWOtjEuhopJrJFvjo3YOGVZj-M-5m8kA8w1wlW91vnhy6QvTMizJCO8M4MlavCt5A&dbm_d=AKAmf-Chhqn3KCXECQoh3132MkUsPu6HIOH4fPuoMBKLufTp8SUzWDyQyIGFYh7FuttTIr2BhP_XFdO6I2EfVXjwiV462xwczkUd1O69_julpdgUtvA7Zf5q0YI3BXc56ifIj78kgDlPVae4wjW5bkm4Hsrh7tWu6iuIB2iLqG0FgoBQUFjkIreC71f7cgIV7yvJ5asuz2-PaGe58wctDzZ4yhV0UtdaFPUxCk9-1F9I4VKdw1fQYphmCD6GGEPi-E9TJ64P8_QKH8BTpYWawRSLYizyp5jBsd499TqT_2TpFUpAxDu5uZICAhhD0ojFLEiq-Ew3BiS3rkWMeHANVqqFWuUsDnSTOCvu29gE01eIkApp7BCYcshQmXeWgg5BpEzdHHBgZezPhrG6fN-3tW1HAsyQswW-jIx3KdplDI2mzx3OuOsdGXLkBLfh-mXWZNRkRKEt3pl7RejO1iWGnRibSkSPHG-G8l6A-nR-alHvXWW6jo6HHjKWlCg2TIxFErLxk5aEcqIuc8IwNj5N4BEw642Y7KkzL6ccGmWUST7cODqhw_quN5dPqsBOBjEMJmu8dPHykN_SrSE6nDiCv9Fhlb8MjeLEQYwXbW1xW2wUuZBkAaLjWq09GUX6xIZrrOnhuy6v1_iB_5a24nNfXOapifMN3c7f_oy6UCnT6VGWmrTn0Wq-Sm0XS-3zuKhpu9mGptu1HQqL0UvNTPxqtY0Ygz9hg_6xVwOm0XRR0MfBpHEay50PGEXSiPcN7n06WzvbKZ418mg2mLQ3WYdKkwHBmJsjbOH_MJ8WYqAS6Woq8AnFo6CNes0yLxn6veKN9CPb0RBoWuvPsuZ18AS2_z9b_xIkd5B-hF_RAxdUzL0qs8f1OjrUqH7h5C-bZQ5Wb8_1Rp46Hn7uJnSUI63IV0ef1nCOQ8LfQgcWJQqV19odzdY5n2oCEo8Dar5laaXuqQqspRb37PNLsCsZeb4R-Wtvi0KaF-hQgMwOhvTx51jFyyerN5eJA3a3LTj2xhjjreo1hqb4A2N2XZsGyNaWtnK7XH8PJty-f3f-CoDrkWxkqlLJ3qGT0id1T_s8BPTcEjHTTUSxD-DRhZSOYif_Cf-3YZ66rLXLvWWzPvgFRrKjU0DlDMCm08YC8t82VSAVeuShInRA99WqnXnmohcyHsIHMXfpOAoPEy9VM5BNdyECTc1BWJkBduwiHEuGeKScb65LgcRQgOFLKHyxDL9JV4hNAqCbpIsTWygRM5QXQnMjSxMKegpwRxLDd9_1_lDnLz8Q7BGdSnEnGgvsxITtttvYcfGjcZzTV9RlZG0CRFAS0C7-8Id09JC38E5rrtBfpGsHBBEcALymHMOX1aepFbuN727l8uDV_d3inDrMPsrDvBx_8fAzOtWo722gDzwRiEorj0N6CYtaa5yBksqMAR4v_h4TXQSrK9Q0Bj74Suw-zMZy7I6r5xbMaFfkyM2FNzR4l0y1uHJTceSDxB-itmVoNffTdYNNXs-Yy2qeyoLLE55RzG-naGQvL7IEhjyTf_THiy4qwo_qp3eY5wS3UsfJKEd31WPFKe8-aV1sDpxRkc5yfrL-58J3v5osin3QVhlvlmQnNC-g8DaSYH73MzCrbDnJgAeVDMzIKDitkKmF74oMCaeOn46EURziP7YBJ3LjNuWv9j8COcdwU8U-qIxonWpEtgZTtTXBBF07KJfi3BHZaFESR9uvzaxzYJ7PhI0A81romBCgwjo85FQ-lsQU0Y4RnPmBvXZ7BXWK4hsuRSeJdoiKOwxY2AZmZtk25tyLm1_E4LyEgfrdH9Z_2ZatFGdgssBrcy5J6bWwa1JgUOEsYBy8C_SV9TJvJpFnCKaIkxz9GMz4ylmkauTzRaeSPeSCi_PEZiXk5w4Moc-oFIp8xOrINM9R_eqGF2GhhmlCqFScbX8CmlO6qGAbPZoQaDdoJccPuFxXwkSoS1ehs_x8mu6AsVe6s5FFT_wZrLZWRMRB2K3vv-N8_GNUx60y6BRXgW5rhRS1d-JrNrb9xC0karqiL4GdhX4rC2faGw_Ghwe2RXqzfMeF8VbBsU4UPo4YQ_SjT6i7Iq0Xzx86pTMrlvx5r7u0Yv9r9HyvbZ9zKAxR-BDqu6ywupmr1ZQEuT7TCnjYjhCMuUriZLQ_6DRmCat_o4UeH0ahxGrWfSvq0xuh6cxAnvgCyDbCy9duoGH-QE4bsxuRXzup6-GuyNiZqO_4DwXt-hew7g_mWnYqGfYWYx3-RCWn1GId2lnE55mN-2OM8sgpF8xOyoi-Dw2uSrWGpbqpZd8Vwjv8f0U70kUcck0MG6l7VdGoIeRPkxLBxHBfS21cVMhO6GDGqYigIb3igze_nb3nkzi2TurB44SH9AxXmngz-qgl5uNbrGsZqUUgaJqox-DXygxhLkajBWzaOpEdd_B9EWAMNkjXqOyWKxDmqC6k1z266AzXLt8KbfwiUtzAY-ixxKD9oaw-JVfC0C9qbyheH1heltKIiowBYitsyDq4NgbdSAk-ZQWsdUw-jwi1FjZacOOXIQ2CGcz0vQLr_OaFz78nNrW-4rtRnfQIr2w7GJlUdBf3ALvnMCKxonD3KT6-ZBcrwc3VOzqGBkaVBKSh2AyfZbOZAQjskwTECu6FMo2II66njsHbkLqEb3L_OzHJvQBx5V8Ns2k8G7fx9l6MuyKPXttjY46Erhq3T1yv1tRLMlX4Rrvp7UQSRRJ5MenGTWBXv2_oFRiVPQoMDZHyecUR65TH2WKLyN0x_cbieLTPQrsYII9DL9q6ZUX1dYVmFkr4I9bHq9SiS_fJO-zFCWQfW4WNd9G8JBqVIUJDDnz67AtFovOk_1ceIs01XIjbRvkxwLjUy7B51wFn87DDqSFLEC9q-bMtPy63h3A9u8ms27DUl8zLSAA_AOxS3aDSsQu8yhh-1hUjMYjTslrZVHRv1UjUmnW3_re3l5sJ72ctzKoUPNGJUpOZQyx2anP2J7FjJ2DSO8JElM9HvnZtQ1iusYQrRDUW5GGTYX1KvwzlDgBb5yC-14veI2o6FEN0xb1uFyN5ndv5q8I6bxunwZmNUKaN9NqdM3nxRcs7eR0lHDbXctzDHDsrL3rm5iGMW8Yll3UXMrIxGKzCd8dGXBinIIQULGw5O7Sz94cISERKSS-LbGFqOu_OGK_ZWsc8_ZxNaZXht6gReFgwZae2q9nfhA-PGZUXqFeePg7kIXLDKhDSLdJTa7kq1g&cid=CAASPeRoLkAOLelEQLfEej7MhQbQOGcBkLdR_PKt6TEyFkRISw9YrBA0CgE3dOWMyLT3T4Jeuhk9tDczIE3sZ4Q&rfl=1%2Chttps%253A%252F%252Fwww.mlive.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 10:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33451
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Feb 2023 10:38:13 GMT
q4-productfocused_display_DE_NA_simplicity_NA_300x250_static-cta1.jpg
s0.2mdn.net/8105663/ Frame E719 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8105663/q4-productfocused_display_DE_NA_simplicity_NA_300x250_static-cta1.jpg
Requested by
Host: 13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com
URL: https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
169b5f1668735f74d5468eb5dd5cc275d5cec32b9e4c2f95e4051ef8dd8f2caf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 16:52:59 GMT
x-content-type-options
nosniff
age
10965
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102717
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 18:36:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Feb 2022 16:52:59 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9F42 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 08 Feb 2022 10:38:14 GMT
expires
Wed, 08 Feb 2023 10:38:14 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
33450
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame E719 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dfeefc824178fe1b8ee04cb11dc2f3975b0294e1fb19364c30a4eab69808ba6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012201141909000/ Frame F56F 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
58664
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61542
x-xss-protection
0
server
sffe
date
Tue, 08 Feb 2022 03:38:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"00d9ef7efeb287da"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 08 Feb 2023 03:38:00 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame F56F 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
438266
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5698
x-xss-protection
0
server
sffe
date
Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"919adc590e0ff503"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Feb 2023 18:11:18 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame F56F 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
17736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29570
x-xss-protection
0
server
sffe
date
Tue, 08 Feb 2022 15:00:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c52208c2e07002d5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 08 Feb 2023 15:00:08 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame F56F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16339
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1851
x-xss-protection
0
server
sffe
date
Tue, 08 Feb 2022 15:23:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"76a8c96b6aaec2c9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 08 Feb 2023 15:23:25 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame F56F 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
438266
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13611
x-xss-protection
0
server
sffe
date
Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7aefe3fe93cc7383"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Feb 2023 18:11:18 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F56F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 18:59:48 GMT
x-content-type-options
nosniff
server
cafe
age
3356
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 09 Feb 2022 18:59:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F56F 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
51130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 09 Feb 2022 05:43:34 GMT
truncated
/ Frame F56F 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a10e5e235cb3191b54d1dcc89b3174f46e066b66ae51272e8cdba0c409da68d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.214.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-214-32.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.mlive.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 08 Feb 2022 19:55:44 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
14828492229214819266
tpc.googlesyndication.com/simgad/ Frame F56F 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14828492229214819266?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qntK6diN12SXYqD1N1Z_zlXziQvPw
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90398d274e093821b066f9bc367d1ddb8e2fa9d18d7660c10cc3704c4d9f519f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 18:59:51 GMT
x-content-type-options
nosniff
age
3353
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46612
x-xss-protection
0
last-modified
Wed, 17 Nov 2021 09:20:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 08 Feb 2023 18:59:51 GMT
l
www.google.com/ads/measurement/ Frame F56F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRcHvk5TL4O_r5RODpqAU264oKI424if924dMM5X4PVFL5Zx16eTJJz2blDm3vNYPycLNR0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame F56F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDBj2v8oCYtjTOo_u3wOIu5PwCqDyo4Vo3rX49pIP29keEAEgt8jTR2CVspWCpAegAZyv-6gCyAEC4AIAqAMByAMIqgSCAk_QvCJVTEBdEzWMXyiMs_yhDa22dqPjxwdeR_9POf0N7j4poXCY21RWxoXRwk-6hn-qQuCpF7wFzaFNiDX8WcwBj8Z-maew8J4j1wWSYQtPvLejVN68uwdoturaVpf8YxsXv7PQrhQ76P0yLJgXuI2u4nbCnY74NN23Eo9u81YmmEghFvxPfZyC9IL3lP9UbytQa6LzgGYBanquEh3J1LCLdIn4315NPLgHEJ1NGxU7toQ07FLqEEydKQkGxGKsiglAr9BHlNE0VxGrPem3cOJl3XwENXqgWPNOi8QKkxm22Cr3W6fpKb0LHxxP0Rn0ITgoTgFuJYH18aQY-eFbY7tuBMAE5u73mukD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB8zQhNcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQqKIM0ggJCIDhgHAQARgdgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTI5Mzc0OTQ1Njc5NDkyNzgY35Ef&sigh=ujvBJwj-PyU&uach_m=[UACH]
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.214.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-214-32.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 08 Feb 2022 19:55:44 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
view
googleads4.g.doubleclick.net/pcs/ Frame E719 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuwlKa5V9ekL49Tzgf_ovpA1M20Vax4XBLEFXU3anoe8ONbYmqfwOtddVC0tDVKSr32_uAAf_owHKnnbUOtuA_48YNv2ppc2Ar47b5Zowakpyym7F0bWUSE89Rx-LFnNjgThC1k393UKZqjEqcKdMOVWXTJHXCkFd0Ge4QcLcC2B3jcmKeZIIBJxwdgx3GFxh7w4T1Me_zYt_WjLyjjMKoGAU2rSWDEQKeLYRcI55g0lyDh0uq6mKzph_5OnS6PbY6-sAt5fPB3JpLvZMOVhSNcr0DmShBzfVLWeQjRRD-EMRVhlq83_BIGrocGgcdYJ8fGx4BIvp9bJlseJ1WA1VOPIk2XJ0L87aaYFByxU81_B9p5RRwMOc5B9O9UVmdHdutnm8Oon6mqCzjHdK7e_hyIDV6LDWuJ-itLiwWmVMdH6iM1WtsSVhngh9eI9aot0HUFwROtlYt_-z2wysQDabCCM0hjyL7e4iNioLKYan4g3l_nwy7xG1E1t4XixmYKUrwoj6PfCFKJxkMm2PJ8vhvPkltyUWxWM8KRLZCPdgm1aA0YsOkAEBTQpJUN3u-7jTJ7i1VbtOBj0eP9-Kx6-fGNV8Hded3AVhzMvRJfWQFPkyq-aht4VQRKvkGHKbkmcAe5SFn0orPfhMvQfSyRIDmewZfcozvjNXRIlbmnSaalhCDN1dOByguFWK_5gAXXxYhuv1HlsheiV-ire-3rKbRPHMzHQZn_csG5wgwMoS2R6_2tri7xGUH3RvdvZ9Fm46GfcpLBZY07dyNzIqhOPhYZhYGv6Y83pH7Nlbx8_VsHxnKLnrUyQ-9qLl32nwSVjXPP6hygT-sGZGmgajaDXcLsX_4gID5neLEWgSh6_SVcyn92_QxRJ_4Bx7d4NTx7yiLIStfnIaiGC8wyXa70fd7jBiOhSJGIumj143LAFgixNWKpXa9zn8ozGbPdLQ3xV7HPy4_d7xAhlkn3ExLxgsktWucNrCkn4KKW8KUkucnM5g3SMAqCNNpuA-YAbNmzn0QxAIT2d1RVpQowF5_LGoTMIEwM08GKFVMbfPHwLF6bsIvcr04xkqKhN_qylGin2ePd2no7lxkwhipBg2kOsFbMZBJ69R1rHcbfACVIGNl8Uj1vhLuTajkQshHRPv4xhbqTuXcCvedWW2NjbbqL7yHiff9ug9dBgIKS6TBu-Uu7-QgRTibD-2lLHV6n7_9f4_T-WAcv8W7qcVn8&sai=AMfl-YTl-Pc2vk0bOcF-8bUauHjIv6T4Wq2cuPiG0XrBUwZhsyja3wjAd6O4lDkalZ1mXfAL6_Cy0SHx_Gu1McFD0ZwTEh0oc3CemgvK-lFKCrRBAob85AN_gEN3w9Ab3RQuIXJAE9MsKuBA05v8SUVdxpNMOddNEZ-pJ2I71cdtI97zq_QhfsAFa8uo1M31RWloGbbEHqNSolGM_Ix2fBU6Z5JfaTH5OTGdMjbnwCKoSg&sig=Cg0ArKJSzOc0vmKPptddEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=123&vt=11&dtpt=122&dett=2&cstd=0&cisv=r20220203.19433&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTms62hCp9_DKpphtbrhlRIONaq0rYa0as2IFh_BHYNCJ5Pfxyx3PqNhrGcMvvHS2QJPxeZKLx2DCou4i9p__yIMmRGOWOtjEuhopJrJFvjo3YOGVZj-M-5m8kA8w1wlW91vnhy6QvTMizJCO8M4MlavCt5A&dbm_d=AKAmf-Chhqn3KCXECQoh3132MkUsPu6HIOH4fPuoMBKLufTp8SUzWDyQyIGFYh7FuttTIr2BhP_XFdO6I2EfVXjwiV462xwczkUd1O69_julpdgUtvA7Zf5q0YI3BXc56ifIj78kgDlPVae4wjW5bkm4Hsrh7tWu6iuIB2iLqG0FgoBQUFjkIreC71f7cgIV7yvJ5asuz2-PaGe58wctDzZ4yhV0UtdaFPUxCk9-1F9I4VKdw1fQYphmCD6GGEPi-E9TJ64P8_QKH8BTpYWawRSLYizyp5jBsd499TqT_2TpFUpAxDu5uZICAhhD0ojFLEiq-Ew3BiS3rkWMeHANVqqFWuUsDnSTOCvu29gE01eIkApp7BCYcshQmXeWgg5BpEzdHHBgZezPhrG6fN-3tW1HAsyQswW-jIx3KdplDI2mzx3OuOsdGXLkBLfh-mXWZNRkRKEt3pl7RejO1iWGnRibSkSPHG-G8l6A-nR-alHvXWW6jo6HHjKWlCg2TIxFErLxk5aEcqIuc8IwNj5N4BEw642Y7KkzL6ccGmWUST7cODqhw_quN5dPqsBOBjEMJmu8dPHykN_SrSE6nDiCv9Fhlb8MjeLEQYwXbW1xW2wUuZBkAaLjWq09GUX6xIZrrOnhuy6v1_iB_5a24nNfXOapifMN3c7f_oy6UCnT6VGWmrTn0Wq-Sm0XS-3zuKhpu9mGptu1HQqL0UvNTPxqtY0Ygz9hg_6xVwOm0XRR0MfBpHEay50PGEXSiPcN7n06WzvbKZ418mg2mLQ3WYdKkwHBmJsjbOH_MJ8WYqAS6Woq8AnFo6CNes0yLxn6veKN9CPb0RBoWuvPsuZ18AS2_z9b_xIkd5B-hF_RAxdUzL0qs8f1OjrUqH7h5C-bZQ5Wb8_1Rp46Hn7uJnSUI63IV0ef1nCOQ8LfQgcWJQqV19odzdY5n2oCEo8Dar5laaXuqQqspRb37PNLsCsZeb4R-Wtvi0KaF-hQgMwOhvTx51jFyyerN5eJA3a3LTj2xhjjreo1hqb4A2N2XZsGyNaWtnK7XH8PJty-f3f-CoDrkWxkqlLJ3qGT0id1T_s8BPTcEjHTTUSxD-DRhZSOYif_Cf-3YZ66rLXLvWWzPvgFRrKjU0DlDMCm08YC8t82VSAVeuShInRA99WqnXnmohcyHsIHMXfpOAoPEy9VM5BNdyECTc1BWJkBduwiHEuGeKScb65LgcRQgOFLKHyxDL9JV4hNAqCbpIsTWygRM5QXQnMjSxMKegpwRxLDd9_1_lDnLz8Q7BGdSnEnGgvsxITtttvYcfGjcZzTV9RlZG0CRFAS0C7-8Id09JC38E5rrtBfpGsHBBEcALymHMOX1aepFbuN727l8uDV_d3inDrMPsrDvBx_8fAzOtWo722gDzwRiEorj0N6CYtaa5yBksqMAR4v_h4TXQSrK9Q0Bj74Suw-zMZy7I6r5xbMaFfkyM2FNzR4l0y1uHJTceSDxB-itmVoNffTdYNNXs-Yy2qeyoLLE55RzG-naGQvL7IEhjyTf_THiy4qwo_qp3eY5wS3UsfJKEd31WPFKe8-aV1sDpxRkc5yfrL-58J3v5osin3QVhlvlmQnNC-g8DaSYH73MzCrbDnJgAeVDMzIKDitkKmF74oMCaeOn46EURziP7YBJ3LjNuWv9j8COcdwU8U-qIxonWpEtgZTtTXBBF07KJfi3BHZaFESR9uvzaxzYJ7PhI0A81romBCgwjo85FQ-lsQU0Y4RnPmBvXZ7BXWK4hsuRSeJdoiKOwxY2AZmZtk25tyLm1_E4LyEgfrdH9Z_2ZatFGdgssBrcy5J6bWwa1JgUOEsYBy8C_SV9TJvJpFnCKaIkxz9GMz4ylmkauTzRaeSPeSCi_PEZiXk5w4Moc-oFIp8xOrINM9R_eqGF2GhhmlCqFScbX8CmlO6qGAbPZoQaDdoJccPuFxXwkSoS1ehs_x8mu6AsVe6s5FFT_wZrLZWRMRB2K3vv-N8_GNUx60y6BRXgW5rhRS1d-JrNrb9xC0karqiL4GdhX4rC2faGw_Ghwe2RXqzfMeF8VbBsU4UPo4YQ_SjT6i7Iq0Xzx86pTMrlvx5r7u0Yv9r9HyvbZ9zKAxR-BDqu6ywupmr1ZQEuT7TCnjYjhCMuUriZLQ_6DRmCat_o4UeH0ahxGrWfSvq0xuh6cxAnvgCyDbCy9duoGH-QE4bsxuRXzup6-GuyNiZqO_4DwXt-hew7g_mWnYqGfYWYx3-RCWn1GId2lnE55mN-2OM8sgpF8xOyoi-Dw2uSrWGpbqpZd8Vwjv8f0U70kUcck0MG6l7VdGoIeRPkxLBxHBfS21cVMhO6GDGqYigIb3igze_nb3nkzi2TurB44SH9AxXmngz-qgl5uNbrGsZqUUgaJqox-DXygxhLkajBWzaOpEdd_B9EWAMNkjXqOyWKxDmqC6k1z266AzXLt8KbfwiUtzAY-ixxKD9oaw-JVfC0C9qbyheH1heltKIiowBYitsyDq4NgbdSAk-ZQWsdUw-jwi1FjZacOOXIQ2CGcz0vQLr_OaFz78nNrW-4rtRnfQIr2w7GJlUdBf3ALvnMCKxonD3KT6-ZBcrwc3VOzqGBkaVBKSh2AyfZbOZAQjskwTECu6FMo2II66njsHbkLqEb3L_OzHJvQBx5V8Ns2k8G7fx9l6MuyKPXttjY46Erhq3T1yv1tRLMlX4Rrvp7UQSRRJ5MenGTWBXv2_oFRiVPQoMDZHyecUR65TH2WKLyN0x_cbieLTPQrsYII9DL9q6ZUX1dYVmFkr4I9bHq9SiS_fJO-zFCWQfW4WNd9G8JBqVIUJDDnz67AtFovOk_1ceIs01XIjbRvkxwLjUy7B51wFn87DDqSFLEC9q-bMtPy63h3A9u8ms27DUl8zLSAA_AOxS3aDSsQu8yhh-1hUjMYjTslrZVHRv1UjUmnW3_re3l5sJ72ctzKoUPNGJUpOZQyx2anP2J7FjJ2DSO8JElM9HvnZtQ1iusYQrRDUW5GGTYX1KvwzlDgBb5yC-14veI2o6FEN0xb1uFyN5ndv5q8I6bxunwZmNUKaN9NqdM3nxRcs7eR0lHDbXctzDHDsrL3rm5iGMW8Yll3UXMrIxGKzCd8dGXBinIIQULGw5O7Sz94cISERKSS-LbGFqOu_OGK_ZWsc8_ZxNaZXht6gReFgwZae2q9nfhA-PGZUXqFeePg7kIXLDKhDSLdJTa7kq1g&cid=CAASPeRoLkAOLelEQLfEej7MhQbQOGcBkLdR_PKt6TEyFkRISw9YrBA0CgE3dOWMyLT3T4Jeuhk9tDczIE3sZ4Q&rfl=1%2Chttps%253A%252F%252Fwww.mlive.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 08 Feb 2022 19:55:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
wi15CXa8h7AfaunZlm4u5xWjD8ePEZy_mQ_gnQzqsAI.js
pagead2.googlesyndication.com/bg/ Frame 9F42 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wi15CXa8h7AfaunZlm4u5xWjD8ePEZy_mQ_gnQzqsAI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c22d790976bc87b01f6ae9d9966e2ee715a30fc78f119cbf990fe09d0ceab002
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 00:39:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
69369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13823
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 00:39:35 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame F56F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date
Tue, 08 Feb 2022 19:55:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F42 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bz85iwMoCYufiCMu6gAfD04EYAAAAADgB4AQC&bg=!wcKlwobNAAa4sGsQuLA7ACkAdvg8WpH8F3b2zoeNfFFLY3mzlLS4jiNutZ9ZKOs5SP6l9GvkqPhwFwIAAACrUgAAAAJoAQcKAIy-VXcmLbl7VitpAsR0YvVXLHsirIReFvxZ4eVHKlb8Ho5-zbqajaIev7j02WrCnMcuOVJl_PiaiKcrbmqldHtWK2z2utf9BAfngqw_dNFxvrsKq7vrJxFvK67V-FRpunOlrXu32kRU4PcdGCEfZ0jo89UWiji5JeK04I2cSBFhH-QJHCJU14qUTLtLWZkDDtF35-5QydQDHADiIzeDpHqThpRe6nsVrpa3po-mDGPCUcSNqvbutgCVKu9BlRNGm6iyxnuMJ82B6gMchwJ1gg-KxjVryTv_0QmfWrdtjoDALsZ-v3eqE5U936nsXp7N2a5cUSKkhsxF5T5WlUJdqDtQUylXuqbwavfLxRj6JBqjyRwcvtwmghhfg32AgkcpP1pjb2vnuMkqfI_FExXIajoD-lxR443q9t5FlyHN9RRzbg-c-_xxfvWZIf_o8xeou8YpJ498Zpwi84kOChnm-zbnSw86U64wSznFAuiIIeXDY5DeuLBebbHRj2bYZnktIqspWjE2JoiR_HFozNjcV5d-YOzC-cTBvJrx5UEsDPuNw8QkFAW_PPdWho5bZpAZA7mJTnzhk1_PFodkto5GOvYHzsa4E08Hlz1-gsL5hWQVyjAHg1Hn4MhmKxBArnkCwP4gBDC8C_kBWdyNaS6p8v96mGB_JhQa42_nohx5fqPuhwm94HGDoxSZ6aOUUQK_7wlDlaA91jxlma228XvMcDKVdgN6Ih3RIENRXKnQTYEPhrx2Yw-JkBLzzjy6s-eXr8TAuoVzw5cJGOv1gqHuUyB6OkFhEIZZ-TJW2zbnTYnmJ7eWR1eGeIzlbstVQ4S28e2zkoHedRpW9Uyzy3DvaN9Wq5s9tmOoZIvf2_PxNm_wLaBDQeqJ-hXbHCR3NkOi8EOmKUxLfb859_Ghv_zlS-k59hbWPfmX-tRLqN9s-byUBvpLrDY2FWWfqRo8l04iDAt6CQguU1sio9EU2nixcTnkckBo5dvdm4Js5ZPVP7jmrFKm46TvAvlJAd0LowvKmNMiLgn-0-QJFoDfOIVq3dczNe0VVBSFN-XW7QGkSTJU70BR6J9ENMiiJ4MiG5bWwOzdzuVzpK15MEhJxZJ6y0IiaPUP-_pp9yuXKII2ZmpVMw43EuKXruv7vPLJMxojjs1YFy26JuVjIYErXWQgxw-TjodVv4RXUCxjF4ypdxXXJX1-BWySQd0-AaX0cP74TS1lr0hxXb5PpQ3CFZhU
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_HEADER1&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=4&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&t=1644350142151&de=373857911032&rx=407949674962&m=0&ar=944fd8091a1-clean&iw=2323cd0&q=1&cb=0&cu=1644350142151&ll=2&lm=0&ln=0&em=0&en=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=advanceddigitalheader640552616592&fd=1&ac=1&it=500&pe=1%3A6858%3A6858%3A0%3A6742&fs=196859&na=211478783&cs=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:44 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 08 Feb 2022 19:55:44 GMT
optimus_rules.json
tags.crwdcntrl.net/lt/c/963/ 		26 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/963/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-90.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f8051f3eb7b146bdfd1156266a2947c7361e2d9546fa39f4c86cc06d869cd877

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 08 Feb 2022 14:11:55 GMT
content-encoding
gzip
age
20630
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 30 Nov 2021 19:45:20 GMT
server
AmazonS3
etag
W/"5f1caf5b5ed07225c2bf7016429a9c40"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
7njfakJh4YX67Z6yoIeOAgaHFrvqFtltPUVNnIdDW59m5Td0OLnUrw==
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7165fd8034c1d05de073d8beaf055a90897e17d5cc0b218a89c9618d4d01079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 08 Feb 2022 19:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9986
x-xss-protection
0
image.sbix
global.ib-ibi.com/ 		0
72 B 		Script
General
Check archive.org
Download Go to
Full URL
https://global.ib-ibi.com/image.sbix?go=315557&pid=687&xid=819984878.1644350142&id1=undefined
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.0
Security
TLS 1.2, RSA, AES_256_CBC
Server
69.169.85.6 Cranford, United States, ASN29838 (AMC, US),
Reverse DNS
Software
BigIP /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
close
Content-Length
0
Server
BigIP
up
insight.adsrvr.org/track/ Frame 39F3 		0
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=4pdxx2d&ref=https%3A%2F%2Fwww.mlive.com%2F&upid=p5qqvcp&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/

Response headers

date
Tue, 08 Feb 2022 19:55:44 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
0217991d.akstat.io/ 		0
201 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://0217991d.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:199::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:44 GMT
content-type
image/gif
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Tue, 08 Feb 2022 19:55:44 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.mlive.com%2F-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-6%2BU9GJ%2BZ4ONI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-glpGhov6BziEcg%3D%3D&sc=1&os=1-3A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=4&w=4&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1644350142151&de=373857911032&rx=407949674962&cu=1644350142151&m=2439&ar=944fd8091a1-clean&iw=2323cd0&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=12440&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A6858%3A6858%3A0%3A6742&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=196859&na=1164513957&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:44 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 08 Feb 2022 19:55:44 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 08 Feb 2022 19:55:44 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C467 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 08 Feb 2022 15:04:06 GMT
expires
Wed, 08 Feb 2023 15:04:06 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
17498
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8D6B 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ead825d8598d9d02116dc6ee5fda7e21cba2b804423eaa56addd61eb0be94832
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vm9cjiXntgnavo+HU35OXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 08 Feb 2022 19:55:44 GMT
date
Tue, 08 Feb 2022 19:55:44 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-vm9cjiXntgnavo+HU35OXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 8D6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020301&jk=2092353358045060&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
wi15CXa8h7AfaunZlm4u5xWjD8ePEZy_mQ_gnQzqsAI.js
pagead2.googlesyndication.com/bg/ Frame C467 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wi15CXa8h7AfaunZlm4u5xWjD8ePEZy_mQ_gnQzqsAI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c22d790976bc87b01f6ae9d9966e2ee715a30fc78f119cbf990fe09d0ceab002
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 00:39:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
69369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13823
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 00:39:35 GMT
results.txt
3fajornyk3552yqczlaq-pjjyo3-e9ccc1578-clientnsv4-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pjjyo3d69
  • https://3fajornyk3552yqczlaq-pjjyo3-e9ccc1578-clientnsv4-s.akamaihd.net/eum/results.txt
8 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://3fajornyk3552yqczlaq-pjjyo3-e9ccc1578-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
184.86.251.221 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-221.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 19:55:45 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://3fajornyk3552yqczlaq-pjjyo3-e9ccc1578-clientnsv4-s.akamaihd.net/eum/results.txt
Date
Tue, 08 Feb 2022 19:55:45 GMT
Server
AkamaiGHost
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
results.txt
eaaqvsaaea6qakqce3yab3yaabrafswa-pjjyo3-7f5fcd17c-clienttons-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pjjyo3d69
  • https://eaaqvsaaea6qakqce3yab3yaabrafswa-pjjyo3-7f5fcd17c-clienttons-s.akamaihd.net/eum/results.txt
8 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eaaqvsaaea6qakqce3yab3yaabrafswa-pjjyo3-7f5fcd17c-clienttons-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
2a02:26f0:ef::5c7b:c244 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 19:55:45 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://eaaqvsaaea6qakqce3yab3yaabrafswa-pjjyo3-7f5fcd17c-clienttons-s.akamaihd.net/eum/results.txt
Date
Tue, 08 Feb 2022 19:55:44 GMT
Server
AkamaiGHost
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
generate_204
tpc.googlesyndication.com/ Frame C467 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ceCxug
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 3964 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssN2qq8eoQ3I9LHr4rOt8IlWov-dSVZ1u9wjNBf1CdK_yqH2EJ4pnC_HRZ93quUi5a4FeYtTLZuAlRIMPFxXSQZGwAQ0WjpFdRQq8Y0VzyXtnt6oGV2hg&sai=AMfl-YS1CeC6eUK1tvkck_nw8xkWvJcr8tadmrQcz4ankadj_ujOXHzMWVeXGpALlEh917va1QSkRMOpDEjpCvB2Ezla6Bloecb3Z38vQ19mGtJcLinK88K3nhUOCko&sig=Cg0ArKJSzG6K83B9RuzWEAE&cid=CAASPeRoCJgj3rT3AUV28s4iFXwFcEzlW8Zq1n9Tk0gAY7uwrzVNr6xElyRGbTJFy6d6aE5eHVLDD7dKDR9lAP4&id=ampim&o=1135,169&d=300,276&ss=1600,1200&bs=1600,1200&mcvt=1015&mtos=0,0,1015,1015,1015&tos=0,0,1015,0,0&tfs=338&tls=1353&g=100&h=100&tt=1353&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=197823414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
115
check.analytics.rlcdn.com/check/ 		25 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/115
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-72.fra56.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 08 Feb 2022 19:55:45 GMT
via
1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amzn-requestid
5fd74348-4506-4bfd-89b8-795924d14115
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6202cac1-10ec21a567e31b8a0eb61905
x-amz-apigw-id
NPSeMFQtjoEF-Qg=
content-length
25
x-amz-cf-id
8mH8BKuKYeCeUP4HFGQvEY93r2iDIb7TpCMCStFx98qEdl9neOkJHQ==
115
check.analytics.rlcdn.com/check/ 		25 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/115
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-72.fra56.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 08 Feb 2022 19:55:45 GMT
via
1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amzn-requestid
73b549a6-d6ad-4b0c-a24c-dec0f172a7f9
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6202cac1-3f775eba1d5b19c2466ea1dc
x-amz-apigw-id
NPSeNEJIDoEFjnQ=
content-length
25
x-amz-cf-id
TAuiAc3S44WgE-tliOswfiVkEurM9FGHY_zr-SDc0QFjSo5J6hyZUQ==
115
check.analytics.rlcdn.com/check/ 		25 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/115
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-72.fra56.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 08 Feb 2022 19:55:45 GMT
via
1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amzn-requestid
1b589dd2-1e8a-4956-a570-166707364d84
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6202cac1-5600c52b2b2b1b8a2d09ccfd
x-amz-apigw-id
NPSeNF2qDoEFXFg=
content-length
25
x-amz-cf-id
x14pqYeOIbnLYNiwO1X-buB8It3hM5vPKg6uknnhT47mJrbLhgQpkA==
activeview
pagead2.googlesyndication.com/pcs/ Frame E719 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstm3ce44XKgqaaTQrUgZ3EG9fo2eAJI-0kuuqIz_1W-z51lWIQNj-73Xv3WXLqzn9wnMWPHJU5q4k_cA1d7TVjySex-xO5pwUWqVdyG5LDO-sr25Jh8CA&sai=AMfl-YRThcI26Ui3INEOAWCEoi5EtrT-rnrnm7Skms0odfSLYfNIhbK9e6A5DBW0W1nSqOn1Tf82stRlBJzqmyVdihN96Ox57FSXlnboWY9X0V7HUmx1S50TKaXMZ1c&sig=Cg0ArKJSzGg8FHB1mKHHEAE&cid=CAASPeRoLkAOLelEQLfEej7MhQbQOGcBkLdR_PKt6TEyFkRISw9YrBA0CgE3dOWMyLT3T4Jeuhk9tDczIE3sZ4Q&id=lidar2&mcvt=1000&p=883,1135,1137,1435&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220207&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=455907384&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644350144043&rpt=271&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F56F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAxp5M1BqB8StRLcO69Od1PxcE-ZiH220OkzTwEdaE77chBSDmUQejI2paeGWr4TySZ9j_bWcQJFXx8zDHLIFIx28-JsRw9EUp_tEJ0qeWZ17hjHZObA&sai=AMfl-YRAWXvrHQq2n4Qw8qqs32iHG4_6SwnJ4V5rIq059R15AEG5iUClrc_04MIA5QCv88FP_MGZhiPFjoUDT5uLwZC2lsN_06BoPQ-Zp1WunBCbLB6EQ9ewlMcQr1s&sig=Cg0ArKJSzH4XhJVoX5fEEAE&cid=CAASPeRo0F59yFW0YBDZWIMJe02vIXGlcr21BMHvF3GHOw_zLk8yzWjzhqt0kCtNlKuYbs8Hudb8NHlKXacaAe4&id=ampim&o=165,887&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=128&tls=1128&g=100&h=100&tt=1128&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=197823415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020301&jk=2092353358045060&bg=!zs2lzYnNAAa4sGsQuLA7ACkAdvg8WoSgLVVw6uDNnXajN69oOK8eg-URUkpNGJc42HHobqkX5Ig0GAIAAABTUgAAAANoAQcKAGAKgBAxHWA7ReNhzZY9DQTHIcHKuS7dOp20V-ppfuVw8uh2fFwW8z-uAjhdjq-OjzN2NI2t8UJXrRVrTS_soEnF4qJeRHV7tikuHPfqTFyM3Z4ZThflRfYRB7b8jodJQ4KZAql7cJJ8wirrOWYoY27dgiztT6FVdbpDwT4g3tLaLHy5aMsBGGKEibipmeGqRZ7IJFkCJOSF1QiNt37H6-Mnki9Wa0GgpnOgnV_Q5BYoCaaj8sp8BfaeReTTOr8hXWsxG3si7I1-QFKwVV38SKSGgHZDHBgihXtGNp9-TzbfPw45yb0wD2Wr8zW4wdQq8cBiQhZR4qjHwgdOnf454XoV7bXo9ppX0QfQCr2e0WdT2ypELqK_1oNXk-Ql-0iAcKa1AiNg1GF_DXn5Sof9otsUTwd9M6okxtskArlbVTCb5pJZICybVG5eLaZo7a3GfBHWRQeLam4yV2qrgkVxQAEyub-ZZ4ckxOcIqtsWllf2I9zeBvxblq9BZGt4NLtu7o9-Xm0ix675XS46OanF0w5niLYBJK0hT0Ocxmq-Kh3Jj_rBWX3E3j9JNKlljDvXqfads-NcO2YPHdPMTcM6qjxINkc82lTW5fKRu1_33Cluk2pAMQZHw0afqRySiSmN2T61bW-q9DI-NHAGOLCS9RdNRmA-nln_121pP76eKkLG67X525OPgG1PDlD2_FRhNm9sJYfCTvUJcnAKbB539lRCl-Qf4BhhTYhuS602vQmrKQiH3wdmI-r3O0E42OIIusgrPBiBI82LcdBgGWOPs8Ic5P5bas8vP6ZrUqtWU11dVWXwNmVb2ypSCSCpCNzVh2CcE0Da7ZSa72v5E4MFeGiOLwGMrGtMIoFTj7dg2ZDpZH5W7gAjuiHpjIH0K9FQfdF10JYLV5-pHYaqNQIC0qsKMYA_3O8vZmOTbZ1OpJ_e7_4xqRtNvaC22rec8M1R7r648Q0fqmQLiDIb8DjOoRz80nHlxiLquOh65Z3zNK3B-F883DG_PS0pC10Byg86GVEOqtTpe1c8mX5AfiM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
data
bcp.crwdcntrl.net/6/ 		172 B
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
457563e4d9b4515c313ac047b0ab798e7399c861d894e8affd16429effa6e2e1

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:45 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.23.122
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
172
expires
0
392.json
id5-sync.com/g/v2/ 		213 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/392.json
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.199 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p21.id5-sync.com
Software
/
Resource Hash
4a8f2865778a172d3be9c473f6e309d9fae9ec13c55ac43000d38a43aba03456
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.mlive.com
Date
Tue, 08 Feb 2022 19:55:47 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
3723
idx.liadm.com/idex/prebid/ 		54 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/3723?duid=94c49eadf2ac--01fvdefy4dnmxpes5s5h625fwd
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.77.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-77-103.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
d20aaf42b1f287fc8f3910182cec224884aa5637991a6eb855579657f0417922
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 08 Feb 2022 19:55:48 GMT
Vary
Origin
Server
nginx/1.18.0
Request-Time
4
Content-Type
application/json
Access-Control-Allow-Origin
https://www.mlive.com
Connection
keep-alive
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000; includeSubDomains
trace-id
158ce79c8a14451a
Content-Length
54
envelope
api.rlcdn.com/api/identity/ 		0
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=115
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 08 Feb 2022 19:55:48 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FC25 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=143656
expires
Thu, 10 Feb 2022 11:50:04 GMT
date
Tue, 08 Feb 2022 19:55:48 GMT
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 0AA2 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.185.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-185-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7fd6da6f10068251e5e0a5a1ee993a574a2b81220bf3f2f926ccb73df4201aeb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Thu, 10 Feb 2022 19:55:48 GMT
date
Tue, 08 Feb 2022 19:55:48 GMT
content-length
7786
ixmatch.html
js-sec.indexww.com/um/ Frame A15F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 08 Feb 2022 19:55:48 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4A61 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=143656
expires
Thu, 10 Feb 2022 11:50:04 GMT
date
Tue, 08 Feb 2022 19:55:48 GMT
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame DCAF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 08 Feb 2022 19:55:48 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 50FE 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 08 Feb 2022 19:55:48 GMT
Connection
keep-alive
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 7B1F 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.185.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-185-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7fd6da6f10068251e5e0a5a1ee993a574a2b81220bf3f2f926ccb73df4201aeb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Thu, 10 Feb 2022 19:55:48 GMT
date
Tue, 08 Feb 2022 19:55:48 GMT
content-length
7786
checksync.php
contextual.media.net/ Frame E867 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.185.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-185-183.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7fd6da6f10068251e5e0a5a1ee993a574a2b81220bf3f2f926ccb73df4201aeb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Thu, 10 Feb 2022 19:55:48 GMT
date
Tue, 08 Feb 2022 19:55:48 GMT
content-length
7786
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9C30 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=143656
expires
Thu, 10 Feb 2022 11:50:04 GMT
date
Tue, 08 Feb 2022 19:55:48 GMT
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame DEBD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/10071_MI_Desktop_Mobile.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 08 Feb 2022 19:55:48 GMT
Connection
keep-alive
usync.js
eus.rubiconproject.com/ Frame 50FE 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b49121e677834609212540f82a123482989b65f22e54e54b79d9dcbfc2feb47b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 19:55:48 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62524
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Wed, 09 Feb 2022 13:17:52 GMT
usermatch
ssum-sec.casalemedia.com/ Frame AD88
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
40c6f7f93175681d7ab9a1b417c1076fdc9fa59e9a8aa4d1d6777d62e387685d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|230|45|130|196|57|88
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Tue, 08 Feb 2022 19:55:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Content-Length
1618
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
336
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 08 Feb 2022 19:55:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame E724
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1ff488388c42f507941eef23f7fe943fbb3d9e4c76908fa1c0b2802b90179f04

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|230|45|51|81|73|111
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Tue, 08 Feb 2022 19:55:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Content-Length
1583
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
336
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 08 Feb 2022 19:55:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame 133D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1af6cb40e0e6d6186a5cdd52456541b3c37bebaebeb3ec8633b076227240422c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|39|241|4|188|64|5
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Tue, 08 Feb 2022 19:55:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Content-Length
1470
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
336
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 08 Feb 2022 19:55:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Connection
keep-alive
PugMaster
image6.pubmatic.com/AdServer/ Frame FC25 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26607935&p=159879&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ba3c529c36289a06d098e40d474c1f492903fd55112c54f431b269e49208998d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:47 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
709414.gif
id.rlcdn.com/ Frame 50FE 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:48 GMT
via
1.1 google
alt-svc
clear
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 50FE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=17946202-cac4-4500-9b8d-7415d6e94b56
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=17946202-cac4-4500-9b8d-7415d6e94b56
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

Date
Tue, 08 Feb 2022 19:55:48 GMT
Server
MT3 4133 baa842e master zrh-pixel-x27 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=17946202-cac4-4500-9b8d-7415d6e94b56
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 08 Feb 2022 19:55:47 GMT
v1
ads.yahoo.com/cms/ Frame 50FE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZEJMAFW-1A-F8IS&sigv=1&esig=2~b0af61e7acf9acda3353f1ac3d9b6deb38c8e4ea&us_privacy=1---
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZEJMAFW-1A-F8IS&sigv=1&esig=2~b0af61e7acf9acda3353f1ac3d9b6deb38c8e4ea&us_privacy=1---
Protocol
H2
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:48 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZEJMAFW-1A-F8IS&sigv=1&esig=2~b0af61e7acf9acda3353f1ac3d9b6deb38c8e4ea&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 50FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPl76o6vXfmkTE9ajDq12O0&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPl76o6vXfmkTE9ajDq12O0&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPl76o6vXfmkTE9ajDq12O0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 50FE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzQyNDNlODViNTVlNjk5NDA4NmZmYTI5NmMzYWM4MTNhMTFkMzA3Zg&us_privacy=1---
170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzQyNDNlODViNTVlNjk5NDA4NmZmYTI5NmMzYWM4MTNhMTFkMzA3Zg&us_privacy=1---
Protocol
H2
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzQyNDNlODViNTVlNjk5NDA4NmZmYTI5NmMzYWM4MTNhMTFkMzA3Zg&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 50FE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
btu4jd3a
sync-tm.everesttech.net/upi/pid/ Frame 50FE 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644350148.334594,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4022-HHN
pixel
cm.g.doubleclick.net/ Frame 50FE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pFSk1BRlctMUEtRjhJUw==&us_privacy=1---
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pFSk1BRlctMUEtRjhJUw==&us_privacy=1---
Protocol
H2
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pFSk1BRlctMUEtRjhJUw==&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
match
c1.adform.net/serving/cookie/ Frame 71B8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=137B9565-5C53-4DF6-A5B2-3A3A4DED1A89
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=137B9565-5C53-4DF6-A5B2-3A3A4DED1A89
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=137B9565-5C53-4DF6-A5B2-3A3A4DED1A89
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 08 Feb 2022 19:55:48 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Tue, 08 Feb 2022 19:55:48 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=137B9565-5C53-4DF6-A5B2-3A3A4DED1A89
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame C9F3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b2696202-cac3-4200-86ea-8d4b8f552c7f&gdpr=0&gdpr_consent=
42 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b2696202-cac3-4200-86ea-8d4b8f552c7f&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.120 Philadelphia, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 08 Feb 2022 19:55:48 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
10:0:448
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Tue, 08 Feb 2022 19:55:48 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master zrh-pixel-x12 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b2696202-cac3-4200-86ea-8d4b8f552c7f&gdpr=0&gdpr_consent=
Expires
Tue, 08 Feb 2022 19:55:47 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1CDB
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4943898809691418192
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4943898809691418192
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 08 Feb 2022 19:55:48 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug026:0:532
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4943898809691418192
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame ADAA 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 08 Feb 2022 19:55:47 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Tue, 08 Feb 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
587007
strict-transport-security
max-age=31536000; preload;
Pug
simage2.pubmatic.com/AdServer/ Frame CAF4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7062430108842129559
42 B
520 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7062430108842129559
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.120 Philadelphia, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 08 Feb 2022 19:55:48 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
sv3pug012:0:491
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Tue, 08 Feb 2022 19:55:48 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7062430108842129559
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FC25
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=E3uVZVxTTfalsjo6Te0aiQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:48 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=143656
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Thu, 10 Feb 2022 11:50:04 GMT

Redirect headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame FC25
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b50c6202-cac3-4f00-ae69-dbc2a4a2c869
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b50c6202-cac3-4f00-ae69-dbc2a4a2c869
Protocol
H2
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 08 Feb 2022 19:55:48 GMT
Server
MT3 4133 baa842e master zrh-pixel-x9 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b50c6202-cac3-4f00-ae69-dbc2a4a2c869
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 08 Feb 2022 19:55:47 GMT
mw
mwzeom.zeotap.com/ Frame FC25
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=137B9565-5C53-4DF6-A5B2-3A3A4DED1A89
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=b2cb4905-0b17-4c4e-8ded-568295165229&icm
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=9382a4e9a3424a75f523f9c49f17b8fd
  • https://spl.zeotap.com/?zdid=1332&zcluid=ddb64b51c0473a60
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=acaeda2e-dfbb-4d39-6b4c-e4f66a338b67&reqId=dfd9ad6c-febb-4a03-5ab4-6f3df70217a7&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEFTmXyXwaOUztKW7tbK34NE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=acaeda2e-dfbb-4d39-6b4c-e4f66a338b67&reqId=dfd9ad6c-febb-4a03-5ab4-6f3...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEFTmXyXwaOUztKW7tbK34NE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=acaeda2e-dfbb-4d39-6b4c-e4f66a338b67&reqId=dfd9ad6c-febb-4a03-5ab4-6f3df70217a7&zcluid=ddb64b51c0473a60&zdid=1332
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6da76aefac900f4e-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEFTmXyXwaOUztKW7tbK34NE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=acaeda2e-dfbb-4d39-6b4c-e4f66a338b67&reqId=dfd9ad6c-febb-4a03-5ab4-6f3df70217a7&zcluid=ddb64b51c0473a60&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FC25
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTM3Qjk1NjUtNUM1My00REY2LUE1QjItM0EzQTRERUQxQTg5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:48 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:329
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FC25
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMbc9jCDyHMbfxhC2E8N_7c&google_cver=1
42 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMbc9jCDyHMbfxhC2E8N_7c&google_cver=1
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:48 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:528
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMbc9jCDyHMbfxhC2E8N_7c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame FC25 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:48 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 07 Feb 2022 19:55:48 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FC25
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7305077954368423666
42 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7305077954368423666
Protocol
H2
Server
204.237.133.120 Philadelphia, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:48 GMT
cache-control
no-store, no-cache, private
x-lat
10:0:465
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7305077954368423666
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame FC25
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b2cb4905-0b17-4c4e-8ded-568295165229
42 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b2cb4905-0b17-4c4e-8ded-568295165229
Protocol
H2
Server
204.237.133.120 Philadelphia, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:48 GMT
cache-control
no-store, no-cache, private
x-lat
10:0:517
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b2cb4905-0b17-4c4e-8ded-568295165229
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame FC25
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6069859781023518013&gdpr=0&gdpr_consent=
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6069859781023518013&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:48 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:655
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
X-Proxy-Origin
217.64.151.69; 217.64.151.69; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0c933918-0cf7-4b42-bb4e-c288c9d67e2d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6069859781023518013&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame AD88
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgLKxGnsLsugWs-5pvhO0QAABKEAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgLKxGnsLsugWs-5pvhO0QAABKEAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgLKxGnsLsugWs-5pvhO0QAABKEAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
R1JE35DCMK3QF60VWWR9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
G7JE3TW9ZJHX7C8ADDBA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgLKxGnsLsugWs-5pvhO0QAABKEAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame AD88 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame AD88 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgLKxGnsLsugWs-5pvhO0QAABKEAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame AD88
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgLKxGnsLsugWs.5pvhOzgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHnL8TAiUlc3kCmZxH3LqU8&google_cver=1&gdpr=1&google_hm=2
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHnL8TAiUlc3kCmZxH3LqU8&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 08 Feb 2022 19:55:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHnL8TAiUlc3kCmZxH3LqU8&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame AD88
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADVwk7EBZYAABNgc3XZaw&expiration=1645559748&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADVwk7EBZYAABNgc3XZaw&expiration=1645559748&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 08 Feb 2022 19:55:48 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADVwk7EBZYAABNgc3XZaw&expiration=1645559748&gdpr=1
Date
Tue, 08 Feb 2022 19:55:48 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame AD88
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 08 Feb 2022 19:55:48 GMT

Redirect headers

date
Tue, 08 Feb 2022 19:55:48 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame AD88
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210819725231934
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210819725231934
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 08 Feb 2022 19:55:48 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210819725231934
Date
Tue, 08 Feb 2022 19:55:48 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame AD88 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644350148.427936,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4022-HHN
htw-pixel.gif
js-sec.indexww.com/ht/ Frame AD88 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YgLKxGnsLsugWs.5pvhO0QAA%261185
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 19:55:48 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2105
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 08 Feb 2022 20:30:53 GMT
crum
dsum-sec.casalemedia.com/ Frame 133D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgLKxGnsLsugWs.5pvhOzgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHnL8TAiUlc3kCmZxH3LqU8&google_cver=1&gdpr=1&google_hm=2
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHnL8TAiUlc3kCmZxH3LqU8&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 08 Feb 2022 19:55:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHnL8TAiUlc3kCmZxH3LqU8&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 133D 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgLKxGnsLsugWs-5pvhOzwAABJgAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 133D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 133D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgLKxGnsLsugWs-5pvhOzwAABJgAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgLKxGnsLsugWs-5pvhOzwAABJgAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgLKxGnsLsugWs-5pvhOzwAABJgAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2RD883MZD8VJR5EY6ARF
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9KYCXS2KYDF2H1RQFNVX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgLKxGnsLsugWs-5pvhOzwAABJgAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 133D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7235798622051936861
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7235798622051936861
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 08 Feb 2022 19:55:48 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7235798622051936861
pragma
no-cache
date
Tue, 08 Feb 2022 19:55:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
CookieIndex
rtb.adentifi.com/ Frame 133D 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.103.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-103-226.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
rum
dsum-sec.casalemedia.com/ Frame 133D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1646942148
43 B
997 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1646942148
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 08 Feb 2022 19:55:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:47 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1646942148
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ix
ad4m.at/ad/sim/ Frame 133D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 133D 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YgLKxGnsLsugWs.5pvhOzwAA%261176
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 19:55:48 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2105
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 08 Feb 2022 20:30:53 GMT
dcm
s.amazon-adsystem.com/ Frame E724
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgLKxGnsLsugWs-5pvhOzgAABGIAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgLKxGnsLsugWs-5pvhOzgAABGIAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgLKxGnsLsugWs-5pvhOzgAABGIAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
JEA5BCWVS285THWT601H
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
SZZEBBZK49VEXD2N2SYG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgLKxGnsLsugWs-5pvhOzgAABGIAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame E724 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame E724 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgLKxGnsLsugWs-5pvhOzgAABGIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E724
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YgLKxGnsLsugWs.5pvhOzgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHnL8TAiUlc3kCmZxH3LqU8&google_cver=1&gdpr=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHnL8TAiUlc3kCmZxH3LqU8&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 08 Feb 2022 19:55:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHnL8TAiUlc3kCmZxH3LqU8&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame E724 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.34.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-34-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 19:55:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
rum
dsum-sec.casalemedia.com/ Frame E724
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=4aoDz7T5UMn6rwPE4aEez-avUJv6-wTL5KE-JORM
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=4aoDz7T5UMn6rwPE4aEez-avUJv6-wTL5KE-JORM
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 19:55:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 08 Feb 2022 19:55:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=4aoDz7T5UMn6rwPE4aEez-avUJv6-wTL5KE-JORM
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
YgLKxGnsLsugWs-5pvhOzgAABGIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E724 		43 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YgLKxGnsLsugWs-5pvhOzgAABGIAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:1b80:454b:1747:2be1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:55:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
match
c1.adform.net/serving/cookie/ Frame E724 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:48 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
htw-pixel.gif
js-sec.indexww.com/ht/ Frame E724 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YgLKxGnsLsugWs.5pvhOzgAA%261122
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.mlive.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-213-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 19:55:48 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2105
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 08 Feb 2022 20:30:53 GMT
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-02-08T19%3A55%3A49.106Z&_t=timespent&cBr=mlive&cTi=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&cTy=website&pHr=https%3A%2F%2Fwww.mlive.com&pRt=referral&pHp=%2F&pRr=https%3A%2F%2Fwww.mlive.com%2F&pWw=1600&pWh=1200&pPw=1600&pPh=12400&pSw=1600&pSh=1200&uID=89edd9c6-7fa1-4b4b-8bc4-04dfded2e1ff&sID=c6e62c4e-1aa3-4295-9526-550c2f777b75&pID=a4f5868e-14e2-4c93-b5ed-7294aced6a24&uDt=desktop&_o=mlive&_c=general&xID=c5308a23-6d26-42eb-a0e0-785daf6da68b&_v=5000&org_id=4gKgcF5QZg8S9vbBuczznhapazGb&environment=prod&origin=mlive
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.194.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-194-18.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 08 Feb 2022 19:55:49 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-6%2BU9GJ%2BZ4ONI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-glpGhov6BziEcg%3D%3D&sc=1&os=1-3A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=12440&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=12440&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=4&w=4&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1644350142151&de=373857911032&rx=407949674962&cu=1644350142151&m=7542&ar=944fd8091a1-clean&iw=2323cd0&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A6858%3A6858%3A10033%3A6742&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5008&cd=0&ah=5008&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=196859&na=484920138&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:55:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 08 Feb 2022 19:55:49 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame FC25 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159879&gdpr=0&gdpr_consent=&us_privacy=1---

Verdicts & Comments Add Verdict or Comment

406 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 function| admiral object| googletag object| sophi object| sophiSegments object| BOOMR_mq string| BOOMR_API_key object| BOOMR string| environment object| adiData object| dataLayer object| Fusion object| react object| React object| ReactDOM object| PropTypes object| scCGSHMRCache object| StyledComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| adiTrackPromise object| adiTrack function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| otCcpaOptOut function| dnsfeed object| PQ object| apstag object| pbjs boolean| bcDFPCallbackCalled function| bcDFPCallback object| lotame_963 object| burtApi object| AdManager function| adhesionInit object| Advance object| tp object| google_tag_manager function| postscribe object| google_tag_manager_external function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| google_tag_data string| bcHostname object| pArray function| adiGetLotameValue object| lotameSegments object| pianoScript object| atsScript boolean| isOriginalIDL undefined| revgenDebug string| bcAffiliateProp string| logStyle function| handleProfileProperties function| debouncedHandleProfileProperties function| loadValuesFromBlueConic function| debounce function| storeIDLInfo function| setOriginalIDL function| retry function| retryGetProfileProps function| emitIDLInfo function| retryEmitIDLInfo function| setLiveRampsIDL function| waitForBcPageView function| waitForATS function| waitForAuth0 function| waitForWall function| waitForBC function| pathValue object| IDLExists object| isIDLReportingPending object| isProfileUpdatePending object| atsPromise object| profilePromise object| loginAuth0Promise object| emailWallPromise function| 4dm1r11545242527 number| a string| GoogleAnalyticsObject function| ga function| setLotameCookies undefined| nDays undefined| c_name undefined| cookieValue string| dom object| PARSELY object| _comscore function| fbq function| _fbq string| meterContentType function| SparrowLoader object| __otccpaooLocation object| webpackChunksnowplow_tracker_javascript_new object| $OPHI_GN function| sophiTag string| sophiGlobalVariable object| Snowplow object| ats object| blueConicPreListeners function| BCClass object| blueConicClient function| dataTransparencyDirectQuery object| apntag object| ggeac object| google_js_reporting_queue function| pbjsChunk object| _pbjsGlobals object| mnet undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadedadvanceddigitalheader640552616592 boolean| apstagLOADED function| lotameIsCompatible function| lt963_ba function| lt963_b undefined| lt963_c undefined| lt963_ca undefined| lt963_da function| lt963_ea object| lt963_fa function| lt963_ga function| lt963_ha object| lt963_ object| lt963_5 function| lt963_aa function| lt963_a function| lt963_d function| lt963_e function| lt963_f function| lt963_g function| lt963_h function| lt963_i function| lt963_j function| lt963_ja function| lt963_ia function| lt963_k function| lt963_l function| lt963_ka function| lt963_m function| lt963_n function| lt963_o function| lt963_p function| lt963_q function| lt963_oa function| lt963_la function| lt963_ma function| lt963_s function| lt963_na function| lt963_t function| lt963_u function| lt963_v function| lt963_r function| lt963_w function| lt963_x function| lt963_y function| lt963_z function| lt963_pa function| lt963_A function| lt963_B function| lt963_qa function| lt963_C function| lt963_D function| lt963_E function| lt963_ra function| lt963_G function| lt963_H function| lt963_F function| lt963_sa function| lt963_I function| lt963_J function| lt963_ta function| lt963_ua function| lt963_K function| lt963_va function| lt963_wa function| lt963_xa function| lt963_Ba function| lt963_ya function| lt963_za function| lt963_Aa function| lt963_Ca function| lt963_Ea function| lt963_Da function| lt963_L function| lt963_Fa function| lt963_Ga function| lt963_Ha function| lt963_Ia function| lt963_Ja function| lt963_Ka function| lt963_La function| lt963_Ma function| lt963_Na function| lt963_M function| lt963_N function| lt963_O function| lt963_P function| lt963_Q function| lt963_R function| lt963_S function| lt963_T function| lt963_U function| lt963_V function| lt963_W function| lt963_X function| lt963_Y function| lt963_Z function| lt963__ function| lt963_1 function| lt963_Oa function| lt963_Qa function| lt963_Pa function| lt963_2 function| lt963_Ra function| lt963_0 function| lt963_Sa function| lt963_Ta function| lt963_Ua function| lt963_Va function| lt963_Wa function| lt963_Xa function| lt963_3 function| lt963_4 function| lt963_Ya function| lt963_Za function| lt963__a function| lt963_0a function| lt963_1a function| lt963_2a function| lt963_3a function| lt963_4a function| lt963_5a function| lt963_6 function| lt963_7 function| lt963_8a function| lt963_9a function| lt963_7a function| lt963_6a function| lt963_ab function| lt963_$a function| lt963_cb function| lt963_bb function| lt963_8 function| lt963_db function| lt963_eb function| lt963_fb function| lt963_gb function| lt963_hb function| lt963_jb function| lt963_mb function| lt963_lb function| lt963_ib function| lt963_pb function| lt963_kb function| lt963_nb function| lt963_rb function| lt963_qb function| lt963_sb function| lt963_ob function| lt963_tb function| lt963_ub function| lt963_vb function| lt963_9 function| lt963_wb function| lt963_xb function| lt963_yb function| lt963_zb function| lt963_Ab function| lt963_$ function| lt963_Bb function| lt963_Cb function| lt963_Db function| lt963_Eb function| lt963_Fb function| lt963_Hb function| lt963_Ib function| lt963_Jb function| lt963_Gb object| gaGlobal function| onYouTubeIframeAPIReady object| otStubData object| gaplugins function| udm_ object| ns_p object| COMSCORE object| SparrowConfig function| ttd_dom_ready function| TTDUniversalPixelApi undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG function| ___tp object| bc_json440 undefined| google_measure_js_timing object| __li__evt_bus object| liQ object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| SparrowCache function| Sparrow object| gaData object| ID5 function| _typeof object| PublisherCommonId object| Optanon object| OneTrust boolean| sparrowInitialize object| _4d object| filteredSegments object| filteredAudAggregate object| filteredAudIndividual object| filteredAudCampaign object| filteredAudVoter object| filteredAudVoterNatGas object| filteredAudNYMayoral object| CDP function| $ object| _bcp function| RuleService object| justDetectAdblock function| BlueConicEngagement object| bcConnectionUtil function| BlueConicDataLayerUtil object| JSONPath function| md5 string| _contentURL string| _title object| bcSegmentsArray number| bcchunkSize number| num string| chunkString object| bcGASegment string| bcGASegmentName undefined| dcrSegmentsMI object| bc_json441 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| PianoESPConfig object| ampInaboxIframes object| ampInaboxPendingMessages number| BOOMR_onload object| doc object| e object| GoogleGcLKhOms object| google_image_requests

119 Cookies

Domain/Path Name / Value
h312.mlive.com/DG/DEFAULT Name: BCSessionID
Value: 7cc54b5d-6173-4e4d-8639-804134e33837
advancelocal.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 7cc54b5d-6173-4e4d-8639-804134e33837
i.liadm.com/s Name: _li_ss
Value: MgkI_____wcQxRE
aslxp.prmegninc.mcnaheja.com/ Name: PHPSESSID
Value: 122b9b9fd8c69a74ef90490cdd5d6133
mlive.com/ Name: akaas_AS_advancelocal_mlive_prod
Value: 2147483647~rv=10~id=db0028d94fb3802320484e06e6bd9d54
www.mlive.com/ Name: akaas_AS_advancelocal_mlive_prod
Value: 2147483647~rv=36~id=23e33ff6bc5092f69f8211eee1de4b02
.mlive.com/ Name: sophiTagses.073a
Value: *
.mlive.com/ Name: _gcl_au
Value: 1.1.1310896258.1644350142
.mlive.com/ Name: utag_vnum
Value: 1646942141946&vn=1
.mlive.com/ Name: utag_invisit
Value: true
.mlive.com/ Name: sophiTagid.073a
Value: 781509ed-cbbf-416f-8a05-5745764b14bf.1707423941724.1.1644350142.1707423941724.96a4c110-3323-44e7-a7c4-a28f1825ec5f
.mlive.com/ Name: _sp_duid
Value: 781509ed-cbbf-416f-8a05-5745764b14bf
www.mlive.com/ Name: last_visit_bc
Value: 1644350142083
.mlive.com/ Name: lotame_domain_check
Value: mlive.com
.mlive.com/ Name: _ga_GG8B674XK4
Value: GS1.1.1644350141.1.0.1644350141.0
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_domain
Value: .cc.mlive.com
.crwdcntrl.net/ Name: _cc_id
Value: 9382a4e9a3424a75f523f9c49f17b8fd
www.mlive.com/ Name: _lr_geo_location
Value: DE
.mlive.com/ Name: _cc_id
Value: 9382a4e9a3424a75f523f9c49f17b8fd
.scorecardresearch.com/ Name: UID
Value: 19C88ba50319c98846f0b0d1644350142
.mlive.com/ Name: _cc_cc
Value: ACZ4XmNQsDS2MEo0SbVMNDYxMkk0N00zNTJOs0w2sUwzNE%2BySEthAIIkplP7QDQECN5bdJWF8TA7w39GRoad33vg7CVbbsPZxzdNgbPnLTkvAFN%2FeTlCzbPFc%2BBqlv8phCk5fvQQM4y9e99luNYPDffh7MNIWh%2BeVIcpf7cEYeKJL5Yw4RnXLunA2Hf3IhwAAAEbTtY%3D
.mlive.com/ Name: _cc_aud
Value: ABR4XmNgYGBIYjq1D0hBABMDg6I%2FmKnECiQAN%2B0Chg%3D%3D
.mlive.com/ Name: panoramaId_expiry
Value: 1644436542421
www.mlive.com/ Name: authsource_origin
Value: false
www.mlive.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.mlive.com/ Name: _li_dcdm_c
Value: .mlive.com
.mlive.com/ Name: _lc2_fpi
Value: 94c49eadf2ac--01fvdefy4dnmxpes5s5h625fwd
www.mlive.com/ Name: pbjs_pubcommonID
Value: f7c98f6b-d791-4254-a15a-e7901bd748da
.mlive.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.mlive.com/ Name: _ga
Value: GA1.2.819984878.1644350142
.mlive.com/ Name: _gid
Value: GA1.2.1529590759.1644350143
.mlive.com/ Name: _gat_UA-16643585-16
Value: 1
.mlive.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.mlive.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1644350142764%2C%22slts%22:0}
.mlive.com/ Name: _awl
Value: 2.1644350142.0.5-ffa3bde615cf40ded21f60b916a61562-6763652d6575726f70652d7765737431-0
www.mlive.com/ Name: usprivacy
Value: 1---
.mlive.com/ Name: sID
Value: c6e62c4e-1aa3-4295-9526-550c2f777b75
www.mlive.com/ Name: pID
Value: a4f5868e-14e2-4c93-b5ed-7294aced6a24
.postrelease.com/ Name: opt_out
Value: 1
.mlive.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Feb+08+2022+19%3A55%3A42+GMT%2B0000+(GMT)&version=6.17.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.mlive.com%2F&groups=1912%3A1%2CC0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
.rubiconproject.com/ Name: khaos
Value: KZEJMAFW-1A-F8IS
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qr3OGbNxuv8kGWQ0NNjmqbPd94gXYLevqJ2wHsFnqwQFDirdqP1RGV19TNBETKI889ymPvo8pleP2I8HLg48+aBlR/vOG5O9jg=
www.mlive.com/ Name: ntvSession
Value: {"id":7403315,"placementID":773533,"lastInteraction":1644350142920,"sessionStart":1644350142920,"sessionEndDate":1644364800000,"experiment":""}
.rlcdn.com/ Name: rlas3
Value: Y6yabQHYNzOJs76/a5JkBs7OMT4rL8vviWJeLwy7+8o=
.rlcdn.com/ Name: pxrc
Value: CAA=
.simpli.fi/ Name: suid
Value: 6361AB28088B4B2A93D44EABCE021194
.mlive.com/ Name: _fbp
Value: fb.1.1644350143115.1066817631
.facebook.com/ Name: fr
Value: 0guNpA5iIqvnmcomj..BiAsq_...1.0.BiAsq_.
infinityid.condenastdigital.com/ Name: CN_xid
Value: c5308a23-6d26-42eb-a0e0-785daf6da68b
infinityid.condenastdigital.com/ Name: CN_xid_refresh
Value: c5308a23-6d26-42eb-a0e0-785daf6da68b
www.mlive.com/ Name: CN_xid
Value: c5308a23-6d26-42eb-a0e0-785daf6da68b
www.mlive.com/ Name: BCSessionID
Value: 7cc54b5d-6173-4e4d-8639-804134e33837
.liadm.com/ Name: lidid
Value: 3d03d1dd-c48a-49e0-bc9a-ae23b84fc4a4
.mlive.com/ Name: utag_vs
Value: 2
.mlive.com/ Name: utag_dslv
Value: 1644350143561
.mlive.com/ Name: utag_dslv_s
Value: Less than 1 day
advancelocal.blueconic.net/ Name: AWSALBCORS
Value: cyu4mXJkA8/P4aG6auC5uXMkZ7MWSkeuCxgeaOAb+/v5ufHU0HPVg44h/A4Ze4l6qVZyNV0mS2VGsznIo+Xgv6MLb26svtjCyNBa6ai4r/sA2TZEQFpqpk/YjKNb
www.mlive.com/ Name: CN_sp
Value: 89edd9c6-7fa1-4b4b-8bc4-04dfded2e1ff
www.mlive.com/ Name: CN_su
Value: 7e1f299d-15d2-4eba-bcf0-9659ae9e3a90
.mlive.com/ Name: __gads
Value: ID=751fd92d641135bc:T=1644350142:S=ALNI_Mai2ioz7eZZR1GQEwz3dFrHkixg3A
.piano.io/ Name: __cf_bm
Value: RFhmr03fN3CGjBbZcOIBSm3_bdyEm812yHwOTBbgTi4-1644350143-0-ASyIHjG08W9NCu4V/4ozrPD67W55WrHtxw4WpOi1lzAqvPay/AwLlORKgB6gHwm6P+zRu+rHYSaMNN9gXbOAytg=
.mlive.com/ Name: __tbc
Value: %7Bkpex%7Dixucawae9uABve3aQ1nOc-PF6og-qlEWfWn7FLaAHo6Vp2KrdFu42swsAKoSCY48muuZXQ-KuAwjFGmsTnHd1mmgapgkpScPH5RCE72x4cM
.mlive.com/ Name: __pat
Value: -18000000
.mlive.com/ Name: __pvi
Value: %7B%22id%22%3A%22v-2022-02-08-19-55-42-511-veAOqTfPpx4PG49u-7a3f117c50bc8dbe5f0c2f9f163fd65b%22%2C%22domain%22%3A%22.mlive.com%22%2C%22time%22%3A1644350143885%7D
.mlive.com/ Name: xbc
Value: %7Bkpex%7DpEx4mmX-RwjQbcLmgKXs4MezgJzTv0Ur5egnXmgKlOvdtRC0jZI8oY8ALpZK3L444wIrB8_LEjplrKjzupsYWK-7VkISEidcnT8phm3wu9BhvJeOISL-d1REYVKIY8Cn1maaW4GBWu9QnksaGm_ZsewKTcpNYJsh01fes0XcATlccQ4d3W7avg_4SLv8Ev0IrVAijv_vb2_-MWC_zVB1OdMxBK1DfoNUz0AdRIvgfDjan2Se2Bn8iufrCFUfgj9dizyQAKyLYmDP3d4p2D01j3EMvOOIr-lWUEyv5gEi_EsYbE2C9M98REPst7f0wZiwlPjFpCs8H45BvF7r4KovgrpY__sD729X-ojdkH0aQI2YQoCs2lYlShgCLBL-7gIJ1zrT-GrvzVcm87dhmH2nnX2yVUsBnQfXMyI9aK7KYHG-qBdUI2GOaxDme9HidlCnPy43pDXrFACzU1hUOyXPBckxNKa9KPM_y97UiAVVo42fKsVfU9AVNUXnfgN4fVGAQI0CDw_6I_7WKX3KwLIIiVlOB1Jhed3lbcsgEAKEzoJOeRcwRP2VmVomNUUz8eaPt67zu0JZmwsE1IbdZgwAeRWc1Jmw6zvDSYYLsZTYqTsICWq4BNDuSbQXcovKV723rwUchPKYkP9rexchQB6pfR1-tRdTApi1vrYzdzOq61vxJIC7k2Gt5K6oR3hCYpey2d96UOIXypSAKexwGOebv4XFobYQaa04Yj_7ZrrlHRjsmwgAAG4xv26cnf9AsID5pmGgzcpSKItwAScP8pcZ5zED9V-w3P9UFted80wbQs4
.www.mlive.com/ Name: _pc_sup_support_acq-sup2
Value: 10
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUm8G3i07o2h5JFfUJ-CT9wAY_aW-s9ld66yQVvWcFUzq6lkL_eg9Vb-6RP9kXo
www.mlive.com/ Name: _lr_sampling_rate
Value: 100
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQsDS2MEo0SbVMNDYxMkk0N00zNTJOs0w2sUwzNE%2BySEthAIIkplMH%2F%2F7%2F%2F58fxAEDwXuLrrIwHmZn%2BM%2FIyLDzew%2BcvWTLbTj7%2BKYpcPa8JecFYOovL0eoebZ4DlzN8j%2BFMCXHjx5ihrF377sM1%2Fqh4T6cfRhJ68OT6jDl75YgTDzxxRImPOPaJR0Y%2B%2B5ehAMAj%2F1S4g%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIYjp1EEhBABMDg6I%2FmKnECiQAODgCiQ%3D%3D"
www.mlive.com/ Name: _lr_retry_request
Value: true
www.mlive.com/ Name: _lr_env_src_ats
Value: false
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 137B9565-5C53-4DF6-A5B2-3A3A4DED1A89
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 159879:2
.pubmatic.com/ Name: DPSync3
Value: 1645488000%3A197_219_201%7C1644364800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1645488000%3A220_56_161_54_3_21_13_7%7C1645574400%3A35%7C1646870400%3A203
.casalemedia.com/ Name: CMPS
Value: 5225
.adsrvr.org/ Name: TDID
Value: b2cb4905-0b17-4c4e-8ded-568295165229
.mathtag.com/ Name: uuid
Value: b50c6202-cac3-4f00-ae69-dbc2a4a2c869
.adfarm1.adition.com/ Name: UserID1
Value: 7062430108842129559
.adform.net/ Name: C
Value: 1
.casalemedia.com/ Name: CMST
Value: YgLKxGICysQA
.adform.net/ Name: uid
Value: 7305077954368423666
.casalemedia.com/ Name: CMID
Value: YgLKxGnsLsugWs.5pvhOzgAA
.casalemedia.com/ Name: CMPRO
Value: 1122
.adnxs.com/ Name: uuid2
Value: 6069859781023518013
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEMbc9jCDyHMbfxhC2E8N_7c&KRTB&16514-CAESEMbc9jCDyHMbfxhC2E8N_7c&KRTB&23025-CAESEMbc9jCDyHMbfxhC2E8N_7c
.pubmatic.com/ Name: PugT
Value: 1644350148
.de17a.com/ Name: guid2
Value: 1.4943898809691418192
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6069859781023518013&KRTB&23339-6069859781023518013
.mlive.com/ Name: __li_idex_cache
Value: %7B%22unifiedId%22%3A%224hgQsOOzasstbw5PtvaoofB084CfOKjqxM-TbA%22%7D
www.mlive.com/ Name: pbjs_li_nonid
Value: %7B%22unifiedId%22%3A%224hgQsOOzasstbw5PtvaoofB084CfOKjqxM-TbA%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4943898809691418192
.quantserve.com/ Name: d
Value: EGwBDQGyJbjvsQA
.quantserve.com/ Name: mc
Value: 6202cac4-70969-217cf-c7639
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MTQyNLAwtDQ3MjUyNrQ0NhHiM9Q1yfFIzU4LjvAuzDKT4jU0MzExNjUwNLEwsTAAAAKLzJE0AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MTQyNLAwtDQ3MjUyNrQ0NhHiM9Q1yfFIzU4LjvAuzDIDAPdiZSslAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmJibGpgaGJhYmEIAGRWC_QQAAAA
.turn.com/ Name: uid
Value: 7235798622051936861
.yahoo.com/ Name: A3
Value: d=AQABBMTKAmICEK0iHAQkmI6elN3a6gwbhr0FEgEBAQEcBGIMYgAAAAAA_eMAAA&S=AQAAAtlcBBb6bug-7XoEb93Z2Fk
.bidr.io/ Name: bito
Value: AADVwk7EBZYAABNgc3XZaw
.bidr.io/ Name: bitoIsSecure
Value: ok
.casalemedia.com/ Name: CMRUM3
Value: 276202cac40b40&e66202cac42760&f16202cac405a0&2d6202cac42760CAESEHnL8TAiUlc3kCmZxH3LqU8&6f6202cac405a0&516202cac405a0&826202cac42760AADVwk7EBZYAABNgc3XZaw&496202cac405a0&336202cac405a0
.onaudience.com/ Name: cookie
Value: ddb64b51c0473a60
.onaudience.com/ Name: done_redirects147
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwikrvuM4dG1OhAFGAEgASgCMgsIyvPMvvfRtToQBTgBWgd4a3N3OWxhYAI.
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7062430108842129559
.pubmatic.com/ Name: PUBMDCID
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7305077954368423666&KRTB&23263-7305077954368423666
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:b2696202-cac3-4200-86ea-8d4b8f552c7f&KRTB&16736-uid:b2696202-cac3-4200-86ea-8d4b8f552c7f&KRTB&23019-uid:b2696202-cac3-4200-86ea-8d4b8f552c7f&KRTB&23208-uid:b2696202-cac3-4200-86ea-8d4b8f552c7f
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-b2cb4905-0b17-4c4e-8ded-568295165229&KRTB&22918-b2cb4905-0b17-4c4e-8ded-568295165229&KRTB&23031-b2cb4905-0b17-4c4e-8ded-568295165229
.pubmatic.com/ Name: SPugT
Value: 1644350148
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zc
Value: acaeda2e-dfbb-4d39-6b4c-e4f66a338b67
.zeotap.com/ Name: zsc
Value: %2C%17%D3%7C4%A2t%D2%02%1Dx%0DL%D8%D6%16%15%FC%00%10%5C%C2J%B7%26%94%85%ABQ%3E%D6%CE%97z%E6%16M%08%93%04%D1%9F%A9%01RK%BD%0FJ%5B%90%A5%04%0Ay%85%88%A1yQ%C5%24%1DR%06%CAh%7D%8A%89mQ%04%86%84%80%12%B2%0A%2C%EE%9F%F1

9 Console Messages

Source Level URL
Text
network error URL: https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=9382a4e9a3424a75f523f9c49f17b8fd
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.mlive.com/infinityid/
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=115
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/709414.gif?us_privacy=1---
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0217991d.akstat.io
13e1280eb562598642d0468d4b5d88b8.safeframe.googlesyndication.com
3fajornyk3552yqczlaq-pjjyo3-e9ccc1578-clientnsv4-s.akamaihd.net
4d.condenastdigital.com
ad.turn.com
ad4m.at
ads.pubmatic.com
ads.rubiconproject.com
ads.yahoo.com
adservice.google.com
adservice.google.de
advancelocal.blueconic.net
ampcid.google.com
ampcid.google.de
api.rlcdn.com
apps.sophi.io
aslxp.prmegninc.mcnaheja.com
ats.rlcdn.com
bcp.crwdcntrl.net
buy.tinypass.com
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
c2.piano.io
capture.condenastdigital.com
cdn.ampproject.org
cdn.cookielaw.org
cdn.id5-sync.com
cdn.parsely.com
cdn.sophi.io
cdn.tinypass.com
check.analytics.rlcdn.com
cm.g.doubleclick.net
collector.sophi.io
connect.facebook.net
contextual.media.net
d1z2jf7jlzjs58.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eaaqvsaaea6qakqce3yab3yaabrafswa-pjjyo3-7f5fcd17c-clienttons-s.akamaihd.net
ead.mlive.com
eus.rubiconproject.com
exchange.postrelease.com
experience.tinypass.com
fastlane.rubiconproject.com
geo.privacymanager.io
geolocation.onetrust.com
global.ib-ibi.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
h312.mlive.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
infinityid.condenastdigital.com
insight.adsrvr.org
jadserve.postrelease.com
js-sec.indexww.com
js.adsrvr.org
match.adsrvr.org
match.prod.bidr.io
mlive.com
mwzeom.zeotap.com
ntvcld-a.akamaihd.net
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.condenastdigital.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
polyfill.io
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.media.net
privacy.crwdcntrl.net
pub.doubleverify.com
px.moatads.com
rp.liadm.com
rp4.liadm.com
rtb.adentifi.com
s.amazon-adsystem.com
s.go-mpulse.net
s.ntv.io
s0.2mdn.net
satisfycork.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
tags.crwdcntrl.net
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
um.simpli.fi
vtrk.doubleverify.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.mlive.com
x.bidswitch.net
z.moatads.com
simage4.pubmatic.com
104.111.219.144
104.111.249.62
104.36.113.24
104.90.185.183
104.92.74.8
108.156.255.177
108.157.1.118
111.90.159.230
13.32.121.37
13.32.121.87
13.32.99.23
13.32.99.35
135.125.160.160
142.250.184.226
142.250.186.98
151.101.130.49
151.101.64.239
159.122.14.34
172.217.18.98
178.250.0.163
18.185.214.32
18.66.112.72
18.66.122.48
18.66.245.59
18.66.248.90
184.86.251.221
184.87.213.8
184.87.213.83
185.29.132.241
185.33.220.243
185.64.189.112
185.64.190.78
185.64.190.80
193.0.160.129
2.18.233.180
2.18.235.40
2001:678:cb4:bbbb::11
204.237.133.120
209.54.180.144
213.155.156.185
23.0.33.234
23.37.42.132
2600:1f18:444a:4680:b988:ecc0:9832:67ce
2600:1f18:730:b120:5b38:df27:617f:9396
2600:9000:223f:6e00:8:48e:53c0:93a1
2602:803:c003:200::61
2606:4700:10::6814:b844
2606:4700:10::6816:1857
2606:4700:20::681a:ad1
2606:4700::6810:2a41
2606:4700::6810:9440
2606:4700::6811:b9b1
2606:4700::6812:a6e0
2620:116:800d:21:fcb8:22d2:d390:5f1b
2a00:1288:80:800::7000
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c08::9d
2a02:26f0:6c00:1bb::11a6
2a02:26f0:7100:199::11a6
2a02:26f0:ef::5c7b:c241
2a02:26f0:ef::5c7b:c244
2a02:26f0:ef::5c7b:c2b9
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:800::282
2a05:d018:d29:3601:1b80:454b:1747:2be1
3.124.34.143
3.215.194.18
3.217.216.1
3.221.220.112
3.33.189.65
34.107.148.139
34.120.133.55
34.199.56.222
34.202.75.127
34.205.109.6
34.232.82.222
34.233.77.103
35.190.58.50
35.244.174.68
35.71.131.137
37.157.3.29
46.105.202.126
51.222.80.231
51.89.7.199
52.0.143.56
52.2.129.5
52.222.236.26
52.222.250.70
52.30.140.199
52.50.101.149
52.6.103.226
54.194.157.24
54.86.119.171
63.35.242.195
66.155.71.25
69.169.85.6
69.173.144.138
85.114.159.118
92.123.225.65
0243d61ce86c672bb13744b9572ab45c1131e62f4f02ad2e1a1df54f02f2b1f2
03af77368dc90f24fdd266433cfdb9627c944961b1a6de92b7520ce26da124a5
05ed7424c6f3c3d2aec5dfe7fa92e5f617afe58a01666c1c584d342a8b57a0e7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07fada31a0b4fea116a90cce8778dd7160c8839118718c8185c71292f6d23bda
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4df94a69039a4d57372f2710e43c3ed82def316c23cb14e60de1ece9f53661
0fd429b95adc1755ffb3f7d831ac7e33dad31379239750f32c49c98f7019e45f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ad3a993ed0c706ed6fcc1224adfaea775fbd583e470cb53b3c8798104a7447
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
13b189ee01867752e3bbcd292354276979cbb57204edb83ba894de56c4f87bf2
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
14cb1361ed92b1c32a5f695c5727bca434e172967cfa9b4c0d7575cd56de1b3d
158c2f4d2747aaba656211837d94993e7a6715f180d3a62abefd95358fdc9524
169b5f1668735f74d5468eb5dd5cc275d5cec32b9e4c2f95e4051ef8dd8f2caf
17cc933d85f5cea090df6410fc39836f34f65a3a57359c10ca5b48cec59f7fae
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1abe7fbb028cc84f7b5374497875436a3d646eaf988f5e1cd62f63bdf4772605
1af6cb40e0e6d6186a5cdd52456541b3c37bebaebeb3ec8633b076227240422c
1b2867f1f4e5ab62f392b34fc710d63aa0507e84c3714e150b315b6105e149d1
1bfc44039c36dd275b360e61673c760eafc880b5374e93b40b2f5bf09a07798a
1cb614c81c491878e5b6256098b31fb4f68b7bbde5e60b21334d085db7e37549
1ff488388c42f507941eef23f7fe943fbb3d9e4c76908fa1c0b2802b90179f04
21aaf432181952e5d39d79010da478d64312d92d84eca53e0288a9d76fd9d04f
25c3fb46576f9c03a7aa53f9e84261623a1a1d7aef5cc0024641d040a89c02ea
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2ac05dc8c8622174355992467e6c1810eb2fad121f262368da076323fcb532a6
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2f25964dfa5d408c978308cd6b405630463b6f5ff52f11d31c586394171046ed
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
33ec4fb2db644010a2d5373e40e2636e5c0158400106c5e5ec480e7f0b0e3828
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3ddb385b8647230183f31b59114b03ff2290ab80ca426e8e594afb12362dd742
3dfeefc824178fe1b8ee04cb11dc2f3975b0294e1fb19364c30a4eab69808ba6
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fc70270a527227c6493bc5a1c703f4bef2373f857cb7606b711b4d2fa14684a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ffc610143ad5d6336b7f5c4ba523835afeb83ad51dc535cd7887801d2f21d37
40195704da1d1e2ddba98cdc6e4726197707f2f37fee1a729d22bafae1fc5d8d
40c6f7f93175681d7ab9a1b417c1076fdc9fa59e9a8aa4d1d6777d62e387685d
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43a63bb8a00fc7dbf74a7688c95c9663808744b472cb7b5cf61469064d124113
457563e4d9b4515c313ac047b0ab798e7399c861d894e8affd16429effa6e2e1
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
47873019a38cf2b22d685aee8cdc42e0b9aa8533022939144243fafcb42d89df
47dafe72435d0fe4f3d7cc7d589c76c9889575220b0f4921485f8e1a9edb68db
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a8f2865778a172d3be9c473f6e309d9fae9ec13c55ac43000d38a43aba03456
4b70dbbd3110e9643943cf22014e280cf8ae7e01d2e0165ad09bdb988fc79efd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
4ff1d5f3a72040f90b697f34413fb562dd6a7b949dbf1e1028d4dcb782c6aa0d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50673b21d117587d655440481d70dbe8d541cacf0910b22b249ff49908382fb4
509692773db809ced611d6091fe935a88e218d9a41dd36d26c1893de20b82997
542b09098fe487cada39500790129355d09f49f8d6a9417258a7a1a1296d79b1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55238144a1ead5e52b2d8016a8aa4894d2c4cbe1edbc371f4060c197997e4f8b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628
5ee49a30cc6244e9cefb2bac9580da6a9768c49692d1a8988572254f4ff7d2bf
5f8e216a8ab74a2c3a2a5562e1661adff971c519a08291d0ac0e892f89c5b7f9
60d76e5d3d47c3f67063f6ad8c4c19906031164734d901e60a8842d0a292a1cd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ea3fa5d2d66a4f0e248fa993f3c700c1b70b0fd1b465ebab9ed26ab9c46a94e
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21
7029cb11a303810b007f2740712dcfc27813ddefc2cb91398cea7a29346267d3
70b1976ba50d09613ba7021b94e6db58d50b44c39cabdd3f9562be9b304673ef
72bfab5900549c186a6eabe8d6e8b0224c70d3f51536e1584a39a89327d42f9a
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
74babd62da2030b3632694ab8100321cf908aacb7f106e0cdd599cb92aef771f
74e8705211e24ce83adfe19859a2e7dc010dbe54a2d32885a384fad71a9fdeb6
7535dd078645e0ca9b54dcef771e05d56c8f75d07252bdc88ac0862d59881efc
757f80abf7072089594b6c1ce349b9d12a16b948082e85ce317ad13abf04896c
7b238f7be9a7301d83c67fa2d8461b1aeb846f06d303b6a0dbf913d3fa386ccd
7bb20cdf10327d48d3c09aabd4efa10368389313e38adc4706a16d1ebadff586
7bfbfbae451f35d17b6286465c401284bf1375877b0d19e7eef73ca6f5bc4c91
7ce770cddc4e0c93ac6dfd2f78ad222171080b726f0412b132610eb2ce3b3a17
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fd6da6f10068251e5e0a5a1ee993a574a2b81220bf3f2f926ccb73df4201aeb
7fe7c7f4af959b8704519840ab53792932a56a43329efb5d9c2449224816589b
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
800740aa8895247461f70187dcade41eccad5fd2ece9e9fe08685ee7bed9a277
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
80baabccfc3f3429683befc58758f9e4c3323f1557d355c9fa09e59bb0c0bd2e
82c2a5e07e28fdca5963dd87e0c1020db794578b22c6e0d204b3ea28905845ee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
868788735b388b15160e66100de21c0689bb3412707e9c022480374d88f24f1a
87f6b6dfec32f36f6ad56b2c68fff7138b9e692a9c952267e46c49b3d60282e7
8872084012af926d1d8ce52a85a24a4c28e039aac8b0e558544c9cf1865b94aa
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8b8234cf8ab3052448812e8e8ecc975bd6f9bddccd84a8d2727fd606cd71af47
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8e41a8e6b02e146fe25fa71262a12a24c80ee7e0debfcae0757a4fe6c67de5a9
8ec663eef0e255ee649d1288d04749afa7700cb754873a8cef21353bf84b44bb
90398d274e093821b066f9bc367d1ddb8e2fa9d18d7660c10cc3704c4d9f519f
9238394ecfd8f36d642000a6118e033c21a0b997f5686f937e2dc094d3a1e031
9480812b1b6570365a4e8256c2d2bc150c740b9f46b4c93decab315679735e9c
94a0e9d47acddfcc03b22ec5c34c245cc30925db2bf572a5a2998c9d7af92573
965f26668728b651d97baac3dbcf9c8c5e5660316dbfac9a07c15af91a9f00ce
96e04556e2965c4e115e96e0d60f70f3d19a1f75b0ff38aaa59ef77e3a5518db
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9d7568ab4a70b0d44a8c45b10be1c26f5b839320e37c3de66964d72b4ce70ab1
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a10e5e235cb3191b54d1dcc89b3174f46e066b66ae51272e8cdba0c409da68d3
a117a2b6db2584c68719d79275bcf8ac9a3b8499a5a695131f147105799bb69e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a29d79605ef3435c0f542c159c7982ed04a7246e8f9525bb72d93324498f87be
a36d062d102f3e72e70c8902c1b3840a116e3ca816196515b70bf013b0d548e0
a38c62e63a55fae37c0a80be1813a69eca4b531bb0cd2eeb933c225fb9bfc84a
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c328808a013b510a6a041e4897451dff67cd4510aee65a7807b7505e6bc63e
a63f0b4bd1b1481e911ce64b7e123291bbf6cb5381a80b39c6b6280f688213d5
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
aaff80595c44bf7d7d946271484a7b6186022f0225fc40a833a9273d5486221e
ab76c42b8003ee0887e35b8c7a031ff86041a3a62420a62a732ca52a8dca78a9
aedc4e754e8c4eefbdfe2fbda8574e181714e923fd6a38b145971dcb038e8573
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b396ae4c9dc4cec9c79931da5c8993ffb15d5d6ed98a14fc00bb4d159c7dd739
b3c3af8ca228ce6a363372466841bcfb55f23a62b5a1acb083310802b4af8b39
b49121e677834609212540f82a123482989b65f22e54e54b79d9dcbfc2feb47b
b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea
ba3c529c36289a06d098e40d474c1f492903fd55112c54f431b269e49208998d
bfc7c0cff1c3d1602ace06b10946928c177ab8da0f5629cf812b5b017e742cb2
bfcc5e825aff995b1fc055ef16dab0a16914e16f2ab24b4d28a52f41ba62b572
c0d208be1e2c1d854a6e322b219474ecbbbdeaaeec2c17cc8d45a28381f39ead
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22d790976bc87b01f6ae9d9966e2ee715a30fc78f119cbf990fe09d0ceab002
c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c876ceb0bbe52cd760a39d8b7ef89f1dfa899449fdc18814860003360e5eec2a
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f
c9e3fcb234a774c8ebe444cf69ad05db15c58df2375f0b9aeca354019b5023df
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
cc1b72953ea3b49d3a80ca9b06f1aa31d95ea8180b23d3dec3571f4a5469c856
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff3ff7513a42187f914df965c0006c8756f549dc13ffb64540767042902a748
d20aaf42b1f287fc8f3910182cec224884aa5637991a6eb855579657f0417922
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d806ed2d1dee72c1ad65db632d63e6eac53a9c43f28010490dfd53cb76467554
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
db4aa1849103a3b106eb59a2f8b26ba0b10263198666dab37e45675026450b3d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
e7165fd8034c1d05de073d8beaf055a90897e17d5cc0b218a89c9618d4d01079
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
ead825d8598d9d02116dc6ee5fda7e21cba2b804423eaa56addd61eb0be94832
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
ebb02d07f04c28f8a78408a8628a34e1dd9601ff2c6f623a44ec9a1914bca266
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee2214a948aa510978878e09453b21c85f1bcfe78a7c55412268ad85a5fb147d
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcc3e4d015f8e425823e64a70184f37419f96b25b0eae02da2ec3967c426d4f
f03bde4dfb05a4246c6550a900f7196ddf1a640d9d748d39fc694fc510f0f18d
f063fe4ff49f57adeacc01c11ae72578534e5d96d13e8849a03a80166ee84ed0
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
f1115ea4fa5283b2a44b521b64e6afad27cfa5cba8b493fb8a8f4faae9476adf
f1435acbdd44aa8df69c5dcf7568e84f603724b6359518e1fb562629809f9c9d
f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
f6ce51a0a60d4b8b26dadcf77b27864d4f774df2a288b9dd26724b48dc86fb4e
f8051f3eb7b146bdfd1156266a2947c7361e2d9546fa39f4c86cc06d869cd877
fbaacd40862bf1ea965f26571bf04a2609f80f3ba82af73ccd0d840bb19db1c2
fc4870f2c42b9be5a4c21ea31f5618b47e82979ea557a58b5432bdd98b63a738
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
ffc2a8d22edf3bbb98c20a2574ebf4ec76db104058ff9e500c367b6bfc7d45c9