upnorthlive.com Open in urlscan Pro
65.9.95.128 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://upnorthlive.com/
Effective URL:
https://upnorthlive.com/
Submission: On January 06 via api (January 6th 2024, 4:47:17 pm UTC) from US — Scanned from DE

Summary HTTP 289 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 62 IPs in 6 countries across 38 domains to perform 289 HTTP transactions. The main IP is 65.9.95.128, located in United States and belongs to AMAZON-02, US. The main domain is upnorthlive.com. The Cisco Umbrella rank of the primary domain is 602404.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 22nd 2023. Valid for: a year.

This is the only time upnorthlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 84	65.9.95.128 65.9.95.128	16509 (AMAZON-02) (AMAZON-02)
2	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	65.9.95.94 65.9.95.94	16509 (AMAZON-02) (AMAZON-02)
4	54.210.78.179 54.210.78.179	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.95.127 65.9.95.127	16509 (AMAZON-02) (AMAZON-02)
15	18.66.147.43 18.66.147.43	16509 (AMAZON-02) (AMAZON-02)
5	18.66.147.103 18.66.147.103	16509 (AMAZON-02) (AMAZON-02)
4	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:827::2014	15169 (GOOGLE) (GOOGLE)
1	65.9.95.24 65.9.95.24	16509 (AMAZON-02) (AMAZON-02)
3	65.9.90.93 65.9.90.93	16509 (AMAZON-02) (AMAZON-02)
6	65.9.95.14 65.9.95.14	16509 (AMAZON-02) (AMAZON-02)
4	2600:1f14:5db... 2600:1f14:5db:eb22:906b:6fe4:91b4:da90	16509 (AMAZON-02) (AMAZON-02)
23	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	15.197.213.252 15.197.213.252	16509 (AMAZON-02) (AMAZON-02)
1	3.161.119.86 3.161.119.86	16509 (AMAZON-02) (AMAZON-02)
2	65.9.95.58 65.9.95.58	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.0.114 151.101.0.114	54113 (FASTLY) (FASTLY)
1	65.9.95.28 65.9.95.28	16509 (AMAZON-02) (AMAZON-02)
1	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
7	65.9.95.19 65.9.95.19	16509 (AMAZON-02) (AMAZON-02)
2	54.220.142.223 54.220.142.223	16509 (AMAZON-02) (AMAZON-02)
1	65.9.95.73 65.9.95.73	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	3.131.165.210 3.131.165.210	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:212... 2600:9000:2127:4e00:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	34.226.132.237 34.226.132.237	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.110.23 13.32.110.23	16509 (AMAZON-02) (AMAZON-02)
9	65.9.95.111 65.9.95.111	16509 (AMAZON-02) (AMAZON-02)
1	141.95.33.120 141.95.33.120	16276 (OVH) (OVH)
2	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
1	18.239.64.29 18.239.64.29	16509 (AMAZON-02) (AMAZON-02)
2	69.173.144.137 69.173.144.137	26667 (RUBICONPR...) (RUBICONPROJECT)
2	52.58.51.29 52.58.51.29	16509 (AMAZON-02) (AMAZON-02)
1 4	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	52.20.62.33 52.20.62.33	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	3.73.235.227 3.73.235.227	16509 (AMAZON-02) (AMAZON-02)
2	65.9.95.89 65.9.95.89	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	35.244.193.51 35.244.193.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
2	88.221.169.246 88.221.169.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
289	62

84 65.9.95.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-128.prg50.r.cloudfront.net

upnorthlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

micro.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-94.prg50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.210.78.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-78-179.compute-1.amazonaws.com

platform.datazoom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-127.prg50.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 18.66.147.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-43.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.147.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-103.fra60.r.cloudfront.net

sinclairstoryline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

paywall-prod.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-24.prg50.r.cloudfront.net

launcher.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.90.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-90-93.prg50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.95.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-14.prg50.r.cloudfront.net

livevideostatus.sinclairstoryline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
publisher-assets.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f14:5db:eb22:906b:6fe4:91b4:da90 (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.213.252 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa1ba9bef7b18c265.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.119.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-119-86.vie50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-58.prg50.r.cloudfront.net

open-api.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.114 (United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-28.prg50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.95.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-19.prg50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-2-0.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.142.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-142-223.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-73.prg50.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.131.165.210 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-165-210.us-east-2.compute.amazonaws.com

sinclairbroadcastgroup.us-5.evergage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:4e00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.226.132.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-132-237.compute-1.amazonaws.com

broker.datazoom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-23.vie50.r.cloudfront.net

direct-events-collector.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 65.9.95.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-111.prg50.r.cloudfront.net

static-cdn.spot.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.64.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-64-29.ams58.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.51.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-51-29.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.20 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.20.62.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-62-33.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.73.235.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-235-227.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-89.prg50.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.169.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	upnorthlive.com 1 redirects upnorthlive.com — Cisco Umbrella Rank: 602404	1 MB
33	googlesyndication.com 6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	962 KB
24	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 stats.g.doubleclick.net — Cisco Umbrella Rank: 184	185 KB
19	spot.im launcher.spot.im — Cisco Umbrella Rank: 7104 open-api.spot.im — Cisco Umbrella Rank: 12822 direct-events-collector.spot.im — Cisco Umbrella Rank: 6134 static-cdn.spot.im — Cisco Umbrella Rank: 5934 publisher-assets.spot.im — Cisco Umbrella Rank: 6311 api-2-0.spot.im — Cisco Umbrella Rank: 3351	181 KB
15	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 3891	440 KB
11	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	673 KB
10	sinclairstoryline.com sinclairstoryline.com — Cisco Umbrella Rank: 41131 livevideostatus.sinclairstoryline.com — Cisco Umbrella Rank: 48785	107 KB
9	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 812 clientstream.launchdarkly.com — Cisco Umbrella Rank: 1165 events.launchdarkly.com — Cisco Umbrella Rank: 1510	1 KB
9	rubiconproject.com micro.rubiconproject.com — Cisco Umbrella Rank: 4062 ads.rubiconproject.com — Cisco Umbrella Rank: 2896 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1222 prebid-a.rubiconproject.com — Cisco Umbrella Rank: 4039 eus.rubiconproject.com — Cisco Umbrella Rank: 951 token.rubiconproject.com — Cisco Umbrella Rank: 744	156 KB
8	datazoom.io platform.datazoom.io — Cisco Umbrella Rank: 30837 broker.datazoom.io — Cisco Umbrella Rank: 31067	129 KB
7	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 991 ib.3lift.com — Cisco Umbrella Rank: 2942 eb2.3lift.com — Cisco Umbrella Rank: 731	66 KB
6	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 878 gum.criteo.com — Cisco Umbrella Rank: 597 mug.criteo.com — Cisco Umbrella Rank: 1867	8 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 323	104 KB
5	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 356 acdn.adnxs.com — Cisco Umbrella Rank: 957	20 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 359 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925 aax.amazon-adsystem.com — Cisco Umbrella Rank: 464	77 KB
4	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1411 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431	24 KB
4	userway.org api.userway.org — Cisco Umbrella Rank: 6974	8 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1695	22 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	302 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 894	62 KB
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 1418	163 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1218 id5-sync.com — Cisco Umbrella Rank: 658	34 KB
2	evergage.com sinclairbroadcastgroup.us-5.evergage.com — Cisco Umbrella Rank: 73481	9 KB
2	google.com www.google.com — Cisco Umbrella Rank: 6	1 KB
2	appspot.com paywall-prod.appspot.com — Cisco Umbrella Rank: 80339	325 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 274	3 KB
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 2501	250 B
1	gstatic.com fonts.gstatic.com	34 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	2 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3276	3 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	1 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4002	408 B
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 2674	618 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1623	17 KB
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 6762	37 KB
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 6075	46 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1326	4 KB
1	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 4240	540 B
289	38

	Domain	Requested by
84	upnorthlive.com	1 redirects upnorthlive.com tagan.adlightning.com
25	tpc.googlesyndication.com	tagan.adlightning.com upnorthlive.com 6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com
23	securepubads.g.doubleclick.net	tagan.adlightning.com securepubads.g.doubleclick.net upnorthlive.com www.googletagservices.com
15	tagan.adlightning.com	upnorthlive.com tagan.adlightning.com 6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com
11	www.googletagservices.com	upnorthlive.com tagan.adlightning.com 6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com
9	static-cdn.spot.im	tagan.adlightning.com launcher.spot.im static-cdn.spot.im
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	cdn.ampproject.org	upnorthlive.com
5	api-2-0.spot.im	static-cdn.spot.im
5	livevideostatus.sinclairstoryline.com	upnorthlive.com
5	sinclairstoryline.com	upnorthlive.com
4	gum.criteo.com	1 redirects tagan.adlightning.com micro.rubiconproject.com
4	events.launchdarkly.com	upnorthlive.com
4	ib.adnxs.com	1 redirects micro.rubiconproject.com acdn.adnxs.com
4	broker.datazoom.io	platform.datazoom.io
4	api.userway.org	upnorthlive.com
4	app.launchdarkly.com	upnorthlive.com
4	platform.datazoom.io	upnorthlive.com platform.datazoom.io
4	www.googletagmanager.com	upnorthlive.com www.googletagmanager.com
3	eb2.3lift.com	tagan.adlightning.com micro.rubiconproject.com
3	c.amazon-adsystem.com	upnorthlive.com c.amazon-adsystem.com
3	www.google-analytics.com	upnorthlive.com www.google-analytics.com
2	eus.rubiconproject.com	micro.rubiconproject.com eus.rubiconproject.com
2	ib.3lift.com	6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com tagan.adlightning.com
2	prebid-a.rubiconproject.com	micro.rubiconproject.com
2	static.criteo.net	micro.rubiconproject.com static.criteo.net
2	tlx.3lift.com	micro.rubiconproject.com tagan.adlightning.com
2	prebid-server.rubiconproject.com	micro.rubiconproject.com
2	targeting.unrulymedia.com	micro.rubiconproject.com
2	6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com	securepubads.g.doubleclick.net tagan.adlightning.com
2	sinclairbroadcastgroup.us-5.evergage.com	cdn.evgnet.com
2	www.google.com	upnorthlive.com tagan.adlightning.com
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	tags.crwdcntrl.net	tagan.adlightning.com
2	open-api.spot.im	upnorthlive.com
2	paywall-prod.appspot.com	upnorthlive.com
2	sb.scorecardresearch.com	upnorthlive.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	acdn.adnxs.com	micro.rubiconproject.com
1	lexicon.33across.com	micro.rubiconproject.com
1	mug.criteo.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	upnorthlive.com
1	bidder.criteo.com	micro.rubiconproject.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	id5-sync.com	cdn.id5-sync.com
1	publisher-assets.spot.im	launcher.spot.im
1	direct-events-collector.spot.im	launcher.spot.im
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.prod.uidapi.com	tagan.adlightning.com
1	cdn.id5-sync.com	tagan.adlightning.com
1	cdn.jsdelivr.net	tagan.adlightning.com
1	www.google.de	upnorthlive.com
1	geo.privacymanager.io	ats.rlcdn.com
1	secure.cdn.fastclick.net	tagan.adlightning.com
1	ats.rlcdn.com	tagan.adlightning.com
1	cdn.evgnet.com	tagan.adlightning.com
1	unpkg.com	tagan.adlightning.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	config.aps.amazon-adsystem.com	tagan.adlightning.com
1	clientstream.launchdarkly.com	upnorthlive.com
1	launcher.spot.im	tagan.adlightning.com
1	ads.rubiconproject.com	micro.rubiconproject.com
1	consent.trustarc.com	upnorthlive.com
1	micro.rubiconproject.com	upnorthlive.com
289	65

This site contains links to these domains. Also see Links.

Domain
compulse.dailydealbuilder.com
fullmeasure.news
www.ticketsmarter.com
upnorthlive.dailydealbuilder.com
edyy.fa.us2.oraclecloud.com
sbgi.net
publicfiles.fcc.gov
www.facebook.com
twitter.com
www.instagram.com
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
upnorthlive.com Amazon RSA 2048 M02	`2023-03-22` - `2024-04-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.datazoom.io Amazon RSA 2048 M01	`2023-02-20` - `2024-03-21`	a year	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-07-08` - `2024-08-05`	a year	crt.sh
frontend.sinclairstoryline.com Amazon RSA 2048 M02	`2023-12-27` - `2025-01-25`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
*.appspot.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.spot.im Amazon RSA 2048 M02	`2023-09-03` - `2024-09-30`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
livevideostatus.sinclairstoryline.com Amazon RSA 2048 M03	`2023-09-19` - `2024-10-17`	a year	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
clientstream.launchdarkly.com Amazon RSA 2048 M02	`2023-08-09` - `2024-09-05`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-06` - `2024-03-04`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.us-5.evergage.com Amazon RSA 2048 M01	`2023-05-20` - `2024-06-17`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
events.launchdarkly.com Amazon ECDSA 256 M02	`2023-06-21` - `2024-07-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-11-27` - `2024-02-25`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://upnorthlive.com/
Frame ID: 073AB41BE8D3ECBC3C84F2F4EBF769AE
Requests: 181 HTTP requests in this frame

Frame: https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F9D0CE54FBBA41CC4270E24FCBF63498
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Frame ID: BFBF6DDED02B26DFCB223B9F2234BAAB
Requests: 16 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Frame ID: 8586A2A362A6128FE781EA494A60F112
Requests: 8 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Frame ID: 179310427F2E8CD2B4B18833A6EDD7DD
Requests: 7 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Frame ID: 49CA9B2CBA5F2CF2A9A60DF6EF546DAA
Requests: 7 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Frame ID: 2EC3D109463465F365543C56930A20B4
Requests: 7 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Frame ID: ABCDFC6030301C4D2CA5A6FED4C2CC4F
Requests: 7 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Frame ID: D987A0A14D188061D2466CB0F64B0D94
Requests: 7 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Frame ID: E9D8D73918CA5D4694572503A2DC3DDC
Requests: 7 HTTP requests in this frame

Frame: https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 60DA9B56E8B4D1B1F4C396C2F95C49B7
Requests: 11 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Frame ID: 1424A260B13544FD64DB053B0050DF91
Requests: 7 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Frame ID: 1EBBC886DD2CEC34CC4A86DAAA3885E9
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9A94A540E2DC45FBC4F0FF2C595EEA5E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3EFC38EFF99B0FF00F416DE8EEE2FAEB
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=upnorthlive.com
Frame ID: B2FFD87A15045BA070C8777431B7BB4A
Requests: 2 HTTP requests in this frame

Frame: https://tlx.3lift.com/web/auction?inv_code=Sinclair_RON_Desktop_Article_Trending&referrer=https%3A%2F%2Fupnorthlive.com%2F&rev=ad1dbd3&fe=0&ft=5&cb=5085616739
Frame ID: 24829E489F731BF2359828E87813A0C4
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=96842
Frame ID: C6A84AC3B1F4C53925756F01753AE0CF
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 083FF5616B50485D7985C7A4F5043878
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 9907DA39DA18FC9FC98D38A2CCB7540F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CD6FD23FC1FEACCC3DA7F01DD72C51AB
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Traverse City News, Weather, Sports, Breaking News | WPBNsbg-envelope

Page URL History Show full URLs

http://upnorthlive.com/ HTTP 301
https://upnorthlive.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

289
Requests

99 %
HTTPS

38 %
IPv6

38
Domains

65
Subdomains

62
IPs

6
Countries

5184 kB
Transfer

13599 kB
Size

25
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: http://compulse.dailydealbuilder.com/traverse-city-wpbn/deals
Title: Deals - Spotlight

Search URL Search Domain Scan URL

URL: https://fullmeasure.news/
Title: Full Measure with Sharyl Attkisson

Search URL Search Domain Scan URL

URL: https://www.ticketsmarter.com/?utm_source=upnorthlive.com&utm_medium=mainnavbarlink&utm_campaign=sinclair
Title: TICKETS

Search URL Search Domain Scan URL

URL: https://upnorthlive.dailydealbuilder.com/all-deal/golf-card
Title: Golf Card

Search URL Search Domain Scan URL

URL: https://upnorthlive.dailydealbuilder.com/all-deal/holiday-marketplace
Title: Holiday Marketplace

Search URL Search Domain Scan URL

URL: https://edyy.fa.us2.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_2002/requisitions?location=Traverse%20City,%20MI,%20United%20States&locationId=300000001939983&locationLevel=city&radius=0&radiusUnit=MI
Title: Careers

Search URL Search Domain Scan URL

URL: https://sbgi.net/terms-conditions/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://sbgi.net/copyright/
Title: Copyright Notices

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/WPBN-TV
Title: WPBN FCC Info

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/WTOM-TV
Title: WTOM FCC Info

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/WGTQ
Title: WGTQ FCC Info

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/WGTU
Title: WGTU FCC Info

Search URL Search Domain Scan URL

URL: http://sbgi.net/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://sbgi.net/privacy-policy#cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: http://www.facebook.com/upnorthlive

Search URL Search Domain Scan URL

URL: http://twitter.com/upnorthlive

Search URL Search Domain Scan URL

URL: https://www.instagram.com/upnorthlive/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/upnorthlive/id523794731

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.barringtontv.android.wpbn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://upnorthlive.com/ HTTP 301
https://upnorthlive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 277

https://gum.criteo.com/sid/json?origin=publishertag&domain=upnorthlive.com&sn=ChromeSyncframe&so=0&topUrl=upnorthlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=K5SmRHxKcWNTNGxoVjJBRWtNUlBESFl5T1BLOERzL2FiRVZma0lBM24zT2hYSEk0VU9TS1dTK1dzamNQK0lSM0NYR2tEQnEvcVpIT2ZLQUhkcWc0WWtjMXJtcVlxSlBGdjE5Q0o3NUxZNXNzZ0VIdlg4c2ZxS2xMMVRGcW0rNEo5ZE94amlRY2xrTGIxZG1UUWhzZU4ra3FtdThwUWF1bE5mYStvbWExc0lDNUkvTUNFNTgvb3Q2T0ovb0ZreFA4WWIwMVRlMUFJTEdpSHdKWHBXMHdUcEh3MXdUckpHWFN2YU1WeHJYOCt3SlpvRzZMeDVSNXB0VmpteHdzYjA0dFoydEpjQktDLzBkMGZTYXpWdjY0SEpUUE9UYzlOOW5zV2VaZUFkY0puclBZaFpNOD18&cppv=2

Request Chain 297

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

289 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
upnorthlive.com/
Redirect Chain

http://upnorthlive.com/
https://upnorthlive.com/

463 KB
63 KB

294ms
245ms

Document
text/html

65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx / Next.js
Resource Hash: 18f1577c50d4c84bb873d4dea1d096b08f7b4b3a5289d30dd447efcc01ec9500

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 06 Jan 2024 16:46:52 GMT
etag: W/"ccd0a37e-acb2-11ee-8d03-02c25b0e60a1-c0a670d895841f4d989182656ce5e0265b02f85a"
host-sni: upnorthlive.com
sbgi-etag: W/"ccd0a37e-acb2-11ee-8d03-02c25b0e60a1-c0a670d895841f4d989182656ce5e0265b02f85a"
sbgi-protocol: https
server: nginx
vary: Accept-Encoding
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-id: nZt1ncZoto4dzsDLTp4vxfU20jtJ7FJiRFokhYcp659FFtyfaSgDBA==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-powered-by: Next.js

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Sat, 06 Jan 2024 16:47:08 GMT
Location: https://upnorthlive.com/
Server: CloudFront
Via: 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
X-Amz-Cf-Id: c97HljavLC7nyDZqlaTuoQt4sduOeHH1hLiOmjmLdz1sBZJUIoHvCA==
X-Amz-Cf-Pop: PRG50-C1
X-Cache: Redirect from cloudfront

POST
H2 200 ppid Show response
upnorthlive.com/api/auth/upnorthlive/ 92 B
406 B 428ms
428ms Fetch
application/json 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/api/auth/upnorthlive/ppid
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 112de5ffe6a5e95764367baa2a41cb115030900960c72a38efcc539b5fddc2ad

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: PRG50-C1
etag: "5c-pBxfBgWZck40Wd2vpXHait4ok6Y"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
nmp-debug: api-auth
content-length: 92
x-amz-cf-id: AtuUz2gMbuu-d_dyDOhr_a0API_VmVLpmo0ITys8ESON0X6lxEUIUA==

GET
H2 200 21162.js Show response
micro.rubiconproject.com/prebid/dynamic/ 469 KB
135 KB 37ms
13ms Script
text/javascript 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://micro.rubiconproject.com/prebid/dynamic/21162.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash: db00af9183a6a2439b9f611b75d14834fe3ad7bd30c068ad78ddcc6b0a3b57b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
content-encoding: gzip
server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary: accept-encoding, referer
edge-cache-tag: prod-prebid-21162_Sinclair.js
content-type: text/javascript;charset=UTF-8
cache-control: public, must-revalidate, max-age=14400
content-length: 138204
expires: Sat, 06 Jan 2024 17:10:29 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 183 KB
66 KB 182ms
67ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W4DLR7K

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1290db6a70b758d3396fa3dc2cec071fae8b5a6382477da80165352e4d499713

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67174
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 Jan 2024 16:47:09 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 90 KB
29 KB 252ms
129ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e44eacc86b59cd7d63de5bdc75e6723e573fb264fdbd41d309c9315537cfbabd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29108
x-xss-protection: 0
server: cafe
etag: 530 / 19728 / m202401020101 / config-hash: 2026918608723226553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 16:47:09 GMT

GET
H2 200 player-loader.js Show response
upnorthlive.com/resources/video/players/prod/src/scripts/ 10 KB
4 KB 198ms
197ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/resources/video/players/prod/src/scripts/player-loader.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 8da45f1cb23b654b06fb9f1232049c2c5f015821c5b78ab3dac9df6ba14c122f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: vl.NSzTRY_f5CjcdghANTp.Qd3A5IMqm
content-encoding: br
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 16:47:09 GMT
last-modified: Thu, 09 Nov 2023 20:14:17 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 227
etag: W/"f22e6e03b5476cab0d7b86c939800ab5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: WUYkPZmm6c87WftfRRepqBwkQQxXbfbkJzsI-BvLnr6qThjX_HPiaA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 162ms
51ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 06 Jan 2024 15:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3532
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 06 Jan 2024 17:48:17 GMT

GET
H2 200 opensans-variablefont_wdth,wght.woff2
upnorthlive.com/resources/assets/common/fonts/open-sans-variable/ 38 KB
39 KB 25ms
25ms Font
application/octet-stream 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/resources/assets/common/fonts/open-sans-variable/opensans-variablefont_wdth,wght.woff2
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675

Request headers

Referer: https://upnorthlive.com/
Origin: https://upnorthlive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: HjfgKlk.V6XX2qPFqQXrs.CwivGXychU
date: Tue, 02 Jan 2024 16:02:04 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 572844
x-cache: Hit from cloudfront
nmp-debug: resources
content-length: 39372
x-amz-meta-replication-status: FAILED
x-amz-meta-server-side-encryption: AES256
last-modified: Mon, 27 Mar 2023 21:28:27 GMT
server: nginx
etag: "40b6965b5cd26213faf61e5ab6765bb9"
vary: Origin
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-meta-version-id: Xnk4_WMujNcPDLDZ8dUnP_RFut60aoTD
x-amz-cf-id: cmf67Nc8ZCZMRbaSb4eyAM13_D9pD7zs2QNJHSz_RdNF48NpbGQ8gQ==

GET
H2 200 0b8cd7c6-807a-45a9-ae87-c81909f5d3a4-jumbo16x9_thumb_28747.png
upnorthlive.com/resources/media2/16x9/full/730/center/80/ 38 KB
38 KB 91ms
90ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/16x9/full/730/center/80/0b8cd7c6-807a-45a9-ae87-c81909f5d3a4-jumbo16x9_thumb_28747.png
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 69558b5383d688ef7a4a61dce8cbd7dc0ecd18244c7bd811a491219a0746eca0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 15:27:23 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4786
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 38540
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: MPMhPkZDmOC_jCmNvhX9kB22a5XlpjrOzhnJSL4rSB9vBKKhpN6iqQ==

GET
H2 200 wpbn-logo.svg
upnorthlive.com/resources/assets/wpbn/images/logos/ 13 KB
6 KB 25ms
25ms Image
image/svg+xml 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/assets/wpbn/images/logos/wpbn-logo.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: cce7bf6049bfabd4d503733a54cfac0cad925427f00127cc23e633326b3b9870

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 9GIVezpXdtzmlSbmC2qJgFcRhSSGqCgb
content-encoding: gzip
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 09:30:54 GMT
last-modified: Wed, 18 Nov 2020 16:07:47 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 27712
etag: W/"4d014ff1d32388288f6d6fb03288d1fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: DA-0DKLJocy0M2wt9h8WGRcJZjuVn_wJRiL4DblTEJJtR2VoyK6UVg==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 80ms
22ms Script
application/javascript 65.9.95.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-94.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 02:10:30 GMT
content-encoding: gzip
via: 1.1 1f7383179aa19c47a962c46236696426.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 52631
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: w4U0tfhNFrnJx7LPmYJYmg7kaEzx5rufjD8KgJcOLizknJao1jj1QA==

GET
H2 200 config Show response
platform.datazoom.io/beacon/v1/ 63 KB
63 KB 416ms
203ms Script
text/javascript 54.210.78.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.datazoom.io/beacon/v1/config?configuration_id=9044ad58-8076-4f97-ac66-a7a66959512a
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.78.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-78-179.compute-1.amazonaws.com
Software: /
Resource Hash: 5c5fd23f6a51e328e29267ca06cd0889cbc00c929f65ca74bb50001f296fbc02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
content-length: 64008
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript

GET
H2 200 notice Show response
consent.trustarc.com/ 0
540 B 125ms
63ms Script
text/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=sbgi.net&c=teconsent&text=true&js=nj&noticeType=bb&privacypolicylink=http%3A%2F%2Fsbgi.net%2Fprivacy-policy&irmc=irmlink

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-127.prg50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 20
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=3600
cloudfront-viewer-country-region: HE
timing-allow-origin: *
x-amz-cf-id: iT5dV2b_ty15QsY1p3ZSc4F6LFHUAY9spU5mYNra5PoJ5721U71gDw==
expires: Sat, 06 Jan 2024 17:47:09 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/sinclair/ 43 KB
18 KB 34ms
9ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/op.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7068928063d8f4cfa8a97c4c9b6d41af4be27d0345663427785e524fa4fd700

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: v8SLVHnxDglvH5AekmiFv.H6M.D8fXej
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 16:35:41 GMT
x-amz-cf-pop: FRA60-P4
age: 702
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17638
x-amz-meta-git_commit: e09f10f
last-modified: Sat, 06 Jan 2024 03:32:18 GMT
server: AmazonS3
etag: "50fedf107c263b1c2e335de0a07bb37c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: Ff8ArIErKYEstUAl6gBbYElx8TEe4uAedcjHP9cyeiGWM4cQFuQEYQ==

GET
H2 200 widget.js Show response
upnorthlive.com/resources/defaults/userway/ 1 KB
1 KB 31ms
30ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/resources/defaults/userway/widget.js?1.0.0
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 66dea1846c074839aab896a13759e78e1ed06dcdfdd0bc6b61d9143d44869184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 00:09:46 GMT
x-amz-version-id: uQLSrrGc2mqcy9sApzT9AFdusX7b1uAt
content-encoding: gzip
last-modified: Wed, 25 Jan 2023 17:19:17 GMT
server: nginx
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"f50371baf8b66dbf3880441856959022"
age: 578243
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: B6u5QSFYL2ZwSmnwOlgMCgHiEZSzqC36skv2fWlhTh7Kcrms7-WC2g==

GET
H2 200 _app.css
upnorthlive.com/_next/static/pages/ 73 KB
9 KB 31ms
29ms Stylesheet
text/css 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/pages/_app.css?v=c0a670d895841f4d989182656ce5e0265b02f85a
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 458636f0500f3b33524505a0e375d0b4a26e9617fa92797918a1364e92262063

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:45:09 GMT
x-amz-version-id: Xe7ZaYik_W0SMAmRrJiS9dOunSgKBMA9
via: 1.1 44e3ef26e727fc044d711ef45aefcd72.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
last-modified: Thu, 04 Jan 2024 22:42:32 GMT
server: nginx
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 151369
etag: W/"2c4d138996d0b19f4f6508bbca3c2189"
x-amz-server-side-encryption: AES256
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
x-cache: Hit from cloudfront
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-id: wKL6__Mh_Ff7AMYMN8zT9auPwn42NRqpaDMvc0HN42nTVyKxargRLg==

GET
H2 200 60a1c5edb108afb78f18b1fd555d76431dd0dd20_CSS.css
upnorthlive.com/_next/static/ 654 KB
51 KB 34ms
32ms Stylesheet
text/css 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/60a1c5edb108afb78f18b1fd555d76431dd0dd20_CSS.css?v=c0a670d895841f4d989182656ce5e0265b02f85a
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 0fc90015f2f5a6aa00ca5dd4db3a99e19e2ca1edc728e35c9f9d99f704f4942f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:45:09 GMT
x-amz-version-id: t3fiRkeHdEHI713rtTL.RGvm2CB2wPMF
via: 1.1 cadda06365c5592c0d0a272a3fe5825e.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
last-modified: Thu, 04 Jan 2024 22:42:31 GMT
server: nginx
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 151368
x-amz-server-side-encryption: AES256
etag: W/"46431a4283f77296fd8c2fdd7b7f95e9"
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
x-cache: Hit from cloudfront
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-id: j4CEKMPNNgLm0i7WV7Ejcl7m9iyRFB4vBNBQMuaeseqeHYdJLJGqHQ==

GET
H2 200 1a382b072835368ac653c1bd65120499b2f03c86_CSS.css
upnorthlive.com/_next/static/ 85 KB
13 KB 72ms
70ms Stylesheet
text/css 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/1a382b072835368ac653c1bd65120499b2f03c86_CSS.css?v=c0a670d895841f4d989182656ce5e0265b02f85a
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: b2ce58f91ca649b826b66e1912b7e5507577abb80b5c9a868bf1381790f86d5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:04:28 GMT
x-amz-version-id: XVwbnLmlxs4.FTiKkPt5K7VR9fTRb0w7
via: 1.1 6a52d37737133b0b8a09947e5c586ec4.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
last-modified: Thu, 04 Jan 2024 22:42:31 GMT
server: nginx
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 150161
x-amz-server-side-encryption: AES256
etag: W/"dcbc4122ddb24d9bea86a259f65ee84e"
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
x-cache: Hit from cloudfront
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-id: Wcvwf3Zvi94AkiKitz7eOaAWyXhsrLUEBxSd0zP9BEd36COwXXbraA==

GET
H2 200 sbg-search-dark.svg
upnorthlive.com/resources/defaults/news_3.0/icons/ui/ 1 KB
907 B 125ms
120ms Image
image/svg+xml 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/defaults/news_3.0/icons/ui/sbg-search-dark.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 0fc5c9d54edcdcb5c94263248a92aece199f5399636afd966022f13924640bf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 13:48:07 GMT
last-modified: Thu, 15 Mar 2018 21:32:07 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 11190
etag: W/"862efb8df1ddd592a2c16d71d54fad00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: aW3A5xyZA_xzybp2etE8_zHuTmmzlo_QRLstrWLYO_9egYdDzjXiBg==

GET
H2 200 8f769452-4f9a-468e-8fe8-fd8e19b8089d-jumbo36x25_thumb_17862.png
upnorthlive.com/resources/media2/36x25/full/360/center/80/ 6 KB
7 KB 84ms
79ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/36x25/full/360/center/80/8f769452-4f9a-468e-8fe8-fd8e19b8089d-jumbo36x25_thumb_17862.png
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: c634571e9868f53c86052f9b18e0d488fb1498d5f116dbbc1f8292f6a25c35b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 15:34:04 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4385
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 6590
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: 5vtLe2COp-SfXjZpHnsuy8_CBk_FOy60L7SrQ5wbGSba_M2aE1bwIQ==

GET
H2 200 65afa9e2-15a2-4608-a259-bdbb13288db3-jumbo36x25_Capture.JPG
upnorthlive.com/resources/media2/36x25/full/360/center/80/ 10 KB
11 KB 81ms
77ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/36x25/full/360/center/80/65afa9e2-15a2-4608-a259-bdbb13288db3-jumbo36x25_Capture.JPG
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: c7809116bf0c0203b5ca2ff475d297abb10085132c663a5bd8ca16d289ae6180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 20:03:58 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 74591
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 10570
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: x7rSkAIL59lEna1GjlxVMMOn2UZuRqXRVEUHQnxZnythYnQKcBpIqA==

GET
H2 200 6db3e440-fed1-47f3-b450-f9600c85726c-jumbo36x25_WhitmervsInslee.png
upnorthlive.com/resources/media2/36x25/full/140/center/80/ 3 KB
4 KB 83ms
79ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/36x25/full/140/center/80/6db3e440-fed1-47f3-b450-f9600c85726c-jumbo36x25_WhitmervsInslee.png
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 431f34b1f85201645ea8cd11f685f60539d86cb00a1af3a4368342559d87030a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 20:45:34 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 72095
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 3562
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: nHa7XXugWlONgiVQogpnqeUdobpuQkaWHbUKo-lNnazFAvChG0tpwQ==

GET
H2 200 1d25fe59-1a54-41a8-b69f-c70a8dcff846-jumbo36x25_trumpappeal.png
upnorthlive.com/resources/media2/36x25/full/140/center/80/ 3 KB
4 KB 99ms
95ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/36x25/full/140/center/80/1d25fe59-1a54-41a8-b69f-c70a8dcff846-jumbo36x25_trumpappeal.png
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 6652bde11b3f36a70561fb5cb70ee3247b82d14250c1bab7f85056dd78ccdcb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:39:52 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 65237
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 3512
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: Xj3p-0DBgWoUQrfo5_2rTcicbjGrA_5HbFG1U3MRXyIvwsN3hgY3Zw==

GET
H2 200 affd1306-fbf2-4889-9db8-9a099f1311eb-jumbo36x25_12U.JPG
upnorthlive.com/resources/media2/36x25/full/140/center/80/ 5 KB
6 KB 100ms
96ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/36x25/full/140/center/80/affd1306-fbf2-4889-9db8-9a099f1311eb-jumbo36x25_12U.JPG
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 5bbccb33a52d25db727934e2c7eabb958b221e0b9647c109dd4ae1e2b1ebb7aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:38:53 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 68896
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 5108
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: YdRGlmGsjJcg9E4KJa2khwbcoWLjWvLTdoOKGjJ6BXdCT1fj865OyQ==

GET
H2 200 f9d0d425-7125-4758-a2d2-54377adb4c35-jumbo36x25_amina.JPG
upnorthlive.com/resources/media2/36x25/full/140/center/80/ 3 KB
3 KB 83ms
80ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/36x25/full/140/center/80/f9d0d425-7125-4758-a2d2-54377adb4c35-jumbo36x25_amina.JPG
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 0c3642198c8670ccb73a29e67f18d687df8f02f2f5868f6105e727f718cd700a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 13:52:08 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 96900
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 2968
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: vtdwo_ZOpnp2rut-EWy7Gv-QFV401VoEkyQ1Iqwh1UKS1jW11T5A5Q==

GET
H2 200 e68287cf-6b19-459c-8fdd-176c49eb56e1-jumbo36x25_AP23307548187393.jpg
upnorthlive.com/resources/media2/36x25/full/140/center/80/ 4 KB
5 KB 90ms
86ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/36x25/full/140/center/80/e68287cf-6b19-459c-8fdd-176c49eb56e1-jumbo36x25_AP23307548187393.jpg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 51949b381806fa7c8cbad842cc51500680aa26ac344042f92cf19baa42ffa3d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 20:58:37 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 71312
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 4108
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: BmT__QKF01b9bsn6fWWNTxW8hfRjcEpcH-51lQE-5Aw5etIi7AfTYQ==

GET
H2 200 9ddaf4c3-06ac-4df7-ab5d-4d7076c7a108-jumbo36x25_thumb_549.png
upnorthlive.com/resources/media2/36x25/full/140/center/80/ 3 KB
3 KB 86ms
82ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/36x25/full/140/center/80/9ddaf4c3-06ac-4df7-ab5d-4d7076c7a108-jumbo36x25_thumb_549.png
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 5e7f787a9d10f2c5ce707600bf92534e15aac1b39f0699a585db6b5ce9c81013

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 20:08:08 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 74341
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 2908
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: E1owAKEvw4f-MzO10tq9AzFyXA02kIvTgSkAjA82P5o1X3R0l5BKKg==

GET
H2 200 c9f2b6fe-c0e5-4881-af45-7a5ce106e8dd-jumbo36x25_poster_4e6eeda1c43842a2bb9f7631020f233d.png
upnorthlive.com/resources/media2/36x25/full/140/center/80/ 4 KB
5 KB 97ms
94ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/36x25/full/140/center/80/c9f2b6fe-c0e5-4881-af45-7a5ce106e8dd-jumbo36x25_poster_4e6eeda1c43842a2bb9f7631020f233d.png
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 917ce91fbfc7bc941ff5dcd25639fda697c7f98a16142055f14628423ca15dab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:02:47 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 85462
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 4114
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: pEyJijqx6iiS0nEk05JBkBLOmSa-VcmMVPNWpbfMDu6kcG4BFqHdmw==

GET
H2 200 webpack-dc4ebc77543b836c6010.js Show response
upnorthlive.com/_next/static/chunks/ 2 KB
2 KB 94ms
91ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/chunks/webpack-dc4ebc77543b836c6010.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: c0418e4172989fc395fcc53061d9e09feb4d2585a0c16d9a4ed1527f82c513b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: ef2MWKmWkajS8DAudHeDrlNQqH6WQ14v
via: 1.1 bafc250db6f7cbd43d1e23b2a31d8002.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
content-encoding: br
date: Sat, 06 Jan 2024 11:44:18 GMT
last-modified: Thu, 21 Dec 2023 22:30:38 GMT
server: nginx
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 596774
x-amz-server-side-encryption: AES256
etag: W/"c25415d5afd26e078e768bfad123246d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-id: kt7V4NGQGHRLHPNxZTF_44xlTGil4tX8rbFK5uqE-SBCpoBKlp0YUw==

GET
H2 200 framework.53ba9dae374fb2c0509f.js Show response
upnorthlive.com/_next/static/chunks/ 131 KB
40 KB 95ms
92ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/chunks/framework.53ba9dae374fb2c0509f.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 23923901aefaf90d72d29661ee84ff6cc9a73722a4547d1d7c3541d4ae2ba535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: DHpkm4Hsm6mTU5B5mt5mY6HcXKBYHMwf
via: 1.1 e2ad8d56b8dbdb69144113ad1c008e02.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
content-encoding: gzip
date: Sat, 06 Jan 2024 10:31:30 GMT
last-modified: Thu, 21 Dec 2023 22:30:38 GMT
server: nginx
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 24129
x-amz-server-side-encryption: AES256
etag: W/"dc63fa50d0eeff96a1ff27c16792a2f9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-id: HyUD6kpvKvldIWHmA4Qk9TZyXLOtxi3UiiYRnPAXTOBi5VmAoqOo9g==

GET
H2 200 22403bd5e95a18c103d7988ef3a262c3dcfa9ba0.892d525206458b1b0037.js Show response
upnorthlive.com/_next/static/chunks/ 8 KB
3 KB 98ms
95ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/chunks/22403bd5e95a18c103d7988ef3a262c3dcfa9ba0.892d525206458b1b0037.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 14888b24a9622de23124fa9a8396b3bbba53d1bdbd6cf72627fdfd8594d4231a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: vtrhY.i4pxu447t8JcSf2QzPm5R0eYrZ
via: 1.1 049ca50de603d43d8c9d0f7716efb414.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
content-encoding: br
date: Thu, 04 Jan 2024 12:22:10 GMT
last-modified: Sat, 16 Dec 2023 01:33:53 GMT
server: nginx
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 189304
x-amz-server-side-encryption: AES256
etag: W/"5bcb10941ba4d6a69c38fe268938a298"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-id: cdFhI0__a18E68GqaDFaWt4ndRTC5jTRwSdUcrY69MOnAF2vaL-bnw==

GET
H2 200 f6078781a05fe1bcb0902d23dbbb2662c8d200b3.f1dc30ae2ec5ac3d6cf5.js Show response
upnorthlive.com/_next/static/chunks/ 31 KB
11 KB 81ms
78ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/chunks/f6078781a05fe1bcb0902d23dbbb2662c8d200b3.f1dc30ae2ec5ac3d6cf5.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 89d0f4d0bd6822e599becc20ae2e76c0d3dee2a59f7a54e89c1b89ccea8b4412

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 0sWFv85p7CqfpMreh1zc1BjfbnJs2XwD
via: 1.1 26c9d43b9089eee93b9e4ad4293d02c0.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
content-encoding: gzip
date: Fri, 05 Jan 2024 03:07:52 GMT
last-modified: Thu, 21 Dec 2023 22:30:38 GMT
server: nginx
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 136234
x-amz-server-side-encryption: AES256
etag: W/"9e64676f6c4cf243550b0d0a4acc7e15"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-id: G4AntE1P81dHvX49v2qkZ1gi8U2LgBC_i4lKtyd8HFSHGrrFy3C3-w==

GET
H2 200 main-7bd00a9a41d02f620474.js Show response
upnorthlive.com/_next/static/chunks/ 20 KB
8 KB 96ms
93ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/chunks/main-7bd00a9a41d02f620474.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 91a93f3004f76ba163b8eeb3d880b13032d791d6b48b6da0b544ea9801e690f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: zLEvpZ8xC6jomDiLQHI3At3y0VPk0LPw
via: 1.1 d220e3f3d93439a8c69225156c6ae800.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
content-encoding: gzip
date: Thu, 04 Jan 2024 12:22:10 GMT
last-modified: Thu, 21 Dec 2023 22:30:38 GMT
server: nginx
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 572843
x-amz-server-side-encryption: AES256
etag: W/"0e3c284b3826ee9860920522028ed21a"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-id: qauHdPflLj_stEUtRUGKY1uw4DIYTlqbW1lrLuKh3EfkFJrMh49p0A==

GET
H2 200 80755650ffd3642b9b8fd1d2904e1498bf7fc10a.d14808995b329d2ed3c8.js Show response
upnorthlive.com/_next/static/chunks/ 96 KB
22 KB 64ms
62ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/chunks/80755650ffd3642b9b8fd1d2904e1498bf7fc10a.d14808995b329d2ed3c8.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: aae546d06d27ef531a363367e4d88de7f12fdc5f5bf371cc2183901f38fc2b8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: cNx3FukseTc3VHZ2S7xrmuyy8FiFwy0G
via: 1.1 7f51caabae8141bdcde4283a42be2a56.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
content-encoding: gzip
date: Sun, 31 Dec 2023 12:33:15 GMT
last-modified: Thu, 21 Dec 2023 22:30:38 GMT
server: nginx
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 533634
x-amz-server-side-encryption: AES256
etag: W/"43691616349a957d488df70673478fc7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-id: USnAP-oiQN7s7xmyDwSlMRiEJEriXshV9SJ_KGDPaYEFzgeLQMRQQw==

GET
H2 200 ab26b7830acb5a8620b51d6d96e8fcb7375b203a.4e6e063fb4b143c18091.js Show response
upnorthlive.com/_next/static/chunks/ 30 KB
11 KB 92ms
90ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/chunks/ab26b7830acb5a8620b51d6d96e8fcb7375b203a.4e6e063fb4b143c18091.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: fbc6e914c431cd51ae4c7614d963f1056cbcd8a1101f1fb094fcb7194a3d0766

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 7Fz2PWeinT5dI8NGXYtzjGzskSpCnDgR
via: 1.1 c6aabec83f5c081149a8843767dacc52.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
content-encoding: gzip
date: Sat, 06 Jan 2024 00:24:57 GMT
last-modified: Wed, 20 Dec 2023 22:13:46 GMT
server: nginx
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 58976
x-amz-server-side-encryption: AES256
etag: W/"f307778b6c4aec582931df0723a6e7c7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-id: Vb0gFzwAnvBhmz4fFY6dVzI_3lvCJXUwEUAnCYQYy_o-5G83zqfQgw==

GET
H2 200 a9bf7e6829fe5ee1d9cccccd051abf3a41e00038.17f5a092daab96b661df.js Show response
upnorthlive.com/_next/static/chunks/ 14 KB
4 KB 86ms
84ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/chunks/a9bf7e6829fe5ee1d9cccccd051abf3a41e00038.17f5a092daab96b661df.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 745ccd434b35778c0bad45c339e08211e0697920f33c3f059a7f89446a0a8667

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 7y06t0eKucO7eHqJO4aKTMtlAJa8w05o
via: 1.1 bafc250db6f7cbd43d1e23b2a31d8002.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
content-encoding: gzip
date: Sat, 06 Jan 2024 00:24:57 GMT
last-modified: Thu, 21 Dec 2023 22:30:38 GMT
server: nginx
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 58976
x-amz-server-side-encryption: AES256
etag: W/"ceb85ee21203f3fba9a4ad3ff2d856be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-id: WiZfFUzCCTVpekMtw2jJpLe3NF4a7l-snuYdVIoH5NdbvOFUE5oejg==

GET
H2 200 _app-5d3b5984c290b5cf6bde.js Show response
upnorthlive.com/_next/static/chunks/pages/ 16 KB
5 KB 52ms
49ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/chunks/pages/_app-5d3b5984c290b5cf6bde.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 620725a95c381f1b48a0d84eefd3b20f29e5e47f39a7f8436f8d573664c7c5c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: bUjmXMlRJav2Msh4sbJGZW9RvtCZdjIj
via: 1.1 518bdec7a5119a665abaf6315a08e6a8.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
content-encoding: gzip
date: Wed, 03 Jan 2024 22:21:48 GMT
last-modified: Wed, 20 Dec 2023 22:13:46 GMT
server: nginx
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 602117
x-amz-server-side-encryption: AES256
etag: W/"e20e5bfe087aa8c917d35544f2e20919"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-id: QsDAXV_CMwuyea5QsD7rox0YbDecD7WwPZ6RWFTK6R_EQL-VqnK9sQ==

GET
H2 200 7e79d7bbf7ce5d3ebc38d7853ae910bb5749b9d2.7a8168ac290553c52d20.js Show response
upnorthlive.com/_next/static/chunks/ 142 KB
35 KB 87ms
84ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/chunks/7e79d7bbf7ce5d3ebc38d7853ae910bb5749b9d2.7a8168ac290553c52d20.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: f071dc5a4510184623e36a8a8e9f06da6298e60644ff35672da2fb24afe2c197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: r7Cng1E.cuFFZXWwxn.98cZd42wQAM54
via: 1.1 d220e3f3d93439a8c69225156c6ae800.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
content-encoding: gzip
date: Sat, 06 Jan 2024 00:24:57 GMT
last-modified: Wed, 20 Dec 2023 22:13:46 GMT
server: nginx
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 58976
x-amz-server-side-encryption: AES256
etag: W/"ab91eaae05968fcc4791519a3c6088d0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-id: JweKtJvCiV3-9lEuEiABM7nU5PzQxQJlyAREVMTvoSSppNxsI04RlQ==

GET
H2 200 60a1c5edb108afb78f18b1fd555d76431dd0dd20.c2cdf27ea625d8f9359d.js Show response
upnorthlive.com/_next/static/chunks/ 950 KB
224 KB 54ms
51ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/chunks/60a1c5edb108afb78f18b1fd555d76431dd0dd20.c2cdf27ea625d8f9359d.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: efbb1c60896f497e1b5215836f4ecd3154d5b23e8d5983604840058f5daa4773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:45:10 GMT
x-amz-version-id: q4ehigxrbj_kPzqNKB.DlSm8Z6hvNItU
via: 1.1 fc36d22b58a363b02ecdd852a2e51610.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
last-modified: Thu, 04 Jan 2024 22:42:31 GMT
server: nginx
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 151367
etag: W/"fc8ffbfb2853b65823591fd7f6a80bb5"
x-amz-server-side-encryption: AES256
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
x-cache: Hit from cloudfront
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-id: O_O4ipUHYsUDvri9MBnmHtJfSr_lU8PbYWkTkUkdpLc1VFDhUvslOw==

GET
H2 200 60a1c5edb108afb78f18b1fd555d76431dd0dd20_CSS.dd32408e2471bd10af40.js Show response
upnorthlive.com/_next/static/chunks/ 69 B
614 B 85ms
83ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/chunks/60a1c5edb108afb78f18b1fd555d76431dd0dd20_CSS.dd32408e2471bd10af40.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: b3161a60ce7551e3ba96e55ab168bd3635a33cb70ab0873e36fea2e3748fe24c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: ARbh41zzv3WCpt8gsg7doLPO2K8AUGy_
via: 1.1 a235f5b7b15b9c8025af96fb0081dd58.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Fri, 05 Jan 2024 03:07:52 GMT
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 599805
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 69
last-modified: Thu, 21 Dec 2023 22:30:38 GMT
server: nginx
etag: "f8b8eefab5efb3e53892c52221d7865b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
accept-ranges: bytes
x-amz-cf-id: RygYL3doIqjBaL2zl5E_4lzxSCaBaz-hGQvUVKAeWPENwiuYHmFJAw==

GET
H2 200 a2339e3eb6b6d127b5e462c4d95869a96c76c938.d8d389d44cdd8ab45626.js Show response
upnorthlive.com/_next/static/chunks/ 88 KB
29 KB 90ms
88ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/chunks/a2339e3eb6b6d127b5e462c4d95869a96c76c938.d8d389d44cdd8ab45626.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: b58a91fc46fd14a43fb13f7abe1fd6fa83ea3dd25d0ea81bdc0b74264b83607c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: v4SB9lvkIuqDPnTuTPcRyC06ARZapmtz
via: 1.1 13367f2265e830e1595737bd8f2eab92.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
content-encoding: br
date: Sat, 06 Jan 2024 11:44:18 GMT
last-modified: Thu, 21 Dec 2023 22:30:38 GMT
server: nginx
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 18207
x-amz-server-side-encryption: AES256
etag: W/"a4796fcaa03601d96eb0cd63d25654b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-id: gwx-C-gu1jR65VMI8OKfaOadr4u0OPGpcq9GTdTMmArcmB7a6NhOEw==

GET
H2 200 3a444735a5802f030fec16be9547524b4080b1ac.a11697463a62edf7b39b.js Show response
upnorthlive.com/_next/static/chunks/ 27 KB
9 KB 87ms
86ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/chunks/3a444735a5802f030fec16be9547524b4080b1ac.a11697463a62edf7b39b.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: a5c1d2a4dca956c1fafbb74cad0696b3ee2f8461b484c357c3f2a458336df790

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: kBi2CHHyKU.hF1a1BqBXxyRfsIhfIqGu
via: 1.1 7f51caabae8141bdcde4283a42be2a56.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
content-encoding: br
date: Sat, 06 Jan 2024 15:06:16 GMT
last-modified: Thu, 21 Dec 2023 22:30:38 GMT
server: nginx
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 7283
x-amz-server-side-encryption: AES256
etag: W/"44c41b1acf100cc2245802200ae119d7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-id: kHpSp3_gpjllNfBQOUIgZ-u-ENT6alajohOyro6F3HLu_tFMB73lag==

GET
H2 200 1a382b072835368ac653c1bd65120499b2f03c86.3110c67d61b9a2830edf.js Show response
upnorthlive.com/_next/static/chunks/ 145 KB
36 KB 68ms
66ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/chunks/1a382b072835368ac653c1bd65120499b2f03c86.3110c67d61b9a2830edf.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: d02a929c372a307b3e02e7f37e034770f1ae4cb12a46b14ba145fec445ee213b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: Ni5ATsO2pZ593taLCkKBd0uFfrWHzqlI
via: 1.1 2e87eef03ab555daefa684d946e111b4.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
content-encoding: br
date: Fri, 05 Jan 2024 03:15:22 GMT
last-modified: Wed, 20 Dec 2023 22:13:46 GMT
server: nginx
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 136218
x-amz-server-side-encryption: AES256
etag: W/"742318b8271216ab4821912262aeefd8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-id: 7kzyi_20ZWliZmEgTseryV-hvsvM7Yt7yg09UeSYxNHBtgjjZebnsw==

GET
H2 200 1a382b072835368ac653c1bd65120499b2f03c86_CSS.34e373399cdc573d23ed.js Show response
upnorthlive.com/_next/static/chunks/ 70 B
613 B 91ms
89ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/chunks/1a382b072835368ac653c1bd65120499b2f03c86_CSS.34e373399cdc573d23ed.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 06ab8f63d326c8e6eb5310568b8322fdc39b7a94b6d4d4fb0009f2f8a50309aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: WS_d5owB9aZwoHl4spamwpnZj.ZeAVqa
via: 1.1 d220e3f3d93439a8c69225156c6ae800.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 16:47:09 GMT
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 5715
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 70
last-modified: Thu, 21 Dec 2023 22:30:38 GMT
server: nginx
etag: "c36c776021ab51c427356f0ebd60f2a2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
accept-ranges: bytes
x-amz-cf-id: ljn4TyXYlWErn0NxN5Sp0DsG2jknZxhd45_dXZE-SYBvZSnTNahWdQ==

GET
H2 200 home_page-4173305f2f335bb4c014.js Show response
upnorthlive.com/_next/static/chunks/pages/renderer/%5BsiteSlug%5D/ 1006 B
1 KB 100ms
98ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/chunks/pages/renderer/%5BsiteSlug%5D/home_page-4173305f2f335bb4c014.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 4a9566d4eea97622e3f891298e606278b8cdd1cf58bf29e70e3deb5aacd64510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: U6EGjiskgeodD0KIwhMeIDO43yg6AHnB
via: 1.1 049ca50de603d43d8c9d0f7716efb414.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
content-encoding: gzip
date: Sun, 31 Dec 2023 21:52:51 GMT
last-modified: Thu, 21 Dec 2023 22:30:38 GMT
server: nginx
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 500058
x-amz-server-side-encryption: AES256
etag: W/"5982b25dbdf5144765a611b43c3390c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-id: g657RjetiH653j-l7OKXcxK4K9P13OwGzypdLDE5xy7PISvQiow7kg==

GET
H2 200 _buildManifest.js Show response
upnorthlive.com/_next/static/NI-sQaNRYxFjATXJmoiqp/ 4 KB
2 KB 99ms
97ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/NI-sQaNRYxFjATXJmoiqp/_buildManifest.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: bed1ede62a126194c0a871d11b78c78b809ff1c06f0fd2f4593371f751416ba7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:45:10 GMT
x-amz-version-id: 96vduFAFTyKtAnOGzVftcm8RuwPp3ICY
via: 1.1 e2ad8d56b8dbdb69144113ad1c008e02.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
last-modified: Thu, 04 Jan 2024 22:42:31 GMT
server: nginx
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 151368
etag: W/"c119ca61cce2b71d47fd8d19425c0fab"
x-amz-server-side-encryption: AES256
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript
x-cache: Hit from cloudfront
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-cf-id: Ik334-1aV9IWvdpgOaip6yxXVdrg39JaXLwDMNjYV_YMpDyhOHPPFA==

GET
H2 200 _ssgManifest.js Show response
upnorthlive.com/_next/static/NI-sQaNRYxFjATXJmoiqp/ 76 B
622 B 98ms
97ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/_next/static/NI-sQaNRYxFjATXJmoiqp/_ssgManifest.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:46:54 GMT
x-amz-version-id: Mafo8kO4B2mv_Vth9TX3wTa5DfFAj4_j
via: 1.1 7f51caabae8141bdcde4283a42be2a56.cloudfront.net (CloudFront), 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: HIO52-P2, PRG50-C1
age: 151247
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 76
last-modified: Thu, 04 Jan 2024 22:42:31 GMT
server: nginx
etag: "abee47769bf307639ace4945f9cfd4ff"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
accept-ranges: bytes
x-amz-cf-id: dlAbljYgtNor5BXZAb-x-Lsp_QNLTNplXuB1FrJZuU5xcQvZbDjexA==

GET
H2 200 21162-pbjs-floors.json Show response
ads.rubiconproject.com/floors/ 49 KB
5 KB 35ms
8ms Fetch
application/json 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/floors/21162-pbjs-floors.json
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/21162.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash: ea12a8d32091e1ba17dddd2f8797b609d01aabb50a0d53be17cf7bbfbabca109

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
content-encoding: gzip
last-modified: Sat, 06 Jan 2024 15:40:38 GMT
server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1500
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 5331

GET
H2 200 wi-74.svg
upnorthlive.com/resources/defaults/news_3.0/icons/weather/ 3 KB
1 KB 44ms
44ms Image
image/svg+xml 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/defaults/news_3.0/icons/weather/wi-74.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: e677e2b3186358d0458c6c066771b61df53d5e42de43e83e31200252b31c2b52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Fri, 05 Jan 2024 01:17:36 GMT
last-modified: Tue, 14 Nov 2017 01:23:06 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 572843
etag: W/"936c60ff52dc5ce359fee6b3fa60e1ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: d2m96geafzI8lcOJkMCQ3w7JgmGQ_yoI2RCBkqq70X9_JQKU0Zeu0Q==

GET
H2 200 wi-69.svg
upnorthlive.com/resources/defaults/news_3.0/icons/weather/ 1 KB
1 KB 45ms
45ms Image
image/svg+xml 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/defaults/news_3.0/icons/weather/wi-69.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: c2aba5b9ee6e67c0f831b68b880efbfa99ee33e25ff4a3b349b5281c5d7a88bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Fri, 05 Jan 2024 15:03:54 GMT
last-modified: Tue, 14 Nov 2017 01:23:06 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 599806
etag: W/"0af05611cd9ff02f4db1754d8c2c5e5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: VWwh3-vIOT2rRrhb_ZgaCB19OuuYWRjcfP3vHSYeH-IBVk1t0x27gg==

GET
H2 200 sbg-video_g.svg
upnorthlive.com/resources/defaults/news_3.0/icons/ui/ 1 KB
1 KB 58ms
58ms Image
image/svg+xml 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/defaults/news_3.0/icons/ui/sbg-video_g.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/60a1c5edb108afb78f18b1fd555d76431dd0dd20_CSS.css?v=c0a670d895841f4d989182656ce5e0265b02f85a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: eb09aab900d7fc638ce33711030f3581f948130016b6c5bfeb456b85a52b4ad5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/_next/static/60a1c5edb108afb78f18b1fd555d76431dd0dd20_CSS.css?v=c0a670d895841f4d989182656ce5e0265b02f85a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 23:35:59 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Sun, 11 Mar 2018 16:56:10 GMT
server: nginx
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"8f1704574cbdfeae279a58a26de0e2be"
age: 234670
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: vl9HvTreHBJz396vjybGx7vZWINhvbBA9tIczDNMsLDgsgtySgQMsQ==

GET
H2 200 sbg-gallery_g.svg
upnorthlive.com/resources/defaults/news_3.0/icons/ui/ 1 KB
1 KB 38ms
37ms Image
image/svg+xml 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/defaults/news_3.0/icons/ui/sbg-gallery_g.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/60a1c5edb108afb78f18b1fd555d76431dd0dd20_CSS.css?v=c0a670d895841f4d989182656ce5e0265b02f85a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 8635c5e193a35779bbfeceb8d06f67647e2c57b366aaeaf797fa7158b62b7c01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/_next/static/60a1c5edb108afb78f18b1fd555d76431dd0dd20_CSS.css?v=c0a670d895841f4d989182656ce5e0265b02f85a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 20:45:56 GMT
last-modified: Sun, 11 Mar 2018 16:56:10 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 246251
etag: W/"42fd9c0dfbb8ea1cf2bbea48349a326b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: XqZAvQ_u-gNk0e3LSzFRKxVwyqkznOUuAXXEQPCn3Rvp_u5nEQH-pg==

GET
H2 200 sbg-search.svg
upnorthlive.com/resources/defaults/news_3.0/icons/ui/ 1 KB
959 B 180ms
179ms Image
image/svg+xml 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/defaults/news_3.0/icons/ui/sbg-search.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: d8d1e71ee6159ec84a633aefb3788bad72f3405de514535f38cd1aa73e11c148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 02:04:30 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Sun, 11 Mar 2018 16:56:10 GMT
server: nginx
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"d82c17fbf5ece578f6103a3701a7a947"
age: 571359
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: ZWR5qvWwbyTFIYgb8d2VkFc-yT98LbuvN72GWZd9Xov-IVO6KTZyYg==

GET
H2 200 sbg-account-symbol.svg
sinclairstoryline.com/resources/defaults/news_3.0/icons/ui/ 6 KB
6 KB 645ms
610ms Image
image/svg+xml 18.66.147.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinclairstoryline.com/resources/defaults/news_3.0/icons/ui/sbg-account-symbol.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-103.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6fbbf82797ced37ef9b7c8a66404e3348a2d73117587adacd7a0c2050543abef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
x-amz-version-id: 1pwXU229iGP6qwxHrs8VPACYTaj4fzra
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jan 2019 22:05:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: "bae82d29a42f7a9d1b79ab9fc61d3c3a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-replication-status: FAILED
accept-ranges: bytes
content-length: 5753
x-amz-cf-id: 56cwEBeIScAGFxgFQiQ_Zkh0LFx2zui-HN8GYLd9aidbX25goicz9w==

GET
H2 200 instagram.svg
upnorthlive.com/resources/defaults/news_3.0/icons/social/ 5 KB
2 KB 181ms
181ms Image
image/svg+xml 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/defaults/news_3.0/icons/social/instagram.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 30bd6e68171688fb2844631b49890e32a5a85e28b3260db9a8d8e7c8b40639e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 16:00:41 GMT
last-modified: Tue, 14 Nov 2017 01:23:06 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 261988
etag: W/"789fc1bf5537bf41d6cb026b1e0da2c6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: qI9vVFWna-pytu7_fySYO4AO8glDamYCY-pzWD8gGiuSPe06XKXcEw==

GET
H2 200 twitter.svg
upnorthlive.com/resources/defaults/news_3.0/icons/social/ 1 KB
1 KB 39ms
38ms Image
image/svg+xml 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/defaults/news_3.0/icons/social/twitter.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 4c4281f520dffbf42421b7db9b24a131f1bc506c6ddf5280c397b309ccac9c12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: auxImG_7XwifiM00.atI1mbi71XNXCDF
content-encoding: gzip
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 06:14:09 GMT
last-modified: Thu, 19 Oct 2023 19:39:39 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 297180
etag: W/"05a8ea73c9b5c08c0c7b923e4e1a8e35"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: nyRFMPotxSyZNzZ8F3EWY3BxkncwaLIzhLdbkhz-GQnPOpsvHDs_ZA==

GET
H2 200 facebook.svg
upnorthlive.com/resources/defaults/news_3.0/icons/social/ 2 KB
1 KB 60ms
59ms Image
image/svg+xml 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/defaults/news_3.0/icons/social/facebook.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: a8217e4fc03707f16d5f62014eb782350d12cc6b1181a278ee4b777842bd237e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:49:37 GMT
x-amz-version-id: 9Htxkj_ZK24NLUD_MaR3QmvD72x7AmIH
content-encoding: br
last-modified: Thu, 19 Oct 2023 19:39:00 GMT
server: nginx
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"45b21d1d1da9b28a93406157ddbbc766"
age: 251852
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: lje3VpqsXJtf9DRF-kF2H2TkVqeaOpioFV_ZeyMvKkD0ND0bnAZb3A==

GET
H2 200 b-e09f10f-3f43045e.js Show response
tagan.adlightning.com/sinclair/ 75 KB
29 KB 11ms
10ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0b1e55ecb32616cfe9830c0d1c512822429dd7e1a775b78ebeec741316bc90d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:13:32 GMT
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id: bPTtBFULY.SUXB4UlbbQ1HXmh6W4UsNp
x-amz-cf-pop: FRA60-P4
age: 3382418
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28800
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:34:22 GMT
server: AmazonS3
etag: "f626cf07bc0423765401627bba38b9ad"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: iYjuefMVpOegA_TTZpUJYPLSjzew9mYmSKpiDUiqqdmjsYW-YNgDug==

GET
H2 200 bl-250cc79-bbd0b627.js Show response
tagan.adlightning.com/sinclair/ 94 KB
40 KB 11ms
11ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/bl-250cc79-bbd0b627.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06e9e2fe5d767cfe51561fc034d7dde68a65996bc98d03fe11698ba797074124

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 03:33:28 GMT
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id: f4csE2GkEUhL_BAqGuyMj_M5NGpFpmhk
x-amz-cf-pop: FRA60-P4
age: 47622
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 40087
x-amz-meta-git_commit: 250cc79
last-modified: Sat, 06 Jan 2024 03:31:41 GMT
server: AmazonS3
etag: "3668d01de63e049c4946ffa168d7cacf"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: vcLckBeB_3n4ctnwjejOiwNntV3aANoj5v9r9WgAIzlGFu_3ISdOnA==

GET
H2 200 widget_app_base_1612278999697.js Show response
upnorthlive.com/resources/defaults/userway/widgetapp/2021-02-02/ 77 KB
22 KB 40ms
40ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/resources/defaults/userway/widgetapp/2021-02-02/widget_app_base_1612278999697.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 0b5071ac9ca7ac9f30c7fc4faeffebf0bce56b4ace34d8f4d0319de4216b6ed3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: QHh_OvAA_MLvcxElYdPLbJ5X0j4YfKS5
content-encoding: gzip
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Thu, 04 Jan 2024 20:09:58 GMT
last-modified: Thu, 26 Oct 2023 22:05:05 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 160631
etag: W/"cd609055e6817c8847570e382562dd62"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: CqHxzVHhUe6lzNiOY8jfHzOHU8L01nCJgZ45vSBlA1lE41M7CgKUzw==

GET
H2 200 opensans-variablefont_wdth,wght.woff2
upnorthlive.com/resources/assets/common/fonts/open-sans-variable/ 38 KB
39 KB 33ms
33ms Other
application/octet-stream 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/resources/assets/common/fonts/open-sans-variable/opensans-variablefont_wdth,wght.woff2
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675

Request headers

Referer: https://upnorthlive.com/
Origin: https://upnorthlive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: HjfgKlk.V6XX2qPFqQXrs.CwivGXychU
date: Tue, 02 Jan 2024 16:02:04 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 572844
x-cache: Hit from cloudfront
nmp-debug: resources
content-length: 39372
x-amz-meta-replication-status: FAILED
x-amz-meta-server-side-encryption: AES256
last-modified: Mon, 27 Mar 2023 21:28:27 GMT
server: nginx
etag: "40b6965b5cd26213faf61e5ab6765bb9"
vary: Origin
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
x-amz-meta-version-id: Xnk4_WMujNcPDLDZ8dUnP_RFut60aoTD
x-amz-cf-id: _23K9wBkFxBk84_I8_UvjdqEAXFGRxlRMApmiVomOMKYyUXzK1qo-Q==

GET
H2 204 b
sb.scorecardresearch.com/ 0
227 B 35ms
35ms Image
text/plain 65.9.95.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=19578925&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704559629285&ns_c=UTF-8&c7=https%3A%2F%2Fupnorthlive.com%2F&c8=Traverse%20City%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20WPBN&c9=
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-94.prg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
via: 1.1 1f7383179aa19c47a962c46236696426.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: OPkjSWJwGOzc2XvX858q9-IO6RbLy3pLpPHtUIXqZ0TgB312vAyMxQ==
x-cache: Miss from cloudfront

OPTIONS
H2 200 64ff35afae91a31275d6a8f2
app.launchdarkly.com/sdk/goals/ Frame 0
0 28ms
6ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/64ff35afae91a31275d6a8f2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://upnorthlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Sat, 06 Jan 2024 16:47:09 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 9
x-served-by: cache-fra-eddf8230090-FRA
x-timer: S1704559629.439497,VS0,VE0

OPTIONS
H2 204 frontEndConfig
paywall-prod.appspot.com/ Frame 0
0 1074ms
951ms Preflight
text/html 2a00:1450:4001:827::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paywall-prod.appspot.com/frontEndConfig
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: property
Access-Control-Request-Method: GET
Origin: https://upnorthlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: property
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 06 Jan 2024 16:47:10 GMT
server: Google Frontend
vary: Access-Control-Request-Headers
x-cloud-trace-context: 85ef511c4db71f193d10f1a2e25a07ee
x-powered-by: Express

OPTIONS
H2 200 eyJraW5kIjoiSlRDc2l0ZSIsImtleSI6IjdmYmEwM2QxLTk3MGQtNDVkMi05OWVmLTdhOTljNmJhNjcwMyIsInNpdGVzbHVnIjoiVVBOT1JUSExJVkUiLCJvdmVycmlkZSI6ZmFsc2UsInVzZXJDb21tZW50aW5nRW5hYmxlZCI6dHJ1ZX0
app.launchdarkly.com/sdk/evalx/64ff35afae91a31275d6a8f2/contexts/ Frame 0
0 23ms
7ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/64ff35afae91a31275d6a8f2/contexts/eyJraW5kIjoiSlRDc2l0ZSIsImtleSI6IjdmYmEwM2QxLTk3MGQtNDVkMi05OWVmLTdhOTljNmJhNjcwMyIsInNpdGVzbHVnIjoiVVBOT1JUSExJVkUiLCJvdmVycmlkZSI6ZmFsc2UsInVzZXJDb21tZW50aW5nRW5hYmxlZCI6dHJ1ZX0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://upnorthlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Sat, 06 Jan 2024 16:47:09 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 4
x-served-by: cache-fra-eddf8230090-FRA
x-timer: S1704559629.439509,VS0,VE0

GET
H2 200 more Show response
upnorthlive.com/api/rest/audience/ 19 KB
20 KB 183ms
183ms XHR
application/json 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/api/rest/audience/more?section=upnorthlive.com/news/local&limit=8
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/7e79d7bbf7ce5d3ebc38d7853ae910bb5749b9d2.7a8168ac290553c52d20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: ef480276a498153ff17f9bbd4e28aa88a7b632c1b88f1a18f81f62fe228235bd

Request headers

Accept: application/json, text/plain, */*
Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:46:48 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 21
x-cache: Hit from cloudfront
nmp-debug: audience
sec-gw-log-token: UNDEFINED
server: nginx
etag: 117f550a-aca9-11ee-8d03-02c25b0e60a1
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
sbg-tag-location: existing_section
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
x-amz-cf-id: EdBaDNucuYO0MzX-II6FTMWJ7kt6a8lXx0xMUnM44GjpTVvct8tVeQ==

GET
H2 200 more Show response
upnorthlive.com/api/rest/audience/ 79 B
517 B 470ms
470ms XHR
application/json 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/api/rest/audience/more?section=upnorthlive.comhttp://compulse.dailydealbuilder.com/traverse-city-wpbn/deals&limit=8
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/7e79d7bbf7ce5d3ebc38d7853ae910bb5749b9d2.7a8168ac290553c52d20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 7a7775f415fea31da2a36fc90e41377336c6d58d9b3e6e12654ff39637ae826e

Request headers

Accept: application/json, text/plain, */*
Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:46:47 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 22
x-cache: Hit from cloudfront
nmp-debug: audience
content-length: 79
sec-gw-log-token: UNDEFINED
server: nginx
etag: 3c4167df-1137-4233-999d-c30777c32dfd
access-control-allow-methods: GET
content-type: application/json
sbg-tag-location: random
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
x-amz-cf-id: UxAv7LbCMgxcvyvNMreUCMP2W6EpmxsA_CgSJ5AERyl5O9Xfjhq6GQ==

GET
H2 200 more Show response
upnorthlive.com/api/rest/audience/ 239 KB
240 KB 198ms
198ms XHR
application/json 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/api/rest/audience/more?section=upnorthlive.com
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/7e79d7bbf7ce5d3ebc38d7853ae910bb5749b9d2.7a8168ac290553c52d20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: f85abf3cf61029db1913484689d9b7ee06fceb2fab22f7bc94e87732ae1a6101

Request headers

Accept: application/json, text/plain, */*
Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:46:48 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 21
x-cache: Hit from cloudfront
nmp-debug: audience
sec-gw-log-token: UNDEFINED
server: nginx
etag: ccd0a37e-acb2-11ee-8d03-02c25b0e60a1
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
sbg-tag-location: existing_section
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
x-amz-cf-id: SCIB3Lo4xOGeFZADRd-U3i5i3O0dcdSk1SRZap99d176Ol-nxigOJw==

GET
H2 200 sp_vAJ26rhf Show response
launcher.spot.im/spot/ 94 KB
24 KB 527ms
466ms Script
application/javascript 65.9.95.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launcher.spot.im/spot/sp_vAJ26rhf
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-24.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 150a6b7599f0a52ee143b7d0b3fe43bdd06a1724e88eed46ac2df37861ce01cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 8zyjAKBgwsotcERM_D64w09BTuLazwVZ
content-encoding: br
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 16:47:10 GMT
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 23701
last-modified: Wed, 03 Jan 2024 09:17:22 GMT
server: AmazonS3
etag: "2d2222898b048536d037789eed9aab3d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: izVkNxvKUTpxcC1a5_KoZZM5bm9t7ahi2VUl58YItoN699k50CC9uA==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 74ms
26ms Script
application/javascript 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/7e79d7bbf7ce5d3ebc38d7853ae910bb5749b9d2.7a8168ac290553c52d20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:36:07 GMT
content-encoding: gzip
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront), 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, PRG50-C1
age: 663
x-amz-server-side-encryption: AES256
etag: W/"d6937d02acbbf691a008906e9d0617e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: oLrAS34R8g4w5gXayWNnTGj5NWaKfxNBm8NjO0Uqk_56Kq2LpQEdzw==

GET
H2 200 NATN1 Show response
livevideostatus.sinclairstoryline.com/status/ 270 B
565 B 92ms
39ms XHR
application/json 65.9.95.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://livevideostatus.sinclairstoryline.com/status/NATN1
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/7e79d7bbf7ce5d3ebc38d7853ae910bb5749b9d2.7a8168ac290553c52d20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-14.prg50.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 38fee043dba7ad2970e81c27ccb3c4a58b48d7ec850023b4d43e92afa6d53f2a

Request headers

Accept: application/json, text/plain, */*
Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:03 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: PRG50-C1
age: 6
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
content-length: 270
x-amz-cf-id: 9xrZPOv2netm9HtQDRBiDKOqTFUJGTFLRjxkPza43lixY68bVpI5uA==

GET
H2 200 NATN2 Show response
livevideostatus.sinclairstoryline.com/status/ 270 B
564 B 93ms
40ms XHR
application/json 65.9.95.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://livevideostatus.sinclairstoryline.com/status/NATN2
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/7e79d7bbf7ce5d3ebc38d7853ae910bb5749b9d2.7a8168ac290553c52d20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-14.prg50.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 38fee043dba7ad2970e81c27ccb3c4a58b48d7ec850023b4d43e92afa6d53f2a

Request headers

Accept: application/json, text/plain, */*
Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:03 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: PRG50-C1
age: 6
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
content-length: 270
x-amz-cf-id: sUAqneYQWj7lH_vhb5hVgf6nSP2QG8VK-3Ou1v8H6_JrDmV7MLzehg==

GET
H2 200 NATIONAL Show response
livevideostatus.sinclairstoryline.com/status/ 270 B
564 B 91ms
38ms XHR
application/json 65.9.95.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://livevideostatus.sinclairstoryline.com/status/NATIONAL
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/7e79d7bbf7ce5d3ebc38d7853ae910bb5749b9d2.7a8168ac290553c52d20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-14.prg50.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 38fee043dba7ad2970e81c27ccb3c4a58b48d7ec850023b4d43e92afa6d53f2a

Request headers

Accept: application/json, text/plain, */*
Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:05 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: PRG50-C1
age: 4
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
content-length: 270
x-amz-cf-id: ZvDBi34glttgoeTvbNSQq1PtasWQdUj203nmcMXKu0qorQJQNxtutA==

GET
H2 200 WPBN Show response
livevideostatus.sinclairstoryline.com/status/ 270 B
559 B 357ms
304ms XHR
application/json 65.9.95.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://livevideostatus.sinclairstoryline.com/status/WPBN
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/7e79d7bbf7ce5d3ebc38d7853ae910bb5749b9d2.7a8168ac290553c52d20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-14.prg50.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 38fee043dba7ad2970e81c27ccb3c4a58b48d7ec850023b4d43e92afa6d53f2a

Request headers

Accept: application/json, text/plain, */*
Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
content-length: 270
x-amz-cf-id: o5aOQmV6l_7gsAFjTAP6BAjrFZEbJxTkwJkA3pjYmNTbal3YszbNDg==

GET
H2 200 WPBN_EVENT Show response
livevideostatus.sinclairstoryline.com/status/ 270 B
558 B 383ms
330ms XHR
application/json 65.9.95.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://livevideostatus.sinclairstoryline.com/status/WPBN_EVENT
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/7e79d7bbf7ce5d3ebc38d7853ae910bb5749b9d2.7a8168ac290553c52d20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-14.prg50.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 38fee043dba7ad2970e81c27ccb3c4a58b48d7ec850023b4d43e92afa6d53f2a

Request headers

Accept: application/json, text/plain, */*
Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
content-length: 270
x-amz-cf-id: mtl-t-UT1gzFHcOXPUgfgVX4RKA1srExi7H9fw5RcCupF8sgDhhaQA==

GET
H2 200 49684 Show response
upnorthlive.com/api/rest/audiencero/weather/zipcode/ 48 KB
49 KB 180ms
180ms XHR
application/json 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/api/rest/audiencero/weather/zipcode/49684
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/7e79d7bbf7ce5d3ebc38d7853ae910bb5749b9d2.7a8168ac290553c52d20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 3091800a8881be38304672d913288066d281f736a47b517f4d5b32785f801f97

Request headers

Accept: application/json, text/plain, */*
Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:46:21 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: PRG50-C1
age: 48
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
nmp-debug: weather-zip
x-amz-cf-id: TOZAquPEnU3ahZsvEbEnnVte3Cmr0GmoVEkLm4M-xZgBDu1hGyOgiQ==
sec-gw-log-token: UNDEFINED

GET
H2 200 get-alerts Show response
upnorthlive.com/api/rest/audience/ 79 B
465 B 181ms
181ms XHR
application/json 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/api/rest/audience/get-alerts
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/7e79d7bbf7ce5d3ebc38d7853ae910bb5749b9d2.7a8168ac290553c52d20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 68f51e1fbda82543d971e29d3ea25f90835073e9c982067d04fac5733b288de9

Request headers

Accept: application/json, text/plain, */*
Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:46:53 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: PRG50-C1
age: 16
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
nmp-debug: audience
content-length: 79
x-amz-cf-id: o1teO3418PJLM0uyHDL2TxJJXq4Y0i2F5Ld0sNxWHLFGpBiBDhUHMA==
sec-gw-log-token: UNDEFINED

GET
H2 200 trending-stories Show response
upnorthlive.com/api/rest/audience/ 12 KB
12 KB 187ms
186ms XHR
application/json 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/api/rest/audience/trending-stories?count=5
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/7e79d7bbf7ce5d3ebc38d7853ae910bb5749b9d2.7a8168ac290553c52d20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 40e9d275a7126b953155432941ff6dd6a3c67d539b69fe1f89dff78f2fe03fa7

Request headers

Accept: application/json, text/plain, */*
Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:46:53 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: PRG50-C1
age: 16
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
nmp-debug: audience
x-amz-cf-id: 4jYZ3A4V-dnpg0BUPCiP5yBsZPdF8FMYuz6BnJh-i5xiaI0ETvse4Q==
sec-gw-log-token: UNDEFINED

GET
H2 200 trending-stories Show response
upnorthlive.com/api/rest/audience/ 59 KB
60 KB 185ms
185ms XHR
application/json 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/api/rest/audience/trending-stories?count=25
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/7e79d7bbf7ce5d3ebc38d7853ae910bb5749b9d2.7a8168ac290553c52d20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 0b8f03dfdf8ff1864c6734388daf72183652cb47c691b4eaa7ce974b3beb765d

Request headers

Accept: application/json, text/plain, */*
Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:46:21 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: PRG50-C1
age: 48
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
nmp-debug: audience
x-amz-cf-id: 2Bu-lumBGxjEW8L_NHhDg5t_EjvMNyuhkSozvQgEbGJnhcEM13gWWA==
sec-gw-log-token: UNDEFINED

GET
H2 204 me
upnorthlive.com/api/auth/upnorthlive/ 0
0 257ms
257ms Fetch 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/api/auth/upnorthlive/me
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/80755650ffd3642b9b8fd1d2904e1498bf7fc10a.d14808995b329d2ed3c8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
server: nginx
nmp-debug: api-auth
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: _vapuSHm1Dz2jBDAWmUcPNKcq5JeRjKf2ZlQDTI0F2maVhWCqRgfMQ==
x-cache: Miss from cloudfront

GET
H2 200 sbg-video2.svg
upnorthlive.com/resources/defaults/news_3.0/icons/ui/ 2 KB
1 KB 42ms
41ms Image
image/svg+xml 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/defaults/news_3.0/icons/ui/sbg-video2.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/60a1c5edb108afb78f18b1fd555d76431dd0dd20_CSS.css?v=c0a670d895841f4d989182656ce5e0265b02f85a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: ff21b1a811ffdbaf4d7f0901bec20622a43934ba210028d9c116b21f02af5364

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/_next/static/60a1c5edb108afb78f18b1fd555d76431dd0dd20_CSS.css?v=c0a670d895841f4d989182656ce5e0265b02f85a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 15:44:46 GMT
last-modified: Sun, 11 Mar 2018 16:56:10 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 4618
etag: W/"a65417a4a7fb9bbf9f144a00cedb0871"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: MqjSrwYacXyEIC-1u_saE4J8pX6hoO3YuRN3hYb8LU5Ly7br4PWRYw==

GET
H2 200 sbg-arrow-right_w.svg
upnorthlive.com/resources/defaults/news_3.0/icons/ui/ 956 B
1 KB 38ms
37ms Image
image/svg+xml 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/defaults/news_3.0/icons/ui/sbg-arrow-right_w.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/1a382b072835368ac653c1bd65120499b2f03c86_CSS.css?v=c0a670d895841f4d989182656ce5e0265b02f85a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 9a4c759d59afc8f3f9349d9fbe97375e757534ef4ea12f8cf6c9e5a8380dba63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/_next/static/1a382b072835368ac653c1bd65120499b2f03c86_CSS.css?v=c0a670d895841f4d989182656ce5e0265b02f85a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 19:00:29 GMT
x-amz-version-id: null
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
last-modified: Sun, 11 Mar 2018 16:56:10 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 510400
etag: "e444cee5a0d5f4b6c037e995474c380a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
content-length: 956
x-amz-cf-id: dOoOGOc1w0VkUNTiIIiRyLS2j9Gej8-rS4M4kZhc19nSZCJlmlFOqw==

GET
H2 200 config Show response
platform.datazoom.io/beacon/v1/ 63 KB
63 KB 165ms
165ms Script
text/javascript 54.210.78.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.datazoom.io/beacon/v1/config?configuration_id=9044ad58-8076-4f97-ac66-a7a66959512a
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/main-7bd00a9a41d02f620474.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.78.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-78-179.compute-1.amazonaws.com
Software: /
Resource Hash: 5c5fd23f6a51e328e29267ca06cd0889cbc00c929f65ca74bb50001f296fbc02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
content-length: 64008
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript

GET
H2 200 64ff35afae91a31275d6a8f2 Show response
app.launchdarkly.com/sdk/goals/ 2 B
179 B 7ms
6ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/64ff35afae91a31275d6a8f2

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/a2339e3eb6b6d127b5e462c4d95869a96c76c938.d8d389d44cdd8ab45626.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upnorthlive.com/
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.9
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Sat, 06 Jan 2024 16:47:09 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-fra-eddf8230090-FRA
x-timer: S1704559629.446630,VS0,VE0
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 3

GET
H2 200 sbg-angle_down.svg
upnorthlive.com/resources/defaults/news_3.0/icons/ui/ 1 KB
913 B 183ms
183ms Image
image/svg+xml 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/defaults/news_3.0/icons/ui/sbg-angle_down.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 34f1e1ce3e56903e53c52a1b3b88405d54fa0c6e04a2ce21461b85119c461f01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:24:19 GMT
x-amz-version-id: null
content-encoding: br
last-modified: Sun, 11 Mar 2018 16:56:10 GMT
server: nginx
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"4803638cfcfd7ad52f5ed548db936769"
age: 102170
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: j2GO-p63Vsj0x24FNmjnS2mBjClcTbQ7VuLazYBa1ry4GWeRe1Kj_w==

GET
H2 200 userway.svg
upnorthlive.com/resources/defaults/news_3.0/icons/accessibility/ 3 KB
2 KB 42ms
42ms Image
image/svg+xml 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/defaults/news_3.0/icons/accessibility/userway.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: d192fde99248cbe5095985187a88c3e124ea71f1dce0fdde19b3ae2770c0ae5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: Vke33eZx3chB1ZYx8SybdFl0k07rNcwU
content-encoding: br
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 13:56:25 GMT
last-modified: Fri, 23 Jul 2021 07:44:10 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 269444
etag: W/"f5e07e6eb0a4a03c989604e1bb1b2909"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: f0S-XWqTpVb07AJ75rBlQJHY7DLixuJQARQRvvoLy7vLSMKOWDYDkw==

GET
H2 200 sbg-search-dark.svg
upnorthlive.com/resources/defaults/news_3.0/icons/ui/ 1 KB
907 B 23ms
23ms Image
image/svg+xml 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/defaults/news_3.0/icons/ui/sbg-search-dark.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 0fc5c9d54edcdcb5c94263248a92aece199f5399636afd966022f13924640bf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 13:48:07 GMT
last-modified: Thu, 15 Mar 2018 21:32:07 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 11190
etag: W/"862efb8df1ddd592a2c16d71d54fad00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: b3lLwJrOIWWzVnUWu7d7Jh8NJrjRu7t5rEA_E0Rrif0NeESqEzV9BA==

GET
H2 200 more Show response
upnorthlive.com/api/rest/audience/ 36 KB
37 KB 190ms
190ms XHR
application/json 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/api/rest/audience/more?section=upnorthlive.com/news&limit=15&type=gallery&offset=0
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/7e79d7bbf7ce5d3ebc38d7853ae910bb5749b9d2.7a8168ac290553c52d20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 84a0b066bf79e5dfa9bd7bc3bd2cc57f33e25ddad23eb6ab65684114da7e1af8

Request headers

Accept: application/json, text/plain, */*
Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:46:48 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 21
x-cache: Hit from cloudfront
nmp-debug: audience
sec-gw-log-token: UNDEFINED
server: nginx
etag: b38aaca2-4def-4d55-9399-da3e4c4fec5d
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
sbg-tag-location: existing_section
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
x-amz-cf-id: sMp0EPO0d6w-wiAbLP4M6R_QRycNN0F4MPpypMC2wGNiq-_MD0EEHA==

GET
H2 200 frontEndConfig Show response
paywall-prod.appspot.com/ 204 B
325 B 954ms
952ms XHR
application/json 2a00:1450:4001:827::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paywall-prod.appspot.com/frontEndConfig
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/7e79d7bbf7ce5d3ebc38d7853ae910bb5749b9d2.7a8168ac290553c52d20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: aec991cad0cbbc749c86d0fd2774a31e4328c6e608f4075bc53f7d2d2d5888ab

Request headers

Accept: application/json, text/plain, */*
property: upnorthlive
Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
content-encoding: gzip
server: Google Frontend
x-powered-by: Express
etag: W/"cc-Ufe6T5EfJG+8ueOACtsjXxARS8o"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 0e5480145693fd7f82a6b4f80be801b5
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158

GET
H2 200 eyJraW5kIjoiSlRDc2l0ZSIsImtleSI6IjdmYmEwM2QxLTk3MGQtNDVkMi05OWVmLTdhOTljNmJhNjcwMyIsInNpdGVzbHVnIjoiVVBOT1JUSExJVkUiLCJvdmVycmlkZSI6ZmFsc2UsInVzZXJDb21tZW50aW5nRW5hYmxlZCI6dHJ1ZX0 Show response
app.launchdarkly.com/sdk/evalx/64ff35afae91a31275d6a8f2/contexts/ 708 B
572 B 15ms
15ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/64ff35afae91a31275d6a8f2/contexts/eyJraW5kIjoiSlRDc2l0ZSIsImtleSI6IjdmYmEwM2QxLTk3MGQtNDVkMi05OWVmLTdhOTljNmJhNjcwMyIsInNpdGVzbHVnIjoiVVBOT1JUSExJVkUiLCJvdmVycmlkZSI6ZmFsc2UsInVzZXJDb21tZW50aW5nRW5hYmxlZCI6dHJ1ZX0
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/a2339e3eb6b6d127b5e462c4d95869a96c76c938.d8d389d44cdd8ab45626.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ec0d9a16467ac9b08347831aabd2edde1950a3629267a8301f80b74c0e455826

Request headers

Referer: https://upnorthlive.com/
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.9
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 188
x-served-by: cache-fra-etou8220023-FRA, cache-fra-eddf8230090-FRA
x-timer: S1704559629.446693,VS0,VE8
etag: "22dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

GET
H2 200 facebook.svg
upnorthlive.com/resources/defaults/news_3.0/icons/social/ 2 KB
1 KB 28ms
26ms Image
image/svg+xml 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/defaults/news_3.0/icons/social/facebook.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: a8217e4fc03707f16d5f62014eb782350d12cc6b1181a278ee4b777842bd237e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:49:37 GMT
x-amz-version-id: 9Htxkj_ZK24NLUD_MaR3QmvD72x7AmIH
content-encoding: br
last-modified: Thu, 19 Oct 2023 19:39:00 GMT
server: nginx
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"45b21d1d1da9b28a93406157ddbbc766"
age: 251852
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: 6HCKi8Vvw16Z-qucOfavUuRCXJoSXVPY5Xa7WLfccgjg4fFMh8NN6g==

GET
H2 200 twitter.svg
upnorthlive.com/resources/defaults/news_3.0/icons/social/ 1 KB
1 KB 28ms
27ms Image
image/svg+xml 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/defaults/news_3.0/icons/social/twitter.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 4c4281f520dffbf42421b7db9b24a131f1bc506c6ddf5280c397b309ccac9c12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: auxImG_7XwifiM00.atI1mbi71XNXCDF
content-encoding: gzip
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 06:14:09 GMT
last-modified: Thu, 19 Oct 2023 19:39:39 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 297180
etag: W/"05a8ea73c9b5c08c0c7b923e4e1a8e35"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: 2RmRNNWz0QLXKQLSL6N49X5tJ6u7p_KbuER62AhHBFkPVCpjg8HWSA==

GET
H2 200 instagram.svg
upnorthlive.com/resources/defaults/news_3.0/icons/social/ 5 KB
2 KB 32ms
30ms Image
image/svg+xml 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/defaults/news_3.0/icons/social/instagram.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 30bd6e68171688fb2844631b49890e32a5a85e28b3260db9a8d8e7c8b40639e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 16:00:41 GMT
last-modified: Tue, 14 Nov 2017 01:23:06 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 261988
etag: W/"789fc1bf5537bf41d6cb026b1e0da2c6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=7200, s-maxage=604800, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: ItFtnIquuFfhLf6mVm74YqxuWd7x9DVT3D-AEjHrhE5DRsFgQB_XSQ==

GET
H2 200 b7a099ae-2ada-4684-9e42-c975cc816e37-jumbo36x25_thumb_15570.png
upnorthlive.com/resources/media2/36x25/full/372/center/80/ 5 KB
6 KB 186ms
185ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/36x25/full/372/center/80/b7a099ae-2ada-4684-9e42-c975cc816e37-jumbo36x25_thumb_15570.png
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: f11bdc8856e37643990df17d9d45b1713e00b0db21542a5bacc392273cd922bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 20:38:35 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 72514
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 5608
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: tjrkw2Hxm1-QWFpJd4-EHr6XpmGXcv_dcd7w7NLD4gztf-c_-wO0cw==

GET
H2 200 42c6eb9f-1a2d-457f-bf2f-bd9d4ade6394-jumbo36x25_412022874_3796010520724108_901287049901154358_n.jpg
upnorthlive.com/resources/media2/36x25/full/372/center/80/ 22 KB
22 KB 190ms
189ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/36x25/full/372/center/80/42c6eb9f-1a2d-457f-bf2f-bd9d4ade6394-jumbo36x25_412022874_3796010520724108_901287049901154358_n.jpg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 62c320495650aab763cadbf3d0e5140f9c2a093b9e2ce56883e3c8aa5ff20aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 15:06:52 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 92417
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 22060
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: uUqZoxcvpmRiV0fwcqN_oyThq-b8wFUod4Ls_0ker2lqqIMC-pt1QA==

GET
H2 200 61cca1f9-b573-43b8-8c5b-8e5b49fb505d-jumbo36x25_IMG_4310.jpeg
upnorthlive.com/resources/media2/36x25/full/372/center/80/ 26 KB
26 KB 47ms
46ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/36x25/full/372/center/80/61cca1f9-b573-43b8-8c5b-8e5b49fb505d-jumbo36x25_IMG_4310.jpeg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 8d4207cda7f3c6db5a41c229da22f6534a44923ec3f0f870e1d68c52c3d5f141

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 14:45:57 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 93672
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 26114
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: 3SeWUxTCCJFl2-ofBx4JKXWWC3nHElqdLm8TtFr7a2DKb8zYHmGmqg==

GET
H2 200 63bfe1bf-2256-45bf-b5c8-15d94f7647a0-jumbo16x9_413473921_3613807738898253_3896566388114878043_n.jpg
upnorthlive.com/resources/media2/16x9/full/210/center/80/ 4 KB
4 KB 50ms
50ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/16x9/full/210/center/80/63bfe1bf-2256-45bf-b5c8-15d94f7647a0-jumbo16x9_413473921_3613807738898253_3896566388114878043_n.jpg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 65837e57220f3d5b924084acce2b9298e53fc6a0970439f705202309ee1313cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:02:47 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 85462
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 3746
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: slPUpi5Pjc7zP8HBDpm8xy60Qj0DKShYZTER3FjoUDRKElZsXxrr0A==

GET
H2 200 b2f8a588-2072-49ce-b8fa-ea51aed487d7-jumbo16x9_Capture.JPG
upnorthlive.com/resources/media2/16x9/full/210/center/80/ 3 KB
4 KB 44ms
43ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/16x9/full/210/center/80/b2f8a588-2072-49ce-b8fa-ea51aed487d7-jumbo16x9_Capture.JPG
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 81c210ffe5be64b42a14ce21245fec5d7649f2077b6af72d2f502cc5886fd217

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 16:39:45 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 86844
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 3268
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: AsRpMb_0dbfqlUIFhiF-AXsed4MeqmbVzf12RlnsKJZBmoFIby8UHA==

GET
H2 200 c07749c2-fd71-402b-915c-ac580360f44f-jumbo16x9_412825610_1420986298511846_585229509601320983_n.jpg
upnorthlive.com/resources/media2/16x9/full/210/center/80/ 9 KB
9 KB 48ms
47ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/16x9/full/210/center/80/c07749c2-fd71-402b-915c-ac580360f44f-jumbo16x9_412825610_1420986298511846_585229509601320983_n.jpg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: e5accbe8ba188d3bcb31478307c418d33cd998d39304c6068bfd7b6aa97521c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 16:13:49 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 88400
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 9018
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: Q_JY_fRmuq8OieoscUZ-AJl7qmDH7KbegdDucjdkE507ndi5OXFKSg==

GET
H2 200 62bc7235-5acf-4676-8fec-3461da2b01d5-jumbo16x9_AP23050063228136.jpg
upnorthlive.com/resources/media2/16x9/full/210/center/80/ 5 KB
6 KB 48ms
48ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/16x9/full/210/center/80/62bc7235-5acf-4676-8fec-3461da2b01d5-jumbo16x9_AP23050063228136.jpg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 8a7c22c671fcd4bda8231ad2001b71d07186b75f3cf9a680e867cd7e4c66b746

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 14:45:25 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 93704
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 5342
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: xEJBXknqo68_pg5RCxCSes_do5ucY1BjVSEtOvGHFnbtQH5kXv_zmw==

GET
H2 200 sbg-account-symbol.svg
sinclairstoryline.com/resources/defaults/news_3.0/icons/ui/ 6 KB
6 KB 622ms
621ms Image
image/svg+xml 18.66.147.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinclairstoryline.com/resources/defaults/news_3.0/icons/ui/sbg-account-symbol.svg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-103.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6fbbf82797ced37ef9b7c8a66404e3348a2d73117587adacd7a0c2050543abef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
x-amz-version-id: 1pwXU229iGP6qwxHrs8VPACYTaj4fzra
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jan 2019 22:05:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: "bae82d29a42f7a9d1b79ab9fc61d3c3a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-replication-status: FAILED
accept-ranges: bytes
content-length: 5753
x-amz-cf-id: g5ryeM9NP1b8k4b6B04-gaoE3Asxc2dUXtdq_VZPCIvEu1iIluVmCg==

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 15:51:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 06 Jan 2024 16:51:00 GMT

GET
H2 200 player.config.json Show response
upnorthlive.com/resources/video/players/prod/player-configs/config/ 8 KB
3 KB 196ms
195ms Fetch
application/json 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/resources/video/players/prod/player-configs/config/player.config.json
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/resources/video/players/prod/src/scripts/player-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 6746ced8472c2941075a829b973b1a8e7bc5deba5090130a64a4d0dc4611b300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: uoWNeFEkonUYTVI6AmVn244ih0qmAwrK
content-encoding: br
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 16:47:09 GMT
last-modified: Tue, 05 Dec 2023 17:33:11 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 183
etag: W/"9748fa1e4a62ccf48e1745a0298638a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age=300, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: xeGixcIIq6Qey633Qo38PmNFtkFaDCm6vNZCabuGq1GDmvfcrLNDBA==

POST
H2 200 YkpM9C8RQT Show response
api.userway.org/api/tunings/ 3 KB
3 KB 537ms
177ms XHR
application/json 2600:1f14:5db:eb22:906b:6fe4:91b4:da90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/YkpM9C8RQT
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/resources/defaults/userway/widgetapp/2021-02-02/widget_app_base_1612278999697.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:906b:6fe4:91b4:da90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 959b42cfe222f1230ab2b58391f66947c2283418412f1095669c4df0045a971d

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
etag: W/"b4e-yebU1yW0Png3+GX6r3pD1mTGvNU"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr4ccb672a8c844b7
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 2894
x-service-version: uw-pr

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 436 KB
137 KB 162ms
51ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 15:53:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3244
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140253
x-xss-protection: 0
server: cafe
etag: 11435206252018266965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 05 Jan 2025 15:53:05 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 248 KB
79 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MQJS9PH&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4DLR7K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c104018521a00bbeaab16e6affa341b386e9a4b8a88c78efe9facbbb86afc686

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80955
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 Jan 2024 16:47:09 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 192 KB
66 KB 60ms
59ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3V8RTN&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4DLR7K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebb274dd74782bc6ae8b5a0596df6da6f509265937069cbf8fef4f26751fd333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67982
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 Jan 2024 16:47:09 GMT

GET
H2 200 trending-stories Show response
upnorthlive.com/api/rest/audience/ 59 KB
60 KB 181ms
181ms XHR
application/json 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/api/rest/audience/trending-stories?count=25
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/7e79d7bbf7ce5d3ebc38d7853ae910bb5749b9d2.7a8168ac290553c52d20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 345914333c298a6477f0ece1605f9f603f0d49a0d85719218f0ae192804fce78

Request headers

Accept: application/json, text/plain, */*
Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:07 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: PRG50-C1
age: 2
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=60, stale-while-revalidate=30, stale-if-error=604800
nmp-debug: audience
x-amz-cf-id: Sjn7YOhyfk-OZWitAdZ_vvYEZq8fc96GWTK818bB2eHrJ8hIZGO8bg==
sec-gw-log-token: UNDEFINED

GET
H2 200 eyJraW5kIjoiSlRDc2l0ZSIsImtleSI6IjdmYmEwM2QxLTk3MGQtNDVkMi05OWVmLTdhOTljNmJhNjcwMyIsInNpdGVzbHVnIjoiVVBOT1JUSExJVkUiLCJvdmVycmlkZSI6ZmFsc2UsInVzZXJDb21tZW50aW5nRW5hYmxlZCI6dHJ1ZX0
clientstream.launchdarkly.com/eval/64ff35afae91a31275d6a8f2/ 723 B
0 111ms
39ms EventSource
text/event-stream 15.197.213.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/64ff35afae91a31275d6a8f2/eyJraW5kIjoiSlRDc2l0ZSIsImtleSI6IjdmYmEwM2QxLTk3MGQtNDVkMi05OWVmLTdhOTljNmJhNjcwMyIsInNpdGVzbHVnIjoiVVBOT1JUSExJVkUiLCJvdmVycmlkZSI6ZmFsc2UsInVzZXJDb21tZW50aW5nRW5hYmxlZCI6dHJ1ZX0

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.197.213.252 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aa1ba9bef7b18c265.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
strict-transport-security: max-age=31536000
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-content-length: 877
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

GET
H2 200 3555 Show response
config.aps.amazon-adsystem.com/configs/ 532 B
806 B 77ms
35ms Script
application/javascript 3.161.119.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3555
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.119.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-119-86.vie50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 06ff970917f1175699ae221031cd71d8d9dea53ad27cbaf88a6ca57850e6b413

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:18:02 GMT
via: 1.1 e72e5f48f0da91aae20d958e6142d90c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-P2
age: 1747
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 532
x-amz-cf-id: UW8ke120qa9sUE8nkdbnd08wHVcgkgIZrLt_iyPtM4yisI-UBzenWw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 131ms
131ms XHR
application/json 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3555&u=https%3A%2F%2Fupnorthlive.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: Server /
Resource Hash: 74fb73013fa53b8fdfbd21b11d964b81914db5cda03ffa09497805dda729b6fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://upnorthlive.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2007
x-amz-cf-id: 4hcf7PC-IMh6HjmoESF_bSCO03GskVGTRU1TkigjKoKEAREI0tv7xQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 64ms
23ms XHR
application/javascript 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 11:05:23 GMT
x-amz-cf-pop: PRG50-C1
age: 20507
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: cLniUJyLoIxqxJO-7OFh9BKcnBAeHga_ZDUx1XCnJpfUSVzeVIt19w==

GET
H2 200 messages-count Show response
open-api.spot.im/v1/ 373 B
1003 B 401ms
338ms Fetch
application/json 65.9.95.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://open-api.spot.im/v1/messages-count?spot_id=sp_vAJ26rhf&posts_ids=aac8bd11-e979-400e-adf7-a5f097e6a561,0203c704-1e0e-4e4b-87b5-e24a8c32b7f5,ff19bf3e-7829-4d5c-8558-ef9748c1ff83,230e0a40-decd-413d-a458-22f500d61f3a,483cd0fa-d468-4827-a57a-4f66092a200b,7903514d-13e1-4116-a82e-5cbbcc9fd51b,b83339c8-8f2b-4f46-ad77-88b59af8d966,24935e3c-e20a-4d6c-8a15-14be8a2fa082,588d96b5-7256-414f-b569-1d272ccd1d60,3e62086b-fe1f-4043-b84d-d290908ef202,24707727-40ec-4a7b-8041-49a8cde702ca,edd63642-bb7b-431a-b750-9a31f7a9a5c3,1f8b344d-04b5-4932-b9db-d750a73b9863,704f4978-5ff5-4438-8802-67a06c96a2b2,35d89bd2-eb42-4497-a9cd-36447d8c5dcf,4da1622d-4fec-4606-81b2-8e29cf74894d,0be249b2-fd56-4b3d-b420-1cda3d297e73,3af65ecd-3c9f-47e8-9240-60bffa109e05,2bed481c-5124-4be7-87b3-f2f5583e6af6,e19d9cd9-356f-47e1-848b-3e9c90563066,6bca15bf-a79b-497a-bf9d-2a9397ef6cc2,a6eb5bb8-91fd-4316-bac4-04e9f41dae24,12db18d3-51bc-464e-9593-13b3cdbb56b6,de2fdb38-97e5-41a0-9fc2-e9ab07cf6a70,8a4ff4e3-a56a-48e6-906f-5e5e4110aac4

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/a2339e3eb6b6d127b5e462c4d95869a96c76c938.d8d389d44cdd8ab45626.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-58.prg50.r.cloudfront.net

Software

Resource Hash

b2538b471ad2e89b0d33eef70a747df6949b44f6571ac0116a4402287f21bd81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
via: 1.1 d9c696d6d0c92f63870873ced2895baa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
x-spotim-bid
x-spotim-rid
content-length: 373
x-spotim-vid
access-control-max-age: 86400
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: https://upnorthlive.com
access-control-expose-headers: x-spotim-bid, x-spotim-rid, x-spotim-token, x-spotim-networkid, x-spotim-spotid, x-spotim-vid
access-control-allow-credentials: true
access-control-allow-headers: x-spotim-bid, x-spotim-rid, x-spotim-token, x-spotim-networkid, x-spotim-spotid, x-spotim-vid, Content-Type
x-amz-cf-id: 3VT_cbcpTKJCBpW9WD6i4gBlgVlkaoAQdIzT9YRtzaIHiPFcwJRmEg==

GET
H2 200 0b8cd7c6-807a-45a9-ae87-c81909f5d3a4-jumbo16x9_thumb_28747.png
upnorthlive.com/resources/media2/16x9/full/351/center/80/ 10 KB
11 KB 40ms
39ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/16x9/full/351/center/80/0b8cd7c6-807a-45a9-ae87-c81909f5d3a4-jumbo16x9_thumb_28747.png
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: c36d9bb3303b7fe1db678fd6a5754ca9d1a06fff0fc95f940e03f30ed27ac8bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:05:31 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 2498
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 10268
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: Nu_Crq0xqdtvq3Y9XQ2aHWeBwu5qcgAuhxMoQNfTYhJVjEm_3uM7PQ==

GET
H2 200 f9d0d425-7125-4758-a2d2-54377adb4c35-large1x1_amina.JPG
upnorthlive.com/resources/media2/1x1/full/100/center/80/ 2 KB
3 KB 51ms
51ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/1x1/full/100/center/80/f9d0d425-7125-4758-a2d2-54377adb4c35-large1x1_amina.JPG
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 2d3762b368cbe760983b769be079161e63202ace4228bd57fd30ccc5de148efa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 00:06:07 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 60062
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 2126
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: l0qTBUpKx2KtfgRmyRn7maoNmaCjFwRjkHiZgDsz8RFjynBiJYv_aA==

GET
H2 200 c07749c2-fd71-402b-915c-ac580360f44f-large1x1_412825610_1420986298511846_585229509601320983_n.jpg
upnorthlive.com/resources/media2/1x1/full/100/center/80/ 3 KB
4 KB 41ms
40ms Image
image/webp 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upnorthlive.com/resources/media2/1x1/full/100/center/80/c07749c2-fd71-402b-915c-ac580360f44f-large1x1_412825610_1420986298511846_585229509601320983_n.jpg
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 2bf1591d70f40c489afc891166319190eb7646009a19b26200986bf12ddb3e6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 14:13:10 GMT
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 95639
x-cache: Hit from cloudfront
nmp-debug: media2
content-length: 3486
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800, stale-while-revalidate=60, stale-if-error=604800
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
x-amz-cf-id: 190bIhBM_F_YB_fz1RuDME77VUmL5Z4w9FVjX1lVIUdv_ypfJtFl-A==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 58ms
58ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=528320348&t=pageview&_s=1&dl=https%3A%2F%2Fupnorthlive.com%2F&ul=en-us&de=UTF-8&dt=Traverse%20City%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20WPBN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEIhAAAAACAAI~&jid=2065484381&gjid=935590036&cid=1546832688.1704559629&tid=UA-12096981-13&_gid=1856209739.1704559629&_r=1&_slc=1&cd6=home&cd1=Unregistered&cd2=Unsubscribed&cd3=1546832688.1704559629&cd4=true&cd7=standard-teaser&z=1209116223

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 16:47:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://upnorthlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config Show response
platform.datazoom.io/beacon/v2/ 1 KB
2 KB 305ms
102ms XHR
application/json 54.210.78.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.datazoom.io/beacon/v2/config?configuration_id=9044ad58-8076-4f97-ac66-a7a66959512a
Requested by: Host: platform.datazoom.io
URL: https://platform.datazoom.io/beacon/v1/config?configuration_id=9044ad58-8076-4f97-ac66-a7a66959512a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.78.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-78-179.compute-1.amazonaws.com
Software: /
Resource Hash: 6983778b3850960f5a4d46bfa9b10f18bf022c76736f66091093d6339e809bca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 06 Jan 2024 16:47:09 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 159ms
53ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-12096981-13&cid=1546832688.1704559629&jid=2065484381&gjid=935590036&_gid=1856209739.1704559629&_u=aGBAAEIgAAAAACAAI~&z=689509835

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 06 Jan 2024 16:47:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://upnorthlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
91 KB 69ms
69ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EJSHDBDQ9R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQJS9PH&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1991a4310e41abbebf90b4447b82194c1c10fb06056aa0ca26ecfb95c47fbb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92764
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Jan 2024 16:47:09 GMT

GET
H2 200 web-vitals.attribution.iife.js Show response
unpkg.com/web-vitals@3.0.0/dist/ 10 KB
4 KB 35ms
20ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.0.0/dist/web-vitals.attribution.iife.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9344b6a4db3db16dee581361244125a03a353c2ed0f5f701d83dc2be552d07c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3330838
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGCJ6HT9WYXZ24N8ZAZD0X40-fra
server: cloudflare
etag: W/"2647-N1l5oKJqaDLvxL3cO+UxlArzaXc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 841570f59bcf043a-FRA

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/sinclairbroadcastgroup/wpbn/scripts/ 165 KB
46 KB 120ms
99ms Script
application/javascript 151.101.0.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/sinclairbroadcastgroup/wpbn/scripts/evergage.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6807836cc3ed4f4ad0024fa11a33297289b43ba1733d845824217bed7f0bb4a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 9SrNfLmOvrvFJE29pBizo_2qs0sR.EYT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Sat, 06 Jan 2024 16:47:09 GMT
x-amz-request-id: 6HRNMJK8EWMZ425R
age: 24
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: PENDING
content-length: 46307
x-amz-id-2: /axp+nbwNXFGtf0M0Ql2pnmVtwYVfiE4mBN3wDf29FgGJBU5bcXwtYYPwtqhEEqPx+cnjqsWMsvQTOQ7qFxkpQ==
x-served-by: cache-iad-kiad7000111-IAD, cache-fra-eddf8230123-FRA
x-amz-meta-evergage-sum: c48976beebcf0c13801526e261564da7431cec7d
last-modified: Fri, 01 Dec 2023 18:12:10 GMT
server: AmazonS3
x-timer: S1704559630.704145,VS0,VE93
etag: "0c8d3f16cf9c26863aa7bcca7a07c887"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 136123, 1

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 110 KB
37 KB 77ms
24ms Script
text/javascript 65.9.95.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-28.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: x5VtTe.o38AhKNl9GXJ.IeIaII4uy0GZ
content-encoding: gzip
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 01:56:40 GMT
last-modified: Thu, 19 Oct 2023 08:25:12 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 53466
x-amz-server-side-encryption: AES256
etag: W/"b248cc9d0fdeb36bdeb7efabad1132ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: g8SycE3JjTtR1MZvaZJbSWaF2d5Nby91hBZSSMeDOI3LX4vh_DKCtA==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 48ms
18ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Sat, 06 Jan 2024 17:02:09 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 75ms
24ms Script
text/javascript 65.9.95.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-19.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 01:52:48 GMT
content-encoding: gzip
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 53664
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: BjTe7jkAwx2gI1qesmQjenJZR1Ddd3nIE1h_l0gvisyPKTNowHAr6g==

GET
H2 200 config Show response
platform.datazoom.io/beacon/v2/ 1 KB
2 KB 202ms
102ms XHR
application/json 54.210.78.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.datazoom.io/beacon/v2/config?configuration_id=9044ad58-8076-4f97-ac66-a7a66959512a
Requested by: Host: platform.datazoom.io
URL: https://platform.datazoom.io/beacon/v1/config?configuration_id=9044ad58-8076-4f97-ac66-a7a66959512a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.78.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-78-179.compute-1.amazonaws.com
Software: /
Resource Hash: 6983778b3850960f5a4d46bfa9b10f18bf022c76736f66091093d6339e809bca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 06 Jan 2024 16:47:09 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

GET
H2 200 messages-count Show response
open-api.spot.im/v1/ 373 B
1000 B 337ms
337ms Fetch
application/json 65.9.95.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/a2339e3eb6b6d127b5e462c4d95869a96c76c938.d8d389d44cdd8ab45626.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-58.prg50.r.cloudfront.net

Software

Resource Hash

b2538b471ad2e89b0d33eef70a747df6949b44f6571ac0116a4402287f21bd81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
via: 1.1 d9c696d6d0c92f63870873ced2895baa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
x-spotim-bid
x-spotim-rid
content-length: 373
x-spotim-vid
access-control-max-age: 86400
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: https://upnorthlive.com
access-control-expose-headers: x-spotim-bid, x-spotim-rid, x-spotim-token, x-spotim-networkid, x-spotim-spotid, x-spotim-vid
access-control-allow-credentials: true
access-control-allow-headers: x-spotim-bid, x-spotim-rid, x-spotim-token, x-spotim-networkid, x-spotim-spotid, x-spotim-vid, Content-Type
x-amz-cf-id: Dd06fmCqMs-SiSPu533P90c6O6acpqx53voe5umm0e0yxFIghGfm2A==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 98ms
30ms XHR
application/json 54.220.142.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.142.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-142-223.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 060387dcab401c642f0b22b9a753d5c8a1d2153008906665485cf2ea1d7ceb4a

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 16:47:09 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://upnorthlive.com
cache-control: no-cache
x-server: 10.45.11.194
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
618 B 72ms
20ms Fetch
application/json 65.9.95.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-73.prg50.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 02:04:41 GMT
via: 1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront), 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, PRG50-C1
age: 52948
x-amzn-requestid: 4ab26eab-e50f-4f2f-b839-86a4296eaa70
x-amzn-trace-id: Root=1-6598b539-289652a52820b07337eb4945;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: RGFA9GeZjoEEWmQ=
content-length: 30
x-amz-cf-id: raR0Ak3UlJ8P_lz1Y5mUY0Q6JchI5EsyDt05_T6NBnJPaTq-KbiOLQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 190ms
79ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-12096981-13&cid=1546832688.1704559629&jid=2065484381&_u=aGBAAEIgAAAAACAAI~&z=502682630

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 16:47:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 188ms
78ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-12096981-13&cid=1546832688.1704559629&jid=2065484381&_u=aGBAAEIgAAAAACAAI~&z=502682630

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 16:47:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wpbn Show response
sinclairbroadcastgroup.us-5.evergage.com/api2/event/ 40 KB
9 KB 374ms
123ms XHR
application/json 3.131.165.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sinclairbroadcastgroup.us-5.evergage.com/api2/event/wpbn?event=eyJhY3Rpb24iOiJIb21lcGFnZSIsIml0ZW1BY3Rpb24iOiJWaWV3IEl0ZW0iLCJzb3VyY2UiOnsicGFnZVR5cGUiOiJIb21lIFBhZ2UiLCJjb250ZW50Wm9uZXMiOlsiZ2xvYmFsX3BvcHVwIiwic29jaWFsV2lkZ2V0Il0sInVybCI6Imh0dHBzOi8vdXBub3J0aGxpdmUuY29tLyIsInVybFJlZmVycmVyIjoiIiwiY2hhbm5lbCI6IldlYiIsImJlYWNvblZlcnNpb24iOjE2LCJjb25maWdWZXJzaW9uIjoiMSJ9LCJmbGFncyI6eyJwYWdlVmlldyI6dHJ1ZX0sInVzZXIiOnsiYXR0cmlidXRlcyI6eyJhZHZlcnRpc2luZ0Nvb2tpZSI6ZmFsc2UsImZ1bmN0aW9uYWxDb29raWUiOmZhbHNlLCJyZXF1aXJlZENvb2tpZSI6ZmFsc2UsInNwb3J0c1VzZXJWaXNpdCI6MH0sImFub25JZCI6ImM1NjRmZjQ3ZDBhNGNlZTIifSwicGVyZm9ybWFuY2UiOnt9LCJkZWJ1ZyI6eyJleHBsYW5hdGlvbnMiOnRydWV9LCJjYXRhbG9nIjp7IkFydGljbGUiOnsiX2lkIjoiaG9tZSIsIm5hbWUiOiJob21lIiwidXJsIjoiaHR0cHM6Ly91cG5vcnRobGl2ZS5jb20vIiwiZGVzY3JpcHRpb24iOiJob21lIiwiQ2l0eSI6IlRyYXZlcnNlIENpdHkiLCJTdGF0ZSI6Ik1JIn19LCJjb25zZW50cyI6W10sImFjY291bnQiOnt9LCJfdG9vbHNFdmVudExpbmtJZCI6Ijc5ODc3MTQ5NjA0MTEyNzgifQ%3D%3D

Requested by

Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/sinclairbroadcastgroup/wpbn/scripts/evergage.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.131.165.210 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-131-165-210.us-east-2.compute.amazonaws.com

Software

Resource Hash

610778bd0ac3c9fe388dc83ccbc8452638ded6612030da7200e05f13f2ba3280

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://upnorthlive.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 34ms
18ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2779
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230065-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBG1ReYN%2FjrRi6qvolQYp5%2Bnc79D2lVB7jcBDf6y0quUL9mbywOqtsstxlj3ZrEeQoa3WKctRHiE6wVx8tA9FqrkreW49swmaytESiRUxMcPcK00kWc2VcImXs69n5LjnY%2B3%2BSFhrIcW2pVA15E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 841570f6c9a65d94-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
33 KB 35ms
18ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: N1Q6XNMTB1RT927G
age: 350
etag: W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 841570f6c98d2c43-FRA
x-amz-id-2: H5yLzTS5rv+zfAJ5GHpITZE7EAwxhirbEOBmJ+YCokkf7tagMf3Cx7FYsKZxkb/38g29R0nBoyQ=

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 100ms
21ms Script
text/javascript 2600:9000:2127:4e00:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:4e00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Sat, 06 Jan 2024 03:20:47 GMT
Via: 1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: PRG50-C1
Age: 48383
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: 7DuqlAF0KqjU3mmRUF9JJE0UEAl_vIP63U9MC7XZYym5Q_6qMr4neg==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 23ms
22ms Script
text/javascript 65.9.95.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-19.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 05:37:13 GMT
content-encoding: gzip
via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 40197
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: MynYN-vJmy6QBIClqlQKj1BMDYsy2iumfwjXr3Zc_B-EmYz4Euv6Xg==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 504 KB
47 KB 624ms
623ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4368697156797361&correlator=42583899702709&hxva=1&scor=3163053031982651&eid=31077978%2C31079926%2C31079956%2C31079958%2C31080197&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&iu_parts=4756%2CWPBN%2CWeb%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%2C1570x300%7C1570x30%7C970x250%7C970x90%2C300x250%7C300x600%2C728x90%2C300x250%7C300x600%2C728x90%2C728x90%2C300x250%7C300x600%2C728x90%2C320x50%2C300x250%2C300x250&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704559629854&lmt=1704559629&adxs=0%2C215%2C1070%2C429%2C1070%2C429%2C429%2C1070%2C429%2C1070%2C895%2C2107&adys=60%2C75%2C361%2C1780%2C1920%2C3492%2C4786%2C4926%2C6250%2C1554%2C3697%2C3697&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fupnorthlive.com%2F&vis=1&psz=1600x0%7C1170x250%7C330x270%7C1200x115%7C330x270%7C1200x115%7C1200x115%7C330x270%7C1200x115%7C330x550%7C320x270%7C320x270&msz=1600x0%7C1170x250%7C320x270%7C728x90%7C320x270%7C728x90%7C728x90%7C320x270%7C728x90%7C330x110%7C320x270%7C320x270&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C4%2C4&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1584%2C1584&ga_vid=1546832688.1704559629&ga_sid=1704559630&ga_hid=528320348&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYnKyv_c0xSABSAghkEhkKCnB1YmNpZC5vcmcYnKyv_c0xSABSAghkEhkKCnVpZGFwaS5jb20YnKyv_c0xSABSAghkEhsKDGlkNS1zeW5jLmNvbRicrK_9zTFIAFICCGQ.&dlt=1704559629030&idt=803&prev_scp=video%3Dfalse%7Cpos%3Dpremium%26video%3Dfalse%7Cpos%3D1%26video%3Dfalse%7Cpos%3D1%26video%3Dfalse%7Cpos%3D2%26video%3Dfalse%7Cpos%3D2%26video%3Dfalse%7Cpos%3D3%26video%3Dfalse%7Cpos%3D3%26video%3Dfalse%7Cpos%3D4%26video%3Dfalse%7Cpos%3D1%7Cpos%3D4%7Cpos%3D5&cust_params=kw%3D%255Broot%255D%26path%3D%252F%26page%3Dhome%26IS%3Dfalse%26amznbid%3D0%26amznp%3D0&adks=1237644005%2C3027385822%2C2271141650%2C3681582998%2C671115772%2C1152490924%2C1662731371%2C661556255%2C2486512665%2C907252051%2C3104663351%2C1825207828&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ce015ac9c5f2ec7d5d7514c41249fdd5c4b65d695b1fe0028177c096b6bac50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47660
x-xss-protection: 0
google-lineitem-id: -2,-1,4685377161,4685377161,4685377161,4685377161,4685377161,4685377161,4685377161,6370194402,4685377161,4685377161
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,138234302972,138234302930,138234256974,138234303005,138234256887,138234303074,138234256398,138422284544,138234302900,138234303023
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://upnorthlive.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F9D0 6 KB
3 KB 190ms
60ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 16:47:10 GMT
expires: Sun, 05 Jan 2025 16:47:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
245 B 103ms
38ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EJSHDBDQ9R&gtm=45je4130v897465943z89129781264&_p=1704559629058&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1546832688.1704559629&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704559629&sct=1&seg=0&dl=https%3A%2F%2Fupnorthlive.com%2F&dt=Traverse%20City%20News%2C%20Weather%2C%20Sports%2C%20Breaking%20News%20%7C%20WPBN&en=page_view&_fv=1&_ss=1&ep.sinclair_id=a28e179c-8b9c-4d5a-ae23-efb0db77907d&ep.station=WPBN&ep.service=Web&ep.count=1&ep.timestamp_iso=2024%20Jan%2006%2017%3A47%3A09&ep.page_url=https%3A%2F%2Fupnorthlive.com%2F&ep.page_type=home&ep.gtm_container_version=93&ep.GDPR%20Pref%20Allow0=false&ep.GDPR%20Pref%20Allow1=false&ep.GDPR%20Pref%20Allow2=false&ep.GDPR%20Pref%20Allow3=false&ep.content_type=article&ep.content_url=https%3A%2F%2Fupnorthlive.com%2F&ep.content_source=StoryLine&up.ppid=a28e179c-8b9c-4d5a-ae23-efb0db77907d&up.sinclair_id=a28e179c-8b9c-4d5a-ae23-efb0db77907d&tfd=1216
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EJSHDBDQ9R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 16:47:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://upnorthlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 getEpochMillis
broker.datazoom.io/broker/v1/ Frame 0
0 312ms
102ms Preflight 34.226.132.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://broker.datazoom.io/broker/v1/getEpochMillis
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.132.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-132-237.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control
Access-Control-Request-Method: GET
Origin: https://upnorthlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: cache-control
access-control-allow-methods: POST,OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Sat, 06 Jan 2024 16:47:10 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 getEpochMillis Show response
broker.datazoom.io/broker/v1/ 30 B
186 B 104ms
103ms XHR
application/json 34.226.132.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://broker.datazoom.io/broker/v1/getEpochMillis
Requested by: Host: platform.datazoom.io
URL: https://platform.datazoom.io/beacon/v1/config?configuration_id=9044ad58-8076-4f97-ac66-a7a66959512a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.132.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-132-237.compute-1.amazonaws.com
Software: /
Resource Hash: 88082cea4516aa0f1b2fc1b43287711fbff3c00e55a66e2c73e4d736f37810a8

Request headers

cache-control: no-cache
Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 06 Jan 2024 16:47:10 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

GET
H2 200 getEpochMillis Show response
broker.datazoom.io/broker/v1/ 30 B
186 B 103ms
102ms XHR
application/json 34.226.132.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://broker.datazoom.io/broker/v1/getEpochMillis
Requested by: Host: platform.datazoom.io
URL: https://platform.datazoom.io/beacon/v1/config?configuration_id=9044ad58-8076-4f97-ac66-a7a66959512a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.132.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-132-237.compute-1.amazonaws.com
Software: /
Resource Hash: 88082cea4516aa0f1b2fc1b43287711fbff3c00e55a66e2c73e4d736f37810a8

Request headers

cache-control: no-cache
Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 06 Jan 2024 16:47:10 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

OPTIONS
H2 200 getEpochMillis
broker.datazoom.io/broker/v1/ Frame 0
0 310ms
102ms Preflight 34.226.132.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://broker.datazoom.io/broker/v1/getEpochMillis
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.132.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-132-237.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control
Access-Control-Request-Method: GET
Origin: https://upnorthlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: cache-control
access-control-allow-methods: POST,OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Sat, 06 Jan 2024 16:47:10 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 30ms
30ms XHR
application/json 54.220.142.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.142.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-142-223.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 81bd76dc8520f4065ccf0c4a178a11c80225eb22e38c2b5ee24ea0ee07a119c6

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 16:47:09 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://upnorthlive.com
cache-control: no-cache
x-server: 10.45.5.122
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 204 events Show response
direct-events-collector.spot.im/api/v2/ 0
214 B 170ms
123ms XHR
text/plain 13.32.110.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_vAJ26rhf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-23.vie50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 06 Jan 2024 16:47:10 GMT
via: 1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: F9WUi3kuSdjbJaZgTR-SGrJhdl9MZ2dvZ1e7s2nuVGFEnm1b6m9JCQ==
x-cache: Miss from cloudfront

GET
H2 200 386-bundle.js Show response
static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/ 75 KB
23 KB 113ms
61ms Script
application/javascript 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/386-bundle.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2c02b1531be94cbf6f2a077b9d2bd90bdab82ea0872b3daae8d5091e57d0e22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:47:19 GMT
content-encoding: br
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
x-amz-version-id: TJp15Iz1VE0kT3gPKovlYkd6YX0pNLAn
x-amz-cf-pop: PRG50-C1
age: 3218391
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 22998
last-modified: Thu, 30 Nov 2023 10:21:47 GMT
server: AmazonS3
etag: "85216e38d3203fb8b2485d233fba267b"
vary: Origin
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: wx6gld3lOZ6c5VNbz7d-haWMcv3ysXcH0CUjrw-_cuoKKdrZnvCKEg==

GET
H2 200 450-bundle.js Show response
static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/ 50 KB
15 KB 126ms
74ms Script
application/javascript 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/450-bundle.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e55b83e55faa42ee2a4644ec2219fca03734d82db3b7e584ec34c259175bb333

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:47:19 GMT
content-encoding: br
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
x-amz-version-id: VmIMDqIH8qo7tarXNaMw9SeARaCNe5f4
x-amz-cf-pop: PRG50-C1
age: 3218391
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 14734
last-modified: Thu, 30 Nov 2023 10:21:47 GMT
server: AmazonS3
etag: "47398ea22ad5ad54f640d2d16f5028ae"
vary: Origin
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: sPoEHNWeq-feNYkOUPp63gwnPOJUGGiwa8kQFM261kZ8Ncfhlk4eDw==

GET
H2 200 988-bundle.js Show response
static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/ 49 KB
15 KB 109ms
58ms Script
application/javascript 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/988-bundle.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0362c8fa422b8fc2901b19881b4a3d999f1fc1668abd9c3c7474a9353369e23b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:47:19 GMT
content-encoding: br
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
x-amz-version-id: JY0tGNue34R7hutXWrqVqEtkGHsK7eYQ
x-amz-cf-pop: PRG50-C1
age: 3218391
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 14512
last-modified: Thu, 30 Nov 2023 10:21:47 GMT
server: AmazonS3
etag: "a133b0167ec0ae6bb5e5b563cf9bb93e"
vary: Origin
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: rjRAMt0t10r3E9VdMHlVfb9o_-a6FFjFqShQ9-s2AjCKckgdOntgeQ==

GET
H2 200 807-bundle.js Show response
static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/ 9 KB
4 KB 110ms
59ms Script
application/javascript 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/807-bundle.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3178d47e0f5adc4eb7bb9de66ce913ca939b968b41c416579576005beb3e71db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:47:19 GMT
content-encoding: br
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
x-amz-version-id: trWSzhtR1.g.MzEPCJvFNKfr2Y62qO.a
x-amz-cf-pop: PRG50-C1
age: 3218391
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 3173
last-modified: Thu, 30 Nov 2023 10:21:47 GMT
server: AmazonS3
etag: "fcb7da06b0bf75065d2ee26285c67c7a"
vary: Origin
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: kVtAnDT0Mx_cs9srwDOvZsDY6N7VnsaVnQ0zZEKMZLblC0_BAcoymA==

GET
H2 200 initial-bundle.js Show response
static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/ 27 KB
9 KB 126ms
75ms Script
application/javascript 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/initial-bundle.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30adf825110c7832a9d987dcda1f1adc50f4b65123053b09c98ad964f789e631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:47:19 GMT
content-encoding: br
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
x-amz-version-id: 3kwNwqOfz4DI4wgTowU0cmmWjmTQYLRZ
x-amz-cf-pop: PRG50-C1
age: 3218391
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 8583
last-modified: Thu, 30 Nov 2023 10:21:47 GMT
server: AmazonS3
etag: "23fdb711129863dca0b2fea9035dfada"
vary: Origin
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 6YzUYr7xYHM1Hs9rtGF81uHirtgZoaowoLLMzMJ079tc8EpyHwSbVw==

HEAD
H2 200 pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 0
0 73ms
21ms Fetch
text/html 65.9.95.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_vAJ26rhf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-14.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:34:55 GMT
via: 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
last-modified: Wed, 12 Aug 2020 13:25:53 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 37117
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/html
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 5O33_6CFQrl-IPNvyIgtFhAGMUCi1lJPANltF1gcAdiMrwX0n2i7bQ==

GET
H2 200 ads.js Show response
static-cdn.spot.im/production/ads/tags/v22.9.0/ads/ 231 KB
70 KB 78ms
27ms Script
application/javascript 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.spot.im/production/ads/tags/v22.9.0/ads/ads.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6b3ab87c7bc214a8841031acff347094076bcec8d1f3e53f4ba698d8948247d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: yNi7EQyfAn31pYKBfrukrQaqbuqGhM9N
content-encoding: br
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 06:46:17 GMT
last-modified: Wed, 27 Dec 2023 08:53:42 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 36060
x-amz-server-side-encryption: AES256
etag: W/"dc37727ad0b7e2242d78a295dd8500f2"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: COMPLETED
x-amz-cf-id: cV-ZB6Y7_eilUl_ezF0ciHI3rhlLkR5BxY4T-38CfXFUmiySWTEO5Q==

GET
H2 200 ads.css Show response
static-cdn.spot.im/production/ads/tags/v22.9.0/ads/ 7 KB
2 KB 72ms
21ms Fetch
text/css 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.spot.im/production/ads/tags/v22.9.0/ads/ads.css
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_vAJ26rhf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72a9844ce2b6c73ee3c663d585cd45866ebf91ef69e0118c4a4597cf4a18fa28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: Dyfs3RVfERNG7rOWM_PkTXyAQFCDv7va
content-encoding: br
via: 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 03:30:05 GMT
x-amz-cf-pop: PRG50-C1
age: 47824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 27 Dec 2023 08:53:42 GMT
server: AmazonS3
etag: W/"c1f2060aa9ae9471267a7c2952d3f7a7"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-amz-cf-id: IvQ5blyPKctvk2N0XzoXy8Dc86eOqQBHA8SSX2IzerqgI2cTkYlymg==

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
231 B 28ms
7ms XHR
text/plain 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://upnorthlive.com
date: Sat, 06 Jan 2024 16:47:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 103ms
28ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://upnorthlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://upnorthlive.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Sat, 06 Jan 2024 16:47:10 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
504 B 86ms
49ms XHR
text/javascript 18.239.64.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3555&u=https%3A%2F%2Fupnorthlive.com%2F&pid=yoxMa4cRftcDB&cb=0&ws=1600x1200&v=23.1211.1645&t=1500&slots=%5B%7B%22sd%22%3A%22wallpaper_ddb_0%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F4756%2FWPBN%2FWeb%2Fhome%22%7D%2C%7B%22sd%22%3A%22premium_ddb_0%22%2C%22s%22%3A%5B%221570x300%22%2C%221570x30%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F4756%2FWPBN%2FWeb%2Fhome%22%7D%2C%7B%22sd%22%3A%22rightrail_pos1_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F4756%2FWPBN%2FWeb%2Fhome%22%7D%2C%7B%22sd%22%3A%22banner_pos1_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F4756%2FWPBN%2FWeb%2Fhome%22%7D%2C%7B%22sd%22%3A%22rightrail_pos2_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F4756%2FWPBN%2FWeb%2Fhome%22%7D%2C%7B%22sd%22%3A%22banner_pos2_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F4756%2FWPBN%2FWeb%2Fhome%22%7D%2C%7B%22sd%22%3A%22banner_pos3_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F4756%2FWPBN%2FWeb%2Fhome%22%7D%2C%7B%22sd%22%3A%22rightrail_pos3_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F4756%2FWPBN%2FWeb%2Fhome%22%7D%2C%7B%22sd%22%3A%22banner_pos4_ddb_0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F4756%2FWPBN%2FWeb%2Fhome%22%7D%2C%7B%22sd%22%3A%22rightrail_pos4_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F4756%2FWPBN%2FWeb%2Fhome%22%7D%2C%7B%22sd%22%3A%22rightrail_pos5_ddb_0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F4756%2FWPBN%2FWeb%2Fhome%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.64.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-64-29.ams58.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:09 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 9dfbacf2c8a61beb17591bdaab142956.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
x-amz-rid: V0NX8HSSRN9AN9RGS345
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://upnorthlive.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: ktYazy9DIQhCy-mW7-aAguUapK7NpVCMArmbON9PyCp999GZ7EhTwA==

POST
H/1.1 400
Bad Request cookie_sync Show response
prebid-server.rubiconproject.com/ 49 B
319 B 132ms
42ms Fetch 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/cookie_sync
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/21162.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: c096a407308f10208f1283bf386d16fa88753abe15d84e7bbd4e16e8e7a4ef3e

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://upnorthlive.com
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-length: 71
Expires: 0

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 172 B
466 B 105ms
19ms Fetch
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/21162.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 28cc104e7f0a8cd195f9569298d92b153dcf2939f8ad25c9cb87cffd684c4fe8

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.6.0
Content-Type: application/json
access-control-allow-origin: https://upnorthlive.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
Expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
671 B 29ms
8ms Fetch
application/json 52.58.51.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.23.0&referrer=https%3A%2F%2Fupnorthlive.com%2F&tmax=1200

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/21162.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.58.51.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-51-29.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 16:47:09 GMT
accept-ch: sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme
x-auction-status: 16, 16, 16, 16, 16, 16, 16, 16, 16
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upnorthlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 50 B
615 B 49ms
15ms Fetch
application/json 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/21162.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 16:47:09 GMT
an-x-request-uuid: 7ac00f8e-38bc-4a6d-bd31-df379314f255
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upnorthlive.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.151; 185.213.155.151; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 50
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
163 B 81ms
31ms Fetch 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/21162.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://upnorthlive.com
pragma: no-cache
date: Sat, 06 Jan 2024 16:47:10 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 132ms
72ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=82077962447&lsavail=1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/21162.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://upnorthlive.com
date: Sat, 06 Jan 2024 16:47:09 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 metrics-reporter-bundle.js Show response
static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/ 7 KB
3 KB 21ms
20ms Script
application/javascript 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/metrics-reporter-bundle.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4538c4a3f0cd3b22b6b45285abc0bdd88be05af93c2092911b03927c5e78bbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 13:45:28 GMT
content-encoding: br
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
x-amz-version-id: DEMSNm1bsSnwzbznQh28msOIZ7p8ZmN8
x-amz-cf-pop: PRG50-C1
age: 1134103
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 2619
last-modified: Thu, 30 Nov 2023 10:21:47 GMT
server: AmazonS3
etag: "3325b999b14b244fcdd24382f76d7241"
vary: Origin
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: L70ScC3R0HFo7BYQL_G8ixJWM4FvWlpaQn00_DcwYNFmyVs6GkN4tw==

GET
H2 200 device-load Show response
api-2-0.spot.im/v1.0.0/ 36 B
1 KB 179ms
127ms Fetch
text/plain 65.9.95.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-2-0.spot.im/v1.0.0/device-load

Requested by

Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/initial-bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-19.prg50.r.cloudfront.net

Software

fasthttp /

Resource Hash

bc9228a962ec7af5614fb6554bc16473f9015c280aff68d0dbc92736d3ca7ffb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
x-spotim-device-uuid: 0804d2c6-af08-42da-8411-3cf5fa8e4126
content-security-policy: default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security: max-age=31536000
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-length: 36
x-guid: 0804d2c6-af08-42da-8411-3cf5fa8e4126
server: fasthttp
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://upnorthlive.com
access-control-expose-headers: x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
x-amz-cf-id: MYwtYjhqFovygYTVBkOYXqT8HokfkVeCe4BViaN6sLsx-16Dp_gXxw==

GET
H2 200 sprite.svg Show response
static-cdn.spot.im/production/icons/sprites/ 24 KB
10 KB 22ms
22ms Fetch
image/svg+xml 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.spot.im/production/icons/sprites/sprite.svg
Requested by: Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/initial-bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: pTYPLm0WXSUOn4wsgJLXLuv5LYGbB.2s
content-encoding: br
via: 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 06:46:18 GMT
x-amz-cf-pop: PRG50-C1
age: 36060
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 May 2023 11:40:02 GMT
server: AmazonS3
etag: W/"2a4e43326a158b47d0598571fd4099b6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-cf-id: fEgQ0L_YaGA6KC1_KrjehdC1euw1m_rvZMzOgI2S_omaY7tSCXyG2A==

GET
H2 200 jwplayer.js Show response
upnorthlive.com/resources/video/players/prod/player-configs/vendor/jwplayer/8.28.1/ 107 KB
39 KB 467ms
467ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/resources/video/players/prod/player-configs/vendor/jwplayer/8.28.1/jwplayer.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/resources/video/players/prod/src/scripts/player-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: a929b73a4be9eac77bb5ce5cce4468457d7cf3a8af7dbdb65bfa47f97c6db342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: O1qJ6aiTd0lSts42sM6lvlGbYKt4OnyK
content-encoding: br
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 16:47:10 GMT
last-modified: Tue, 10 Oct 2023 17:30:29 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 275
etag: W/"7bd8581a44ed091b84bca3d66e5bfefd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: t38K4xlon0ofhg4mR_KqS3FHY08Gz5fHtHFkLvWUsHaRFwJPxT4vwA==

GET
H2 200 bundle.js Show response
upnorthlive.com/resources/video/players/prod/dist/1.7.10/ 226 KB
40 KB 466ms
465ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/resources/video/players/prod/dist/1.7.10/bundle.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/resources/video/players/prod/src/scripts/player-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 9fe9c14c8cd9627eb9c158b89d4893535b8fa1d7809a8d9dc6f12129018c0e1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: d97y2lyF.bRUxKEJrBVBNNXt_JtFPEp5
content-encoding: gzip
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 16:47:10 GMT
last-modified: Fri, 01 Dec 2023 19:31:26 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 171
etag: W/"e50553edfd7514ad94fc05a80512c753"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: uWvftwQkwsh48_Ew75ZXXY3ycyTS6xuQWSmQfEjnMr4e_LFtA2o2Yw==

GET
H2 200 adbreaks.js Show response
upnorthlive.com/resources/video/players/prod/dist/1.7.10/ 27 KB
5 KB 189ms
188ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/resources/video/players/prod/dist/1.7.10/adbreaks.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/resources/video/players/prod/src/scripts/player-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 918244f0209dd4aa291f12acb9bc60d9b4fc5b7089404e3ca3a672867cae547f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: AIzlK7DLTUBOEaXe5yIlLzDVPgM4ms1b
content-encoding: br
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 16:47:10 GMT
last-modified: Thu, 30 Nov 2023 23:21:28 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 273
etag: W/"551cf4390e267f4bc2b76dc5cab3cd13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: 5ac5nVLj4eDc4KIhoA6yoUf7rfR9mN1rKxRtGgsIWVYxiElf64DeGg==

GET
H2 200 analytics.js Show response
upnorthlive.com/resources/video/players/prod/dist/1.7.10/ 22 KB
4 KB 185ms
185ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/resources/video/players/prod/dist/1.7.10/analytics.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/resources/video/players/prod/src/scripts/player-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 3f8b6061c2718b7cc6c8a7187a3bd2f31ded9ff00dcb8306c100756a40041836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: N4tfP5tHntS.0bs9jD.u91cpOPhmdVac
content-encoding: gzip
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 16:47:10 GMT
last-modified: Thu, 30 Nov 2023 23:21:28 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 87
etag: W/"547c54dea5644188a7cc75d4366158ff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: 3qXGvMlTUHS8WwQemR1mqykSWxAylphg21V3r5QFE6-3935b7EEUXA==

GET
H2 200 streaming.js Show response
upnorthlive.com/resources/video/players/prod/dist/1.7.10/ 19 KB
4 KB 187ms
187ms Script
application/javascript 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upnorthlive.com/resources/video/players/prod/dist/1.7.10/streaming.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/resources/video/players/prod/src/scripts/player-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-128.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 93a097c847106d3135fc295234406a1afa0d36b78e97bf346493d87253d3a421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 6ugwX27pLbSzyyKmVw0QustYdSk8.wGr
content-encoding: br
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 16:47:10 GMT
last-modified: Thu, 30 Nov 2023 23:21:29 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 87
etag: W/"fd748669c5d5089a6a2fda8b7f67560f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300, stale-while-revalidate=60, stale-if-error=604800
nmp-debug: resources
x-amz-cf-id: gnszKlLqMbbvSll47pmzy7nzF2DJO0mN1C9gY8MrZYQhGwfnDpiKlA==

POST
H2 202 64ff35afae91a31275d6a8f2 Show response
events.launchdarkly.com/events/diagnostic/ 0
344 B 102ms
101ms XHR
application/json 52.20.62.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/64ff35afae91a31275d6a8f2

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/a2339e3eb6b6d127b5e462c4d95869a96c76c938.d8d389d44cdd8ab45626.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.20.62.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-62-33.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://upnorthlive.com/
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.9
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 213ms
101ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f0dd7024d1d7ff977d7447e83f3e42872b1311c610d6b88be7eb7181bfdd835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12221
x-xss-protection: 0

OPTIONS
H2 204 64ff35afae91a31275d6a8f2
events.launchdarkly.com/events/diagnostic/ Frame 0
0 314ms
102ms Preflight 52.20.62.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/64ff35afae91a31275d6a8f2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.20.62.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-62-33.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://upnorthlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Sat, 06 Jan 2024 16:47:10 GMT
strict-transport-security: max-age=31536000

POST
H2 204 pr
sinclairbroadcastgroup.us-5.evergage.com/ 0
541 B 114ms
113ms Ping
text/plain 3.131.165.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sinclairbroadcastgroup.us-5.evergage.com/pr?.top=379&item=%7B%22type%22%3A%22Article%22%2C%22_id%22%3A%22home%22%7D&action=Homepage&.tt=375&.dt=596&.lt=1411&.bv=16&_ak=sinclairbroadcastgroup&_ds=wpbn&.scv=1&channel=Web&_r=665701&.anonId=c564ff47d0a4cee2&_anon=true

Requested by

Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/sinclairbroadcastgroup/wpbn/scripts/evergage.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.131.165.210 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-131-165-210.us-east-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://upnorthlive.com
date: Sat, 06 Jan 2024 16:47:10 GMT
x-content-type-options: nosniff
timing-allow-origin: *

OPTIONS
H2 200 no_post
api-2-0.spot.im/v1.0.0/config/ab_test/sp_vAJ26rhf/ Frame 0
0 167ms
127ms Preflight 65.9.95.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_vAJ26rhf/no_post

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-19.prg50.r.cloudfront.net

Software

fasthttp /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method: GET
Origin: https://upnorthlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://upnorthlive.com
access-control-expose-headers: x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age: 86400
content-length: 0
content-security-policy: default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date: Sat, 06 Jan 2024 16:47:10 GMT
server: fasthttp
strict-transport-security: max-age=31536000
via: 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
x-amz-cf-id: NY_tiFiZgMJVN9jpFjTSNL8kYkO2o8rxqbk2oF-sw7qus08Y9K5vEQ==
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront

GET
H2 200 no_post Show response
api-2-0.spot.im/v1.0.0/config/ab_test/sp_vAJ26rhf/ 147 B
1 KB 130ms
130ms Fetch
application/json 65.9.95.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_vAJ26rhf/no_post

Requested by

Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.16.0/launcher/988-bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-19.prg50.r.cloudfront.net

Software

fasthttp /

Resource Hash

6630ab404ea1a9ab7b9cc389833c3be94058c8bd34c4889ebb3dcbeb3415b87a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json
Referer: https://upnorthlive.com/
x-spotim-device-uuid: 0804d2c6-af08-42da-8411-3cf5fa8e4126
x-spotim-page-view-id: fff83b97-f8eb-4247-a9df-b5a9f21f2471
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security: max-age=31536000
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-length: 147
x-request-id: 3c3dc5f2-acb3-11ee-b6aa-e23aa24a36f8
server: fasthttp
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://upnorthlive.com
access-control-expose-headers: x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url, x-tc-string, x-consent-type
x-amz-cf-id: XIbkFgkAMEY_pspFORACG5OTsxW3S6wB-omzcL07CxMhRwIb1fsH9w==

OPTIONS
H2 200 v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_vAJ26rhf/ Frame 0
0 366ms
334ms Preflight 65.9.95.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_vAJ26rhf/v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-19.prg50.r.cloudfront.net

Software

fasthttp /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-access-token,x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Access-Control-Request-Method: GET
Origin: https://upnorthlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://upnorthlive.com
access-control-expose-headers
access-control-max-age: 86400
content-length: 0
content-security-policy: default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date: Sat, 06 Jan 2024 16:47:10 GMT
server: fasthttp
strict-transport-security: max-age=31536000
via: 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
x-amz-cf-id: iTXIfyy4-8vtjdpow_ghTdIcQDgBFBmF8tEgiDJ1XHfV3onwEt_jUQ==
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront

GET
H2 200 v2 Show response
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_vAJ26rhf/ 14 KB
3 KB 162ms
162ms Fetch
application/json 65.9.95.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_vAJ26rhf/v2

Requested by

Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.9.0/ads/ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-19.prg50.r.cloudfront.net

Software

fasthttp /

Resource Hash

bfba78b9589131ee7fbbeec0f3ecdc784094be3584192e63a86ee563062ff699

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security	max-age=31536000

Request headers

x-guid: 0804d2c6-af08-42da-8411-3cf5fa8e4126
x-post-id: no_post
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
x-spot-id: sp_vAJ26rhf
x-spotim-page-view-id: fff83b97-f8eb-4247-a9df-b5a9f21f2471
Referer: https://upnorthlive.com/
x-access-token: null

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
content-encoding: gzip
via: 1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security: max-age=31536000
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
x-request-id: 3c5d50a8-acb3-11ee-b68e-f6a6419be9cc
server: fasthttp
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://upnorthlive.com
access-control-expose-headers
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
x-amz-cf-id: qrm8vzFtylzN9nYMa78Y9RYPCuI4TEJ8JU0O0NXCegaDR5_4AqX1hw==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 191ms
68ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 16:47:10 GMT

GET
H2 200 b-e09f10f-3f43045e.js Show response
tagan.adlightning.com/sinclair/ Frame BFBF 75 KB
29 KB 7ms
7ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0b1e55ecb32616cfe9830c0d1c512822429dd7e1a775b78ebeec741316bc90d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:13:32 GMT
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id: bPTtBFULY.SUXB4UlbbQ1HXmh6W4UsNp
x-amz-cf-pop: FRA60-P4
age: 3382419
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28800
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:34:22 GMT
server: AmazonS3
etag: "f626cf07bc0423765401627bba38b9ad"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: V7AmzTpHlSEMfUIU8emcLiis8ECzGbqmZkXAqr16JJU7kJD1BrhiHg==

GET
H2 200 b-e09f10f-3f43045e.js Show response
tagan.adlightning.com/sinclair/ Frame 8586 75 KB
29 KB 7ms
7ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0b1e55ecb32616cfe9830c0d1c512822429dd7e1a775b78ebeec741316bc90d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:13:32 GMT
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id: bPTtBFULY.SUXB4UlbbQ1HXmh6W4UsNp
x-amz-cf-pop: FRA60-P4
age: 3382419
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28800
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:34:22 GMT
server: AmazonS3
etag: "f626cf07bc0423765401627bba38b9ad"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: VMKFYt2pG91Rp0KUZ3MNFrxmle4fu2UxMeAg63PQX7ZfAJqGpedK1A==

GET
H2 200 4273576272102842184
tpc.googlesyndication.com/simgad/ Frame 8586 145 KB
146 KB 53ms
53ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4273576272102842184

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59995cfe0635bdbc4a449abbefe936c2d096988500a712e9b3a19e7450c0de72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 20:38:05 GMT
date: Thu, 04 Jan 2024 20:38:05 GMT
x-content-type-options: nosniff
age: 158945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148595
x-xss-protection: 0
last-modified: Thu, 24 May 2018 21:04:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 8586 3 KB
1 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 15:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 15:45:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8586 204 KB
65 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 16:47:10 GMT

GET
H2 200 b-e09f10f-3f43045e.js Show response
tagan.adlightning.com/sinclair/ Frame 1793 75 KB
29 KB 7ms
7ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0b1e55ecb32616cfe9830c0d1c512822429dd7e1a775b78ebeec741316bc90d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:13:32 GMT
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id: bPTtBFULY.SUXB4UlbbQ1HXmh6W4UsNp
x-amz-cf-pop: FRA60-P4
age: 3382419
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28800
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:34:22 GMT
server: AmazonS3
etag: "f626cf07bc0423765401627bba38b9ad"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5ecnUR9gVvnuGO3kPYwrrw6DfUZYKpGQaA5n7s4hTDkRp2wl4VlXDw==

GET
H2 200 16450079897291089245
tpc.googlesyndication.com/simgad/ Frame 1793 71 KB
72 KB 181ms
180ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16450079897291089245

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f515ad567c75d7f715bfb4e0cf1555fe91cad82d403e2d89fd7b0ee3d574162a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 08:50:31 GMT
date: Fri, 05 Jan 2024 08:50:31 GMT
x-content-type-options: nosniff
age: 114999
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73122
x-xss-protection: 0
last-modified: Thu, 24 May 2018 21:05:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 1793 3 KB
1 KB 179ms
179ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 15:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 15:45:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1793 204 KB
64 KB 141ms
141ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 16:47:10 GMT

GET
H2 200 b-e09f10f-3f43045e.js Show response
tagan.adlightning.com/sinclair/ Frame 49CA 75 KB
29 KB 7ms
7ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0b1e55ecb32616cfe9830c0d1c512822429dd7e1a775b78ebeec741316bc90d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:13:32 GMT
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id: bPTtBFULY.SUXB4UlbbQ1HXmh6W4UsNp
x-amz-cf-pop: FRA60-P4
age: 3382419
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28800
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:34:22 GMT
server: AmazonS3
etag: "f626cf07bc0423765401627bba38b9ad"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5HZWQ-mf-dkBmj9cVF9hPlhA2C6-Q9IQmJ_CGRhxRxQlRGwfxmwwKA==

GET
H2 200 4273576272102842184
tpc.googlesyndication.com/simgad/ Frame 49CA 145 KB
145 KB 207ms
206ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4273576272102842184

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59995cfe0635bdbc4a449abbefe936c2d096988500a712e9b3a19e7450c0de72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 20:38:05 GMT
date: Thu, 04 Jan 2024 20:38:05 GMT
x-content-type-options: nosniff
age: 158945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148595
x-xss-protection: 0
last-modified: Thu, 24 May 2018 21:04:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 49CA 3 KB
1 KB 305ms
305ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 15:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 15:45:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 49CA 204 KB
64 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 16:47:10 GMT

GET
H2 200 b-e09f10f-3f43045e.js Show response
tagan.adlightning.com/sinclair/ Frame 2EC3 75 KB
29 KB 7ms
7ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0b1e55ecb32616cfe9830c0d1c512822429dd7e1a775b78ebeec741316bc90d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:13:32 GMT
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id: bPTtBFULY.SUXB4UlbbQ1HXmh6W4UsNp
x-amz-cf-pop: FRA60-P4
age: 3382419
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28800
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:34:22 GMT
server: AmazonS3
etag: "f626cf07bc0423765401627bba38b9ad"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: svQVVA6JtQhYuoEfINblLwz369R3EJXq5KLi6qL_OpduqXYdcIgETA==

GET
H2 200 2675212623827525160
tpc.googlesyndication.com/simgad/ Frame 2EC3 89 KB
89 KB 207ms
206ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2675212623827525160

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b92be55685dabbeab0642b2d4f213e49fe809398e1388205161a4c926de2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 02 Jan 2025 11:50:30 GMT
date: Wed, 03 Jan 2024 11:50:30 GMT
x-content-type-options: nosniff
age: 277000
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91251
x-xss-protection: 0
last-modified: Thu, 24 May 2018 21:05:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 2EC3 3 KB
1 KB 290ms
290ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 15:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 15:45:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2EC3 204 KB
64 KB 155ms
155ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 16:47:10 GMT

GET
H2 200 b-e09f10f-3f43045e.js Show response
tagan.adlightning.com/sinclair/ Frame ABCD 75 KB
29 KB 7ms
7ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0b1e55ecb32616cfe9830c0d1c512822429dd7e1a775b78ebeec741316bc90d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:13:32 GMT
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id: bPTtBFULY.SUXB4UlbbQ1HXmh6W4UsNp
x-amz-cf-pop: FRA60-P4
age: 3382419
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28800
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:34:22 GMT
server: AmazonS3
etag: "f626cf07bc0423765401627bba38b9ad"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: XX1lR6geDLhSTjpOnWC5jdLYclJ1_8RrApm5ZLQxtJr9lGIwvDO41Q==

GET
H2 200 2675212623827525160
tpc.googlesyndication.com/simgad/ Frame ABCD 89 KB
89 KB 210ms
210ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2675212623827525160

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b92be55685dabbeab0642b2d4f213e49fe809398e1388205161a4c926de2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 02 Jan 2025 11:50:30 GMT
date: Wed, 03 Jan 2024 11:50:30 GMT
x-content-type-options: nosniff
age: 277000
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91251
x-xss-protection: 0
last-modified: Thu, 24 May 2018 21:05:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame ABCD 3 KB
1 KB 287ms
287ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 15:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 15:45:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame ABCD 204 KB
64 KB 171ms
171ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 16:47:10 GMT

GET
H2 200 b-e09f10f-3f43045e.js Show response
tagan.adlightning.com/sinclair/ Frame D987 75 KB
29 KB 7ms
7ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0b1e55ecb32616cfe9830c0d1c512822429dd7e1a775b78ebeec741316bc90d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:13:32 GMT
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id: bPTtBFULY.SUXB4UlbbQ1HXmh6W4UsNp
x-amz-cf-pop: FRA60-P4
age: 3382419
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28800
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:34:22 GMT
server: AmazonS3
etag: "f626cf07bc0423765401627bba38b9ad"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: oZSCc6Jkw5tDi10V262CuaIXImoDUCg8xsPNb4fHkHed2fapv6Tweg==

GET
H2 200 4047310643164758190
tpc.googlesyndication.com/simgad/ Frame D987 79 KB
79 KB 213ms
212ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4047310643164758190

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b4f4b370a2e53166e0b2bc151ace1925abab5585de6a19c2bf71263c04e0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 02:36:14 GMT
date: Fri, 05 Jan 2024 02:36:14 GMT
x-content-type-options: nosniff
age: 137456
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81075
x-xss-protection: 0
last-modified: Thu, 24 May 2018 21:05:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame D987 3 KB
1 KB 284ms
284ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 15:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 15:45:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D987 204 KB
64 KB 184ms
184ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 16:47:10 GMT

GET
H2 200 b-e09f10f-3f43045e.js Show response
tagan.adlightning.com/sinclair/ Frame E9D8 75 KB
29 KB 7ms
7ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0b1e55ecb32616cfe9830c0d1c512822429dd7e1a775b78ebeec741316bc90d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:13:32 GMT
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id: bPTtBFULY.SUXB4UlbbQ1HXmh6W4UsNp
x-amz-cf-pop: FRA60-P4
age: 3382419
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28800
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:34:22 GMT
server: AmazonS3
etag: "f626cf07bc0423765401627bba38b9ad"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ugmxP6glAl5t7Ga2DarI19ooXf8ZDe7ddsbXMsznOUjElCS86vrgNg==

GET
H2 200 2675212623827525160
tpc.googlesyndication.com/simgad/ Frame E9D8 89 KB
89 KB 214ms
214ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2675212623827525160

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b92be55685dabbeab0642b2d4f213e49fe809398e1388205161a4c926de2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 02 Jan 2025 11:50:30 GMT
date: Wed, 03 Jan 2024 11:50:30 GMT
x-content-type-options: nosniff
age: 277000
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91251
x-xss-protection: 0
last-modified: Thu, 24 May 2018 21:05:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame E9D8 3 KB
1 KB 281ms
281ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 15:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 15:45:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E9D8 204 KB
64 KB 187ms
187ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 16:47:10 GMT

GET
H2 200 container.html Show response
6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 60DA 6 KB
3 KB 51ms
51ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 16:47:10 GMT
expires: Sun, 05 Jan 2025 16:47:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 b-e09f10f-3f43045e.js Show response
tagan.adlightning.com/sinclair/ Frame 1424 75 KB
29 KB 7ms
7ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0b1e55ecb32616cfe9830c0d1c512822429dd7e1a775b78ebeec741316bc90d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:13:32 GMT
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id: bPTtBFULY.SUXB4UlbbQ1HXmh6W4UsNp
x-amz-cf-pop: FRA60-P4
age: 3382419
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28800
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:34:22 GMT
server: AmazonS3
etag: "f626cf07bc0423765401627bba38b9ad"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: kbb_HmkLKtjFeug_xwnybM4e5mFkZAfyHRJEdGiDnVu9Uz2QJY8EmQ==

GET
H2 200 7385729445781580100
tpc.googlesyndication.com/simgad/ Frame 1424 79 KB
79 KB 223ms
223ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7385729445781580100

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

698a71786b612bb49294dead798ae8835d1d0ed93747bc9ebb75cfc73d101f1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 06:12:12 GMT
date: Fri, 05 Jan 2024 06:12:12 GMT
x-content-type-options: nosniff
age: 124498
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80696
x-xss-protection: 0
last-modified: Thu, 24 May 2018 21:05:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 1424 3 KB
1 KB 257ms
256ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 15:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 15:45:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1424 204 KB
64 KB 178ms
178ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 16:47:10 GMT

GET
H2 200 b-e09f10f-3f43045e.js Show response
tagan.adlightning.com/sinclair/ Frame 1EBB 75 KB
29 KB 7ms
7ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0b1e55ecb32616cfe9830c0d1c512822429dd7e1a775b78ebeec741316bc90d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:13:32 GMT
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id: bPTtBFULY.SUXB4UlbbQ1HXmh6W4UsNp
x-amz-cf-pop: FRA60-P4
age: 3382419
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28800
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:34:22 GMT
server: AmazonS3
etag: "f626cf07bc0423765401627bba38b9ad"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: K99UGC0GY2o5rD_jhd9-XmOsAuq0jS-drvnZ92wfhcMZ_DYpICliKw==

GET
H2 200 4047310643164758190
tpc.googlesyndication.com/simgad/ Frame 1EBB 79 KB
79 KB 223ms
222ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4047310643164758190

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b4f4b370a2e53166e0b2bc151ace1925abab5585de6a19c2bf71263c04e0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 02:36:14 GMT
date: Fri, 05 Jan 2024 02:36:14 GMT
x-content-type-options: nosniff
age: 137456
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81075
x-xss-protection: 0
last-modified: Thu, 24 May 2018 21:05:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 1EBB 3 KB
1 KB 253ms
253ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 15:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Jan 2024 15:45:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1EBB 204 KB
64 KB 182ms
182ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 16:47:10 GMT

GET
H2 200 remediation_1612278999697.js Show response
sinclairstoryline.com/resources/defaults/userway/widgetapp/2021-02-02/remediation/ 88 KB
89 KB 10ms
10ms Script
application/javascript 18.66.147.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sinclairstoryline.com/resources/defaults/userway/widgetapp/2021-02-02/remediation/remediation_1612278999697.js
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/resources/defaults/userway/widgetapp/2021-02-02/widget_app_base_1612278999697.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-103.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d23b58529327ac98d7790c3674542357a813a1f43f7ac96609cb92bfd123027

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-amz-version-id: cV47_GTsQ1_E3zt1W3bkB3dj1fGOzp8_
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Mon, 08 Feb 2021 18:25:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: "8b609c7a017e5cd6c4efd963a36bf3e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-replication-status: FAILED
accept-ranges: bytes
content-length: 90121
x-amz-cf-id: yt3y1a-e6tkdTaAoqK9WEHjsbEqGFbi_fbzVAI84Uhcm5Etew4zC2Q==

GET
H2 200 body_wh.svg
sinclairstoryline.com/resources/defaults/userway/widgetapp/images/ 931 B
1 KB 11ms
11ms Image
image/svg+xml 18.66.147.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinclairstoryline.com/resources/defaults/userway/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-103.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-amz-version-id: nQl5sRsEJEbheL_iOJ7wYUJYmVz__yDQ
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Mon, 08 Feb 2021 18:25:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: "2ec2767a3bb93656fb9b75c893d7be75"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-replication-status: FAILED
x-amz-meta-version-id: qAnohPBcCxyocXuHNNF_62TLMlyHrvhl
accept-ranges: bytes
content-length: 931
x-amz-cf-id: ShVvbjshoe0TFfpu1YaakP4lT-CSPS9vf88L8-h_WuTU3JhKNEeXHQ==
x-amz-meta-replication-status: FAILED

GET
H2 200 spin_wh.svg
sinclairstoryline.com/resources/defaults/userway/widgetapp/images/ 2 KB
2 KB 10ms
10ms Image
image/svg+xml 18.66.147.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinclairstoryline.com/resources/defaults/userway/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-103.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-amz-version-id: L9ua6mJmNKU5KfZ4zE7wO9MNRc6jAUEg
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 1977
x-amz-meta-replication-status: FAILED
last-modified: Mon, 08 Feb 2021 18:25:15 GMT
server: AmazonS3
etag: "8e0a35946bf39d10f46a1f1653366a0a"
vary: Accept-Encoding
content-type: image/svg+xml
x-amz-meta-version-id: 4vPru6ViciXxe4dOepcM1VHca3QQzOez
accept-ranges: bytes
x-amz-cf-id: b06-Aa-jne2NIW-7CeDaGOkH9GBb1-psTxDsglwe8H2nJbl_jmSkaA==

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame BFBF 196 KB
56 KB 163ms
51ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 04 Jan 2024 20:28:35 GMT
age: 159515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 03 Jan 2025 20:28:35 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BFBF 15 KB
5 KB 294ms
182ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 01 Jan 2024 17:21:05 GMT
age: 429965
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Dec 2024 17:21:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BFBF 95 KB
29 KB 275ms
163ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 01 Jan 2024 16:37:47 GMT
age: 432563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Dec 2024 16:37:47 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BFBF 5 KB
2 KB 273ms
161ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 01 Jan 2024 13:56:42 GMT
age: 442228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Dec 2024 13:56:42 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BFBF 40 KB
13 KB 258ms
146ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 05 Jan 2024 15:53:13 GMT
age: 89637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 04 Jan 2025 15:53:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BFBF 14 KB
2 KB 172ms
60ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 06 Jan 2024 16:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 16:40:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Jan 2024 16:47:10 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BFBF 2 KB
2 KB 53ms
52ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 11:53:15 GMT
x-content-type-options: nosniff
server: cafe
age: 17635
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 07 Jan 2024 11:53:15 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BFBF 295 B
319 B 52ms
51ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:24:32 GMT
x-content-type-options: nosniff
server: cafe
age: 84158
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 06 Jan 2024 17:24:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8586 0
0 95ms
94ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuA-lwEbjU5Ex01WLE2FIB20Uo9XGrnIiu_NtiVCXvtJBggmaSRKaTPwIPDqEwjhqSVg8wvE5R8NY2L59yk96h0Qf0SJM7IEt8xUGFCYT0xm3UpZKiU9Mydd3qmvTm4Shb--y7AbN3piBiQ2u9Io2Ib5KI2HyF7XL7x_XbjuY_uUSniadNfO94gYL55BjFVEfQpI_2kBjlW77qdNxiZWuHDXEpp69B-tQDzFogBCEghwAp_Hyrr1zR4NEDC2ii9jyve0YUUeDPKcCtNpHPGOxuwEX2JRToB7M9TLl0GenYPDqtAGlN584Z1KeSbBs8LKF1TBTItKYJutrew9A&sai=AMfl-YS4_qTzuSk39Wh5XmJfZdLXFDaz_WkLY7vbC3Id6rgaH3x6SCr7z7d6goflQLBlrz9YEDXVX_c8RUHPB8wbL6B8yDbccCfFR6WygZ6sXiFD6YfQrM30peegmdeZEtEUYihcgeBArV0lql1BaICO0bE&sig=Cg0ArKJSzMqBdfxWUpusEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Jan 2024 16:47:10 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6647776066770779942/ Frame BFBF 29 KB
29 KB 51ms
51ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6647776066770779942/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddc8999495e8009f80f35ab679c3a0d1b82fa755c9f5d1100bf048a80bdb4508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 31 Dec 2024 12:21:48 GMT
date: Mon, 01 Jan 2024 12:21:48 GMT
x-content-type-options: nosniff
age: 447922
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29360
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 07:12:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame BFBF 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BFBF 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BFBF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d191e3e047ff720c344ee7c9938b365738316a8dc1cdfa3a526f634d7c902467

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8586 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e02d3fb839b902f5b8f396b1107a8204de28a6a3d21b269a0895ec5b8a3925f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1793 0
0 92ms
92ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIi5ISiLdXe38QBAqfnTJ17TNe0bkM8jMfUBlMxVr5U8QXJS-3SQoIIjMWz1mxHlwwUA9Up6fhJPpGK8MmcCUGez_WmF-3uWNVS44PvmWlm7ps-8Rf7dcbyKucwuV8LzWawx2kg2l4rUsOsBNpT_MsDQ99T5r9F_sZfVZswbnzmlez5hOA_hfiU-lJNcgv1ZPG3O0cbmFSlNYCGavuGcAW8z-WtY4_fp6zlGL92EPFpzyXnMOqj0mGgk4quSkCITkRMctSEe_K0g2AqBONSnLOmR491VrYjBPn5_c07ivBeUIdxP_RrsaqRiMC9iw9rt7wDnuBMXbOtYQ0pA&sai=AMfl-YQNKzDltdjTQIlBxO9Nzbq_dFZ_2Rv851tvwy0IFLw0sHOG63Gh3P4QSCPlIl0Zkw_gJ9I-gS_M1rJubYa5fk5oSb9gDLFrltKj1CTJwmKm0k-NsQuOlDOL1P2z89ZL2blf3uUAJIdhRbKjY38zCYU&sig=Cg0ArKJSzH0P-8srm_NtEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Jan 2024 16:47:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 49CA 0
0 90ms
89ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucT1q0WUHi-0EMT_piui0gkJC80V7yhn5eEmLvsZiQOmdi1goDTYj8act3XqmWi7W7GUyXr4vLlt4g9_GKYvq5mfiM8wQdHzxFr55tni7nYKG4yRuInF86JShayR8XKs23kmkkTqJRoZ42Pw_zZ4dekCJiXsSfsz1sFbek8URkuq5FKdiGC2ZGwhL-5oNwTFEcCp5tbO53FVr8OVVUK0dobAUnrMnr5O_WA-9F5hZ88wmlEBQPewPo-bDvf9vNf9GZeDs9MYQeq5NcVz-AoHmrDfR5anr4BgvAzV9GAezJSwNRme5ZoburOQvsIGnKo24WXVhyFWoTolHbWw&sai=AMfl-YS3EmYuQN2dxH6FWsN_JZUISxSkMYfPrk1k1lBxXML89_tt0vPJ4psvaNEaKNvCzU0TFgMznIKnvKuRq0UxTZG-YK5eIV9-h1gvoT6kmVxILnO6s8hN9ojypOEUO-jELbm8BuTYgH6cK8gJZ2oHTqQ&sig=Cg0ArKJSzPvPYigotqKYEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1793 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7c6191df61b4a735724e4f4f48e50e4fd549d348a37b188736fd38f488acc84

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 49CA 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b41b6dbd39ef1cde66728acba5b69149cae2e0e75e0def5dbbb9b2eec95f9298

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9A94 13 KB
5 KB 52ms
51ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://upnorthlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 15:53:08 GMT
expires: Sun, 05 Jan 2025 15:53:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3EFC 829 B
998 B 61ms
60ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

10bb4e793744886e6c62aabdccb95d2f6d76f5ca80192a66150e90192b49f008

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GimsKZ8Bx-IQ495aO09S1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://upnorthlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-GimsKZ8Bx-IQ495aO09S1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 16:47:11 GMT
expires: Sat, 06 Jan 2024 16:47:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D987 0
0 89ms
89ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuaO0AvOqwAF_36psbUbHjx4SF8wV9YJtNDzP3twKA9qIhb_iTO-tjrMp2pl_Kv1S2fJEZdQbWrVljbRLOQ5rTa68V5fsxHbRkznriNs_mTOMSdYamWsKFyQCh09qmWgefPnEEIG1dFd5gLtq35Q5oFoYyFW774XjWRCwZwBPH0lKFI5NUEKSCM04-PujyvllU9HH6fFPwhZSPcax69ksjb8e-pqhaJoKhRgrG4IKncDGl6E3kG3HJnxntNDHhuwx9zH6phNk9LHgT-QaVvGAUHvs2EF2FJYJmkYTEtMoc6btJ8xR-TDH8-LijHS4SSJRj_ogUf6eytGelsQ&sai=AMfl-YRL2ibDNFr4da6tjh_CCEqEKmSnah3b8EDJ-RKEFoyJcBNuCA_--oKs-U2Lg_eiO4PFUn6l1FzROk1lzuoU3Q9i3vHNLrDFxe4no2QwP9Tni7hW1jADhIOsjHhlY3196fffTn1EcHb5l6Gh_6NjnFQ&sig=Cg0ArKJSzBKR2u2SkrSgEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2EC3 0
0 88ms
88ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvU7CvU_5nT6ZYvgnvrYBcvXl1g5S442uEUibl2g9obQ9GQxCYSStE7c-WCFMapowKlFi021PJQOT3OzBAcr8_aPuQjRJrlsAGRcwqK-f05rvwAjLeMZ-yeKp6s-4ZZSZy00HGZtT6YDviQzg9tNunv7s0gLFptyRBEstDBCAOsHJg7LSwtzUUQxLFnuCtI4SvcO_kUGZoZx00Abi6usUCK1NUVmmRnuGbSYi_Er37vFw8r68bOPzWdf3Z9SbKsV-Prth_V3-N4koQ4HOxGVued-XsaYF606yq9JY8wO5N2HTKrqNH9qZO47ZnIAIovheUGzOUYGTIkL05rMQ&sai=AMfl-YSNZhA02gEWnb1ZdqPGNDp8LoygctbbHZJx4VVuBfQ-vcIL-BLROHEFySBbEvdsLgOYQP86wwZT_RGC1AWjIi8N609HTE76v2ZYad-rhLUJSnfOfj3n4YXTb-EsFGTZSOF2iqjJmzjFJvRFEKX6n1Y&sig=Cg0ArKJSzFjgAp94Wlr8EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2EC3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0330d9c22135127d8fc132f0f12255f334e6e730350470afd3cedd695ddfb294

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D987 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 927473a7ff71cc3dcd29d552374214b5c9e88e6b8452cbdef184fb6184dd3ff6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ABCD 0
0 90ms
90ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXSb0tlvlEyZerq1QD1rezK4OORq2h7jc1BnrFR87BoxmH-jVfmyyxMg9gZE1gkbnv5GRHp6LdCXR98GGcooG4olOQxZs6MSDpx-oHh6RwNKg7TfAhFsSQqaeNz65wJ6X6xMDBxWVnflRE41esbaupkiSC8y4kqNGeme-g9j12S4naAxLToCmZ65mpjUVzObnqaN1oldq2jf7TskGjGIw8ZEbClo4riH2a3TEE1zBTY-eokMmwY_fBDXPBCd7oz2RhrRUHv0AMcovoOcUy6ktJWhCx43JZWkgShZ798um2510VpgezVPF9VUGZcrBmE3JMMAVcCgGZNjlFcQ&sai=AMfl-YQHuBXLRNrFSMrhc89UOo5ueuqzqqn42GAzbESt4PddF_Sj_6dl1t-uixaNaVfgfT7juJWrD20Xq9-NXdUlD-ik_HYR38PCso3VXqSwo7oeGuJ99L0htK_TKebkmAChk1t9UMyl7jSXZDWCEfFW47Q&sig=Cg0ArKJSzJf5N1uAv6_dEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E9D8 0
0 89ms
89ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_Nf1vZ6PPf7vm5vbsbmJ5Iry6mwdQb3VX3vwIxpUGESDk6D7HU2-4pKFuXIXktSk4lhY_szusXhBom_6KBtShAjmm0xWUB_5gM5hldXLE61uTnEOW-NppfdAM0McMKPRwsLotg-TD-0XZj2A9wUBQUlykapUJbbEHM3TH7QFhDXhzBGZ_A2pfBRpz1fl3bCH1Ajz7HjJZeIzaaEFWalUKHdG_7R3SYpoaCAZuVocd2r4atbjMyOWJEbPbMn5JnNaCk02riRLgfcume8ZwXD-To6AcrMLxppJDX_QJhDFD6Ww4ymFPf6p96eFu9Be5CjCKDG19ZzvuzeJoZg&sai=AMfl-YQBhV_9nDC9Z78Fs4gYjdaoeKZB6llB3OcsqwQUwyFb28qaeMPE-ZeJDU0qxV0TIiSlttR3lU5a5446ex2MAByxIOvPi-Qmcpemr-ZzFVKZIbEECyJ21CtbXlBsf3m7R8Fn3ATDo5RF-7NIqcDLClk&sig=Cg0ArKJSzCxiZ2ixZDWTEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame ABCD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8132c415e7d7defb0033968d4aadcecee80ec420527fdb80f79543f44fa6e421

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E9D8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a696549740f3395651c05ff1c07490e7ef9a3aa971436980829bf8e096f1be47

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1424 0
0 90ms
89ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPghwsV5HOXkcNqorJdNselhQvD-tHTz4zkige1PMuBKcASKaRhCBtfs16JhgrzYOFQXKmfgNlxSCkp7ivpU-Ei26ybRDod3j2_jbJBt_QZvu1w_KxAZN7Lq2B0rsRTVqq4S26ZWnhHK0eyfJNm-L3azrddxKJqFov5jP5RREnb7i1iXmDXYVxOGpq7VM83VFyh1DIc67tx1IicLHAdCoNUwjUH5rw-6wQNwxMW_Qu6j42DP42-Wn4-o2XY_6Gjg2ipfEtvlNaox6Ga-P5SbAlvN97rpO43Ux58oybz_R0mFgLa3cvzw9O3joJmMhRgiW8sKVOVCNP3xBOkw&sai=AMfl-YRovt90S11ZnyKhMgM5JY6BZS15BTgLd-NzlyCGohTGhti8ao9Ao0wPUm4UzaNi7nnlAweO7U7Crs3dbrOLEZR25E5LzZpdAFsXn9IGO1ggN1W-g6KfoHRSC4qc31QXiQTF4OWGaGPzjpJEl45N3yU&sig=Cg0ArKJSzPXIZbQKHASvEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8586 0
0 195ms
91ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurbnvTBQTPMTHxTI0y3H29LUxeXlwjNWNzq29Kuh1KgE4O42CMFxJ72ClDyR3sG4gHt9e99mn-xo2qAOn0tZMPXfAhp0ttD0Sp44wqrjtF4XQ8UEq_hz80vWdEDopr10x4H6ee3Cvxp9d0FODdyzpxDSJjvPcKq4vTCyUPHRRAZGW-zbD52zxBi3AymdXdFEVUF9oi3xituGIIy_nnkPB2wWbCMNMs8GoJ5UbKUs6N_BIvAPL5kybhNPAwU5fpK9nR74jS3ij5RyBUZ3wjqPoQDARvpmGx9aRtxH8Kl4qQkPoFigE0hvPO9zJB4_-rIBk6qOCrzNQQsAWJFkGQ&sai=AMfl-YTnL2sbu8ou7RGUGDBcVAOGRwhXeHH9VUJ2N4MIYEJsCrHBghZhRs5cYf6Y_BaRnHWkNndLnlYghkUMfiMz6PqslKWZym1TyU9ttjCo8Q_oDwXhGin6eOLSr6LZhZet-jO9dvjD6BEdU76zdZUl3GE&sig=Cg0ArKJSzMcQgfyBlw8KEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Jan 2024 16:47:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1EBB 0
0 89ms
89ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFr8SDX53TSb5isolpNKJIo5fGbgkPRhcMfMaOI2bxeEmFZoiBYme4ayXedfXrPfxJmIsgoO7jz9hEsxjFYXeWn1JXZS_V1c9Toh3ruVO7ATdOAreXAaK5xUF6oKJlaLXDvF-lju0PhRTCJVneElgMg8Q5a3BUqvGbl_1yO9ytrJeRCggVYHr1iPjny-WVcdCqRvkziVHJQNLqJ2u4NJqJNAaG86kywtGARCuc2dLRCeXG2I_HrugGXkGuu8XzFV8wOZAWrD4JijZkrSaa6ZQD81w4fbcH3radduULhmdDiicFo4LfSV35u24BS5_RrveBIiMhI_KOQWog4w&sai=AMfl-YRnOxofTShzdXeEg4bC4ufruS7RiHPp8fqRFgd3IC-dch7UijpIbuQBWthJ9YC3PYf7nd3jUFpva8m0L8cpnaFCpy5LKd8yHr0262PY_5Cvatxcph2qiTUrNBgo7tKiNM2iACFrkJ4R80NaIUFP1Rg&sig=Cg0ArKJSzP8eTnnuMBOEEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1424 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 395ac9c337837eb95a26dab5890dc099e91b88e487ab1f70e44146d43cec109d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1EBB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e15d287404030e661f0c34c0f109647249dd11bab5e46e5c4f406f2837fac92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 56ms
27ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/21162.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx
etag: W/"653a6f57-17cae"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 07 Jan 2024 16:47:11 GMT

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 36ms
7ms Preflight 3.73.235.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.235.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-235-227.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://upnorthlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Sat, 06 Jan 2024 16:47:11 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 14ms
13ms Fetch 3.73.235.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/21162.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.235.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-235-227.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Sat, 06 Jan 2024 16:47:11 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 bl-250cc79-bbd0b627.js Show response
tagan.adlightning.com/sinclair/ Frame 60DA 94 KB
40 KB 7ms
7ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/bl-250cc79-bbd0b627.js
Requested by: Host: 6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com
URL: https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06e9e2fe5d767cfe51561fc034d7dde68a65996bc98d03fe11698ba797074124

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 03:33:28 GMT
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id: f4csE2GkEUhL_BAqGuyMj_M5NGpFpmhk
x-amz-cf-pop: FRA60-P4
age: 47624
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 40087
x-amz-meta-git_commit: 250cc79
last-modified: Sat, 06 Jan 2024 03:31:41 GMT
server: AmazonS3
etag: "3668d01de63e049c4946ffa168d7cacf"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5DxnHbBGK5ADTgIkIc5z_9YicYemvsgZtooT6-JiSSuyz8tU29d1uQ==

GET
H2 200 b-e09f10f-3f43045e.js Show response
tagan.adlightning.com/sinclair/ Frame 60DA 75 KB
29 KB 8ms
7ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Requested by: Host: 6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com
URL: https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0b1e55ecb32616cfe9830c0d1c512822429dd7e1a775b78ebeec741316bc90d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:13:32 GMT
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id: bPTtBFULY.SUXB4UlbbQ1HXmh6W4UsNp
x-amz-cf-pop: FRA60-P4
age: 3382420
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28800
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:34:22 GMT
server: AmazonS3
etag: "f626cf07bc0423765401627bba38b9ad"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: FPGejTqpUIPcHFrjnsx_Tx72aTNbKv1gaCLAr1BnooOCuxDNbXt5GA==

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 60DA 24 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com
URL: https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109767
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 04 Jan 2025 10:17:44 GMT

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 60DA 14 KB
4 KB 73ms
21ms Script
application/javascript 65.9.95.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=Sinclair_RON_Desktop_Article_Trending
Requested by: Host: 6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com
URL: https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-89.prg50.r.cloudfront.net
Software: /
Resource Hash: 52cb78854103f0768757d26f8c7a23ee31f2de123b9e54b7f000cc6277c1fd6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:40:17 GMT
content-encoding: gzip
via: 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 622
etag: "c155d05f14916c0dd5e550311e816bd0b66bc9e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
alt-svc: h3=":443"; ma=86400
content-length: 3607
x-amz-cf-id: Rdch85Xr16woZ8TwEKoD05dHLfaGaM4qUjyyUoq6LMgWjrgCPncv1w==

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 60DA 204 KB
64 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com
URL: https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 16:47:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 49CA 0
0 90ms
90ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2SSQUp5rMg7tjlMJaxSIipz9sjISfTK3UGNgy2N_MkVd8toYPM6liqg8Yi2c1QPBG9NJzsLfwE4wj14lFcLtzJEJdo_ZQomQUtWA2a2JpIUP90ZaCkrNW14dXSWGIY-td-2Xy-X47R55SLjcsOBpdiAZ7dn5xbwkh9yTKRjgx8IuKdmUgUwbLFRClIdda1afHtGyTIOoaKFYx8jr1Z1Dj4cKS6eQ5ca94hU4Ys4USBcqzGD-xuLZJu5VfpDmsoKJvlwJU9USR3WkARjC-6K4S3l-eWRy_Mq1avv7RjZ-L_O1yGOKZ7JZHyFDb0QbHPjNgWNbuPOmjo7gTackU&sai=AMfl-YQrlQXzAhzizsys166WofpMuJjZieDmZYQwPni8pysFcznYQkXKF7EWjy2DlVmzkDJBAamluhOD-5t_KJfsOo6kpBlJQX45TSX_N8wYsZOPyDdNwQyu-FYw8Cf4jJC7Pca9lwwaaOQ25RBULuouCoo&sig=Cg0ArKJSzEyvM0i6VJM8EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Jan 2024 16:47:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1793 0
0 88ms
88ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdTk4_yHzDWKGFOySiEYhFjkD6LS6qYJL7CEFrCLAVty0rYme8A8WmrN9xh4U4VYg04pfdpRVt5knwD0vlCywv1QpFNrHSfRNr662JlcHD2xS8T3y5NtetsPEgxUGEgXXLClfHwHo1-FPg9BJpRiZ7uVWD9aj1WhKQqhQG7XbTHrJ901fTahETXUrz5tTHE_n2JPsL7yKfDvN626UNfk3hR6GMlmTZfuL99zWof1wDC57o4NYikYZ2BNs9-3iu2xaFo78NIjSwZ-on02h2w5RMaC2-lscr0H-0O13vumQnbb7nJCPNMT3M06Fizs6MlbFgtBHxsZ9HXFIXpWb2&sai=AMfl-YTwf__ug8HpK3QlLJrHieBSFNgcUDmEf0Brz-Pht2ejrIuoWCVnxg5wTFqyZ1HEjvIx6hpW7zrI7eVVRY9NOb9P_sFJFVlMex2UZahjoLp4P5Dp7eiOBHebdZe3Irr8shLNPzoaXrkM9mdzesLGCj0&sig=Cg0ArKJSzFtO5xV7VvN5EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Jan 2024 16:47:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2EC3 0
0 90ms
90ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss452eJfaGBDVPXjwenYfWngtdOvLzIdVYCCcljijqrkbXA6bgXGPRJbKeROTTP7yMi_WBOq6mUMCv6nKTv7CLyXV9YKFY-j_lLEfn0QUK5-NOwJ0iZNGqXMTgIaLuXyCqERGcg5rVjr5QBld-qrDZisV1LeVkp80DXjsph8UE-81vYHtfcMA8p3rMkjvanGNPeGA_S3QAKszxW-EeP9_3SDsKmMR90FG18LBjvoBhxRG0niJGWB27sl3UGTUjD1P3h0ruCLO-yrdQaKhHwutIrC4Psuz9lHfwJ15A9rD2aVZLSYF7aF2hYW1iRggfoRqiu6cF-pnaRsVViaFQm&sai=AMfl-YRgGzgzdl-JP3Xp5rHMnalNOmlwKvr2CxbRYAQ1Ii05f_GjCPbq48KjiAXZtk1vntsK_kx5z6aPNPKkJLeWHpL9w6N2m7g8EdjEg2dHhV6LvkINnt2fOQdu6aN8UFQIF0ysmFQ_PK5yunJ_mkVjWQs&sig=Cg0ArKJSzIFXuFA2ji6mEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Jan 2024 16:47:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ABCD 0
0 91ms
91ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshqfyWtxVcjy7VlCp6eB2sWZofI1v2pTESswLl62_9M6Fl3b1nRPlhOJOFVwQG15KfmRh0xWvYFRSXy-5eT1j55DI-d54HsHXVDz5DtsG1WNEYvmqDLJWmTU2DIonLQN3qGCCi3LY_NCQj8dzEM_89cTmcIyH4c2Pr6mHnK4GHwwUzwkj6RJKRreB_TYIY6bHeywjL6FbLvdK_Bjq4Sx9doXAwQoOGq4pHAVTQ95GEf3lJM3rUI0XFQxfrJTgZ6SE1JCKszDOGe5mK9TtqpGGwRB6jTj9KsG3FKaIwmBdp8Vkh0vDK_SgrtADGfLH9Ge7Pz4Ae_URFS9TU7xnb&sai=AMfl-YRhd09O0WGKw4UAAsnbp8HOVmwRVuVlbyzwV10E5LT9_PpC6MzTeyejraI-8Pt4Fs5xue2umpsfFbPl4vCvm4s0lIG3rySlMw1_WKvK-8Zz1HnwHbYY00NxOMcxUwiiwEYIyaj_meulDTD1DnRGpRA&sig=Cg0ArKJSzBVZYihk3IYSEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Jan 2024 16:47:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D987 0
0 88ms
88ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSJQsqU_dcbQRqeSV_xogz5r_Gfadez-sNgQxXKEOYU9_QPmJnLJeJpvgCvf9ZnrWmfXVkkClpgj1ITtVY8MUZRTwnzjDkjsHji30Ay9-4EkkvEjVYJKAbvrTp-xJqhY2BjArrb9G-G6UN_FnQUroSbwfzaZOhfDCHHBk8l5wnWhmjdMKXhztZaQCDXZt9b9v2Pkapdolso-K2cALK9RxffMq2Hz1UUyxscIGgsvzzSmRd_0WPXFPtS9DSHQMI7rrx9Izge_CWjrbw-BRbuPrfXXP2zbdXg12ut1Yi7fd4woYZIBc8rW314l4Ysow20_WvEZF1x1h3ObS2FiWx&sai=AMfl-YTGSYJrcOPege_MfAF-lU2h0QFxlWCHIRG1GUo_UotJNWOAqXDiv5_bl0VIMXNysLpkf_91Rpl3sCndbvlyqTdnUy7e3kESrs2-NdKvubSn7fmU_GERCF41l4-4VDqebdeV9mCL22e-xsGNRaTIpxY&sig=Cg0ArKJSzDDVm99SF4OuEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Jan 2024 16:47:11 GMT

OPTIONS
H2 200 broken-links
api.userway.org/api/remediation/ Frame 0
0 177ms
176ms Preflight 2600:1f14:5db:eb22:906b:6fe4:91b4:da90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/remediation/broken-links
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:906b:6fe4:91b4:da90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://upnorthlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: no-cache, no-store, must-revalidate
date: Sat, 06 Jan 2024 16:47:11 GMT
x-service-version: apps-70fa83c1

POST
H2 200 broken-links Show response
api.userway.org/api/remediation/ 408 B
785 B 352ms
351ms XHR
application/json 2600:1f14:5db:eb22:906b:6fe4:91b4:da90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/remediation/broken-links
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/resources/defaults/userway/widgetapp/2021-02-02/widget_app_base_1612278999697.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:906b:6fe4:91b4:da90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c60f6064f34789b361aa731224684d690fbd4c1463d0213a42cc056b92302264

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
etag: W/"198-5HG7i96ke18oWFwfSRxZJbISOCw"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 408
x-service-version: apps-70fa83c1

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame BFBF 33 KB
34 KB 160ms
51ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://upnorthlive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 04:01:15 GMT
x-content-type-options: nosniff
age: 391556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 04:01:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1424 0
0 89ms
89ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3J1y5E9pEAMdlGNkZfjkc6zTI1q8sXkixeM9eHEFaXomLvOXvwerW1zuDcu0oSyoi2esUF45uZHP1YstMEZgWj_KFMLAJgqr4e_zyAnscfJi6fKyPJ316QK7C6ulTiAt8yjo8Rse9ZDwVgym3-4FceyTUg9uTU1x0F97FbXtNM5YP_OXDQ5jdYCpXla8nltolXfzPbjeQb2l3Kr-JcdL3FRyPsVur2Zj16QkS4qhxjR0C9gdD4cLmkyWXJXIrLJQ2tTQ5Ei1Ed0ytDY4m4r0WIQRhM5iOtMO63I74IfGbMNWziyz9k_O2pc8yLNxr0YvdGBGH9LEHAa7H126Q&sai=AMfl-YT6E02qTSf7qTttOSfjlpdjgIhUHTJsiKhLU8MmzACtGPFxszTE-UwD2cvp0Mc9w1mO_5uBwhIMedI7i5EpOVh8Sv3G98O-qUIj5gYRQbXr_KaNWJMBZUre_hznEop7E8xF_Psnhgc5nGTZbRMbAL0&sig=Cg0ArKJSzCrXpBcUHrqWEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Jan 2024 16:47:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E9D8 0
0 91ms
91ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNNDJCPKJ85scdkzv1ulaZ2yIiX-jx-FzqFjAlRXWA9NXeBKJiIOy3LFjgssaQk9tb5rCn4XEIkWA51ISz8mkBnT9er0kVmTEe_0NY2smJUdM3fx286hUeh-PFLsK-lz1NezcoYlwNiz6OTtWD7yqb6VH-SBsVbOpNgm2lyMvmoUFO3bL0doF8RCNFDeaYYJpyuUhhFD7lBz7mgcjBoD4RTxchT4uS9kYPZYqI-GKrSZ2W8We9csl7Ar-wiZxpV5cK88xHBQZ3VWaLXSz1n42Dgy27XLWuFHvH2RKhzPKbP2AwjHoF4w4AOJxLDliHg9Q0iYi7Sl1QLlV5wVfV&sai=AMfl-YT1pM3nrZOBR1JEYTafHoPcWLMF9k6sppdbj1CiG4uzV2F02tYKmC-2BVM_WI__x1oGA6fGjqctnVHNokS2qdjMTXe8VSg5eBnOyGv-3kGrXyciNp_CBkSu6BeeYrXmcYXqmotgqyBAu-GvATBnUMY&sig=Cg0ArKJSzLwBFFYa-h-KEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Jan 2024 16:47:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1EBB 0
0 90ms
89ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvC8xv4TicMoM17MP_pzcR9ZoGFJbryrKDGqEAOlZe3NKJkZ3sk58xTr3bqhWRz_8C3szMp7bgl3VETVI1tHaA0D_RwK715BOs9pnFgMZRCfte-d_o2M-ycRXiex0IyIQzYQnqgUfXWWqdRGSzd-n9Z784gSvFf-BMiJi_z9ELIxcff4dsfbCbCrg16gt7hXqBg_vSUo9jI5mpM7XTZ1HYX4cgjtlIYsFG7Rg_xOTlBdIFkJEt-1Q2Io2GnSLdnP0aKoeaXtaMSKHmOWVNwMtd_P0X-7Dscl_Vv8H4lQCZNO7xXrvbEO5SoCX2QajkiNo87JSNjmooPsUrv1b_Z&sai=AMfl-YRk-GQUW6desklUcVHF5K4Gof5WN_AuAq-czJrRd8UL8n3mkN8xj53SOCk4bJ3YM1WSGxps3sUm_sNaSBK8UPZeRSHK1g0d98SnQdwGxSPqoxSYCWcavKEaU6MxIkunPocW18HBJa1v9P6P0KtH2Ng&sig=Cg0ArKJSzKNkyCUCaQChEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Jan 2024 16:47:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3EFC 0
0 188ms
85ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=4368697156797361&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B2FF 14 KB
6 KB 46ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=upnorthlive.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://upnorthlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 16:47:11 GMT
server: Kestrel
server-processing-duration-in-ticks: 364140
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 56ms
28ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx
etag: W/"653a6f57-17cae"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 07 Jan 2024 16:47:11 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A94 39 KB
15 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 14:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Jan 2025 14:51:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 60DA 0
0 91ms
91ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDA3saINE7U0tSlZVazC1_z-n_5BxrWMVBp9eAlvwMiNXoN5MHDpuSC8TSwPJ0Blefn4retz_hptgU90vz5pvUL0b80yQEaKfNALQR_P3RHMI9GpweX0TzwLYY-gJgjsF1i9ZYJJrMw503KXHRef9wIt6gPuQWMRA8pMKeo6rw5nJF3TDM0fzYA4OXz3si9ew5seA3-evXLdt4iyM_0Bi2WrxbngGL-kqqXpOL0Xw8wFMtZ1DT5oiQzIbpEcbpTU1UIjRJNlqBHh8l1xunYvZfx_P1pzRlHjl2EwZkzpdVvvbH9MpXrzIFgHooSDxV4toerhSdqObm1eMJtcoj85zeNg&sai=AMfl-YTSfHUxiRJ4ih8jSgyjU-bByIc6J7Y4W3SabCNhf8O66_TN2YROLH68PEIKOf8V-iazkF7-ZmoYE7ceq7jYhQkhHH-Deecc1lSUeMexuLbhFdudvU5whgnOUrlkD_ppTtDa8Ppbi3S1ZHCmWz1rLog&sig=Cg0ArKJSzCymZueX2-FIEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/ Frame 60DA 196 KB
61 KB 24ms
24ms Script
text/javascript 65.9.95.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/bundle.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-89.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7019c81112576afa12ece5f1412d4833387a4e58454d0a3b4843169bc948deb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 19:54:53 GMT
content-encoding: gzip
via: 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 2062339
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 61556
last-modified: Wed, 13 Dec 2023 19:53:52 GMT
server: AmazonS3
etag: "7ca2f58432437b00c4247750bfb764cb"
content-type: text/javascript
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: pSKiXQbT3Cy1C7_P2psciY1QSB8I3idU-Iyo0vNHSMo6D8KirDlkBA==

GET
H2

200

sid Show response
mug.criteo.com/ Frame B2FF
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=upnorthlive.com&sn=ChromeSyncframe&so=0&topUrl=upnorthlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=K5SmRHxKcWNTNGxoVjJBRWtNUlBESFl5T1BLOERzL2FiRVZma0lBM24zT2hYSEk0VU9TS1dTK1dzamNQK0lSM0NYR2tEQnEvcVpIT2ZLQUhkcWc0WWtjMXJtcVlxSlBGdjE5Q0o3NUxZNXNzZ0VIdlg4c2ZxS2xMMVRGcW...

430 B
668 B

17ms
16ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=K5SmRHxKcWNTNGxoVjJBRWtNUlBESFl5T1BLOERzL2FiRVZma0lBM24zT2hYSEk0VU9TS1dTK1dzamNQK0lSM0NYR2tEQnEvcVpIT2ZLQUhkcWc0WWtjMXJtcVlxSlBGdjE5Q0o3NUxZNXNzZ0VIdlg4c2ZxS2xMMVRGcW0rNEo5ZE94amlRY2xrTGIxZG1UUWhzZU4ra3FtdThwUWF1bE5mYStvbWExc0lDNUkvTUNFNTgvb3Q2T0ovb0ZreFA4WWIwMVRlMUFJTEdpSHdKWHBXMHdUcEh3MXdUckpHWFN2YU1WeHJYOCt3SlpvRzZMeDVSNXB0VmpteHdzYjA0dFoydEpjQktDLzBkMGZTYXpWdjY0SEpUUE9UYzlOOW5zV2VaZUFkY0puclBZaFpNOD18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f17fbf56d6153db3abb52dde6edc122fed8f8d995d32222f818e278687cd110d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 16:47:11 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1289446
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 16:47:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=K5SmRHxKcWNTNGxoVjJBRWtNUlBESFl5T1BLOERzL2FiRVZma0lBM24zT2hYSEk0VU9TS1dTK1dzamNQK0lSM0NYR2tEQnEvcVpIT2ZLQUhkcWc0WWtjMXJtcVlxSlBGdjE5Q0o3NUxZNXNzZ0VIdlg4c2ZxS2xMMVRGcW0rNEo5ZE94amlRY2xrTGIxZG1UUWhzZU4ra3FtdThwUWF1bE5mYStvbWExc0lDNUkvTUNFNTgvb3Q2T0ovb0ZreFA4WWIwMVRlMUFJTEdpSHdKWHBXMHdUcEh3MXdUckpHWFN2YU1WeHJYOCt3SlpvRzZMeDVSNXB0VmpteHdzYjA0dFoydEpjQktDLzBkMGZTYXpWdjY0SEpUUE9UYzlOOW5zV2VaZUFkY0puclBZaFpNOD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 347611
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ Frame 60DA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b6ee3485e4c80f08c29e0116de9b0b292ef5a008a632167241a92b52d9d51f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BFBF 0
0 94ms
94ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_GZ-DYSZZcG3OoqS7_UPweyByA_gk8uYddajo8TvEWQQASD8sfUYYJXikIKgB6ABv5-wzSjIAQmpAhMP0DncW7I-4AIAqAMByAMKqgSlAk_QmBfv4X-6YcOuEFJAqR2KZO1r5IxcleGdg3dh-WbDnH9xICOCYA_Y6vamWBOZQ_l1XcHnpC7UeHqAb3P7eKj31VjhFfhOjCzNNtaEZFx2Mt_3Z6yJaOr49qCxz-28MWkCWjVNYwVLa4P-NIfKuZaYZcXWktk1vQPhAymUjTqOOBzoaJhxG6_budRcxbVzKI61hcHGhIBbKmZdK4mdXRzy4za2mUbCkltveUP-iyyqPswWotNDWN8Uws_D2F15rihE00i2fMA-Ka5_3Pcp5mxINUe_dHbSEjRUHJks3VZGUOTNKcRbUj7pyeoXPjSRYuF2F-kaK_NPX0QUaUrJhGtPQP_ZPT5VTawerwgj86nyZU1K3j6uKrb249FcxnW5oV7dNyfqwASkzoOxxATgBAGIBa3Xy5xBkgUECAQYAZIFBAgFGASgBi6AB7_XgK0DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQqKIM0ggfCIDhgHAQARgdMgLrAjoCgEBIvf3BOlilwfS5m8mDA5oJhAFodHRwczovL2RlcmlsYS5jb20vYXJ0aWNsZXMvcGVvcGxlLXNsZWVwLXdpdGgtcGFpbi0zP2w9ZGUmdm5kcj1kZXJnZ3NpbSZzdWJpZDM9MTc1MTYyMDMxOTYmc3ViaWQ9JnN1YmlkMj0mc3ViaWQ0PSZzdWJpZDM9MTc1MTYyMDMxOTaACgPICwHiDRMIyK_1uZvJgwMVCsm7CB1BdgD52BMM0BUBmBYBgBcBshceChwIABIUcHViLTk2NjE0NDAzNjg1NzM1NTAYqo8T&sigh=eUEVeplTzn8&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgAvHhf_R62E0W501r7_QI0nwHKufdVdlrrL4rgEUE3aTF52tYxfdP8lrJRNupc9Jyh_UNK093us7XE3ZL587skFiiQaoEXTGY90Cx6VdBgB&template_id=5000&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 auction Show response
tlx.3lift.com/web/ Frame 2482 50 B
494 B 8ms
8ms Script
application/javascript 52.58.51.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/web/auction?inv_code=Sinclair_RON_Desktop_Article_Trending&referrer=https%3A%2F%2Fupnorthlive.com%2F&rev=ad1dbd3&fe=0&ft=5&cb=5085616739

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.58.51.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-51-29.eu-central-1.compute.amazonaws.com

Software

Resource Hash

f2a78b2d533d823d7e534983f3667fd7e7ee113933a4366c50c5c70e1ed56b4f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 16:47:11 GMT
accept-ch: sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
content-length: 50
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 60DA 0
0 89ms
89ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslzR_1HgP219nMTVqyhW22RcWXp_XTOGzdftSUvU0ETCB3cLKR9tEqyjQLtVd2obQwkVLNN0PG0YghJn1kDHyyz2Va_W2YUaFEL592zLfBcaRARyY4-p1TKRhh-_nKiRVchTlBsWuJPvEU6TVkCL2VIyubiaq6BSoJkzVmgEFBDDNsbH0tvQRGK4Ap1oRP6ZekxIKRZf1Yx8XsVgCO6rUNI2DaF9f_2JRtAykIwyseMFhIczsbuWyZvgXieBESo14_UViul7RRbLZiVjJN-JHlmZ9al1I0flpwnBEik-b9c-deExtrQBPbwIY7M-spP5ZQjK6adrQkg0tsRW6d1gajrT-U&sai=AMfl-YS7skYEwveyuwR8fXsyrOs-Y1T2acp9GKF707svCPNMQ3HAGnWxGyU7j1NSBRPDgaH3EBbMJCr30VLpwGN43zIpA20TxA5zsAWU3awzzym-NyytUmIfYvJmCwRbcgf6r9L7yu3dXxGoshCwR-Fheqo&sig=Cg0ArKJSzPf09fZ3_EOBEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Jan 2024 16:47:11 GMT

GET
H2 200 sync Show response
eb2.3lift.com/ Frame C6A8 37 B
139 B 31ms
9ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=96842
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sinclair/b-e09f10f-3f43045e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 06 Jan 2024 16:47:11 GMT

GET
H2 200 r
eb2.3lift.com/ Frame 60DA 37 B
140 B 28ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=Sinclair_RON_Desktop_Article_Trending&aid=38078173498517292709370&rev=ad1dbd3&domain=6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com&ref=https%253A%252F%252Fupnorthlive.com%252F&pr=can%27t%2520access%2520top%2520document&rr=auction&cb=95880
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9A94 0
10 B 51ms
50ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fOQFiQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 3009624906045363 Show response
api.userway.org/api/remediation/moderation/by-page/1340275/ 3 KB
4 KB 178ms
178ms XHR
application/json 2600:1f14:5db:eb22:906b:6fe4:91b4:da90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/remediation/moderation/by-page/1340275/3009624906045363
Requested by: Host: upnorthlive.com
URL: https://upnorthlive.com/resources/defaults/userway/widgetapp/2021-02-02/widget_app_base_1612278999697.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:906b:6fe4:91b4:da90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 57e60409d5d8689f7d11df7b61a86308a607554160e276a06451b6135c26c14e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:47:12 GMT
etag: W/"d16-qwWPihnPAtk7XZWAy/N6f6+uD/Y"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr22d4a352c76f4b7
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 3350
x-service-version: uw-pr

POST
H2 202 64ff35afae91a31275d6a8f2 Show response
events.launchdarkly.com/events/bulk/ 0
344 B 1308ms
1308ms XHR
application/json 52.20.62.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/64ff35afae91a31275d6a8f2

Requested by

Host: upnorthlive.com
URL: https://upnorthlive.com/_next/static/chunks/a2339e3eb6b6d127b5e462c4d95869a96c76c938.d8d389d44cdd8ab45626.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.20.62.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-62-33.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-LaunchDarkly-Payload-ID: 3d31c760-acb3-11ee-a3dd-6903c609fa7f
X-LaunchDarkly-Event-Schema: 4
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json
Referer: https://upnorthlive.com/
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.9

Response headers

date: Sat, 06 Jan 2024 16:47:13 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 64ff35afae91a31275d6a8f2
events.launchdarkly.com/events/bulk/ Frame 0
0 102ms
102ms Preflight 52.20.62.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/64ff35afae91a31275d6a8f2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.20.62.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-62-33.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://upnorthlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Sat, 06 Jan 2024 16:47:12 GMT
strict-transport-security: max-age=31536000

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8586 42 B
174 B 89ms
89ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIpWSMbjYMhJaghhjfQWipFT_mtVGiWgfhtWfAZ6NWSfBzTcJctXubpUV7q6VsqeGy90WXo64GvlmeMapwjNl1uVPtBhJ8wZLN6Glnlc0q-VSv054GkdmDxKk0_Z_bAIhg9SwSKkeHPwwSHmy93iWY7w&sig=Cg0ArKJSzLpZylCATGiFEAE&id=lidar2&mcvt=1012&p=361,1070,961,1370&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20240103&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2271141650&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704559630661&rpt=675&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 16:47:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 87ms
87ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401020101&jk=4368697156797361&bg=!7O-l76DNAAY3kmNgF5I7ADQBe5WfOH7q8Upy9ZzRqT1xfZhYZXyDDMpbewYzJpXHJj02yKr5UsPA_jzpSP2tepe8ogIfAgAAADRSAAAAAmgBB5kCsjCxVYqCi8KtZeI4jPflLOtDG_2uxKJfOYeCuiFgM1_MwWs2--WIEIHPti9zyQgxlimaHLlcD8VmuB-OB5CmQglgA4v0FRI3kxcDjz73gDW96laFJy2iGXykJ8RHC6fFAzShds8zk1zOGKjyd42WhJOqUVQTWeUsRY_NWZAAANg5JSYBHCeclm7sLPmtYpx8q9REmie5aLuk1GYt7ElFZrJVrXkJ2m1KEzXg3uuNGFK3jUdo7qaDwG5WXiaNJn5lUj-wAB9CiMSCX-mLnrDQ_1atX_qeErJYva43KSHdkGcWR7f174doxRHOusSb-gp_7wzEIR_0aC6MUQqeLX4n5ImjYPFEeUlXeLY7yYsvjcEfTW3OvnAmQnY7C4jfMNZYN1YytPLaq4ZfamOtZZKNwUw3Cw2OrVRp9YaN1n3hAckjtSKGAabruAfAIgWkHl_RndMRmjK1McyiDTyFcptZglHl7ScryHaHbqRDUzICvoWIbb8pPjWvtT3BPoQaNeVvH2Z_NdnSk1Oj1LPrA6T_CAtIDboWP7v-ZPE2p7Sgbf4A1D4oeJjWFHlyTMBmLXM16fyZTtz1tLdiooqfWR_bhUWxS4bgnuu1cYX3yazeS5-SqTd14adR2q1qwUhbcZS9qcZErhRXkndLKAfDa90FgXb47VYcnGJ9yuv6BAEf5tQx2n_-kDcY3OBNHfRK5zIsyLmdocRx8i8YFn1LZgODxTqN6rFcli_WSEEh6wP21LpSEGLZX7RYf9E52Xw_vufL-jcNIXK-yq6rqHAnUsEAZZtT07DtClIO6DxIvWwqwNQ12zad3dELcssNPwW233Hy7psN6t2Y59it6QP7KGB-Tw3BtKImZojKP4fWv0wkyv00amzrC-V5z02HE8TxnVnrWSneMnPxrVR_eEsJObneO9_myg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BFBF 42 B
64 B 90ms
90ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv34u6I1nkd-Vq4Tm3WsFYQ2xE-CIqDF0jmWluvL9VxtlgZEqY_M-QlyhYJKhqNRX6H1LbLe5JXkF2FPVS88Cqk1w05L9OCk9mnJbEz9bg_jbFyrNGg30Y0E5rQAX36ZCFLqOTa2DOOThcwZ3YIFN5MdqWP&sai=AMfl-YT1qt58NCB-CV9Hog1Vzoxyki-LeRnF2YALrGhadz8ITiLbTyT0CRyXJbHNBP-w0Wg8DASEpdlvr0QRKsnrHlDffCSTsWZSOYNwOdkpk_f_3QaQ21-3kX5dXos_g74_yytl55Gj0tmNK6IWo2vb&sig=Cg0ArKJSzAESy6cJX9omEAE&cid=CAQSTgAvHhf_R62E0W501r7_QI0nwHKufdVdlrrL4rgEUE3aTF52tYxfdP8lrJRNupc9Jyh_UNK093us7XE3ZL587skFiiQaoEXTGY90Cx6VdBgB&id=ampim&o=315,75&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=1386&tls=2386&g=100&h=100&tt=2386&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upnorthlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 16:47:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 42ms
14ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fupnorthlive.com%2F&domain=upnorthlive.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://upnorthlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://upnorthlive.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 06 Jan 2024 16:47:14 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 246941
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
250 B 141ms
104ms Fetch
application/json 35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0013300001hAWcuAAG&gdpr=0&src=pbjs&ver=8.23.0&coppa=0
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/21162.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 06 Jan 2024 16:47:15 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://upnorthlive.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
373 B 16ms
16ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fupnorthlive.com%2F&domain=upnorthlive.com&cw=1&pbt=1&lsw=1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/21162.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://upnorthlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 16:47:14 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://upnorthlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 289130
expires: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 083F 52 KB
17 KB 27ms
6ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/21162.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://upnorthlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 40864
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 06 Jan 2024 16:47:15 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 05 Jan 2024 05:26:09 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 281, 250544
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230058-FRA
X-Timer: S1704559635.144519,VS0,VE0

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 9907 37 B
139 B 8ms
8ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/21162.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://upnorthlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 06 Jan 2024 16:47:15 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame CD6F 281 B
555 B 29ms
7ms Document
text/html 88.221.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/21162.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://upnorthlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 06 Jan 2024 16:47:15 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2

200

bounce Show response
ib.adnxs.com/ Frame 083F
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
816 B

20ms
20ms

Script
text/html

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 16:47:15 GMT
an-x-request-uuid: 2a4a63e7-0129-4a8a-845c-556aba16a656
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.151; 185.213.155.151; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 16:47:15 GMT
an-x-request-uuid: f8c7fcba-12d1-4e29-aa72-ed3d2ddc6361
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.151; 185.213.155.151; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame CD6F 45 KB
13 KB 7ms
7ms Script
text/html 88.221.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 179eb0a36ddb30610f43e1d0d96776d0318886f78c7e926cf634ce5e6eb5cd7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sat, 06 Jan 2024 16:47:15 GMT
Content-Encoding: gzip
Last-Modified: Sat, 06 Jan 2024 00:16:29 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=26926
Connection: keep-alive
Content-Length: 13173
Expires: Sun, 07 Jan 2024 00:16:01 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame CD6F 7 B
380 B 52ms
8ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 402fba8a82f093def2459220061c8d31
Expires: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 083F 0
766 B 16ms
16ms Script
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 16:47:16 GMT
an-x-request-uuid: d7cc9fe3-bfb6-404b-86d7-d1ac86ef3d5e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.151; 185.213.155.151; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

390 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.upnorthlive.com/	1970-01-20 18:12:31	Name: pbjs_sharedId Value: 7f34bbdd-903f-4a9b-a2b2-ad8db3a56ef0
.upnorthlive.com/	1970-01-20 18:12:31	Name: pbjs_sharedId_cst Value: zix7LPQsHA%3D%3D
upnorthlive.com/	1969-12-31 23:59:59	Name: NEWS_ALERTS_STATE Value:
upnorthlive.com/	1969-12-31 23:59:59	Name: idle_session Value: 1704559629418
.upnorthlive.com/	1970-01-20 17:30:46	Name: _gid Value: GA1.2.1856209739.1704559629
.upnorthlive.com/	1970-01-20 19:38:55	Name: _gcl_au Value: 1.1.1203455282.1704559630
upnorthlive.com/	1970-01-20 21:48:31	Name: SUID Value: a28e179c-8b9c-4d5a-ae23-efb0db77907d
.upnorthlive.com/	1970-01-20 17:29:19	Name: _gat Value: 1
upnorthlive.com/	1970-01-21 03:05:19	Name: _evga_5107 Value: {%22uuid%22:%22c564ff47d0a4cee2%22}
.upnorthlive.com/	1970-01-21 03:05:19	Name: _sfid_25a2 Value: {%22anonymousId%22:%22c564ff47d0a4cee2%22%2C%22consents%22:[]}
.upnorthlive.com/	1970-01-21 03:05:19	Name: _ga_EJSHDBDQ9R Value: GS1.1.1704559629.1.0.1704559629.0.0.0
.upnorthlive.com/	1970-01-21 03:05:19	Name: _ga Value: GA1.1.1546832688.1704559629
upnorthlive.com/	1970-01-20 17:30:46	Name: _lr_geo_location Value: DE
.spot.im/	1970-01-21 02:14:55	Name: device_uuid Value: 0804d2c6-af08-42da-8411-3cf5fa8e4126
sinclairbroadcastgroup.us-5.evergage.com/	1970-01-20 17:39:24	Name: AWSALBTGCORS Value: u9xUYs+kj/rqWeTT8q1VvB+JSwmpMTnmHMeQaa+J8BXnS8XGyFlvhs75JChTfunX2MK8SL7JGhTcfsawVaHTQh3lyNe3YXPQBTsyWqQ//3JELVfSEm841FbdvEIIq5ryiYhN0/J8tHREMPXB/x+CEvSVULwxwD3OUc2OhlXzs6K8EuYcKEw=
.upnorthlive.com/	1970-01-21 02:50:55	Name: __gads Value: ID=5628679b5b73b762:T=1704559629:RT=1704559629:S=ALNI_MblZtM8eThoMbO-eK3oEpq1h531Ew
.upnorthlive.com/	1970-01-21 02:50:55	Name: __gpi Value: UID=00000d3a4386acac:T=1704559629:RT=1704559629:S=ALNI_MbZUhD-I2TzGw2t86mn7WbGicSgZw
.doubleclick.net/	1970-01-21 02:50:55	Name: IDE Value: AHWqTUk2HQCRbevJv5il-2TzD1cJ9XOtE-DhZ2-yPe_f8bSmk_6-ybGBu8HWC2Wgz1A
.upnorthlive.com/	1970-01-20 17:29:21	Name: spotim_visitId Value: {%22visitId%22:%220804d2c6-af08-42da-8411-3cf5fa8e4126%22%2C%22creationDate%22:%22Sat%20Jan%2006%202024%2017:47:11%20GMT+0100%20(Central%20European%20Standard%20Time)%22%2C%22duration%22:0}
upnorthlive.com/	1970-01-20 17:30:02	Name: _config Value: **
.criteo.com/	1970-01-21 02:50:55	Name: uid Value: 535027f8-b5b0-4621-b0cc-790ea303cf69
.criteo.com/	1970-01-21 02:50:55	Name: receive-cookie-deprecation Value: 1
.upnorthlive.com/	1970-01-21 02:50:55	Name: cto_bundle Value: K96Fq19BWnRocFNHM0c2SHklMkJUb1N3V0RUdHBjQ3lOZmxVOE0wcyUyQmFYeTk3Sk1uMFlzY0Z2TmxrNHVteEd0cmhsUG5YdU9zQ3Y5T0F5dEhsWnlqYXolMkJHbXZIQWtjODJNaCUyRjVmVHZyYjJLODBUQnJtalpqOFMlMkZWQUdsNG9wTUNoRTQyZzRWQUFySjh3NURzSGNieVdhV3ZYNFBRJTNEJTNE
.adnxs.com/	1970-01-20 19:38:55	Name: uuid2 Value: 5311010579902365191
.adnxs.com/	1970-01-21 03:05:19	Name: XANDR_PANID Value: LSgt4Fg_ryiciNJZg9LaT3ACaOzsCKUG1-bnn118ZAQqzUG9lb_jIT-TMVnJlJNYLY4g-CkzvDqqTzdFHZLA6A57r846_GetTGxb26L_uJo.

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://prebid-server.rubiconproject.com/cookie_sync Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
security	warning	URL: https://tagan.adlightning.com/sinclair/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/sinclair/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/sinclair/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/sinclair/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/sinclair/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/sinclair/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/sinclair/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/sinclair/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/sinclair/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/sinclair/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6e511b2253ba02185aff568a05ed3092.safeframe.googlesyndication.com
aax.amazon-adsystem.com
acdn.adnxs.com
ads.rubiconproject.com
api-2-0.spot.im
api.userway.org
app.launchdarkly.com
ats.rlcdn.com
bcp.crwdcntrl.net
bidder.criteo.com
broker.datazoom.io
c.amazon-adsystem.com
cdn.ampproject.org
cdn.evgnet.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
clientstream.launchdarkly.com
config.aps.amazon-adsystem.com
consent.trustarc.com
direct-events-collector.spot.im
eb2.3lift.com
eus.rubiconproject.com
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
gum.criteo.com
ib.3lift.com
ib.adnxs.com
id5-sync.com
launcher.spot.im
lexicon.33across.com
livevideostatus.sinclairstoryline.com
micro.rubiconproject.com
mug.criteo.com
open-api.spot.im
pagead2.googlesyndication.com
paywall-prod.appspot.com
platform.datazoom.io
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
publisher-assets.spot.im
region1.google-analytics.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sinclairbroadcastgroup.us-5.evergage.com
sinclairstoryline.com
static-cdn.spot.im
static.criteo.net
stats.g.doubleclick.net
tagan.adlightning.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
unpkg.com
upnorthlive.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
13.248.245.213
13.32.110.23
141.95.33.120
15.197.213.252
151.101.0.114
151.101.129.108
151.101.194.217
18.239.64.29
18.66.147.103
18.66.147.43
184.30.211.26
185.89.210.20
2001:4860:4802:34::36
23.201.255.110
2600:1f14:5db:eb22:906b:6fe4:91b4:da90
2600:9000:2127:4e00:a:e047:753:a221
2606:4700:10::ac43:266a
2606:4700::6810:5614
2606:4700::6810:7eaf
2a00:1450:4001:803::2003
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2014
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2001
2a00:1450:400c:c0c::9b
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
3.131.165.210
3.161.119.86
3.73.235.227
34.226.132.237
35.244.193.51
46.228.174.115
52.20.62.33
52.58.51.29
54.210.78.179
54.220.142.223
65.9.90.93
65.9.95.111
65.9.95.127
65.9.95.128
65.9.95.14
65.9.95.19
65.9.95.24
65.9.95.28
65.9.95.58
65.9.95.73
65.9.95.89
65.9.95.94
69.173.144.137
69.173.144.165
88.221.169.246
0330d9c22135127d8fc132f0f12255f334e6e730350470afd3cedd695ddfb294
0362c8fa422b8fc2901b19881b4a3d999f1fc1668abd9c3c7474a9353369e23b
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
060387dcab401c642f0b22b9a753d5c8a1d2153008906665485cf2ea1d7ceb4a
06ab8f63d326c8e6eb5310568b8322fdc39b7a94b6d4d4fb0009f2f8a50309aa
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e9e2fe5d767cfe51561fc034d7dde68a65996bc98d03fe11698ba797074124
06ff970917f1175699ae221031cd71d8d9dea53ad27cbaf88a6ca57850e6b413
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b5071ac9ca7ac9f30c7fc4faeffebf0bce56b4ace34d8f4d0319de4216b6ed3
0b8f03dfdf8ff1864c6734388daf72183652cb47c691b4eaa7ce974b3beb765d
0c3642198c8670ccb73a29e67f18d687df8f02f2f5868f6105e727f718cd700a
0d23b58529327ac98d7790c3674542357a813a1f43f7ac96609cb92bfd123027
0e02d3fb839b902f5b8f396b1107a8204de28a6a3d21b269a0895ec5b8a3925f
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fc5c9d54edcdcb5c94263248a92aece199f5399636afd966022f13924640bf7
0fc90015f2f5a6aa00ca5dd4db3a99e19e2ca1edc728e35c9f9d99f704f4942f
10bb4e793744886e6c62aabdccb95d2f6d76f5ca80192a66150e90192b49f008
112de5ffe6a5e95764367baa2a41cb115030900960c72a38efcc539b5fddc2ad
1290db6a70b758d3396fa3dc2cec071fae8b5a6382477da80165352e4d499713
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
14888b24a9622de23124fa9a8396b3bbba53d1bdbd6cf72627fdfd8594d4231a
150a6b7599f0a52ee143b7d0b3fe43bdd06a1724e88eed46ac2df37861ce01cb
179eb0a36ddb30610f43e1d0d96776d0318886f78c7e926cf634ce5e6eb5cd7d
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
18f1577c50d4c84bb873d4dea1d096b08f7b4b3a5289d30dd447efcc01ec9500
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
23923901aefaf90d72d29661ee84ff6cc9a73722a4547d1d7c3541d4ae2ba535
28cc104e7f0a8cd195f9569298d92b153dcf2939f8ad25c9cb87cffd684c4fe8
2bf1591d70f40c489afc891166319190eb7646009a19b26200986bf12ddb3e6e
2d3762b368cbe760983b769be079161e63202ace4228bd57fd30ccc5de148efa
3091800a8881be38304672d913288066d281f736a47b517f4d5b32785f801f97
30adf825110c7832a9d987dcda1f1adc50f4b65123053b09c98ad964f789e631
30bd6e68171688fb2844631b49890e32a5a85e28b3260db9a8d8e7c8b40639e6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3178d47e0f5adc4eb7bb9de66ce913ca939b968b41c416579576005beb3e71db
345914333c298a6477f0ece1605f9f603f0d49a0d85719218f0ae192804fce78
34f1e1ce3e56903e53c52a1b3b88405d54fa0c6e04a2ce21461b85119c461f01
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38fee043dba7ad2970e81c27ccb3c4a58b48d7ec850023b4d43e92afa6d53f2a
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
395ac9c337837eb95a26dab5890dc099e91b88e487ab1f70e44146d43cec109d
3b6ee3485e4c80f08c29e0116de9b0b292ef5a008a632167241a92b52d9d51f1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f8b6061c2718b7cc6c8a7187a3bd2f31ded9ff00dcb8306c100756a40041836
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e9d275a7126b953155432941ff6dd6a3c67d539b69fe1f89dff78f2fe03fa7
431f34b1f85201645ea8cd11f685f60539d86cb00a1af3a4368342559d87030a
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4538c4a3f0cd3b22b6b45285abc0bdd88be05af93c2092911b03927c5e78bbb1
458636f0500f3b33524505a0e375d0b4a26e9617fa92797918a1364e92262063
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a9566d4eea97622e3f891298e606278b8cdd1cf58bf29e70e3deb5aacd64510
4c4281f520dffbf42421b7db9b24a131f1bc506c6ddf5280c397b309ccac9c12
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4f0dd7024d1d7ff977d7447e83f3e42872b1311c610d6b88be7eb7181bfdd835
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
51949b381806fa7c8cbad842cc51500680aa26ac344042f92cf19baa42ffa3d9
52cb78854103f0768757d26f8c7a23ee31f2de123b9e54b7f000cc6277c1fd6c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57e60409d5d8689f7d11df7b61a86308a607554160e276a06451b6135c26c14e
59995cfe0635bdbc4a449abbefe936c2d096988500a712e9b3a19e7450c0de72
5bbccb33a52d25db727934e2c7eabb958b221e0b9647c109dd4ae1e2b1ebb7aa
5c5fd23f6a51e328e29267ca06cd0889cbc00c929f65ca74bb50001f296fbc02
5ce015ac9c5f2ec7d5d7514c41249fdd5c4b65d695b1fe0028177c096b6bac50
5e15d287404030e661f0c34c0f109647249dd11bab5e46e5c4f406f2837fac92
5e7f787a9d10f2c5ce707600bf92534e15aac1b39f0699a585db6b5ce9c81013
610778bd0ac3c9fe388dc83ccbc8452638ded6612030da7200e05f13f2ba3280
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620725a95c381f1b48a0d84eefd3b20f29e5e47f39a7f8436f8d573664c7c5c5
62c320495650aab763cadbf3d0e5140f9c2a093b9e2ce56883e3c8aa5ff20aaf
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
65837e57220f3d5b924084acce2b9298e53fc6a0970439f705202309ee1313cc
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
6630ab404ea1a9ab7b9cc389833c3be94058c8bd34c4889ebb3dcbeb3415b87a
6652bde11b3f36a70561fb5cb70ee3247b82d14250c1bab7f85056dd78ccdcb6
66dea1846c074839aab896a13759e78e1ed06dcdfdd0bc6b61d9143d44869184
6746ced8472c2941075a829b973b1a8e7bc5deba5090130a64a4d0dc4611b300
6807836cc3ed4f4ad0024fa11a33297289b43ba1733d845824217bed7f0bb4a3
68f51e1fbda82543d971e29d3ea25f90835073e9c982067d04fac5733b288de9
69558b5383d688ef7a4a61dce8cbd7dc0ecd18244c7bd811a491219a0746eca0
6983778b3850960f5a4d46bfa9b10f18bf022c76736f66091093d6339e809bca
698a71786b612bb49294dead798ae8835d1d0ed93747bc9ebb75cfc73d101f1d
6fbbf82797ced37ef9b7c8a66404e3348a2d73117587adacd7a0c2050543abef
7019c81112576afa12ece5f1412d4833387a4e58454d0a3b4843169bc948deb0
72a9844ce2b6c73ee3c663d585cd45866ebf91ef69e0118c4a4597cf4a18fa28
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745ccd434b35778c0bad45c339e08211e0697920f33c3f059a7f89446a0a8667
74fb73013fa53b8fdfbd21b11d964b81914db5cda03ffa09497805dda729b6fd
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
7a7775f415fea31da2a36fc90e41377336c6d58d9b3e6e12654ff39637ae826e
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8132c415e7d7defb0033968d4aadcecee80ec420527fdb80f79543f44fa6e421
81bd76dc8520f4065ccf0c4a178a11c80225eb22e38c2b5ee24ea0ee07a119c6
81c210ffe5be64b42a14ce21245fec5d7649f2077b6af72d2f502cc5886fd217
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
84a0b066bf79e5dfa9bd7bc3bd2cc57f33e25ddad23eb6ab65684114da7e1af8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
8635c5e193a35779bbfeceb8d06f67647e2c57b366aaeaf797fa7158b62b7c01
88082cea4516aa0f1b2fc1b43287711fbff3c00e55a66e2c73e4d736f37810a8
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
89d0f4d0bd6822e599becc20ae2e76c0d3dee2a59f7a54e89c1b89ccea8b4412
8a7c22c671fcd4bda8231ad2001b71d07186b75f3cf9a680e867cd7e4c66b746
8d4207cda7f3c6db5a41c229da22f6534a44923ec3f0f870e1d68c52c3d5f141
8da45f1cb23b654b06fb9f1232049c2c5f015821c5b78ab3dac9df6ba14c122f
917ce91fbfc7bc941ff5dcd25639fda697c7f98a16142055f14628423ca15dab
918244f0209dd4aa291f12acb9bc60d9b4fc5b7089404e3ca3a672867cae547f
91a93f3004f76ba163b8eeb3d880b13032d791d6b48b6da0b544ea9801e690f3
927473a7ff71cc3dcd29d552374214b5c9e88e6b8452cbdef184fb6184dd3ff6
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9344b6a4db3db16dee581361244125a03a353c2ed0f5f701d83dc2be552d07c4
937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888
93a097c847106d3135fc295234406a1afa0d36b78e97bf346493d87253d3a421
94b4f4b370a2e53166e0b2bc151ace1925abab5585de6a19c2bf71263c04e0cf
94b92be55685dabbeab0642b2d4f213e49fe809398e1388205161a4c926de2f5
959b42cfe222f1230ab2b58391f66947c2283418412f1095669c4df0045a971d
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
9a4c759d59afc8f3f9349d9fbe97375e757534ef4ea12f8cf6c9e5a8380dba63
9fe9c14c8cd9627eb9c158b89d4893535b8fa1d7809a8d9dc6f12129018c0e1e
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5c1d2a4dca956c1fafbb74cad0696b3ee2f8461b484c357c3f2a458336df790
a696549740f3395651c05ff1c07490e7ef9a3aa971436980829bf8e096f1be47
a8217e4fc03707f16d5f62014eb782350d12cc6b1181a278ee4b777842bd237e
a929b73a4be9eac77bb5ce5cce4468457d7cf3a8af7dbdb65bfa47f97c6db342
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aae546d06d27ef531a363367e4d88de7f12fdc5f5bf371cc2183901f38fc2b8a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aec991cad0cbbc749c86d0fd2774a31e4328c6e608f4075bc53f7d2d2d5888ab
b2538b471ad2e89b0d33eef70a747df6949b44f6571ac0116a4402287f21bd81
b2ce58f91ca649b826b66e1912b7e5507577abb80b5c9a868bf1381790f86d5d
b3161a60ce7551e3ba96e55ab168bd3635a33cb70ab0873e36fea2e3748fe24c
b41b6dbd39ef1cde66728acba5b69149cae2e0e75e0def5dbbb9b2eec95f9298
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b58a91fc46fd14a43fb13f7abe1fd6fa83ea3dd25d0ea81bdc0b74264b83607c
b7068928063d8f4cfa8a97c4c9b6d41af4be27d0345663427785e524fa4fd700
b7c6191df61b4a735724e4f4f48e50e4fd549d348a37b188736fd38f488acc84
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc9228a962ec7af5614fb6554bc16473f9015c280aff68d0dbc92736d3ca7ffb
bed1ede62a126194c0a871d11b78c78b809ff1c06f0fd2f4593371f751416ba7
bfba78b9589131ee7fbbeec0f3ecdc784094be3584192e63a86ee563062ff699
c0418e4172989fc395fcc53061d9e09feb4d2585a0c16d9a4ed1527f82c513b5
c096a407308f10208f1283bf386d16fa88753abe15d84e7bbd4e16e8e7a4ef3e
c104018521a00bbeaab16e6affa341b386e9a4b8a88c78efe9facbbb86afc686
c2aba5b9ee6e67c0f831b68b880efbfa99ee33e25ff4a3b349b5281c5d7a88bf
c2c02b1531be94cbf6f2a077b9d2bd90bdab82ea0872b3daae8d5091e57d0e22
c36d9bb3303b7fe1db678fd6a5754ca9d1a06fff0fc95f940e03f30ed27ac8bf
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c60f6064f34789b361aa731224684d690fbd4c1463d0213a42cc056b92302264
c634571e9868f53c86052f9b18e0d488fb1498d5f116dbbc1f8292f6a25c35b8
c7809116bf0c0203b5ca2ff475d297abb10085132c663a5bd8ca16d289ae6180
cce7bf6049bfabd4d503733a54cfac0cad925427f00127cc23e633326b3b9870
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d02a929c372a307b3e02e7f37e034770f1ae4cb12a46b14ba145fec445ee213b
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d191e3e047ff720c344ee7c9938b365738316a8dc1cdfa3a526f634d7c902467
d192fde99248cbe5095985187a88c3e124ea71f1dce0fdde19b3ae2770c0ae5a
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8d1e71ee6159ec84a633aefb3788bad72f3405de514535f38cd1aa73e11c148
db00af9183a6a2439b9f611b75d14834fe3ad7bd30c068ad78ddcc6b0a3b57b2
ddc8999495e8009f80f35ab679c3a0d1b82fa755c9f5d1100bf048a80bdb4508
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44eacc86b59cd7d63de5bdc75e6723e573fb264fdbd41d309c9315537cfbabd
e55b83e55faa42ee2a4644ec2219fca03734d82db3b7e584ec34c259175bb333
e5accbe8ba188d3bcb31478307c418d33cd998d39304c6068bfd7b6aa97521c0
e677e2b3186358d0458c6c066771b61df53d5e42de43e83e31200252b31c2b52
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ea12a8d32091e1ba17dddd2f8797b609d01aabb50a0d53be17cf7bbfbabca109
eb09aab900d7fc638ce33711030f3581f948130016b6c5bfeb456b85a52b4ad5
ebb274dd74782bc6ae8b5a0596df6da6f509265937069cbf8fef4f26751fd333
ec0d9a16467ac9b08347831aabd2edde1950a3629267a8301f80b74c0e455826
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef480276a498153ff17f9bbd4e28aa88a7b632c1b88f1a18f81f62fe228235bd
efbb1c60896f497e1b5215836f4ecd3154d5b23e8d5983604840058f5daa4773
f071dc5a4510184623e36a8a8e9f06da6298e60644ff35672da2fb24afe2c197
f0b1e55ecb32616cfe9830c0d1c512822429dd7e1a775b78ebeec741316bc90d
f11bdc8856e37643990df17d9d45b1713e00b0db21542a5bacc392273cd922bc
f17fbf56d6153db3abb52dde6edc122fed8f8d995d32222f818e278687cd110d
f1991a4310e41abbebf90b4447b82194c1c10fb06056aa0ca26ecfb95c47fbb2
f2a78b2d533d823d7e534983f3667fd7e7ee113933a4366c50c5c70e1ed56b4f
f515ad567c75d7f715bfb4e0cf1555fe91cad82d403e2d89fd7b0ee3d574162a
f6b3ab87c7bc214a8841031acff347094076bcec8d1f3e53f4ba698d8948247d
f85abf3cf61029db1913484689d9b7ee06fceb2fab22f7bc94e87732ae1a6101
fbc6e914c431cd51ae4c7614d963f1056cbcd8a1101f1fb094fcb7194a3d0766
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675
ff21b1a811ffdbaf4d7f0901bec20622a43934ba210028d9c116b21f02af5364

upnorthlive.com Open in urlscan Pro 65.9.95.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

289 Requests

99 %HTTPS

38 %IPv6

38 Domains

65 Subdomains

62 IPs

6 Countries

5184 kBTransfer

13599 kBSize

25 Cookies

19 Outgoing links

Page URL History

Redirected requests

289 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

upnorthlive.com Open in urlscan Pro
65.9.95.128 Public Scan

Screenshot
Live screenshot

Full Image

289
Requests

99 %
HTTPS

38 %
IPv6

38
Domains

65
Subdomains

62
IPs

6
Countries

5184 kB
Transfer

13599 kB
Size

25
Cookies

289 HTTP transactions
13 data transactions