www.mlive.com Open in urlscan Pro
2a02:26f0:480:f::213:7edb Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://update-accountcomcast.com/
Effective URL:
https://www.mlive.com/
Submission: On February 03 via automatic, source certstream-suspicious (February 3rd 2023, 7:24:49 am UTC) — Scanned from DE

Summary HTTP 416 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 119 IPs in 12 countries across 84 domains to perform 416 HTTP transactions. The main IP is 2a02:26f0:480:f::213:7edb, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.mlive.com. The Cisco Umbrella rank of the primary domain is 42461.
TLS certificate: Issued by R3 on December 27th 2022. Valid for: 3 months.

This is the only time www.mlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	20.96.11.128 20.96.11.128	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	34.199.56.222 34.199.56.222	14618 (AMAZON-AES) (AMAZON-AES)
34	2a02:26f0:480... 2a02:26f0:480:f::213:7edb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:1901:0:3... 2600:1901:0:328a::1	15169 (GOOGLE) (GOOGLE)
1	65.9.66.61 65.9.66.61	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.90 13.32.27.90	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00:1bb::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
4	52.223.1.76 52.223.1.76	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:1b55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1b8::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
13	13.32.27.23 13.32.27.23	16509 (AMAZON-02) (AMAZON-02)
5	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6811:bab1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.27.74 13.32.27.74	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.111 143.204.215.111	16509 (AMAZON-02) (AMAZON-02)
1 3	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.166.174.230 54.166.174.230	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:214... 2600:9000:214f:c200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:a6e0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
3	13.32.28.197 13.32.28.197	16509 (AMAZON-02) (AMAZON-02)
3	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::200d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.58.150 65.9.58.150	16509 (AMAZON-02) (AMAZON-02)
1	23.35.237.64 23.35.237.64	16625 (AKAMAI-AS) (AKAMAI-AS)
2	99.86.4.32 99.86.4.32	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	13.227.222.181 13.227.222.181	16509 (AMAZON-02) (AMAZON-02)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
1	54.216.26.107 54.216.26.107	16509 (AMAZON-02) (AMAZON-02)
4	63.35.129.113 63.35.129.113	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b130:76f1:8db6:2c4f:d1ab	14618 (AMAZON-AES) (AMAZON-AES)
1	34.193.23.165 34.193.23.165	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:206... 2600:9000:206f:6000:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	65.9.61.60 65.9.61.60	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
7	34.251.191.149 34.251.191.149	16509 (AMAZON-02) (AMAZON-02)
2	34.240.232.49 34.240.232.49	16509 (AMAZON-02) (AMAZON-02)
1	95.100.74.20 95.100.74.20	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.221.54.232 3.221.54.232	() ()
3	52.5.29.188 52.5.29.188	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	99.86.3.236 99.86.3.236	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	54.155.18.159 54.155.18.159	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	63.34.113.170 63.34.113.170	16509 (AMAZON-02) (AMAZON-02)
1 5	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
2	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	2001:41d0:701... 2001:41d0:701:1000::96f	16276 (OVH) (OVH)
1	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
5	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	54.159.56.141 54.159.56.141	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:225... 2600:9000:2250:9400:a:e047:752:5701	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:400d:806::2001	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:400d:805::2001	15169 (GOOGLE) (GOOGLE)
1	104.96.150.92 104.96.150.92	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 5	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.186.255.72 35.186.255.72	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:2a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
40	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
16 35	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
9 18	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
7 10	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
52	2a00:1450:400... 2a00:1450:400d:802::2006	15169 (GOOGLE) (GOOGLE)
2 2	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 4	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	52.196.206.50 52.196.206.50	16509 (AMAZON-02) (AMAZON-02)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3	52.222.139.72 52.222.139.72	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 5	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2600:9000:211... 2600:9000:211e:7400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.215.49 124.146.215.49	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2	18.185.2.131 18.185.2.131	16509 (AMAZON-02) (AMAZON-02)
1 2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
3 3	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	143.204.215.35 143.204.215.35	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:8... 2600:1901:0:8344::	() ()
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.18.36.94 104.18.36.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	92.123.38.97 92.123.38.97	16625 (AKAMAI-AS) (AKAMAI-AS)
3 5	52.46.128.147 52.46.128.147	() ()
1 1	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	52.205.53.251 52.205.53.251	() ()
1 1	185.183.112.155 185.183.112.155	60350 (VP) (VP)
1 1	34.111.151.213 34.111.151.213	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2a05:d018:d29... 2a05:d018:d29:3605:6b2a:5cae:833b:4670	16509 (AMAZON-02) (AMAZON-02)
5 6	37.157.5.141 37.157.5.141	198622 (ADFORM) (ADFORM)
4	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	141.94.171.212 141.94.171.212	16276 (OVH) (OVH)
2 2	35.201.96.126 35.201.96.126	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.190.87 185.64.190.87	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6 8	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	67.220.224.150 67.220.224.150	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::200a	() ()
1	198.47.127.20 198.47.127.20	() ()
416	119

1 20.96.11.128 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

update-accountcomcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.56.222 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-56-222.compute-1.amazonaws.com

mlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a02:26f0:480:f::213:7edb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.mlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:328a::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

satisfycork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-61.fra56.r.cloudfront.net

cdn.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-90.fra56.r.cloudfront.net

apps.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:1bb::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd32a.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.1.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8fd921d2017b5f79.awsglobalaccelerator.com

collector2.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1b55 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1b8::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 13.32.27.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-23.fra56.r.cloudfront.net

h312.mlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-74.fra56.r.cloudfront.net

ats-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-111.fra53.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.166.174.230 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-174-230.compute-1.amazonaws.com

advancelocal.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:c200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:a6e0 (United States)

ASN13335 (CLOUDFLARENET, US)

pub.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

micro.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.28.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-150.fra56.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-64.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-32.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.222.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-222-181.ams54.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.216.26.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-26-107.eu-west-1.compute.amazonaws.com

privacy.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.35.129.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-129-113.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:76f1:8db6:2c4f:d1ab (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.23.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-23-165.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:6000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.251.191.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-191-149.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.240.232.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-232-49.eu-west-1.compute.amazonaws.com

vtrk.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.74.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-74-20.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.221.54.232 (None, )

ASN- ()

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.5.29.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-29-188.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-236.fra6.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.113.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-113-170.eu-west-1.compute.amazonaws.com

exchange.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.154.237 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:701:1000::96f (France)

ASN16276 (OVH, FR)

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.159.56.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-56-141.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:9400:a:e047:752:5701 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:400d:805::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.150.92 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-150-92.deploy.static.akamaitechnologies.com

ead.mlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.255.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.255.186.35.bc.googleusercontent.com

app.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 142.250.186.162 (United States) 16 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.80.39.216 (Canada) 9 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.89.210.122 (Frankfurt am Main, Germany) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2a00:1450:400d:802::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.241 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:18ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.196.206.50 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-206-50.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.139.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-72.ams50.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.115 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:7400:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.18 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.49 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.2.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-2-131.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.184 (Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-35.fra53.r.cloudfront.net

check.analytics.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8344:: (None, )

ASN- ()

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.38.97 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-38-97.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.128.147 (None, ) 3 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.84 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.53.251 (None, ) 1 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.155 (Meaux, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.151.213 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:6b2a:5cae:833b:4670 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.5.141 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.171.212 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.165 (Frankfurt am Main, Germany) 6 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.224.150 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	googlesyndication.com 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	387 KB
56	doubleclick.net 16 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 325	296 KB
52	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 283	642 KB
49	mlive.com 1 redirects mlive.com — Cisco Umbrella Rank: 38846 www.mlive.com — Cisco Umbrella Rank: 42461 h312.mlive.com — Cisco Umbrella Rank: 84638 ead.mlive.com — Cisco Umbrella Rank: 98064	1 MB
23	casalemedia.com 10 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 472 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 416 dsum.casalemedia.com — Cisco Umbrella Rank: 1385	17 KB
18	pubmatic.com 4 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 450 image6.pubmatic.com — Cisco Umbrella Rank: 733 ads.pubmatic.com — Cisco Umbrella Rank: 463 simage2.pubmatic.com — Cisco Umbrella Rank: 665 image2.pubmatic.com — Cisco Umbrella Rank: 872 aud.pubmatic.com — Cisco Umbrella Rank: 4113 simage4.pubmatic.com	29 KB
15	rubiconproject.com 6 redirects micro.rubiconproject.com — Cisco Umbrella Rank: 2637 ads.rubiconproject.com — Cisco Umbrella Rank: 2532 fastlane.rubiconproject.com — Cisco Umbrella Rank: 454 prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2706 eus.rubiconproject.com — Cisco Umbrella Rank: 537 pixel.rubiconproject.com — Cisco Umbrella Rank: 308 token.rubiconproject.com — Cisco Umbrella Rank: 548	141 KB
12	amazon-adsystem.com 5 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 291 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 488 s.amazon-adsystem.com aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 902	58 KB
11	adnxs.com 8 redirects ib.adnxs.com — Cisco Umbrella Rank: 203 secure.adnxs.com — Cisco Umbrella Rank: 409	12 KB
11	google.com 1 redirects accounts.google.com — Cisco Umbrella Rank: 75 ampcid.google.com — Cisco Umbrella Rank: 2213 adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	79 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 385	238 KB
8	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 986 exchange.postrelease.com — Cisco Umbrella Rank: 5971	5 KB
8	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1156 privacy.crwdcntrl.net — Cisco Umbrella Rank: 25748 bcp.crwdcntrl.net — Cisco Umbrella Rank: 885 id.crwdcntrl.net — Cisco Umbrella Rank: 1439	38 KB
7	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 948 id5-sync.com — Cisco Umbrella Rank: 389	37 KB
7	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1411 match.adsrvr.org — Cisco Umbrella Rank: 304 insight.adsrvr.org — Cisco Umbrella Rank: 595	4 KB
6	adform.net 5 redirects c1.adform.net — Cisco Umbrella Rank: 568	3 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	363 B
6	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 9754 www.i.matheranalytics.com — Cisco Umbrella Rank: 9565 app.matheranalytics.com — Cisco Umbrella Rank: 14555	43 KB
6	sophi.io cdn.sophi.io — Cisco Umbrella Rank: 18188 apps.sophi.io — Cisco Umbrella Rank: 28453 collector2.sophi.io — Cisco Umbrella Rank: 23488	44 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 358	109 KB
5	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 353 www.linkedin.com — Cisco Umbrella Rank: 575 px4.ads.linkedin.com — Cisco Umbrella Rank: 6074	3 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21 region1.google-analytics.com — Cisco Umbrella Rank: 2456	20 KB
5	moatads.com z.moatads.com — Cisco Umbrella Rank: 428 px.moatads.com — Cisco Umbrella Rank: 520	86 KB
4	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 274 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414	2 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 726 s.tribalfusion.com — Cisco Umbrella Rank: 1733	2 KB
4	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 388 mug.criteo.com — Cisco Umbrella Rank: 2753 dis.criteo.com — Cisco Umbrella Rank: 696	8 KB
4	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2481 google-bidout-d.openx.net — Cisco Umbrella Rank: 2431 rtb.openx.net — Cisco Umbrella Rank: 1634	1 KB
4	doubleverify.com pub.doubleverify.com — Cisco Umbrella Rank: 5154 vtrk.doubleverify.com — Cisco Umbrella Rank: 1542	18 KB
4	teads.tv 1 redirects a.teads.tv — Cisco Umbrella Rank: 1384 at.teads.tv — Cisco Umbrella Rank: 4547 sync.teads.tv — Cisco Umbrella Rank: 1232	4 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 4143	867 B
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 329	1 KB
3	truste.com choices.truste.com — Cisco Umbrella Rank: 796	82 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	145 KB
3	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1097 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1314	1 KB
3	google.de ampcid.google.de — Cisco Umbrella Rank: 62340 adservice.google.de — Cisco Umbrella Rank: 8741	1 KB
3	liadm.com 1 redirects rp.liadm.com — Cisco Umbrella Rank: 1488 rp4.liadm.com — Cisco Umbrella Rank: 6738 idx.liadm.com — Cisco Umbrella Rank: 2065	1 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	244 KB
3	satisfycork.com satisfycork.com — Cisco Umbrella Rank: 25630	21 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com — Cisco Umbrella Rank: 3641	1 KB
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2833	919 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 577 cdn.indexww.com — Cisco Umbrella Rank: 1508	2 KB
2	rlcdn.com check.analytics.rlcdn.com — Cisco Umbrella Rank: 3935 api.rlcdn.com — Cisco Umbrella Rank: 763	636 B
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 725	487 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 507	2 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 632	952 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 453	1 KB
2	media.net prebid.media.net — Cisco Umbrella Rank: 1116 contextual.media.net — Cisco Umbrella Rank: 563	8 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2620 p1.parsely.com — Cisco Umbrella Rank: 1995	21 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 148	2 KB
2	blueconic.net advancelocal.blueconic.net — Cisco Umbrella Rank: 24532	2 KB
2	privacymanager.io ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 3789 geo.privacymanager.io — Cisco Umbrella Rank: 1665	30 KB
2	tinypass.com experience.tinypass.com — Cisco Umbrella Rank: 7386 cdn.tinypass.com — Cisco Umbrella Rank: 5466	99 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 630	548 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	197 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1221 c.go-mpulse.net — Cisco Umbrella Rank: 604	50 KB
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 767	612 B
1	brand-display.com 1 redirects dmp.brand-display.com — Cisco Umbrella Rank: 1502	349 B
1	adotmob.com 1 redirects sync.adotmob.com — Cisco Umbrella Rank: 1452	281 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	590 B
1	33across.com lexicon.33across.com	249 B
1	akstat.io 684dd32a.akstat.io — Cisco Umbrella Rank: 63939	201 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	574 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 964	1020 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 685	437 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1836	173 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 1123	711 B
1	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 5463	44 B
1	piano.io c2.piano.io — Cisco Umbrella Rank: 3555	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 359	901 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2726	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2391	2 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 647	13 KB
1	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Failed
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1177	17 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 623	727 B
1	t.co t.co — Cisco Umbrella Rank: 531	376 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 814	375 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 625	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 707	5 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3107	155 KB
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	1 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 616	465 B
1	update-accountcomcast.com 1 redirects update-accountcomcast.com	462 B
416	84

	Domain	Requested by
52	s0.2mdn.net	www.mlive.com s0.2mdn.net
40	pagead2.googlesyndication.com	1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
35	cm.g.doubleclick.net	16 redirects googleads.g.doubleclick.net 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
34	www.mlive.com	www.mlive.com
18	dsum-sec.casalemedia.com	9 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
18	tpc.googlesyndication.com	www.mlive.com 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
13	h312.mlive.com	www.mlive.com h312.mlive.com
10	ib.adnxs.com	7 redirects googleads.g.doubleclick.net
10	cdn.cookielaw.org	www.mlive.com cdn.cookielaw.org
7	googleads.g.doubleclick.net	www.mlive.com 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com pagead2.googlesyndication.com
7	jadserve.postrelease.com	s.ntv.io www.mlive.com
7	securepubads.g.doubleclick.net	www.mlive.com securepubads.g.doubleclick.net
6	c1.adform.net	5 redirects ads.pubmatic.com
6	googleads4.g.doubleclick.net	www.mlive.com
6	www.facebook.com	www.mlive.com
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
5	image6.pubmatic.com	4 redirects ads.pubmatic.com
5	match.adsrvr.org	1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com ssum-sec.casalemedia.com
5	www.google.com	1 redirects 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com tpc.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	id5-sync.com	cdn.id5-sync.com 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com micro.rubiconproject.com
4	token.rubiconproject.com	4 redirects
4	pixel.rubiconproject.com	2 redirects
4	image2.pubmatic.com	ads.pubmatic.com
4	simage2.pubmatic.com	ads.pubmatic.com
4	1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	collector2.sophi.io	cdn.sophi.io
3	fonts.googleapis.com	s0.2mdn.net
3	aax-eu.amazon-adsystem.com	2 redirects
3	px.moatads.com	www.mlive.com
3	d5p.de17a.com	3 redirects
3	eb2.3lift.com	3 redirects
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	choices.truste.com	1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com www.mlive.com
3	www.googletagservices.com	1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
3	www.i.matheranalytics.com	www.mlive.com
3	px.ads.linkedin.com	2 redirects
3	bcp.crwdcntrl.net	tags.crwdcntrl.net
3	connect.facebook.net	www.mlive.com connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.mlive.com
3	accounts.google.com	www.mlive.com accounts.google.com
3	tags.crwdcntrl.net	www.mlive.com securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	www.mlive.com c.amazon-adsystem.com
3	satisfycork.com	www.mlive.com satisfycork.com
2	visitor.fiftyt.com	2 redirects
2	pixel.onaudience.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
2	ads.pubmatic.com	micro.rubiconproject.com
2	eus.rubiconproject.com	micro.rubiconproject.com eus.rubiconproject.com
2	onetag-sys.com	1 redirects 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
2	ups.analytics.yahoo.com	2 redirects
2	sync.1rx.io	2 redirects
2	cms.quantserve.com	1 redirects 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
2	prebid-a.rubiconproject.com	micro.rubiconproject.com
2	sync.teads.tv	1 redirects 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
2	s.tribalfusion.com	1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
2	a.tribalfusion.com	2 redirects
2	sync.mathtag.com	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects www.mlive.com
2	lb.eu-1-id5-sync.com	cdn.id5-sync.com micro.rubiconproject.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	cdn.id5-sync.com	www.mlive.com securepubads.g.doubleclick.net
2	vtrk.doubleverify.com	pub.doubleverify.com
2	region1.google-analytics.com	www.googletagmanager.com
2	js.matheranalytics.com	1 redirects www.mlive.com
2	sb.scorecardresearch.com	www.mlive.com
2	pub.doubleverify.com	www.mlive.com pub.doubleverify.com
2	advancelocal.blueconic.net	h312.mlive.com
2	z.moatads.com	www.mlive.com z.moatads.com
2	geolocation.onetrust.com	cdn.cookielaw.org
2	www.googletagmanager.com	www.mlive.com www.googletagmanager.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi
1	aud.pubmatic.com
1	dis.criteo.com	1 redirects
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	dmp.brand-display.com	1 redirects
1	sync.adotmob.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	secure.adnxs.com	1 redirects
1	contextual.media.net	micro.rubiconproject.com
1	js-sec.indexww.com	micro.rubiconproject.com
1	api.rlcdn.com	micro.rubiconproject.com
1	id.crwdcntrl.net	micro.rubiconproject.com
1	lexicon.33across.com	micro.rubiconproject.com
1	check.analytics.rlcdn.com	micro.rubiconproject.com
1	684dd32a.akstat.io	s.go-mpulse.net
1	insight.adsrvr.org	js.adsrvr.org
1	sync.targeting.unrulymedia.com	1 redirects
1	tg.socdm.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	tr.blismedia.com	1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
1	sync.inmobi.com	1 redirects
1	cc.adingo.jp	1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
1	rtb.openx.net	1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
1	mug.criteo.com	www.mlive.com
1	c2.piano.io	cdn.tinypass.com
1	app.matheranalytics.com	js.matheranalytics.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	ead.mlive.com	www.mlive.com
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	idx.liadm.com	micro.rubiconproject.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
1	fastlane.rubiconproject.com	micro.rubiconproject.com
1	htlb.casalemedia.com	micro.rubiconproject.com
1	exchange.postrelease.com	micro.rubiconproject.com
1	prebid.media.net	micro.rubiconproject.com
1	hbopenbid.pubmatic.com	micro.rubiconproject.com
1	p1.parsely.com	www.mlive.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	ampcid.google.de	www.google-analytics.com
1	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
1	secure.cdn.fastclick.net	www.mlive.com
1	analytics.twitter.com	www.mlive.com
1	t.co	www.mlive.com
1	ampcid.google.com	www.google-analytics.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	px4.ads.linkedin.com	www.mlive.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	rp4.liadm.com	www.mlive.com
1	rp.liadm.com	1 redirects
1	ads.rubiconproject.com	micro.rubiconproject.com
1	privacy.crwdcntrl.net	tags.crwdcntrl.net
1	js.adsrvr.org	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	s.ntv.io	www.mlive.com
1	d1z2jf7jlzjs58.cloudfront.net	www.mlive.com
1	micro.rubiconproject.com	www.mlive.com
1	static.adsafeprotected.com	satisfycork.com
1	at.teads.tv	a.teads.tv
1	cdn.tinypass.com	experience.tinypass.com
1	geo.privacymanager.io	ats-wrapper.privacymanager.io
1	ats-wrapper.privacymanager.io	www.mlive.com
1	experience.tinypass.com	www.mlive.com
1	a.teads.tv	www.googletagmanager.com
1	c.go-mpulse.net	s.go-mpulse.net
1	s.go-mpulse.net	www.mlive.com
1	apps.sophi.io	www.mlive.com
1	cdn.sophi.io	www.mlive.com
1	mlive.com	1 redirects
1	update-accountcomcast.com	1 redirects
416	150

This site contains links to these domains. Also see Links.

Domain
ezads.mlive.com
autos.mlive.com
classifieds.mlive.com
foreclosures.mlive.com
link.mlive.com
podcasts.apple.com
www.facebook.com
twitter.com
www.youtube.com
subscription.mlive.com
mlivemediagroup.com
www.mlivemediagroup.com
subscribe.mlive.com
myaccount.mlive.com
hiring.mlive.com
www.advancelocal.com
www.onetrust.com

Subject Issuer	Validity	Valid
advancelocal.web.arc-cdn.net R3	`2022-12-27` - `2023-03-27`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
satisfycork.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
cdn.sophi.io Amazon	`2022-10-18` - `2023-11-15`	a year	crt.sh
apps.sophi.io Amazon	`2022-04-17` - `2023-05-16`	a year	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.sophi.io Amazon	`2022-05-11` - `2023-06-09`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
teads.tv R3	`2023-01-20` - `2023-04-20`	3 months	crt.sh
h299.reckon.news Amazon	`2022-07-01` - `2023-07-30`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-12` - `2023-09-12`	a year	crt.sh
*.privacymanager.io Amazon	`2022-08-26` - `2023-09-24`	a year	crt.sh
*.blueconic.net Amazon	`2022-07-08` - `2023-08-06`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2022-10-24` - `2023-10-26`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-12` - `2023-02-10`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.postrelease.com Amazon	`2023-01-18` - `2024-02-16`	a year	crt.sh
vtrk.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-12-05` - `2024-01-06`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
www.i.matheranalytics.com Amazon	`2022-12-14` - `2024-01-13`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.liadm.com Amazon	`2022-09-30` - `2023-10-29`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-01-29` - `2023-04-29`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
li.lisecurelink.com R3	`2023-01-06` - `2023-04-06`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
app.matheranalytics.com GTS CA 1D4	`2022-12-16` - `2023-03-16`	3 months	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2022-04-27` - `2023-04-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-14`	a year	crt.sh
*.truste.com Amazon	`2022-12-18` - `2024-01-16`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
analytics.rlcdn.com Amazon	`2022-07-27` - `2023-08-25`	a year	crt.sh
lexicon.33across.com GTS CA 1D4	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 35 frames:

Primary Page: https://www.mlive.com/
Frame ID: 594AB7ADD5705882049182C527A93AC4
Requests: 189 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: E33DAA981064E0423E3EE6FD16577C02
Requests: 1 HTTP requests in this frame

Frame: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4174F3D780AE4E7DCA93000B73AD0AE3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs
Frame ID: 4EB1531BCDA72CDB37FB18100C8DEF76
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mlive.com
Frame ID: 306B6147C582375DCF844510614C3848
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: E5C78208793F1D054C2214468433626B
Requests: 1 HTTP requests in this frame

Frame: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 14391B7EC00BC3910F6B2F65E6A0A60A
Requests: 21 HTTP requests in this frame

Frame: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C6A439825E886B7847C7224D72A794D4
Requests: 21 HTTP requests in this frame

Frame: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7B3A475C159AE1E02C6DD14B197458D8
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjIuMLbATAB&v=APEucNXJtFRF0KnBJ1K39m_gZJ2zLsgmodUVv3dkgK8grVkUStHETej5msQWbR-ctbM_xq5mQdzHNgKk67BRl6LWaB-_8NVnW4HXvvZHDKGhEBqhjfjcMbunf7rkDnVaWMPmmK_cm4uX3_TO3yNmxPcBCH3o8pPNHr5rT5U4y28dePZWfTH2YDkXgBrZxTyvVzhgD8i1GIKS
Frame ID: 75095E941043073C706504A7010B6E91
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjIuMLbATAB&v=APEucNWVB-aTuGbq4QyQk_9ZX6sKv3tpN1x0_5KfR-yil-FFAQxXSQl5g63s83qw17KCbsCWRcjL9bfkZ6xuiwkv2kFu4MrWmCVVP9lgCMGUJvQHMUxVU3HZqOxieBRLlxq15KLfwNt8_NGI3qIqeZzCInOvGH7mJpo4I22a3wFOYpL8151Z5B-Ad0z0c2AX8Qe2cGVy9568
Frame ID: 649B9619D75753D722EDCBD4022DD5D4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjIuMLbATAB&v=APEucNUikv9smH1PIa9x15T-aU4ObGiwFlRtkm3cpj36jIw5HGTWQUMVr3Y8VorWqQrZZgVpXkgXTjAcX0d-KS1hjPXd9S6saKw9XA5PWwFBPGsJpvv0vJndC_j1m4G3F9rfZSBAaMT9Gh93x6ltPYmxFQO_S-cJXJF_joDadpfEB5HjMx2cz0jJAMikG13Hqu_vk-YvCa6s
Frame ID: 71DA650E2F3510D3942E8E469F8DC2BC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 80BE8504D1D7E3A50B1198EF36712C98
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 85EEE7D43A31BAC1AAD51022BA3821D8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5721BF1D689C52AA3B1678A6DF6C0B45
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A99C52F4DC8EF5EE52757385528004EB
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html
Frame ID: C13593207E459292F64FBED8F1ED6724
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AFE650A1ACC5CBA7A6FFCD8EF7694B69
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html
Frame ID: 05877A1C500064607C4204539F0F9ED1
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D13631D55F57B62E07FE3E3122D8AF3F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html
Frame ID: C677AEFA22A2B9BE2DF9778F4BB5D0A7
Requests: 18 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=4pdxx2d&ref=https%3A%2F%2Fwww.mlive.com%2F&upid=p5qqvcp&upv=1.1.0
Frame ID: FF0F9CD614A81A5415F98B02B0D381B1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 59AAD8FE048D06EF098BA9DF5265CF87
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A3B5413E118490A1CBA617B7413C20B3
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 63B1101F44E752C09A0D60F252E5DCC5
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Frame ID: A9EB6C8366F314EC08CE595DF52D8794
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9CA229F37BD431711CB59F9BE130F29D
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 434441DC10DA5904F74C848AD0F62AEC
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A0392455999EDF2B3CD2D1151BBBD2B5
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FEF29A6B-FA8C-4349-8382-5AF0F25F61C2&gdpr=0&gdpr_consent=
Frame ID: 9952F781F74D24163667A7424679D96A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee0763dc-b6b9-4e00-8f5a-1d2572650c6a&gdpr=0&gdpr_consent=
Frame ID: 52870DB44AB04385DA18634B87FB4559
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 17B02A8E228F0C82E7C782D3452BC853
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1209811998937673864
Frame ID: AA66B8ABD755113EC386512C5B01711E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=yO6MkpzrisnTvI7Iz-3Fycvo3ZDT7Y7GzrhZoOWC
Frame ID: 3ABF629E58E67E01210008040150E6BC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6549275271843202221&gdpr=0&gdpr_consent=
Frame ID: D2AAD68EA57F76E61FD0F67AE32D85CF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Michigan Local News, Breaking News, Sports & WeatherLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://update-accountcomcast.com/ HTTP 307
https://mlive.com/ HTTP 301
https://www.mlive.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

416
Requests

87 %
HTTPS

35 %
IPv6

84
Domains

150
Subdomains

119
IPs

12
Countries

4887 kB
Transfer

13939 kB
Size

128
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://ezads.mlive.com/michigan-adportal/obits/index.html
Title: Place obituary

Search URL Search Domain Scan URL

URL: https://autos.mlive.com/
Title: Autos

Search URL Search Domain Scan URL

URL: https://classifieds.mlive.com/mlive/category/real-estate
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://classifieds.mlive.com/mlive/category/rentals
Title: For Rent

Search URL Search Domain Scan URL

URL: https://foreclosures.mlive.com/
Title: Foreclosures

Search URL Search Domain Scan URL

URL: https://classifieds.mlive.com/mlive
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://classifieds.mlive.com/mlive/category/legals/legal-notice
Title: Public Notices

Search URL Search Domain Scan URL

URL: https://link.mlive.com/join/6fh/signup
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://podcasts.apple.com/us/podcast/michigan-news-from-mlive/id1436032120
Title: Daily Audio Briefing

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mlive/
Title: Visit our Facebook Page

Search URL Search Domain Scan URL

URL: https://twitter.com/mlive/
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/MLiveVideo
Title: Visit us on YouTube

Search URL Search Domain Scan URL

URL: http://subscription.mlive.com/newsletters/
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.youtube.com/shorts/xn7Uv0brfNk
Title: Crystal clear Superior iceTake a virtual walk on the clear ice of Munising Bay. See 30 feet under Lake Superior.Walk the ice

Search URL Search Domain Scan URL

URL: https://mlivemediagroup.com/careers?utm_source=mlive.com&utm_medium=footer&utm_campaign=careers
Title: Jobs at MLive

Search URL Search Domain Scan URL

URL: https://www.mlivemediagroup.com/?utm_source=mlive.com&utm_medium=footer
Title: MLive Media Group

Search URL Search Domain Scan URL

URL: https://www.mlivemediagroup.com/our-team/?utm_source=mlive.com&utm_medium=footer
Title: Our Team

Search URL Search Domain Scan URL

URL: https://www.mlivemediagroup.com/contact/?utm_source=mlive.com&utm_medium=footer&utm_campaign=advertise
Title: Advertise

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=aa
Title: The Ann Arbor News

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=bc
Title: The Bay City Times

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=fj
Title: The Flint Journal

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=gr
Title: The Grand Rapids Press

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=jp
Title: Jackson Citizen Patriot

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=kg
Title: Kalamazoo Gazette

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=mc
Title: Muskegon Chronicle

Search URL Search Domain Scan URL

URL: https://subscribe.mlive.com/?sitecode=sn
Title: The Saginaw News

Search URL Search Domain Scan URL

URL: https://myaccount.mlive.com/
Title: Manage your Subscription

Search URL Search Domain Scan URL

URL: https://hiring.mlive.com/purchase/post-now/
Title: Post a job

Search URL Search Domain Scan URL

URL: https://www.advancelocal.com/

Search URL Search Domain Scan URL

URL: https://www.mlivemediagroup.com/about/?utm_source=mlive.com&utm_medium=footer-article
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.youtube.com/intl/en-US/about/policies/
Title: here

Search URL Search Domain Scan URL

URL: https://www.youtube.com/t/terms
Title: here

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://update-accountcomcast.com/ HTTP 307
https://mlive.com/ HTTP 301
https://www.mlive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1616 HTTP 301
https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js

Request Chain 91

https://rp.liadm.com/j?dtstmp=1675409078364&se=e30&duid=94c49eadf2ac--01grb2ke2tbkj8mtkkys5e6np7&pu=https%3A%2F%2Fwww.mlive.com%2F&us_privacy=1---&wpn=prebid HTTP 302
https://rp4.liadm.com/j?dtstmp=1675409078364&se=e30&duid=94c49eadf2ac--01grb2ke2tbkj8mtkkys5e6np7&pu=https%3A%2F%2Fwww.mlive.com%2F&us_privacy=1---&wpn=prebid&i6=MmEwMDpjOTg6MjAzMDphMDA0OjE6OjEy&n3pc=true

Request Chain 93

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1675409078383&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1675409078383%26url%3Dhttps%253A%252F%252Fwww.mlive.com%252F%26tm%3Dgtmv2%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1675409078383&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1675409078383&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQKJaT3LB_8QDAAAAYYWKbnMs79xBkVOR-6cVL3C_csKDJWA9vdtA0mkDtqdV74AYjhRsHfNnInadA

Request Chain 172

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1

Request Chain 181

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 191

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mlive.com&sn=ChromeSyncframe&so=0&topUrl=www.mlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=GyUaX3x4VHBqSXJXcjZXVEFTWXBHTFJyOWthYzM2NklWTW9hdVJOM054bWovN01KMGJXQWFNK08rYi8vR1IxVWZtb1VDdDluV2VEVjYvM0c1RzdraGN3a3hSYXVud1F1NXUvYWwzT21GSGV4SHB1SlIvaVBHalZQSDdITE1qY24yM2FzM1JxRUxqUXB1RzRINDBxMkRLT2xwSE9FYkx6UEhiRHRwNTNHemt1UFZrNXVPSmhHTEVCTU5QdmZpdTdHc29jdGNURVRoUURvblRLbC94NnlBRXF2bml1VHBZcGl3R2pRRGxtaGJXUVZkU21PYlp3MDRVTWY3TVEzUkg4dmViWTN6ZmRqU29PNWpEeEh6cktIUkZZQ3ZCdz09fA&cppv=2

Request Chain 217

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&C=1

Request Chain 218

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9y2uJ3LbNtCTwJg3Go.swAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&google_hm=2

Request Chain 219

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECLj6eGGYTaBke5uSgLm_WA&google_cver=1

Request Chain 220

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIwMjg5MTcyNDY5NzE3NjY1NA%3D%3D

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&C=1

Request Chain 222

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9y2uJ3LbNtCTwJg3Go.swAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&google_hm=2

Request Chain 223

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECLj6eGGYTaBke5uSgLm_WA&google_cver=1

Request Chain 224

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0OTI3NTI3MTg0MzIwMjIyMQ%3D%3D

Request Chain 225

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&C=1

Request Chain 226

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9y2uJ3LbNtCTwJg3Go.swAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&google_hm=2

Request Chain 227

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECLj6eGGYTaBke5uSgLm_WA&google_cver=1

Request Chain 228

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0OTI3NTI3MTg0MzIwMjIyMQ%3D%3D

Request Chain 245

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHW4MsIk1BXID7qyA8InhV4&google_cver=1&google_push=Aa02lx-BQyTgRUhoPw9zwbZNplpEr1f83wEHdcwGGDElVVG1HbKxgxyQcNkbUj9R0f_mYXs15Zouqj_YLKwTEWhtJMJ24_HRmA4YcQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-BQyTgRUhoPw9zwbZNplpEr1f83wEHdcwGGDElVVG1HbKxgxyQcNkbUj9R0f_mYXs15Zouqj_YLKwTEWhtJMJ24_HRmA4YcQ

Request Chain 246

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEDTxyqTSUxDi8QPuXycdxs&google_cver=1&google_push=Aa02lx-HVpSy_FRphHhP1_oF3OkYhranpmwKnZqg2NnB9xPh5urPxy8PeOmN6LjuWErCLqXiqbVE5yGv-zoLOIw2fbCFzKFHy9gBOw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-HVpSy_FRphHhP1_oF3OkYhranpmwKnZqg2NnB9xPh5urPxy8PeOmN6LjuWErCLqXiqbVE5yGv-zoLOIw2fbCFzKFHy9gBOw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEDTxyqTSUxDi8QPuXycdxs&google_cver=1&google_push=Aa02lx-HVpSy_FRphHhP1_oF3OkYhranpmwKnZqg2NnB9xPh5urPxy8PeOmN6LjuWErCLqXiqbVE5yGv-zoLOIw2fbCFzKFHy9gBOw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-HVpSy_FRphHhP1_oF3OkYhranpmwKnZqg2NnB9xPh5urPxy8PeOmN6LjuWErCLqXiqbVE5yGv-zoLOIw2fbCFzKFHy9gBOw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 250

https://sync.inmobi.com/gob?google_gid=CAESEId3TArHulfgp1RUElwQs-U&google_cver=1&google_push=Aa02lx9CuQ-jGaKyyhRiwhHkSqSVUvo2hWFDyeDvESo2RLNnR1NbaOVofl_qeqMj5IVbW_-1geDVqbgts5PhvGzd-k1ezv6Na3HkQQk HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx9CuQ-jGaKyyhRiwhHkSqSVUvo2hWFDyeDvESo2RLNnR1NbaOVofl_qeqMj5IVbW_-1geDVqbgts5PhvGzd-k1ezv6Na3HkQQk

Request Chain 251

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENcygRZ0e7mFHX2kZnQ1IR4&google_cver=1&google_push=Aa02lx_ut-oe7EPHJlbACzzOZmf0V2t9tjGBn6vHSsSURE20UlEj_1I0O1VEjRPBtf8z3rpagiIhr69XHpYzTJg2vbDzaeEejNWj3Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx_ut-oe7EPHJlbACzzOZmf0V2t9tjGBn6vHSsSURE20UlEj_1I0O1VEjRPBtf8z3rpagiIhr69XHpYzTJg2vbDzaeEejNWj3Nw HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 269

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEDTxyqTSUxDi8QPuXycdxs&google_cver=1&google_push=Aa02lx-2Gy0ARiAt2mSruz_fQnSiPVmENP-nK7rSjC-uVlQuZiIJNUBFG7SHX5xEWWeMnCtlb4YmPNMqi4KL5azw3iv6Ws5YU8g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-2Gy0ARiAt2mSruz_fQnSiPVmENP-nK7rSjC-uVlQuZiIJNUBFG7SHX5xEWWeMnCtlb4YmPNMqi4KL5azw3iv6Ws5YU8g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEDTxyqTSUxDi8QPuXycdxs&google_cver=1&google_push=Aa02lx-2Gy0ARiAt2mSruz_fQnSiPVmENP-nK7rSjC-uVlQuZiIJNUBFG7SHX5xEWWeMnCtlb4YmPNMqi4KL5azw3iv6Ws5YU8g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-2Gy0ARiAt2mSruz_fQnSiPVmENP-nK7rSjC-uVlQuZiIJNUBFG7SHX5xEWWeMnCtlb4YmPNMqi4KL5azw3iv6Ws5YU8g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 271

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEhKUKEc9bfVYs_ohydiLpI&google_cver=1&google_push=Aa02lx8NbRuYhjWFK0l0uXnKyY84MjwBYuIww4kXJZHj5TxvXUggkFUgY1dLBvQrSfdslz4m8CH0Kbd2uam6oTjs7vDIGwPNuQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEhKUKEc9bfVYs_ohydiLpI&google_cver=1&google_push=Aa02lx8NbRuYhjWFK0l0uXnKyY84MjwBYuIww4kXJZHj5TxvXUggkFUgY1dLBvQrSfdslz4m8CH0Kbd2uam6oTjs7vDIGwPNuQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UrDrHQ73RjetujXNObRtnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8NbRuYhjWFK0l0uXnKyY84MjwBYuIww4kXJZHj5TxvXUggkFUgY1dLBvQrSfdslz4m8CH0Kbd2uam6oTjs7vDIGwPNuQ

Request Chain 272

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFjAZi35LHWS-KB8YLfL2OI&google_cver=1&google_push=Aa02lx-ohAIIg5fuMZ4TUjWaomm7QUyHABQNZ3mRKu0Qts7X1R1pOixhbWlghnS8K617ywwh-iZanneecyPJo9qlM2A7dVeOCGw HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFjAZi35LHWS-KB8YLfL2OI&google_hm=Y9y2uK31wN_kLTK5uIWuywAABGwAAAIB&google_nid=index&google_push=Aa02lx-ohAIIg5fuMZ4TUjWaomm7QUyHABQNZ3mRKu0Qts7X1R1pOixhbWlghnS8K617ywwh-iZanneecyPJo9qlM2A7dVeOCGw

Request Chain 273

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOPeiVzMN2P-Okaeihm3EX4&google_cver=1&google_push=Aa02lx8hwmCliz0kKp8pH98dsvfyeO0bwXl-se0KLIWhyBieEUCmixkeZ41A9-aCeJcMsFaP8Au_YayckNvq0UatqWqrKLyENmw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8hwmCliz0kKp8pH98dsvfyeO0bwXl-se0KLIWhyBieEUCmixkeZ41A9-aCeJcMsFaP8Au_YayckNvq0UatqWqrKLyENmw

Request Chain 274

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDSA4b_jZAMaq3aEqSH5O7I&google_cver=1&google_push=Aa02lx_0IsdHT32w20s4C6OtNiSuo08NJbpUMk9s1Ftc_n29IlaLp1Q_6Suh0bGXNoJ777t8bcibZLdp_eRmo-0KrwWvtPc1AUw HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_0IsdHT32w20s4C6OtNiSuo08NJbpUMk9s1Ftc_n29IlaLp1Q_6Suh0bGXNoJ777t8bcibZLdp_eRmo-0KrwWvtPc1AUw&google_gid=CAESEDSA4b_jZAMaq3aEqSH5O7I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjA3ODM0MTcxMzIxNzE5ODI4MTc1OA%3D%3D&google_push=Aa02lx_0IsdHT32w20s4C6OtNiSuo08NJbpUMk9s1Ftc_n29IlaLp1Q_6Suh0bGXNoJ777t8bcibZLdp_eRmo-0KrwWvtPc1AUw

Request Chain 275

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEN3C9XAoD8P8VW-op2sCHE0&google_cver=1&google_push=Aa02lx9SUFnD-Zvx4cRMNzDIMFd_Py3aZu_9CPlTzhhJRQbH5OnXkc8Va4xISRQfpDTpdFXbt_3XR83POWBg46b8u-euEPVcj8c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx9SUFnD-Zvx4cRMNzDIMFd_Py3aZu_9CPlTzhhJRQbH5OnXkc8Va4xISRQfpDTpdFXbt_3XR83POWBg46b8u-euEPVcj8c&google_hm=WTl5MnVjQ284WDhBQUM4VkFmWUFBQUFB

Request Chain 288

https://d5p.de17a.com/cookies/google?google_gid=CAESEE_MM-uoQrVBcqlt2i4JQOM&google_cver=1&google_push=Aa02lx8wAEgBl3K2QYE1d1h4gppJPoqeH1LgNbJbbu3OmwcKfcrM-gLhaRW97eowQq1zyfmBbuC-U7K-6XAgRqlXrL-CCSOgun9D HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEE_MM-uoQrVBcqlt2i4JQOM&google_cver=1&google_push=Aa02lx8wAEgBl3K2QYE1d1h4gppJPoqeH1LgNbJbbu3OmwcKfcrM-gLhaRW97eowQq1zyfmBbuC-U7K-6XAgRqlXrL-CCSOgun9D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8wAEgBl3K2QYE1d1h4gppJPoqeH1LgNbJbbu3OmwcKfcrM-gLhaRW97eowQq1zyfmBbuC-U7K-6XAgRqlXrL-CCSOgun9D

Request Chain 289

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEhKUKEc9bfVYs_ohydiLpI&google_cver=1&google_push=Aa02lx_f8pZctU8rsJjMlEq6XiBYW1beQosKz8CyPlGiHiD7AKfNhIjSYzxpmQthlOtxS1N_eK5e8o9Qg-Up_l0wq98CbwTt-LQV HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEhKUKEc9bfVYs_ohydiLpI&google_cver=1&google_push=Aa02lx_f8pZctU8rsJjMlEq6XiBYW1beQosKz8CyPlGiHiD7AKfNhIjSYzxpmQthlOtxS1N_eK5e8o9Qg-Up_l0wq98CbwTt-LQV&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_vKaa_qMQ0mDglrw8l9hwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_f8pZctU8rsJjMlEq6XiBYW1beQosKz8CyPlGiHiD7AKfNhIjSYzxpmQthlOtxS1N_eK5e8o9Qg-Up_l0wq98CbwTt-LQV

Request Chain 290

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECctdwHQ9oZo1tyziLG6Yjw&google_cver=1&google_push=Aa02lx903bnB1w4O0Oc3Sreaah9kIK3iKUZ5Jc2IyY1NETVyiZcT_H8g9bVq896K_-LLQw-DYRgUHRS-sdcOY7Y5Kl_Kc0IGC_SR HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx903bnB1w4O0Oc3Sreaah9kIK3iKUZ5Jc2IyY1NETVyiZcT_H8g9bVq896K_-LLQw-DYRgUHRS-sdcOY7Y5Kl_Kc0IGC_SR&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1675409080754 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-ae17fd3c-e5a1-4ad5-ab5c-328f33640b27-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx903bnB1w4O0Oc3Sreaah9kIK3iKUZ5Jc2IyY1NETVyiZcT_H8g9bVq896K_-LLQw-DYRgUHRS-sdcOY7Y5Kl_Kc0IGC_SR%26google_hm%3DA64X_TzloUrVq1wyjzNkCyc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx903bnB1w4O0Oc3Sreaah9kIK3iKUZ5Jc2IyY1NETVyiZcT_H8g9bVq896K_-LLQw-DYRgUHRS-sdcOY7Y5Kl_Kc0IGC_SR&google_hm=A64X_TzloUrVq1wyjzNkCyc

Request Chain 291

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDSA4b_jZAMaq3aEqSH5O7I&google_cver=1&google_push=Aa02lx_uJvSLdqWd_jzboB3mWTdCl4jUN7o49MJnm28bex-puvJGZq0EVpaS5IaiHO_8dJWblJQ7fTfwOe51fntSGdpeDYp5ygvU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjA3ODM0MTcxMzIxNzE5ODI4MTc1OA%3D%3D&google_push=Aa02lx_uJvSLdqWd_jzboB3mWTdCl4jUN7o49MJnm28bex-puvJGZq0EVpaS5IaiHO_8dJWblJQ7fTfwOe51fntSGdpeDYp5ygvU

Request Chain 292

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGzPaABrLQi3RYEQqyswxO0&google_cver=1&google_push=Aa02lx_Pf09vPinIJmHHkiPZGoTpYfuJURt3b3GEHf-igFnRi8tqxck9U7MhnXbqbwRdWnzcV15MxmKwbM4m8AkTQHot7ZohZDc-tQ HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGzPaABrLQi3RYEQqyswxO0&google_cver=1&google_push=Aa02lx_Pf09vPinIJmHHkiPZGoTpYfuJURt3b3GEHf-igFnRi8tqxck9U7MhnXbqbwRdWnzcV15MxmKwbM4m8AkTQHot7ZohZDc-tQ&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1nMml1Y09wRTJ1R09RZ29aMENmM2NQYkwxdTR4SDFWUH5B&google_push=Aa02lx_Pf09vPinIJmHHkiPZGoTpYfuJURt3b3GEHf-igFnRi8tqxck9U7MhnXbqbwRdWnzcV15MxmKwbM4m8AkTQHot7ZohZDc-tQ

Request Chain 293

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEL_jTYqBuYqB2j8Wsavua_Q&google_cver=1&google_push=Aa02lx88EvdiFb1Mjf8SrFej5CdZ6BBFcbeWUbWNgqXsyMxNyE_nMjkg-yn5nnmgC7uS7tZSuFsxvLWYyipMSCA-_QiiarZI1MX7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx88EvdiFb1Mjf8SrFej5CdZ6BBFcbeWUbWNgqXsyMxNyE_nMjkg-yn5nnmgC7uS7tZSuFsxvLWYyipMSCA-_QiiarZI1MX7 HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 359

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9y2uK31wN_kLTK5uIWuywAABGwAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFjAZi35LHWS-KB8YLfL2OI&google_cver=1

Request Chain 360

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9y2uK31wN_kLTK5uIWuywAABGwAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9y2uK31wN_kLTK5uIWuywAABGwAAAIB&dcc=t

Request Chain 362

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6549275271843202221

Request Chain 363

https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=XEtUG4k3R3xsobYuR7B6QCU6OvY

Request Chain 364

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

Request Chain 365

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=8297de84-3c2a-cc63-0366cbf0

Request Chain 369

https://c1.adform.net/serving/cookie/match?party=14&cid=FEF29A6B-FA8C-4349-8382-5AF0F25F61C2&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FEF29A6B-FA8C-4349-8382-5AF0F25F61C2&gdpr=0&gdpr_consent=

Request Chain 370

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee0763dc-b6b9-4e00-8f5a-1d2572650c6a&gdpr=0&gdpr_consent=

Request Chain 371

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 372

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1209811998937673864

Request Chain 373

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=yO6MkpzrisnTvI7Iz-3Fycvo3ZDT7Y7GzrhZoOWC

Request Chain 374

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6549275271843202221&gdpr=0&gdpr_consent=

Request Chain 375

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_vKaa_qMQ0mDglrw8l9hwg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 376

https://pixel.onaudience.com/?partner=214&mapped=FEF29A6B-FA8C-4349-8382-5AF0F25F61C2&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0 HTTP 302
https://pixel.onaudience.com/?partner=68&icm&cver&mapped=4602859593002027005&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 377

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=FEF29A6B-FA8C-4349-8382-5AF0F25F61C2&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=FEF29A6B-FA8C-4349-8382-5AF0F25F61C2&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=FEF29A6B-FA8C-4349-8382-5AF0F25F61C2&addseg=19,36,42

Request Chain 378

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkVGMjlBNkItRkE4Qy00MzQ5LTgzODItNUFGMEYyNUY2MUMy&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 379

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHKr_Qf41-_uTJxTii5GHKE&google_cver=1

Request Chain 381

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=575737165844104639

Request Chain 383

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9Z-6H3GfTUao1p0MEtDyFw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9Z-6H3GfTUao1p0MEtDyFw

Request Chain 384

https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDO7B381-1Q-AQVA&us_privacy=1---

Request Chain 385

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/P-0lOPpu0Luw2LA5j0a4I8n5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cw0lbPJE2oLyI14zf9ze54B_D4z4IlcBntVTSw--~A

Request Chain 386

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=45LRGLlARRiRlU9wpQn0Rg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=45LRGLlARRiRlU9wpQn0Rg

Request Chain 387

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDRjZTA0YTg3ODdhOTE1NGYzOGNhYzliN2MxZjkxMDQ1YjRjZDQ0MA&us_privacy=1---

Request Chain 388

https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPN0IzODEtMVEtQVFWQQ==&us_privacy=1---

Request Chain 390

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG1KjslLwQAIqgz_eiLo220&google_cver=1

416 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.mlive.com/
Redirect Chain

https://update-accountcomcast.com/
https://mlive.com/
https://www.mlive.com/

397 KB
74 KB

303ms
125ms

Document
text/html

2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

bfdb787aefe473782359c56b779066ca63467fc70469ab913a8b3d0c25511e73

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-true-ttl: 130 -1
cache-control: private, max-age=60
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Fri, 03 Feb 2023 07:24:37 GMT
etag: W/"623a8-SH7MdgDiugTyBYlu3p9epW15JQY"
expires: Fri, 03 Feb 2023 07:25:37 GMT
last-modified: Fri, 03 Feb 2023 07:24:33 GMT
referrer-policy: no-referrer-when-downgrade
server: openresty
server-timing: cdn-cache; desc=HIT edge; dur=110
vary: Accept-Encoding
x-akamai-transformed: 9 73138 0 pmb=mRUM,2
x-arc-pb-request-id: f1d315f9-fdb9-4a04-a8b0-ff6c8a1ae724
x-arc-request-id: 0.9b7d1302.1675409077.37c326d

Redirect headers

akamai-true-ttl: -1
cache-control: private, max-age=60
content-length: 0
content-security-policy: upgrade-insecure-requests
date: Fri, 03 Feb 2023 07:24:36 GMT
expires: Fri, 03 Feb 2023 07:25:36 GMT
location: https://www.mlive.com/
referrer-policy: no-referrer-when-downgrade
server: AkamaiGHost
server-timing: cdn-cache; desc=HIT edge; dur=1
x-arc-request-id: 0.bdc6cf17.1675409076.7ac0c58f

GET
H2 200 default.css
www.mlive.com/pf/dist/components/output-types/ 45 B
618 B 50ms
50ms Stylesheet
text/css 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/dist/components/output-types/default.css?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 70D32T1H0BRWTAG0
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.9b7d1302.1675409077.37c3541
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 57
x-amz-id-2: 6GV+kKgQspYCS2LOJPTo66z1V2jx/xxCAwOV/gv9UC2Zb9KSVtULR1vuG7OPj04qsfnF6NZGARc=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 18:45:55 GMT
server: openresty
etag: "534bb0614e61e484cae7d5dc8ecc424c"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 07:24:37 GMT

GET
H2 200 default.css
www.mlive.com/pf/dist/components/combinations/ 392 KB
61 KB 53ms
52ms Stylesheet
text/css 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/dist/components/combinations/default.css?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

1de5d68ec5fefa288d30484466e3f802523811b7ec911218e4409251f8323ac4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 70D519FRP3AJ1SXX
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.9b7d1302.1675409077.37c3588
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 61822
x-amz-id-2: iLpp3HCDf8NjabSd5uAqmqb2J6kwIhhLDYgENtfP+2wRA47xY2keUNZAJJyw+Nie+4Spn9TMysw=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 18:45:55 GMT
server: openresty
etag: W/"42d123b98a57c6bb0472fc45ad07c7bd"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
expires: Sat, 03 Feb 2024 07:24:37 GMT

GET
H2 200 style.css
www.mlive.com/pf/resources/dist/mlive/css/ 2 KB
1 KB 52ms
51ms Stylesheet
text/css 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a39bdf2dd26f9c0fab39bd488478d3a32fdebef36c47651c13a62a6e5f2bac5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
x-edgeconnect-origin-mex-latency: 528
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 70D8YDNXA2HT44V0
x-edgeconnect-midmile-rtt: 16
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.9b7d1302.1675409077.37c3589
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 493
x-amz-id-2: UN5DfExVIUk9QaYLfjYISLm1G9Bc1EJtU6wniC53Whc4wrFkMOhBsGgIO6eJ6eBAGZ/AINnHzHo=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 18:45:54 GMT
server: openresty
etag: W/"9d4250925bc2a15ec3ecc089f28b714c"
x-edgeconnect-cache-status: 3
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Sat, 03 Feb 2024 07:24:37 GMT

GET
H2 200 react.js Show response
www.mlive.com/pf/dist/engine/ 341 KB
101 KB 92ms
92ms Script
application/javascript 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/dist/engine/react.js?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

900e4667d1c2576e226b32744f4630d2cf7c7333a31c2d076cf0884ab143e234

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 70D79ACVRPAHH98Q
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.9b7d1302.1675409077.37c37f8
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 102616
x-amz-id-2: mJE144rRzPXu5uiMi0YyMXEl/V3mG6rmJIG8pbChX5sSR+9MPrcJBGRfnF3mKi8KCA3sOJ4sbs8=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 18:45:55 GMT
server: openresty
etag: W/"818aa61733efec89f426587d6a791d83"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
expires: Sat, 03 Feb 2024 07:24:37 GMT

GET
H2 200 default.js Show response
www.mlive.com/pf/dist/components/combinations/ 2 MB
356 KB 94ms
93ms Script
application/javascript 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/dist/components/combinations/default.js?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

c06f89ed77133ba0b47a4a7082f8c038ee9d3083df61cb7d5a59684f921c52e6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 70D89B5CYPGNSAZW
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.9b7d1302.1675409077.37c37f9
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 362672
x-amz-id-2: a4W48db9miv5Hcsh9pUkUNFnLdzixiO7Y1cEtb7xwMGG2dq5Fdw+TU1V/cFvqS8MEd/dEru93hQ=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 18:45:55 GMT
server: openresty
etag: W/"f3e6ead12289a8f8c616589ab9ade01f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
expires: Sat, 03 Feb 2024 07:24:37 GMT

GET
H2 200 166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff
www.mlive.com/pf/resources/fonts/ 54 KB
54 KB 51ms
50ms Font
application/font-woff 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/resources/fonts/166b5d40-3430-46a0-8fb2-43f30962dec7-3.woff?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.mlive.com/
Origin: https://www.mlive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 70DCPJG3Q84K6SWY
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.9b7d1302.1675409077.37c358a
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 54391
x-amz-id-2: n1AJg4mrU54hz8a8I3JiBh7VWoFQWIeYEuACqb8fPm2tjrpI4D879nB2OvI7xQC81NnMmKX4/Do=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 18:45:54 GMT
server: openresty
etag: W/"63c3700153fd19bac6ac63c816251c03"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Sat, 03 Feb 2024 07:24:37 GMT

GET
H2 200 448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff
www.mlive.com/pf/resources/fonts/ 53 KB
53 KB 53ms
52ms Font
application/font-woff 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/resources/fonts/448c4642-c106-472f-9c6a-a4d7b5347b03-3.woff?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.mlive.com/
Origin: https://www.mlive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 70DBXD1R3D6MREX2
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.9b7d1302.1675409077.37c358b
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 53376
x-amz-id-2: z51RVaJFofsE6GHwPmWotIsQAUSeKEPR1oSbKgwDvYjBwroDNsw2sePIMBSx9JPU8f7L/k4LwEo=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 18:45:54 GMT
server: openresty
etag: W/"00b8650c0e6992c5c9ced8f621e43ffd"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Sat, 03 Feb 2024 07:24:37 GMT

GET
H2 200 a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff
www.mlive.com/pf/resources/fonts/ 53 KB
53 KB 59ms
59ms Font
application/font-woff 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/resources/fonts/a408f907-3ee4-4578-a3d1-4134558cb82a-3.woff?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.mlive.com/
Origin: https://www.mlive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 70DE9FTTP5R1VR9D
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.9b7d1302.1675409077.37c358c
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 53862
x-amz-id-2: MclkwJoSMvayyHN8OR/uodVFuBV/oJ8YRqZ6Du9fzl/oOSwfjHxhiPYESCTYqVrsrTe8Vn0t8Is=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 18:45:54 GMT
server: openresty
etag: W/"527a99c70868c89d6be3cc11a8feb999"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Sat, 03 Feb 2024 07:24:37 GMT

GET
H2 200 farnhamheadline-medium.woff
www.mlive.com/pf/resources/fonts/ 37 KB
37 KB 59ms
58ms Font
application/font-woff 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/resources/fonts/farnhamheadline-medium.woff?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.mlive.com/
Origin: https://www.mlive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 70D3RWA99S158X44
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.9b7d1302.1675409077.37c358d
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 36831
x-amz-id-2: NeWy5HIxXVt0YJ6qYF90cOXK5MLmDMu4yB8lkGisBergNnMiWK1qC9LcOfmeYvCOTbRynpU5NJU=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 18:45:54 GMT
server: openresty
etag: W/"05b85684cbf3bc11490297c50cfd67c3"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Sat, 03 Feb 2024 07:24:37 GMT

GET
H2 200 farnhamheadline-semi-bold.woff
www.mlive.com/pf/resources/fonts/ 36 KB
37 KB 57ms
57ms Font
application/font-woff 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mlive.com/pf/resources/fonts/farnhamheadline-semi-bold.woff?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.mlive.com/
Origin: https://www.mlive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 70DAEEN6Q8883JF9
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.9b7d1302.1675409077.37c358e
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 37066
x-amz-id-2: vBCC2XShNJf3wunZdKpCX7vrq4KD1CzGvZ2slIHsa+GTtpHIuBCaMe6g5tSCRctlC9U9lXP2n4c=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 18:45:54 GMT
server: openresty
etag: W/"c9a8222fbabe6b700baacd21dd7a1f61"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Sat, 03 Feb 2024 07:24:37 GMT

GET
H2 200 VLK5VN55XRE6ZMC6P5OTZIMLVU.jpg
www.mlive.com/resizer/X0FtD7BcmmVjYWxvk2Zlgb5mlJ0=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 37 KB
38 KB 157ms
155ms Image
image/avif 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/X0FtD7BcmmVjYWxvk2Zlgb5mlJ0=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/VLK5VN55XRE6ZMC6P5OTZIMLVU.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

311ddcdfdca96cf9dfccd5dec4b4b44d463d7626b8349233b7d2671788256a2a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Feb 2023 18:15:15 GMT
x-serial: 326
server: Akamai Image Manager
x-check-cacheable: YES
etag: "36f4c63fda1ca644adab8bd031094992b0cda835"
x-arc-request-id: 0.9b7d1302.1675409077.37c37fa
content-type: image/avif
cache-control: private, no-transform, max-age=31488693
server-timing: cdn-cache; desc=HIT, edge; dur=83
content-length: 37918
expires: Fri, 02 Feb 2024 18:16:10 GMT

GET
H2 200 iabCcpaIntegrationScript-noGAM.js Show response
cdn.cookielaw.org/opt-out/ 19 KB
5 KB 37ms
17ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Feb 2023 07:24:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: ZkLmnzyu8aoAQNwZHm6Yqw==
age: 22483
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7158a605-d01e-015b-5546-2899cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 79396d8e6adb92b4-FRA

GET
H2 200 logo_main.svg
www.mlive.com/pf/resources/images/mlive/logos/ 1 KB
1 KB 75ms
73ms Image
image/svg+xml 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/mlive/logos/logo_main.svg?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 70DA3GDD53GCKXEE
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.9b7d1302.1675409077.37c37fb
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 660
x-amz-id-2: mG9VAbHswVzt4aYhlvzyPE9UPuM/8S3hj/ItTruR79AlhXxQ9vIA80tDpH5zI3UtrqGTQfesUzE=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 18:45:54 GMT
server: openresty
etag: W/"351c57e1a77c618772f5966a7f2094ee"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Sat, 03 Feb 2024 07:24:37 GMT

GET
H2 200 logo_main_sm.svg
www.mlive.com/pf/resources/images/mlive/logos/ 2 KB
1 KB 73ms
71ms Image
image/svg+xml 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/mlive/logos/logo_main_sm.svg?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 70DARET2C8HNGH2C
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.9b7d1302.1675409077.37c37fc
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 902
x-amz-id-2: 0P6N9oo5BhJHP/ZYxEo4HVR6wRoAuo7VQ4dBI12XiaHRx+DDtgCMhnRumSX7VW/4AEQBUi+8ev4=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 18:45:54 GMT
server: openresty
etag: W/"cb98cda61d359616349bbc2a92540ddb"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Sat, 03 Feb 2024 07:24:37 GMT

GET
H2 200 social-monochrome.svg
www.mlive.com/pf/resources/images/mlive/logos/ 1 KB
1 KB 72ms
71ms Image
image/svg+xml 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/mlive/logos/social-monochrome.svg?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: KFQK2XN9WH6BWWF3
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.9b7d1302.1675409077.37c37fd
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 603
x-amz-id-2: 8KyGLGE/1ngfHXPbsr41+OM0lJUDgRsP5IsApV7b5+gxWLGZJyUkQsqlgdu7DGZIp3Nem+R25hEEIDCsDJzbwQ==
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 18:45:54 GMT
server: openresty
etag: W/"7819fa78e2e7770bb40587187d83cb87"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Sat, 03 Feb 2024 07:24:37 GMT

GET
H2 200 logo_footer.png
www.mlive.com/pf/resources/images/mlive/logos/ 2 KB
2 KB 77ms
75ms Image
image/avif 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/mlive/logos/logo_footer.png?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

732cfe462d74f591d636d3e6e0576fa6e30deba18e44e675135f88c06186548c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-security-policy: upgrade-insecure-requests
x-check-cacheable: YES
x-arc-request-id: 0.9b7d1302.1675409077.37c37fe
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=58
content-length: 1567
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Feb 2023 14:20:38 GMT
server: Akamai Image Manager
x-serial: 1030
etag: W/"be8042e858f0c6b5cd87834c8aafe76d"
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31474421
expires: Fri, 02 Feb 2024 14:18:18 GMT

GET
H2 200 AdvanceLocal_horizontal.svg
www.mlive.com/pf/resources/images/common/logos/ 9 KB
4 KB 76ms
74ms Image
image/svg+xml 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/logos/AdvanceLocal_horizontal.svg?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

702c805fec65a8cc8c6c40aed34123b021e5ed6107cc6dfdebc4b0fc2e229887

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 70D31E7B74YFJ859
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.9b7d1302.1675409077.37c37ff
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 3554
x-amz-id-2: lwfjSUBEhmQzNe4xU1vU4MUjcTkX85jJv0DgeQngnT+VyKjVkp03FROpRDMZoVth+e/whr6z5Vc=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 18:45:54 GMT
server: openresty
etag: W/"3770993da506fb6d4bbccfcdcc3a4800"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Sat, 03 Feb 2024 07:24:37 GMT

GET
H2 200 ad-choices-arrow.png
www.mlive.com/pf/resources/images/common/logos/ 190 B
701 B 76ms
75ms Image
image/webp 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/logos/ad-choices-arrow.png?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-security-policy: upgrade-insecure-requests
x-check-cacheable: YES
x-arc-request-id: 0.9b7d1302.1675409077.37c3800
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 190
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 19:19:41 GMT
server: Akamai Image Manager
x-serial: 444
etag: W/"c6e75cc6be8dcb2f2d1ab36209f3c3b7"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31405884
expires: Thu, 01 Feb 2024 19:16:01 GMT

GET
H2 200 v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA Show response
satisfycork.com/ 57 KB
21 KB 74ms
27ms Script
text/javascript 2600:1901:0:328a::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

517958b94ea3e0ce78a0da9a42b3bfe88a5931a7a64474829921da348c59d184

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Fri, 03 Feb 2023 07:24:37 GMT
x-datacenter: gce-europe-west1
etag: "b54674852dd92cfd10ef3383681daa9da3beab9c806a1494adbcc5c222c250d4"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-sq79
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 757822166
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sophi.min.js Show response
cdn.sophi.io/latest/ 124 KB
42 KB 47ms
7ms Script
application/javascript 65.9.66.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sophi.io/latest/sophi.min.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-61.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 096a0419a3787b284e7105edeebc7cf4915cb9549f3b433258f65483acc24510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 01:33:08 GMT
content-encoding: br
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-version-id: 77yKHytHO_pcAyQcoklw1dHdk4sqBtp0
last-modified: Tue, 04 Oct 2022 14:09:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 21090
x-amz-server-side-encryption: AES256
etag: W/"dfd164092f8d8abc70b55ba8c1bc2e80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: apusCzwcd58bUNkN1Z10mcfoELx78tx7LFceGfblgScgGW8b__76rA==

GET
H2 200 al-mlive.segments.min.js Show response
apps.sophi.io/latest/ 4 KB
2 KB 39ms
10ms Script
application/javascript 13.32.27.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sophi.io/latest/al-mlive.segments.min.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-90.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36b72120fc731ea29b1d2cabe92dc59386f9a1d95b25c965d38e63656ba237f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: Pgmn.avhAclmk0GfGnbPUWEsi7yJHhdY
content-encoding: gzip
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
date: Fri, 03 Feb 2023 07:22:42 GMT
last-modified: Thu, 02 Feb 2023 19:23:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 215
etag: W/"1a6bdc48b2d80dff46c51dac3b30ceef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=0
x-amz-cf-id: mHIxFPmqMWpRmc8Hjh9k6PVeTCzWTRmCiLgTcnqf1de5eT9BbDQNBw==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 25 KB
9 KB 35ms
17ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83f8393c6593831a76ea84324c946029082b5c72507176c13387468d21c651ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 4ki7PtkHDuSPC1vGdOaknQ==
age: 19499
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8384
x-ms-lease-status: unlocked
last-modified: Thu, 02 Feb 2023 13:33:36 GMT
server: cloudflare
etag: 0x8DB05221689032C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3a8b6a68-201e-0101-2064-379f4e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79396d8e6add92b4-FRA

GET
H2 200 SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 35ms
9ms Script
application/javascript 2a02:26f0:6c00:1bb::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: br
last-modified: Tue, 10 Jan 2023 03:18:00 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 435 KB
121 KB 90ms
50ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fc1f75e583afcda339ffe8eb7ae1b4bc3a6b33cc769bac8f5861f9ef22ed2645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123758
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Feb 2023 07:24:37 GMT

GET
H2 200 chevron-white.svg
www.mlive.com/pf/resources/images/common/arrows/ 864 B
1 KB 69ms
69ms Image
image/svg+xml 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/arrows/chevron-white.svg?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=988

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/pf/dist/components/combinations/default.css?d=988
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: MPRMRMCMZEFVF6EQ
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.9b7d1302.1675409077.37c3801
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 486
x-amz-id-2: QdrW00pY1b9P3yLofwtwGyyajaKxf4yhWK5gS57Z0Pjm/91/C4qE0MzVhNhetABuBCWItAXqCqg=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 18:45:54 GMT
server: openresty
etag: W/"691552a6377a1dfc9eeae87d6aeb8931"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Sat, 03 Feb 2024 07:24:37 GMT

GET
H2 200 coldtemp.svg
www.mlive.com/pf/resources/images/mlive/promo/weather/ 16 KB
7 KB 60ms
59ms Image
image/svg+xml 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/mlive/promo/weather/coldtemp.svg?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=988

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

07aef9a8a0f9f6aea421fdb533f1ea4baa0ce734e9d07aeaf68fd78e53ec5f05

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=988
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: 3MTQWPNW011WH5WJ
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.9b7d1302.1675409077.37c3803
server-timing: cdn-cache; desc=HIT, edge; dur=11
content-length: 6684
x-amz-id-2: JdqoNpf05X+e+vuCPIruhextovOup1Ek9DQ+FMzTCIEy6pTCsu1f3JE81rv5JsIV4BxG+u2hBfU=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 18:45:54 GMT
server: openresty
etag: W/"839e47376b6a6eb41e7bd828edc091f0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Sat, 03 Feb 2024 07:24:37 GMT

GET
H2 200 chevron-black-right.svg
www.mlive.com/pf/resources/images/common/arrows/ 2 KB
1 KB 143ms
141ms Image
image/svg+xml 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/arrows/chevron-black-right.svg?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=988

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/pf/dist/components/combinations/default.css?d=988
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: KFQY9S4WKY5ZJ2W2
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.9b7d1302.1675409077.37c3805
server-timing: cdn-cache; desc=MISS, edge; dur=69, origin; dur=52
content-length: 746
x-amz-id-2: zAPtK/hzUDAvPQmVpgyOef+QW2THSJE6gbnm1fcGaZ9F45HlbaWoxYKiIG5IEzFbjw34YyJleXc0tlNBo32mjQ==
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 18:45:54 GMT
server: openresty
etag: W/"4347be806f2c6a630a5407afb75ab920"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Sat, 03 Feb 2024 07:24:37 GMT

GET
H2 200 VE5CANKMFFFCLCGBU4ARIW5H6Q.png
www.mlive.com/resizer/67ZZ1Zk-5NqMgHjdw6tgqvdnJfQ=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 31 KB
31 KB 168ms
164ms Image
image/avif 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/67ZZ1Zk-5NqMgHjdw6tgqvdnJfQ=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/VE5CANKMFFFCLCGBU4ARIW5H6Q.png

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

299d5a51005452e61a87b85593d7c4204deb8c21193fb8a3f64022728071b841

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 03 Feb 2023 02:36:10 GMT
x-serial: 485
server: Akamai Image Manager
x-check-cacheable: YES
etag: "5a6e7710ff5070ea2a9ab4a48bbf757c561d5dc4"
x-arc-request-id: 0.9b7d1302.1675409077.37c39c8
content-type: image/avif
cache-control: private, no-transform, max-age=31518650
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=170
content-length: 31409
expires: Sat, 03 Feb 2024 02:35:27 GMT

GET
H2 200 M7Z3GPWUKZHSXFNOI5Z4MND25A.jpg
www.mlive.com/resizer/jKdNHLST0_orjXhvbMMCnfh5Q4A=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 22 KB
22 KB 116ms
112ms Image
image/avif 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/jKdNHLST0_orjXhvbMMCnfh5Q4A=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/M7Z3GPWUKZHSXFNOI5Z4MND25A.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

059696c0e05c3746f223b3a43b663247386c482aa8abc960a1842f60bc81c751

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Feb 2023 19:28:24 GMT
server: Akamai Image Manager
etag: "4cf40da3a02434685d9ad93a76cd6531ea3f4d39"
x-arc-request-id: 0.9b7d1302.1675409077.37c39c9
content-type: image/avif
cache-control: private, no-transform, max-age=31492990
server-timing: cdn-cache; desc=HIT, edge; dur=7
content-length: 22432
expires: Fri, 02 Feb 2024 19:27:47 GMT

GET
H2 200 CZW6Z5QQSBHD7FOOIZBEK72NNQ.jpeg
www.mlive.com/resizer/NugKZZOJ0uWDBAisWhBzCujzZTw=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 26 KB
27 KB 117ms
113ms Image
image/avif 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/NugKZZOJ0uWDBAisWhBzCujzZTw=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/CZW6Z5QQSBHD7FOOIZBEK72NNQ.jpeg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9dc7fcfce25a48164f63dda1f75cb1e3bb7d198cb0fca54f62912cefe5aad6da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 03 Feb 2023 02:52:37 GMT
x-serial: 416
server: Akamai Image Manager
x-check-cacheable: YES
etag: "2daf4492df73b0222f965f226385edf29b75c79a"
x-arc-request-id: 0.9b7d1302.1675409077.37c39ca
content-type: image/avif
cache-control: private, no-transform, max-age=31519682
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=349
content-length: 26935
expires: Sat, 03 Feb 2024 02:52:39 GMT

GET
H2 200 PC7V2ETQIZFOHCXJ6XAZVYMX3I.jpg
www.mlive.com/resizer/PGezym5WTexO9tfBKm3_FhyCztg=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 34 KB
34 KB 117ms
113ms Image
image/avif 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/PGezym5WTexO9tfBKm3_FhyCztg=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/PC7V2ETQIZFOHCXJ6XAZVYMX3I.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

24681837991acb13c2a49f2e15693132fbb7d72eb8da8786fe60041c6edc3286

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 27 Jan 2023 12:11:03 GMT
server: Akamai Image Manager
etag: "e6a9aa44003e541f80cd53afbc364154d1e130ef"
x-arc-request-id: 0.9b7d1302.1675409077.37c39cb
content-type: image/avif
cache-control: private, no-transform, max-age=30948455
server-timing: cdn-cache; desc=HIT, edge; dur=4
content-length: 34320
expires: Sat, 27 Jan 2024 12:12:12 GMT

GET
H2 200 QMTQBPWFQ5GEXKVOCDEJC6OY2Q.JPG
www.mlive.com/resizer/SWbpMADfRZBEjr3InbXkSpJBYiA=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 36 KB
36 KB 117ms
113ms Image
image/avif 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/SWbpMADfRZBEjr3InbXkSpJBYiA=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/QMTQBPWFQ5GEXKVOCDEJC6OY2Q.JPG

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c32808db47aa6a3a60054c8b371ef98ecbc7b68c544ff7f71a65913217604f21

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Feb 2023 22:08:13 GMT
server: Akamai Image Manager
etag: "e3975033c087a62f50683afcdaa89d4a27fca005"
x-arc-request-id: 0.9b7d1302.1675409077.37c39cc
content-type: image/avif
cache-control: private, no-transform, max-age=31502625
server-timing: cdn-cache; desc=HIT, edge; dur=17
content-length: 36354
expires: Fri, 02 Feb 2024 22:08:22 GMT

GET
H2 200 KSWMLFFQWND6HNN6MCJEIR3IPA.JPG
www.mlive.com/resizer/WaB_o37oIzrdrwPTSThBKUa9NGE=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 42 KB
43 KB 115ms
110ms Image
image/avif 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/WaB_o37oIzrdrwPTSThBKUa9NGE=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/KSWMLFFQWND6HNN6MCJEIR3IPA.JPG

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

6b19c22908a21e252aa45e934e7cdf7958436ebd205cdd251de9c22b6b046624

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Feb 2023 23:15:44 GMT
x-serial: 1318
server: Akamai Image Manager
x-check-cacheable: YES
etag: "9df31339841ee335c1aa7716bf748a41634ac6f2"
x-arc-request-id: 0.9b7d1302.1675409077.37c39cd
content-type: image/avif
cache-control: private, no-transform, max-age=31506641
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=50
content-length: 43477
expires: Fri, 02 Feb 2024 23:15:18 GMT

GET
H2 200 GWDP62F2CRB3NOJM2JX33T3AZ4.jpg
www.mlive.com/resizer/oZ5bPCu-F1HCgdTTFAV8xRhuNt4=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 12 KB
12 KB 166ms
163ms Image
image/avif 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/oZ5bPCu-F1HCgdTTFAV8xRhuNt4=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/GWDP62F2CRB3NOJM2JX33T3AZ4.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

d85ad490eff6fe8de4e0eb5ee1913ff61b9d8d83791aaf6011831786ffecf047

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Feb 2023 20:19:54 GMT
x-serial: 819
server: Akamai Image Manager
x-check-cacheable: YES
etag: "f76d48f2cc3d867886636a7b5a7340d8ea3c7a75"
x-arc-request-id: 0.9b7d1302.1675409077.37c39ce
content-type: image/avif
cache-control: private, no-transform, max-age=31496150
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=239
content-length: 11799
expires: Fri, 02 Feb 2024 20:20:27 GMT

GET
H2 200 3LNLXQ5H6FEVFAVOO7EDGSOXCU.jpg
www.mlive.com/resizer/RN-T7VtoaDPJ5I-71EGivnhuK2M=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 47 KB
47 KB 115ms
112ms Image
image/avif 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/RN-T7VtoaDPJ5I-71EGivnhuK2M=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/3LNLXQ5H6FEVFAVOO7EDGSOXCU.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

5c5592f43ea607d633067ecc76de87b4806452acaedbd312aaa2b644ab1738a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 17:45:41 GMT
server: Akamai Image Manager
etag: "c9ae7864900df2c3a8f773174e94da3d67ab081b"
x-edgeconnect-cache-status: 1
x-arc-request-id: 0.9b7d1302.1675409077.37c39cf
content-type: image/avif
cache-control: private, no-transform, max-age=31400586
server-timing: cdn-cache; desc=HIT, edge; dur=7
content-length: 47629
expires: Thu, 01 Feb 2024 17:47:43 GMT

GET
H2 200 OD3TIP5CCJB6TAOYACNYZUYBO4.jpg
www.mlive.com/resizer/eOvcMKaGfSMPu8-0tRq7sACGFyA=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 39 KB
39 KB 115ms
112ms Image
image/avif 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/eOvcMKaGfSMPu8-0tRq7sACGFyA=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/OD3TIP5CCJB6TAOYACNYZUYBO4.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

410e12233ed9d0bb3bae1231e9e5a394d8278fe28e44c8f783628a76dd54e614

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Feb 2023 20:49:51 GMT
x-serial: 1191
server: Akamai Image Manager
x-check-cacheable: YES
etag: "35c2400a61c16e05ace05dbc8c65a40883a89121"
x-arc-request-id: 0.9b7d1302.1675409077.37c39d0
content-type: image/avif
cache-control: private, no-transform, max-age=31497730
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=351
content-length: 39760
expires: Fri, 02 Feb 2024 20:46:47 GMT

GET
H2 200 PCLAMU5VKFFJPLBOBT4543WKYU.jpg
www.mlive.com/resizer/wM1i9bOXmGnHDw37B01diCUn1Sc=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 33 KB
34 KB 114ms
111ms Image
image/avif 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/wM1i9bOXmGnHDw37B01diCUn1Sc=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/PCLAMU5VKFFJPLBOBT4543WKYU.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9e3947902f8bfefa19b39662366640a7dd3ca12f7936eb1c56082b75a0d649ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Feb 2023 14:06:36 GMT
server: Akamai Image Manager
etag: "3ba1e0cdca8f51cf6f70c79daf5f87f54989b05f"
x-arc-request-id: 0.9b7d1302.1675409077.37c39d1
content-type: image/avif
cache-control: private, no-transform, max-age=31473736
server-timing: cdn-cache; desc=HIT, edge; dur=5
content-length: 34112
expires: Fri, 02 Feb 2024 14:06:53 GMT

GET
H2 200 IKCIW52KDRFYDC7RI6LJSORXHY.jpg
www.mlive.com/resizer/PxKnHoAIKt2JFGzIRZmY0xWDVyQ=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 12 KB
13 KB 248ms
246ms Image
image/avif 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/resizer/PxKnHoAIKt2JFGzIRZmY0xWDVyQ=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/IKCIW52KDRFYDC7RI6LJSORXHY.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

aae0f1131d1f03726e3c493803ec6cfb342ba2019b3518a35e291b24fbcc573e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Fri, 03 Feb 2023 07:24:37 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Feb 2023 12:53:44 GMT
x-serial: 1663
server: Akamai Image Manager
x-check-cacheable: YES
etag: "08a0efbd5297020f6ee1533bb382a15205129775"
x-arc-request-id: 0.9b7d1302.1675409077.37c39d2
content-type: image/avif
cache-control: private, no-transform, max-age=31469236
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=74
content-length: 12534
expires: Fri, 02 Feb 2024 12:51:53 GMT

GET
H2 200 92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json Show response
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ 4 KB
2 KB 38ms
21ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

581a1ea02b36a1133d099529871fbecb8f6cfb380172991c365a6d628e27ecab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: mM6aiFT8Ck18U+avx2UOug==
age: 12277
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1544
x-ms-lease-status: unlocked
last-modified: Wed, 25 Jan 2023 22:23:26 GMT
server: cloudflare
etag: 0x8DAFF22C7947209
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 28b64496-b01e-00cc-030b-31bc53000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79396d8ec82a373f-FRA
expires: Sat, 04 Feb 2023 07:24:37 GMT

OPTIONS
H2 200 tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 341ms
98ms Preflight 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.mlive.com
access-control-max-age: 600
content-length: 0
date: Fri, 03 Feb 2023 07:24:37 GMT
server: nginx

POST
H2 200 tp2 Show response
collector2.sophi.io/com.snowplowanalytics.snowplow/ 2 B
222 B 289ms
98ms XHR
text/plain 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.mlive.com
date: Fri, 03 Feb 2023 07:24:38 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 52ms
25ms XHR
application/json 2606:4700::6812:1b55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 79396d8f2ab0bb3d-FRA
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 626 B
899 B 291ms
22ms XHR
application/json 2a02:26f0:6c00:1b8::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ&d=www.mlive.com&t=5584697&v=1.720.0&sl=0&si=4f51af12-8196-4464-ac4e-14bf90e952d4-rphtx0&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=468260
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1b8::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 645720463c7d884af96d57adc100b4b017e55e2ea2e0aa5fcbfc3b6edd4cb39e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 03 Feb 2023 07:24:37 GMT
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 626
Content-Type: application/json

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 67ms
27ms Script
text/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id: 6PX7G9BXZ1EJ8Q4H
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3391
x-amz-id-2: mn+sdmW1kRLqXoGcKjiUOnURKtt8S7jop2YTJNIsjYf9vysp6bNqxt2aL5b1GjUmGsC39PaWn24=

GET
H2 200 script.js Show response
h312.mlive.com/ 148 KB
45 KB 60ms
13ms Script
text/javascript 13.32.27.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/script.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-23.fra56.r.cloudfront.net

Software

- /

Resource Hash

8cc962bf012bdf8476e37ccbffbdb365c8c366ade8356352396ff090ffc380f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
age: 571
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 46000
x-xss-protection: 1; mode=block
last-modified: Fri, 03 Feb 2023 07:15:02 GMT
server: -
etag: d4ba9378de49478f950acdf7a0cf2f11
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: iTDvh6h_he_Dm3tLczS6bmYGvqqKYlK9TabiT4QZU1zwNJ-RuokInQ==
expires: Fri, 03 Feb 2023 07:25:06 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/advanceddigitalheader640552616592/ 240 KB
84 KB 47ms
15ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ca9668504727e46af9d0f49b307fa63ac082d2802edbaf51f5e070c9b2ae5e26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
last-modified: Tue, 31 Jan 2023 19:36:39 GMT
server: AmazonS3
x-amz-request-id: 8T31PX0ZEJSK6EJ9
etag: "dc0bdb177b6c09090708dcc6cd31f9cd"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=46221
accept-ranges: bytes
content-length: 85372
x-amz-id-2: TdA29PDhAF4cYEBoZiBesCSnQ8a+jvJjyvoelsWF5kQIZ+osfuic7wtTHVUZGcFKKTJrili2944dZJKLkLeFmw==

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 338 B
509 B 55ms
27ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
date: Fri, 03 Feb 2023 07:24:37 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Feb 2023 07:23:09 GMT
server: cloudflare
age: 88
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 79396d8f9c48901f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 8d7arohwoj
expires: Fri, 03 Feb 2023 07:54:37 GMT

GET
H2 200 ats.js Show response
ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ 89 KB
29 KB 37ms
9ms Script
application/javascript 13.32.27.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-74.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bb4cd88543fb1c4954e395fec63b4d32ad77beddf3e946c610aba2d80c80d0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: efuxwJmubxv9Vi8KZQRlafK54DDCFhkw
content-encoding: gzip
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
date: Fri, 03 Feb 2023 06:43:10 GMT
last-modified: Thu, 02 Feb 2023 15:40:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 2492
x-amz-server-side-encryption: AES256
etag: W/"2a0afe8d0857377c62ca1340ce890d7b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: Pwc3LrZoTRrG2iIKDKO7snspwIQTNHcoLkTC6bmFExK_NzRdgWoN9g==

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/ 381 KB
91 KB 18ms
17ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DjzI+HdyHvhC2OCs+qd+pw==
age: 21437
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 93164
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 04:11:44 GMT
server: cloudflare
etag: 0x8DADF1BA4D9E9D9
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 32db70ae-901e-00bd-53b1-11ce6a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79396d8f7bfd92b4-FRA

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
595 B 37ms
8ms Fetch
application/json 143.204.215.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-111.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 03:00:28 GMT
via: 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront), 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA53-C1
age: 15849
x-amzn-requestid: d4de4b36-1e5b-4755-a5af-487938d51f39
x-amzn-trace-id: Root=1-63dc78cc-79e654147d68ab2542bc36e2;Sampled=0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: fvfQCE2gjoEFc1g=
content-length: 28
x-amz-cf-id: ouD06ZYAdQT8OvIJSKZjM-3y1FJwP4v6nwVe-ai5-DYuwwbNJDcflw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ff2abdb3-041c-409c-8bea-2a017f6e523b/ 83 KB
18 KB 19ms
18ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ff2abdb3-041c-409c-8bea-2a017f6e523b/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4ca4ac2245a298854b68e7efdabe6e7a518ab2d258e7334a316b434e74e6d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: J/l4i+ZGysNEgkAAgPV+Jg==
age: 11531
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 18046
x-ms-lease-status: unlocked
last-modified: Wed, 25 Jan 2023 22:23:34 GMT
server: cloudflare
etag: 0x8DAFF22CC5A1C21
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 04a3fcf0-401e-00fb-5d0b-3110fc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79396d8fc912373f-FRA
expires: Sat, 04 Feb 2023 07:24:37 GMT

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 335 KB
98 KB 30ms
21ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0141a68f5a24a71e9f70c3ac2f18c695fd4a1f4cb4f89e52b4c05ae017f21709

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:37 GMT
x-amz-version-id: .xvTl_rwiCmix78FJCaLpqhed9_2a1Hs
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400; includeSubDomains
x-amz-request-id: JVJA810WFQ13405K
age: 7850
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: hRyno8sJYLsJLUPm15ToWtbslxrsclPcKgHN8D/ZttsgaOPmlbkvkWx5WV/0/Hg5rKg+VLktBgo=
last-modified: Mon, 30 Jan 2023 06:47:31 GMT
server: cloudflare
etag: W/"f991076a688fd50a337909d6e67a9f06"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 79396d8fec88901f-FRA
expires: Fri, 03 Feb 2023 11:24:37 GMT

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
336 B 80ms
33ms XHR
text/plain 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_11014&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:37 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://www.mlive.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Fri, 03 Feb 2023 07:24:37 GMT

GET
H2 200 cs Show response
advancelocal.blueconic.net/DG/DEFAULT/ 16 B
697 B 330ms
104ms Script
text/javascript 54.166.174.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://advancelocal.blueconic.net/DG/DEFAULT/cs?&callback=bc_json458

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.166.174.230 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-166-174-230.compute-1.amazonaws.com

Software

- /

Resource Hash

10deffcb4d74836b58c8b08ce8fc28fb82ab89d81382f8447b107504b91be19e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame E33D 1 KB
2 KB 8ms
7ms Document
text/html 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=1250
content-length: 1374
content-type: text/html
date: Fri, 03 Feb 2023 07:24:37 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
server: AmazonS3
x-amz-id-2: tXhAc64MXavoo2Ys7gL4K0CHvWdnnjW6yMDYhattkSwkbmjydK4ZTHB9EYLhbnHzR5lAnVYPFb8=
x-amz-request-id: 7Y2H1YDSCY2G4ZCG

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/assets/ 13 KB
3 KB 17ms
17ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JuDKxv1jf1Hw0JXasvCaSg==
age: 11530
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3007
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 04:11:35 GMT
server: cloudflare
etag: 0x8DADF1B9F221620
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3edf7035-101e-00e8-046a-11251d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79396d9089af373f-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/assets/ 62 KB
15 KB 18ms
17ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Feb 2023 07:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /7imwDAj2tnNrmXTQyqG0A==
age: 11530
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14749
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 04:11:35 GMT
server: cloudflare
etag: 0x8DADF1B9F855CD4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: b4c4c484-601e-016b-0f6a-11c3e5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79396d9089b0373f-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/assets/ 21 KB
4 KB 16ms
16ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Feb 2023 07:24:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oQsmwuIlJWH4cKDxpI1ltA==
age: 11530
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 04:11:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: d9fc7188-301e-001a-016a-11f789000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 79396d9089b1373f-FRA

GET
H2 200 skeleton.js Show response
static.adsafeprotected.com/ 17 B
465 B 38ms
8ms Script
application/javascript 2600:9000:214f:c200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:01:00 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 18768218
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: BjeW25GfM7I3h2pbXL--RrdTAc6_mlUn5sG45G0zq2qasab7_CVSfg==

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 68 B
244 B 59ms
44ms Script
text/javascript 2606:4700::6812:1b55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 79396d912f849034-FRA
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 148ms
69ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=988

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c276285708800494d413ec1eb5884caf4d2e4e2b6e39b63c2f1e4988e568b2ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27307
x-xss-protection: 0
server: sffe
etag: "1471 / 735 of 1000 / last-modified: 1675379458"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 03 Feb 2023 07:24:38 GMT

GET
H2 200 pub.js Show response
pub.doubleverify.com/signals/ 67 KB
18 KB 55ms
19ms Script
text/javascript 2606:4700::6812:a6e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/signals/pub.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=988

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

818da0a99e5c987d95ab810e69c78fc66712db42e23ef755a391bb841817654a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: private, max-age=14400, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 79396d918edebb5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 10071.js Show response
micro.rubiconproject.com/prebid/dynamic/ 436 KB
124 KB 51ms
15ms Script
text/javascript 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=988
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9d0112c3289999dd04b6bf84a73981ccd4234b0aa6eeaf4feeade71dc049bb44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2023 22:40:59 GMT
server: Apache
vary: Accept-Encoding
edge-cache-tag: prod-prebid-10071_MI_Desktop_Mobile.js
content-type: text/javascript
cache-control: public, must-revalidate, max-age=0
content-length: 126436
expires: Fri, 03 Feb 2023 22:46:15 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 193 KB
47 KB 52ms
12ms Script
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=988
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc063466fc42fe1b789888a932cc7f3a8bdde1c2d70a8a04b4d9896975620da7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:32:44 GMT
content-encoding: gzip
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
last-modified: Wed, 01 Feb 2023 21:25:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 3115
x-amz-server-side-encryption: AES256
etag: W/"a32dad266af898d87dd85cf65ca93536"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: jcxylBRqfJ08XdoWrmlTZYA4jsxUllf_6XHVWWmCkNHjYBPpr4MEyQ==

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/963/ 51 KB
16 KB 51ms
13ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=988
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31038db384774b30a90f372136544f5cfd03cb2cfec40cfc8d06697b80c6e638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:55:19 GMT
content-encoding: gzip
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 18:21:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 59360
etag: W/"e8fc5351ba5fa694b332e7213d30a1f4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: dxu4cnp-DJhD8YJDgszdjMl8csSTFaSpc0OYhJOvGIcIOE-Gu1nmwA==

GET
H2 200 icon-menu-outline.svg
www.mlive.com/pf/resources/images/common/icons/ 523 B
880 B 13ms
13ms Image
image/svg+xml 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/icons/icon-menu-outline.svg?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=988

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

3f5684bf5aa4a6eb5c9015394c8739dff39377a73adf72c30ba511d0ab5b50f3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.mlive.com/pf/dist/components/combinations/default.css?d=988
Origin: https://www.mlive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: MPRT25FJ7HDY2F3M
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.9b7d1302.1675409078.37c458d
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 278
x-amz-id-2: WHwScSyOV5N3EI6XM1SqWB+EF2FOPjD1qteJZ6ZxCrdFZZAm9UDkU9x+k7QkEy0Y9pPcYeuNLWc=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 18:45:54 GMT
server: openresty
etag: W/"ef41b0e325b0902f9a8781e21cc20457"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: image/svg+xml
access-control-allow-origin: *, *
cache-control: public, max-age=31536000
expires: Sat, 03 Feb 2024 07:24:38 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 192 KB
76 KB 104ms
64ms Script
application/javascript 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=988

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

530752728a396ddcdd46e2a062834d6fdd475ad5199b9beab914088203fb1fac

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9s9Y6cWgqcFX6dZwoOHAuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-9s9Y6cWgqcFX6dZwoOHAuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 03 Feb 2023 07:24:38 GMT

GET
H2 200 user-white.svg
www.mlive.com/pf/resources/images/common/icons/ 5 KB
3 KB 13ms
13ms Image
image/svg+xml 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mlive.com/pf/resources/images/common/icons/user-white.svg?d=988

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=988

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/pf/dist/components/combinations/default.css?d=988
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
x-amz-request-id: MPRK91GBSARGV03G
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.9b7d1302.1675409078.37c45d5
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 2508
x-amz-id-2: XckiP9SnUN5+qSaa1EzS5f3nIzkKdIkS1YtlpcnADBuSe5qAtwqzzggts5zhRe8keNHtM8x0z4E=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Feb 2023 18:45:54 GMT
server: openresty
etag: W/"fdc13d9553130cf8463df06e8ba5682d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Sat, 03 Feb 2024 07:24:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 51ms
15ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 06:54:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1788
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 03 Feb 2023 08:54:50 GMT

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 36ms
7ms Script
application/javascript 65.9.58.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-150.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: public
Date: Thu, 02 Feb 2023 08:16:12 GMT
Via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-C1
Age: 83306
ETag: "5eb31be4-3a2"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Connection: keep-alive
Content-Length: 930
X-Amz-Cf-Id: xH_lTDMuNruKBX9dmPfejWnTe0TCR4pQ4p0Ln1aRdpeX4HWMWG3t-w==
Expires: Fri, 03 Feb 2023 08:16:12 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 545 KB
155 KB 51ms
19ms Script
application/x-javascript 23.35.237.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9d56712c65fd658abe00c4709f0e8857a0c633082a78f3401ea4f3800f75488b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 07:24:38 GMT
Content-Encoding: gzip
x-amz-request-id: A5RD1QXM4CWY600W
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: tTxryTzLHwBvv3Ogt/UO49aJ6j0+JizhZlF+BhDh0c3x3yAl8ZedArkFMzZtfuzVOyi1JXZbGmM=
Last-Modified: Tue, 31 Jan 2023 21:38:16 GMT
Server: AmazonS3
ETag: "7326e35e7d49316877005fe34d4bbd4a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 36ms
8ms Script
application/javascript 99.86.4.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-32.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 00:57:49 GMT
content-encoding: gzip
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 23213
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: v35Rvidjy47kPRazptSc7AEdGH8NRov04wroGqEQrj63oU2qd7mbqQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 49ms
17ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Feb 2023 07:24:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: +eZlwE2BOZEwYcBlPzB0P/TC+kuHwLei/btDau7HlDaGzJiAemk7rR4fwQRr63SxBLS2ZSDmEfsoJJl4leiRbw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 42ms
10ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=33624
accept-ranges: bytes
content-length: 4777

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 26ms
8ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-hhn-etou8220025-HHN

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 44ms
14ms Script
application/x-javascript 13.227.222.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.222.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-222-181.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Thu, 02 Feb 2023 08:26:12 GMT
Content-Encoding: gzip
Via: 1.1 2b298af2bb6f21ab0dee9e764d8bcb28.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS54-C1
Age: 82707
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: q1WiR2svZy3-89z5wpQ8MpW1rnVEHPyOdXn8FPPJi2F5_R6KyG1Hkw==

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma63527/all/15/
Redirect Chain

https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1616
https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js

142 KB
41 KB

15ms
15ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 68b5df8a16ee7bbfd4789f8533b7f9882f9095625a8be1f56e352bc10710484d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 05:40:38 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 07 Apr 2021 17:41:03 GMT
server: nginx
age: 6240
etag: "8be38a11960c372ea9c4119961294047"
vary: Accept-Encoding
x-cache: HIT Sun, 18 Dec 2022 07:45:34 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42243

Redirect headers

date: Fri, 03 Feb 2023 07:24:38 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma63527/all/15/ml.br.js
cache-control: public, max-age=269200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by: 1-gc-euwest1-xgfw0957

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65a099a71ad3b2309e3dfcfa9b2e184ef764b8a2906f0ae974b67b798cb719ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77638
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Feb 2023 07:24:38 GMT

POST
H2 200 457 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 170 KB
32 KB 483ms
483ms XHR
application/json 13.32.27.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/DG/DEFAULT/rest/rpc/457?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-02-03T07%3A24%3A38%2B00%3A00&ts=1675409078261

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-23.fra56.r.cloudfront.net

Software

- /

Resource Hash

06d78d9e69d13394e16b72734bc2a24c051056988bfcf4cb8766cbd99ccfebbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 31695
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: x5rUnUslGTUfXLLPYjTO2IAtAHwI2AP3yRu6Qpx1v4QwW4BcR_qaBQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 FormLogo.jpg
cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/9db7a06a-4f0a-4b5b-8abb-9f3aac23afb7/f8bc963b-b2e8-45f7-80d3-988cede5f448/ 89 KB
89 KB 19ms
19ms Image
image/jpeg 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/9db7a06a-4f0a-4b5b-8abb-9f3aac23afb7/f8bc963b-b2e8-45f7-80d3-988cede5f448/FormLogo.jpg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Feb 2023 07:24:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /VgjLzERih8MeSo4vme4Lw==
age: 84237
content-length: 90639
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Tue, 15 Dec 2020 19:27:11 GMT
server: cloudflare
etag: 0x8D8A12F6B751639
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: c4ce03f6-a01e-011b-01d2-21b021000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79396d93580292b4-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 17ms
16ms Image
image/svg+xml 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 03 Feb 2023 07:24:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 51636
x-ms-lease-status: unlocked
last-modified: Wed, 01 Feb 2023 17:51:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 83f800a2-001e-0056-4274-363096000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 79396d93580392b4-FRA

POST
H2 200 tp2 Show response
collector2.sophi.io/com.snowplowanalytics.snowplow/ 2 B
221 B 100ms
98ms XHR
text/plain 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.mlive.com
date: Fri, 03 Feb 2023 07:24:38 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

OPTIONS
H2 200 tp2
collector2.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 98ms
97ms Preflight 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector2.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.mlive.com
access-control-max-age: 600
content-length: 0
date: Fri, 03 Feb 2023 07:24:38 GMT
server: nginx

GET
H2 200 pubads_impl_2023020201.js Show response
securepubads.g.doubleclick.net/gpt/ 383 KB
130 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3dbe61c0d4bd6843709a0c3287613e78c6699b608001771c5d02fc4927a81ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 12:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132430
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 09:36:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 02 Feb 2024 12:20:36 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
467 B 123ms
62ms XHR
application/json 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mlive.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ee93aae396dad4ea17410d0d38abe40a91baaa30c2685aef3c92b704a79bda6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 442
x-xss-protection: 0
expires: Fri, 03 Feb 2023 07:24:38 GMT

GET
H3 404 pub.json Show response
pub.doubleverify.com/signals/ 48 B
365 B 24ms
14ms Fetch
application/json 2606:4700::6812:a6e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/signals/pub.json?ctx=20823471&cmp=DV460143&signals=ids,bsc&url=https%3A%2F%2Fwww.mlive.com%2F

Requested by

Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14e4901ee2e5c2b93c887cca0a2e3f188379d5ce25edca56836564e10014db76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.mlive.com
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: private, max-age=900
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 79396d938e739b71-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 set Show response
privacy.crwdcntrl.net/consent/ 301 B
574 B 124ms
50ms XHR
application/json 54.216.26.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy.crwdcntrl.net/consent/set?ct=skip&ca=1&ccd=1&cds=1&cta=1&c=963
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.26.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-26-107.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: bcfc3164e0232da8926cc0bc6f48a243af27d14ab8c859df7cbd539e1dde09d1

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:38 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache
x-server: 10.45.8.22
access-control-allow-credentials: true
content-length: 301
expires: 0

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 115ms
35ms XHR
application/json 63.35.129.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.129.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-129-113.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 5eb792320b1c497d8237f24b447a92cdfa6655bb50b14b106837443fb96a140b

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:38 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache
x-server: 10.45.21.233
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 9ms
8ms XHR
application/json 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3178&u=https%3A%2F%2Fwww.mlive.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: cdc09616482b23651a59600f7be19ae57c62086f99faadb86e7da494a585c05a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 04:48:45 GMT
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
age: 9352
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.mlive.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1675
x-amz-cf-id: xV2JWKMgxnIbGtbyFP7dgKzGhe-oAZeOk6r_2fyLUNPxuhGrtBD8lA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
8ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
date: Fri, 03 Feb 2023 04:40:20 GMT
x-amz-cf-pop: FRA56-C2
age: 9932
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: v8tkXCe_rgeWkcul2eWZwXyLxa-IJrWYmefqALhb5Ec9_xb1hISoQA==

GET
H2 200 10071-pbjs-floors.json Show response
ads.rubiconproject.com/floors/ 20 KB
2 KB 65ms
40ms XHR
application/json 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/floors/10071-pbjs-floors.json
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4a31142e331553f8c0f55164db6d3b5a23677a6f85413de49f28bc9084b1dec0

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: gzip
last-modified: Fri, 03 Feb 2023 06:40:59 GMT
server: Apache
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1500
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2215

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1675409078364&se=e30&duid=94c49eadf2ac--01grb2ke2tbkj8mtkkys5e6np7&pu=https%3A%2F%2Fwww.mlive.com%2F&us_privacy=1---&wpn=prebid
https://rp4.liadm.com/j?dtstmp=1675409078364&se=e30&duid=94c49eadf2ac--01grb2ke2tbkj8mtkkys5e6np7&pu=https%3A%2F%2Fwww.mlive.com%2F&us_privacy=1---&wpn=prebid&i6=MmEwMDpjOTg6MjAzMDphMDA0OjE6OjEy&n3...

42 B
581 B

685ms
282ms

XHR
application/json

34.193.23.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1675409078364&se=e30&duid=94c49eadf2ac--01grb2ke2tbkj8mtkkys5e6np7&pu=https%3A%2F%2Fwww.mlive.com%2F&us_privacy=1---&wpn=prebid&i6=MmEwMDpjOTg6MjAzMDphMDA0OjE6OjEy&n3pc=true

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Server

34.193.23.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-23-165.compute-1.amazonaws.com

Software

Resource Hash

5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:39 GMT
x-pixel-event-id: 6596ac64-2ee2-42f6-9e99-32f112eb3261
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: b5d007efd7fdea6c
content-length: 42
x-xss-protection: 1; mode=block

Redirect headers

date: Fri, 03 Feb 2023 07:24:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1675409078364&se=e30&duid=94c49eadf2ac--01grb2ke2tbkj8mtkkys5e6np7&pu=https%3A%2F%2Fwww.mlive.com%2F&us_privacy=1---&wpn=prebid&i6=MmEwMDpjOTg6MjAzMDphMDA0OjE6OjEy&n3pc=true
access-control-allow-origin: https://www.mlive.com
request-time: 0
access-control-allow-credentials: true
trace-id: 15a5b4ee65c503bd
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/ 36 B
375 B 31ms
13ms XHR
application/json 2600:9000:206f:6000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3252378/domain/mlive.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:11:19 GMT
content-encoding: gzip
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 799
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: BGX_0Fz6NpdpP0E5X6o2YPGteT8Ar2-p1i3J48rWSEqlGOsATZj_5A==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1675409078383&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3252378%26time%3D1675409078383%26url%3Dhttps%253A%252F%252Fwww.mlive.com%252F%26t...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1675409078383&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1675409078383&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQKJaT3LB_8QDAAAAYYWKbnMs79xBkVOR-6cVL3C_csKDJWA9vdtA0m...

0
266 B

124ms
103ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1675409078383&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQKJaT3LB_8QDAAAAYYWKbnMs79xBkVOR-6cVL3C_csKDJWA9vdtA0mkDtqdV74AYjhRsHfNnInadA
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: C5A5F9231EB2477CA86B9B84BAA3D392 Ref B: FRAEDGE1307 Ref C: 2023-02-03T07:24:38Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzxpL/m7Ayk+I8B9PPYg==

Redirect headers

date: Fri, 03 Feb 2023 07:24:37 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A881496584FC43F48F7CA2503F372754 Ref B: DUS30EDGE0919 Ref C: 2023-02-03T07:24:38Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1675409078383&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQKJaT3LB_8QDAAAAYYWKbnMs79xBkVOR-6cVL3C_csKDJWA9vdtA0mkDtqdV74AYjhRsHfNnInadA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzxpL9ofYRxovwWADvbg==

GET
H2 200 p.js Show response
cdn.parsely.com/keys/mlive.com/ 56 KB
21 KB 38ms
8ms Script
application/javascript 65.9.61.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/mlive.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: public
date: Fri, 03 Feb 2023 04:25:46 GMT
content-encoding: gzip
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
last-modified: Wed, 29 Jun 2022 14:34:05 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 11703
etag: W/"62bc62dd-df3e"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: qfxWqme6FDG7QGiKAazGCBV07UpVndfjInwfiMyCs_Bg3bwHo1YYIw==
expires: Sat, 04 Feb 2023 04:09:35 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
189 B 8ms
8ms Image
text/plain 99.86.4.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6034988&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&cs_it=b3&cv=3.8.0.210223&ns__t=1675409078384&ns_c=UTF-8&c7=https%3A%2F%2Fwww.mlive.com%2F&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&c9=
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-32.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: oUjhL9A9FgaBxODIZr37v7oZ43ZqTSmR1pwelNLn8uU7YJrnsYNN5g==
x-cache: Miss from cloudfront

GET
H2 200 120978121945017 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 16ms
15ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/120978121945017?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1c369edd0edf99fe0eafe474183e140e6e2e442be5ddc215fb2a5d6c39f15935

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Feb 2023 07:24:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110486
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: uBZO0VM6SFMOP3r7OzJh94LUJ8go9OD8Jfk0zvyHf/xUBIsBZVhTbjm3q99Nce3loY5oZhWWV2gbKmy7upW2wg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
438 B 73ms
22ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.mlive.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H2 200 adsct
t.co/1/i/ 43 B
376 B 136ms
117ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=169a5029-23cb-41a6-937f-6f75185ba2c0&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=5c53ba8e-cc0e-4327-a9e7-0bcf6d7377aa&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.29

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time: 110
date: Fri, 03 Feb 2023 07:24:37 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 3282de10299a02cd
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7c4f67fc848a797ca639a258e6639478be6d21e405baee976022880af188f12e
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
727 B 129ms
111ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=169a5029-23cb-41a6-937f-6f75185ba2c0&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=5c53ba8e-cc0e-4327-a9e7-0bcf6d7377aa&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.29

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time: 104
date: Fri, 03 Feb 2023 07:24:37 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 93c198817634cb9b
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 8c165997d6f165d7abe83130f9dd54acebd0de2ccb48cdf104c6f5189a44dbc2
content-length: 43

GET
H2 200 style
accounts.google.com/gsi/ 533 B
584 B 56ms
56ms Stylesheet
text/css 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Usk3VhTLras5-bz5a_7dhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-Usk3VhTLras5-bz5a_7dhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 03 Feb 2023 07:24:38 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
525 B 225ms
223ms XHR
application/json 2a00:1450:4001:812::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=339703812340-kido2ms26ssegr4jpn27vo7ro7hgkjme.apps.googleusercontent.com&as=vSZZgMU85d7pjfgJ8c35eA

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea473960b325da47338c91772ba0b6e45561066c51fc17b55ee8d3caaf97909a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-pL0UZMmt8BySohM-Fn4fOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-pL0UZMmt8BySohM-Fn4fOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
244 B 52ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=45je3210&_p=414081515&cid=1787032869.1675409078&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1675409078&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&en=page_view&_fv=1&_nsi=1&_ss=1&ep.headline=undefined&ep.author=undefined&ep.entry_id=undefined&ep.page_type=homepage&ep.product=homepage-beta&ep.platform=desktop&ep.page_path=%2F&ep.user_subscription_status=undefined&ep.ab_test_group_user=sub-group-c&ep.search_term=undefined&ep.targeting_codes=undefined&ep.targeting_codes2=undefined&ep.targeting_codes3=undefined&ep.targeting_codes4=undefined&ep.targeting_codes5=undefined&ep.targeting_codes6=undefined&ep.entry_tags=undefined&ep.referring_subdomain=undefined&ep.browser_cookie_region=undefined&epn.monthly_visit_number=1&ep.content_region=undefined&ep.content_topics=undefined&ep.blog_category=undefined&ep.section=Home%20Page&ep.article_date_original=undefined&ep.article_date_updated=undefined&ep.entity_type=undefined&ep.entity_value=undefined&ep.auxiliaries=undefined&ep.gigya_user_id=undefined&ep.usprivacy_cookie=undefined&ep.userid_flag=false
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 5 KB
2 KB 125ms
40ms Script
text/javascript 34.251.191.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.mlive.com%2F&ntv_mvi&us_privacy=1---
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.191.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-191-149.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 4367435b55e91a47e4ed82be3b071a73871e8537afde581dec38e084570624e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: gzip
server: nginx/1.12.2
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 1511
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H3 200 v2hyotYXNywjHXB1-z3sEiar3OR9GE1w03I_IOLu6Zhp7An-BzV91gMgZxbx2ZljzMzmq-uyI Show response
satisfycork.com/ 206 B
233 B 57ms
38ms Fetch
application/json 2600:1901:0:328a::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://satisfycork.com/v2hyotYXNywjHXB1-z3sEiar3OR9GE1w03I_IOLu6Zhp7An-BzV91gMgZxbx2ZljzMzmq-uyI

Requested by

Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

1e4a0c9ccc2c4293ddf3ea49d31e69611231cc57c8a2f7ed43c7797bdf206545

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Fri, 03 Feb 2023 07:24:38 GMT
via: 1.1 google
x-buildnumber: 757822166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
x-hostname: fen-hoothoot-europe-west1-spot-sq79
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Fri, 03 Feb 2023 07:24:37 GMT

POST
H2 204 /
vtrk.doubleverify.com/ 0
182 B 115ms
31ms Ping
text/plain 34.240.232.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=643f20c3-2cae-432c-a99b-3292bc563226&z=911750434067&ctx=20823471&cd160=fa088d2c-15dc-49ef-92f7-505a88fdadaf&cd161=https%3A%2F%2Fwww.mlive.com%2F&ea=load-pq&cd180=network&cm180=56&cm181=18&cm182=6&cm183=11&cm184=19&cm185=1&cm186=352&cmp=DV460143
Requested by: Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.232.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-232-49.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: https://www.mlive.com
date: Fri, 03 Feb 2023 07:24:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 71ms
15ms Script
application/javascript 95.100.74.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.74.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-74-20.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Fri, 03 Feb 2023 07:39:38 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 32 KB
10 KB 8ms
7ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:55:13 GMT
content-encoding: gzip
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 59366
etag: W/"322a4a4dadec5839e9040f77edf9282d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: MTmFbm1T4uo7Qb8DNWhWpDx4rP7rkMwzPUc37agmAI-epiMWnK2YNQ==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 57 KB
17 KB 41ms
15ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
server: cloudflare
x-amz-request-id: 6D5QG0NPJZD5QPXK
age: 1003
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 79396d94d86bbbf1-FRA
x-amz-id-2: eRu/pWDcfy00YajLpD+uzFcj/gy0Nqx1S0UB+hXX6Rv1XbLFi1H6AN1en/mav0LBa8Yfa7TpARM=

POST recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
0

OPTIONS
H2 504 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 10321ms
10104ms Preflight
text/html 3.221.54.232

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.54.232 -, , ASN (),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-length: 534
content-type: text/html
date: Fri, 03 Feb 2023 07:24:48 GMT
server: awselb/2.0

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 427ms
101ms Image
image/gif 52.5.29.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sec=Home%20Page&prem=0&ptype=homepage&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=acb1fce1-22fd-4a8a-a5b9-fbf58db711d1&pid=09e89717-98cc-4821-b878-f60ce3e6a5a0&dtm=1675409078527&qnm=_matherq&visible=1&tabid=b25eb7f4-8466-42dc-92ba-fcf7665b5dc4&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x12827&tofa=1675409079&vid=1&lvidt=1675409079&duid=7fc2f3ceea2c664a&fp=3376026746&cid=ma63527&mrk=484602605&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY3NTQwOTA3NjAxNSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMG1iIiwiZnN0UGFpbnQiOiIxNDg5IiwiZmV0Y2hTIjoiMTAzNCIsImRvbWFpblMiOiIxMDM0IiwiZG9tYWluRSI6IjExODciLCJjb25uUyI6IjExODciLCJjb25uRSI6IjEyMTIiLCJzc2xTIjoiMTE5NCIsInJlcXVTIjoiMTIxMiIsInJlc3BTIjoiMTMzNyIsInJlc3BFIjoiMTgwMyIsImRvbUxvYWQiOiIxMzQwIiwiZG9tSW50ZXIiOiIxODQ1IiwiZG9tTG9hZFMiOiIxOTEwIiwiZG9tTG9hZEUiOiIyMDY4In0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTc4NzAzMjg2OSIsInJlZlRpbWUiOiIxNjc1NDA5MDc4NTI2In1dLCJ1c2VyRGF0YSI6eyJpc0xvY2FsIjoiMCJ9fQ
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.29.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-29-188.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Fri, 03 Feb 2023 07:24:38 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
367 B 97ms
25ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.mlive.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

POST
H2 204 /
vtrk.doubleverify.com/ 0
181 B 89ms
32ms Ping
text/plain 34.240.232.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=643f20c3-2cae-432c-a99b-3292bc563226&z=579178377070&ctx=20823471&cd160=43c08372-4021-43fe-b3a9-fd72e02b2804&cd161=https%3A%2F%2Fwww.mlive.com%2F&ea=error&cd110=unknown%20error&cmp=DV460143
Requested by: Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.232.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-232-49.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: https://www.mlive.com
date: Fri, 03 Feb 2023 07:24:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 64 B
503 B 105ms
48ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.mlive.com%2F&pid=IElbmYX0Kn8EX&cb=0&ws=1600x1200&v=23.127.1625&t=1500&slots=%5B%7B%22sd%22%3A%22ad-small-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%2C%7B%22sd%22%3A%22ad-small-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%2C%7B%22sd%22%3A%22ad-large-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Advance_MI_BTF_DESKTOP%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: 0ZE50YZFED5VYKC065PX
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.mlive.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: I5tzt2RCIObC_S-VWp0BCq3C8QGgGfqjzvl9c7MsVOgzIqdiFZYcNQ==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 134ms
52ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.mlive.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 133ms
52ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.mlive.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
612 B 85ms
85ms XHR
text/plain 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e67d73f9a36e20f5ec02418f2c160063e3583cef3459d212efd82f9304bd7d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 582
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4174 6 KB
3 KB 104ms
49ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:24:38 GMT
expires: Sat, 03 Feb 2024 07:24:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 131ms
30ms Image
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1675409078614&plid=51773065&idsite=mlive.com&url=https%3A%2F%2Fwww.mlive.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.mlive.com%2F&sref=&sts=1675409078609&slts=0&title=Michigan+Local+News%2C+Breaking+News%2C+Sports+%26amp%3B+Weather&date=Fri+Feb+03+2023+07%3A24%3A38+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=12091826&u=pid%3D10479e29fc2b2985d5982e867e9d9882
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 07:24:38 GMT
Cache-Control: no-cache
Last-Modified: Friday, 03-Feb-2023 07:24:38 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 230823541501762 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 680ms
679ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/230823541501762?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f1c5a1adb61eebadff8e6b258bf6689c1c29fb5aceeec61ccb025a9d941f04c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Feb 2023 07:24:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: S/CtiCAYKA+NNTKDPqaRC1IbBAz6W6UmuZuO2H+X7F+3fLuO3rGuq5CNlMySGE6r77q8gh4wK4BodwDyrpxHzg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 40ms
40ms XHR
application/json 63.35.129.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.129.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-129-113.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8baef3035ca0cdeb2be78284796226a082ecc642ce45dd85a615d92130f18417

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:38 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache
x-server: 10.45.10.178
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 23ms
23ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=414081515&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAQCACgFK~&jid=395942551&gjid=175106147&cid=1787032869.1675409078&tid=UA-16643585-16&_gid=576198689.1675409079&_r=1&_slc=1&gtm=45He3210n81TLXFLCR&cd1=undefined&cd2=undefined&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=GA%20pageview%20-%20template%20-%20All%20Pages&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-c&cd61=1787032869.1675409078&z=1408790442

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 v2yyp0JIvTuYdDrFxdI1LumAyZ0I8avLMANlZJMoPpsTa47cIDqZvhxS4TSH9FHfbZf6j9HqU Show response
satisfycork.com/ 3 B
27 B 24ms
24ms Fetch
application/json 2600:1901:0:328a::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://satisfycork.com/v2yyp0JIvTuYdDrFxdI1LumAyZ0I8avLMANlZJMoPpsTa47cIDqZvhxS4TSH9FHfbZf6j9HqU

Requested by

Host: satisfycork.com
URL: https://satisfycork.com/v2piab50gFaKfjV8idhg6fZepwcHQRhhd4LGOCwC4kPx099p1KAK8QTA

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Fri, 03 Feb 2023 07:24:38 GMT
via: 1.1 google
x-buildnumber: 757822166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
x-hostname: fen-hoothoot-europe-west1-spot-sq79
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 217ms
166ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Fri, 03 Feb 2023 07:24:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 353 B
607 B 67ms
32ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3932290bf9f79626040834a3a15e7cb634a0c3f5b627122f81b165c1d1fe8922

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.mlive.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 03 Feb 2023 07:24:38 GMT

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
653 B 174ms
32ms XHR
application/json 63.34.113.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?us_privacy=1---&ntv_ptd=1134022,1134019&ntv_pas=eyIxMTM0MDE5IjpbWzMwMCwyNTBdXSwiMTEzNDAyMiI6W1szMDAsMjUwXV0sImxlbmd0aCI6Mn0=&ntv_ppf=eyJhZC1zbWFsbC0yIjp7ImJhbm5lciI6eyIzMDB4MjUwIjowLjIsIioiOjAuMn0sIioiOnsiKiI6MC4yLCIzMDB4MjUwIjowLjJ9fSwiYWQtc21hbGwtMSI6eyJiYW5uZXIiOnsiMzAweDI1MCI6MC40MywiKiI6MC40M30sIioiOnsiKiI6MC4yLCIzMDB4MjUwIjowLjJ9fSwiYWQtbGFyZ2UtMSI6eyJiYW5uZXIiOnsiMzAweDI1MCI6MC4yLCIqIjowLjJ9LCIqIjp7IioiOjAuMiwiMzAweDI1MCI6MC4yfX19&ntv_pb_rid=92420284fb8527&ntv_ppc=W3siYWRVbml0Q29kZSI6ImFkLXNtYWxsLTIiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX0seyJhZFVuaXRDb2RlIjoiYWQtc21hbGwtMSIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fSx7ImFkVW5pdENvZGUiOiJhZC1sYXJnZS0xIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19XQ==&ntv_dbr=eyJhZC1zbWFsbC0yIjowLCJhZC1zbWFsbC0xIjowLCJhZC1sYXJnZS0xIjowfQ==&ntv_url=https%3A%2F%2Fwww.mlive.com%2F
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.113.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-113-170.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:38 GMT
content-encoding: gzip
server: nginx/1.12.2
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.mlive.com
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
567 B 135ms
109ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=488240
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 501acb4e4522e173dbe423ddc76c7bd804d5f983d3f7a613a76d1b4a67b21835

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pK99jSblnZRjX0d%2BbY5w1xalqoZQIP%2B1m2tq4%2FUuRh1EUfz7B0rmo1iPAgGM1xL95GaG%2F%2FrghSgZHoOx46ejw1lCYs%2FY3Vkz3JKxea246QVbkPW24kiVThszr41P9o8u0BNMSNUA"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 79396d960dc19078-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 708 B
2 KB 815ms
388ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311380&zone_id=1580874%3B1580870%3B1580874&size_id=15&us_privacy=1---&eid_pubcid.org=bdd7d7c0-4f72-4afb-8a33-15bbcf8d4a7e%5E1&rf=https%3A%2F%2Fwww.mlive.com%2F&tg_i.page=https%3A%2F%2Fwww.mlive.com%2F&tg_i.domain=mlive.com&tg_i.aupname=344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right%2Crg_platform%3Ddesktop%3B344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Left%2Crg_platform%3Ddesktop%3B344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right%2Crg_platform%3Ddesktop&tg_i.pbadslot=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-2%3B344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-1%3B344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-large-1&tk_flint=dmpbjs_v7.31.0&x_source.tid=4c7d0a91-114f-41ea-8791-0e8580b3238c%3B59a532ab-30d8-48e6-80ac-7f3e7ca26838%3B7cb08b06-f211-404e-978f-2fd3bf31ed7a&l_pb_bid_id=18d0ea44f0456a1%3B198631ef8930e5e%3B20efe93772656e8&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.2%3B0.43%3B0.2&rp_maxbids=1&p_gpid=344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-2%3B344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-small-1%3B344101295%2FMI%2Fwww.mlive.com%2Findex.ssf%23ad-large-1&slots=3&rand=0.295021311551696
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: db29baf07cca3bee57c860e587ff03c3c45da3875e6214b601a135fcbe581c0c

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.mlive.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
400 B 59ms
18ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

9b13424c6d1a5d7a27f2b6b465ced8985d2c2773a0f24e0211babfd3ddfb3392

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Fri, 03 Feb 2023 07:24:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
227 B 59ms
17ms XHR
application/json 2001:41d0:701:1000::96f
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ea208f3af14b6c07455dd561aaf81750a537aa358a9d69d6d3f72bc69f6aab21

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Fri, 3 Feb 2023 07:24:38 GMT
content-length: 54
vary: Origin
content-type: application/json

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 35ms
33ms Image
image/gif 34.251.191.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=2221714&ntv_pl=773533
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.191.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-191-149.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:38 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 65ms
64ms Image
image/gif 34.251.191.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=8b253a53-4c7e-41c7-ac40-3862fcee4041&ntv_fl=wklKktgzCnjHRw7QsGHOxzNhXSYYdxQ6qfiLggX0SK56BQr83xcOwUzqcwcnh0dEkkQ9RO3V9hB5og33VIFmsjBeUNXZYQiVKjouuD8EGYVKg8tHVo7rzPy4Un6R-MIougegkTBdgoSmNz9yOGDHXOOxFKSe58-Kya_OzjtSlOCbSBOvZV4XB7XyrEO6Td0DVHNPqNk7bbpoWSb5pOk0OQ==&ntv_ht=trbcYwA&ntv_at=303,302&ntv_a=AAAAAAAAAAUr0QA&ord=1675409078712&ntv_it
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.191.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-191-149.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:38 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 32ms
31ms Image
image/gif 34.251.191.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=9e74d100-29cc-4b12-a440-d3802b6fb905&ntv_fl=No53AUp_qTJmWJYNLYz3zDH7Dla8D2Bigrcdt2SscM35NvSN06ESmcALQzGVGMkVAw4gv7FdgjIWB31_wPSEd1JWE7vUErUUYGz3ZCUaS8esQ0TBSEll4gP8UV3hMfECBH_whXCbtzy7QMhhExSrvaWsXn6EIgOH2z_b6EhwQBvYlBZLV1_7xThouAr2SJsz8qFCJ1PuXcVKQeVXw1bw-g==&ntv_ht=trbcYwA&ntv_at=303&ntv_a=AAAAAAAAAAU70QA&ord=1675409078714&ntv_it
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.191.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-191-149.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:38 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 32ms
31ms Image
image/gif 34.251.191.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=c81e349c-3c42-44a8-9698-ab3b0b181254&ntv_fl=miNEdYZhkQ016qn5OkGErteWbVfee99L6iQoR7ftguTTkDvzqZUqG5OcDEkXxdnmBBdE-0xujemH5n9YKZXzc94X4glLaS6J4r_HCNtJjNhL0PM7KGUSMT0LQsktN4giRCQhzDzmkIkHG_Jh_wifzE7UhU0qiFxxoH1OELRM4q0MsfjeUq3R5Qip0yAXOChabq_WMYOxl-UvgYiZyTgTpg==&ntv_ht=trbcYwA&ntv_at=303&ntv_a=AAAAAAAAAAVL0QA&ord=1675409078714&ntv_it
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.191.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-191-149.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:38 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 34ms
33ms Image
image/gif 34.251.191.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=48c7c097-142d-44c1-9ada-3072fe98febf&ntv_fl=MMTdWyeJBcdLcDTtFfyiRIW1J4RFfT92NPEX72OFNwaYG40vawGIkK8XpC9Q9TqqDm8jEYKJyMunWKqbOw6CSjWiNnE4xyiU4FyT-Dd7SKHx9K6CNJx4OasTgc8arNzX1jQ5xUFmFVNAQOeG4LeJ0yGjTiYvjCWJTs5ckY2AAZy7-K3b2-1LpO3f14yi6mJ_C2rFMaOS6e1kvRC_51MUug==&ntv_ht=trbcYwA&ntv_at=303&ntv_a=AAAAAAAAAAnc0LA&ord=1675409078714&ntv_it
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.191.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-191-149.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:38 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
427 B 35ms
34ms Image
image/gif 34.251.191.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1097042&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.191.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-191-149.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:38 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
345 B 52ms
18ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-16643585-16&cid=1787032869.1675409078&jid=395942551&gjid=175106147&_gid=576198689.1675409079&_u=aADAAEAAAAQCACgFK~&z=1195677877

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 03 Feb 2023 07:24:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
11 KB 568ms
567ms XHR
text/plain 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ba662897ea9451a2846427af6ca26e9ccd480c4d7a9c5b4306df875af658822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11174
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mlive.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7ac599c9fcff18a620c8b5079daf54f0 Show response
h312.mlive.com/plugin/plugin/ 137 KB
37 KB 9ms
8ms Script
text/javascript 13.32.27.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/plugin/plugin/7ac599c9fcff18a620c8b5079daf54f0

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-23.fra56.r.cloudfront.net

Software

- /

Resource Hash

7d2ec1f120a6f899e9772b5e3db9b4d4a468143f9122962ca07245c54ca21a0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 08:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
age: 775255
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 37290
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Jan 2023 08:03:43 GMT
server: -
etag: 7ac599c9fcff18a620c8b5079daf54f0
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: E5FMtsh0tEwXjQ6Ff2PbT7rokdlZC0CT2FUgMQVlLbxa4dBQpq3-bg==
expires: Thu, 25 Jan 2024 08:03:43 GMT

POST
H2 200 LB-Zone-1 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/457/ 354 B
1015 B 551ms
551ms XHR
application/json 13.32.27.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/DG/DEFAULT/rest/rpc/457/LB-Zone-1?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=ba8bf210-e9c7-4d10-a5e1-d54def2454df&overruleReferrer=&time=2023-02-03T07%3A24%3A38%2B00%3A00&ts=1675409078759

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-23.fra56.r.cloudfront.net

Software

- /

Resource Hash

e9b6c722c2dd67616bb65537b58bf42b0c1094082ee4c16d560dfd9910e620b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 231
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: OSAP0pLnFQc3uqV3dPsABsyQRLgSDT6xLpeKFGPfCzUqda6hi875Xg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 392.json Show response
id5-sync.com/g/v2/ 215 B
622 B 56ms
15ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/392.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

0c7782feab045c1308fb404edbea86e0ee189938c1ee716b7f8434a7a95ecc98

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Fri, 03 Feb 2023 07:24:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 36c6a65c3e36d441b8b60d7a61c3485b Show response
h312.mlive.com/plugin/library/ 317 KB
100 KB 9ms
8ms Script
text/javascript 13.32.27.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/plugin/library/36c6a65c3e36d441b8b60d7a61c3485b

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-23.fra56.r.cloudfront.net

Software

- /

Resource Hash

f53846431e30e69501f55ea4d80c3a129b4f0a8cfba57bdc9c78e5b794388bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 08:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
age: 775254
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 102121
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Jan 2023 08:03:43 GMT
server: -
etag: 36c6a65c3e36d441b8b60d7a61c3485b
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: qQdUWMH45Dxs9cVO_j9mjnF-0pgCE8GpK_FMgSsKod6eRe96dXkGzg==
expires: Thu, 25 Jan 2024 08:03:43 GMT

POST
H2 200 LB-Zone-1 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/457/ 4 KB
2 KB 529ms
529ms XHR
application/json 13.32.27.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-23.fra56.r.cloudfront.net

Software

- /

Resource Hash

a61259b8f303768072768b80a9c65d81dbc410ac4089832d362cfec34573d291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1297
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: iqoixBUY8LvD5eaERraU0kMmQlee1OsDOJ5xaiQlkmSXgOmZhAv6vQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 3723 Show response
idx.liadm.com/idex/prebid/ 0
311 B 446ms
107ms XHR
text/plain 54.159.56.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/prebid/3723?duid=94c49eadf2ac--01grb2ke2tbkj8mtkkys5e6np7&us_privacy=1---&resolve=nonId

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.159.56.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-159-56-141.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Fri, 03 Feb 2023 07:24:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
trace-id: 90381c44ee3e0a8c
vary: Origin
request-time: 2

POST
H2 200 457 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 8 KB
5 KB 395ms
395ms XHR
application/json 13.32.27.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/DG/DEFAULT/rest/rpc/457?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=ba8bf210-e9c7-4d10-a5e1-d54def2454df&bctempid=&overruleReferrer=&time=2023-02-03T07%3A24%3A39%2B00%3A00&ts=1675409079360

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-23.fra56.r.cloudfront.net

Software

- /

Resource Hash

2ce565553de9f3f25124a4b2ece8a24438db23680f26e83c9cdc5ade11cfe886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 3689
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: NW3IDfa0JXOlmaEybrrhJ-sdQ6abnqmiBUWlaTNwKBFAGE2w2-adHg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 predict Show response
h312.mlive.com/rest/custom/frontend/listener_realtime_model/ 2 B
899 B 404ms
403ms XHR
application/json 13.32.27.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://h312.mlive.com/rest/custom/frontend/listener_realtime_model/predict?itemId=93193c90-1299-460a-add2-602384af02fc&profileId=ba8bf210-e9c7-4d10-a5e1-d54def2454df

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/plugin/plugin/7ac599c9fcff18a620c8b5079daf54f0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-23.fra56.r.cloudfront.net

Software

- /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:39 GMT
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private, no-cache="Set-Cookie"
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: UwlowWuIOcjtg8KjHhcABR8Ux1IBp8pARnJ6bowpdCBHcNOoe3U_bg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 457 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 365 B
1 KB 111ms
110ms XHR
application/json 13.32.27.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-23.fra56.r.cloudfront.net

Software

- /

Resource Hash

7b49dc8f0cf7b7ed617e62de4242a11313b9c8216db493f67d93aedbb1b44bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 173
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 0wqI89Ko46E8ENhFO_HPn7S6DANSWP6aqiqh_SvDs1XhnqsrcYWTGQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 457 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 183 B
1 KB 378ms
377ms XHR
application/json 13.32.27.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-23.fra56.r.cloudfront.net

Software

- /

Resource Hash

7c97dfe662bddf02ed118a3cd826eb9b1d199c4a7dc246367192557362fe2b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 163
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: EKnHiDHFBX1N4UOhBx0sj0QnKDrdskbbSQL36O06HEAxI0MPuzAt0w==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=414081515&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blueconic&ea=segments&_u=aDDAAEABAAQCACgFK~&jid=&gjid=&cid=1787032869.1675409078&tid=UA-16643585-16&_gid=576198689.1675409079&gtm=45He3210n81TLXFLCR&cd1=undefined&cd2=1---&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=Blueconic%20-%20event%20call&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd64=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-c&cd61=1787032869.1675409078&cd76=a0002%2Ca0022&cd77=undefined&cd78=undefined&cd79=undefined&cd80=undefined&cd85=undefined&cd89=undefined&cd96=1&cm1=undefined&cm2=undefined&cm3=undefined&cm4=undefined&z=1700303453

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 03:05:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15522
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 32 KB
10 KB 8ms
7ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:55:14 GMT
content-encoding: gzip
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:08:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 59366
etag: W/"87ee016ad429d1c83712b8d81ccb3c59"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: Bq874uKXTph1BM2NsqS_TWLTVx_eDLM1_QCGac7F55Ng9wpDZ3NAiA==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 180ms
22ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7ea9327b36f8ea3355ad8a33cf7bd5735cbf2e11ed96744279181a0fedd2401e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
server: nginx
etag: W/"63c74972-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 04 Feb 2023 07:24:39 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 82ms
8ms Script
text/javascript 2600:9000:2250:9400:a:e047:752:5701
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9400:a:e047:752:5701 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 04:08:02 GMT
Via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 11798
ETag: "aded621b17723f487b3c9d0e43cf2f94"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: _2E9JAK60tszq_eYfdHdMwicFdkhtc6aF0-Tj6D1Mo3Ec9s67yP4Ow==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 57ms
21ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 20:50:09 GMT
content-encoding: gzip
age: 2284470
x-guploader-uploadid: ADPycdt6iN4_QwReAjSC_LRG7vKFAXTDxCKMV2GXbUWI2CZkbUxvp16CdJB4GM5IU0zxTYK5GU9096eqDzRaDtbKrSxd5sgqSB-S
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sun, 07 Jan 2024 20:50:09 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 14ms
13ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:58 GMT
server: cloudflare
x-amz-request-id: SA6HX3EQ47WC1XE3
age: 3406
etag: W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 79396d9a4e88bbf1-FRA
x-amz-id-2: 79htdQ19spsqbMsNoVBRii35mzPQHvikWi7aJxn5SqG/UqOCZhz0q3HBXssmXjmjVXk3tTNwmSU=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
901 B 37ms
7ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Feb 2023 07:24:39 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 10552
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 437
x-served-by: cache-fra-eddf8230037-FRA, cache-hhn-etou8220081-HHN
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012301181928000/ Frame 4EB1 221 KB
60 KB 146ms
37ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d8d078acb2e2069da9bad4650bc6ef0ade536a34984aa86ee5026f5163a030a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 93167
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61734
x-xss-protection: 0
server: sffe
etag: "5b4f5406239652c8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 4EB1 15 KB
5 KB 203ms
95ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc3b5bc58070e3c92bf7c79fd751863e0eb4a3021134454adee5b414cfe91468

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 93167
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "47662644ea8653a3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 4EB1 94 KB
28 KB 194ms
86ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54d6fa3b653c5e16db5247062dfcf74cd3dab4d9fccc46b737fc2b84a9da798d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 13:11:57 GMT
age: 65562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28817
x-xss-protection: 0
server: sffe
etag: "6eb387830c268337"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 13:11:57 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 4EB1 5 KB
2 KB 206ms
98ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d266f653edab118f23d71f1e2d3726cbf2e8a82faa537dab3a7edd1896b4d495

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 93167
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1914
x-xss-protection: 0
server: sffe
etag: "f13d3e1d36b26a3d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 4EB1 40 KB
14 KB 137ms
29ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e362728fd2d538ac44515898eedba531f5307b34a3085963bd613545e9885c5b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 13:11:57 GMT
age: 65562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12960
x-xss-protection: 0
server: sffe
etag: "f74ebce85e2cb18a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 13:11:57 GMT

GET
DATA 200
OK truncated
/ Frame 4EB1 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f89eae16b0db1af8e2a1a9c0e4f831bde04b04005664d2e059ddd10a2b352f57

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4571236953979215273/ Frame 4EB1 73 KB
73 KB 110ms
31ms Image
image/jpeg 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4571236953979215273/14763004658117789537?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQugIYASABLQAAAD8&rs=AOga4qmtRSZDRvLZgFjSRES5cO8FzgW9dA

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42a1a9aa7314dc440f13749c3f85ad6802a3dd3b0467270ff5bde9efee226820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 08:44:32 GMT
x-content-type-options: nosniff
age: 81607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74432
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 13:44:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Feb 2024 08:44:32 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4EB1 0
0 70ms
70ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRi_YtrbcY5P_MNnH7_UPg-6fkAaVw768X6yXj637CuDZp6imGxABILfI00dglYKAgLQHoAHyxaLSA8gBBqkC4V3k_lZFsj7gAgCoAwHIAwqqBIQCT9AKrtR_QdFowEO2G-dve5l7z6weoa6BJrEUqnNrzbPuNs_WIqkkYLjkGZoNHP5RCdm1hjjjwv9jSWb8zV6djyF3sHmF7wiQUhXU7QPgE8c2TbPl_eHWVo2hKrvfOIxju_vYtV2ZbnVNZSTdBO2z5EoLLFsFiQRPO8ivTiYFtobNeasbIcU5VXZFuwennTs6d2uaW4qwpONEdbmNXp_wPj8x8tjy1myon9t4hVMtvXez3VzHDUoJiQa1CZgw9dQI73duDPK0IrfUta6DweWFYwsaS-LhH3kDslQ8wdVRws6XzvM_mMTG-tewxWHGwj_jQMpRBKODGHQwQJbSQY-FTVC3pqHABMTote6FAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAf2ud0tqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQqKIM0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw2IFArQFQGAFwGyFx4KHAgAEhRwdWItMjkzNzQ5NDU2Nzk0OTI3OBjfkR8&sigh=B9OtFcs0_eY&uach_m=[UACH]&cid=CAQSOwDUE5ym2QsVj1RuGqFWFLqaF0k75G62199F-c8qalYMQJjo29mXGFAqMY-g2_jvQ_O9kFnRYnl-dPjiGAE&template_id=492
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4EB1 2 KB
3 KB 108ms
29ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 05:31:52 GMT
x-content-type-options: nosniff
server: cafe
age: 6767
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 04 Feb 2023 05:31:52 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4EB1 295 B
663 B 95ms
28ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 05:31:52 GMT
x-content-type-options: nosniff
server: cafe
age: 6767
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 04 Feb 2023 05:31:52 GMT

GET
H2 200 cs Show response
advancelocal.blueconic.net/DG/DEFAULT/ 66 B
855 B 104ms
104ms Script
text/javascript 54.166.174.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://advancelocal.blueconic.net/DG/DEFAULT/cs?bcsessionid=ba8bf210-e9c7-4d10-a5e1-d54def2454df&&callback=bc_json459

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.166.174.230 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-166-174-230.compute-1.amazonaws.com

Software

- /

Resource Hash

060c83fa391a4cd9379f12a8745c43c2e26e600cf6150d5274dba8fa459c7fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 83
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 457 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 183 B
1 KB 432ms
431ms XHR
application/json 13.32.27.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-23.fra56.r.cloudfront.net

Software

- /

Resource Hash

931b110c1e59f8b34deae2e7b01bf2690e59b92d6b085217f0b42f0dede8c93c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 165
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: Fd9C-U8Nq7WUidnOlIQ9gj9mb_SrJThnukyXK-o4cNwiskk78kXXcw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK baker
ead.mlive.com/ 19 B
362 B 151ms
20ms Image
image/gif 104.96.150.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ead.mlive.com/baker?dtstmp=1675409079433
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.150.92 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-150-92.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires: Fri, 03 Feb 2023 07:24:39 GMT
Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:39 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 19
Content-Type: image/gif

POST
H2 200 457 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 8 KB
5 KB 437ms
436ms XHR
application/json 13.32.27.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-23.fra56.r.cloudfront.net

Software

- /

Resource Hash

af1cd6d6dbce41580d672d3ad96ecdfe47cf6e1253f821366646291fe0146087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 3834
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: uHKdwGXt4i4_hvzRqXg665NyaVydaxe_tW_2qX-MHdk-po5r6KQfbg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 34ms
33ms XHR
application/json 63.35.129.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.129.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-129-113.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 47509297bffb666268f5a27277f46f534f6e8a54d8cae48a137e7ab71a33aa90

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:39 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache
x-server: 10.45.2.212
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
322 B 44ms
15ms XHR
text/plain 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Fri, 03 Feb 2023 07:24:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1

85 B
204 B

117ms
117ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 09b2516d38079efd9279ebc18a4e5521ed7998873d16bab62ad2f48643ef72e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:39 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-Kl+CEkZauKZvX5nY1gEmTDgKjoQ"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 03 Feb 2023 07:24:39 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.mlive.com
location: /esp?url=https%3A%2F%2Fwww.mlive.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 53ms
52ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.mlive.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 52ms
51ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.mlive.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 55 KB
18 KB 516ms
516ms XHR
text/plain 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=678597913097256&correlator=3287906522752114&eid=31072166&output=ldjh&gdfp_req=1&vrg=2023020201&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3&prev_iu_szs=300x250%2C300x250%2C300x250&ifi=3&adks=1117919376%2C1117919391%2C3501067380&didk=2832267644~2832267645~3933728591&sfv=1-0-40&fsbs=1%2C1%2C1&prev_scp=rg_adslot%3DInFeed_Right%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Right%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3DMI-desktop-InFeed_Right-2%7Crg_adslot%3DInFeed_Left%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Left%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Left%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Left%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3DMI-desktop-InFeed_Left-2%7Crg_adslot%3DInFeed_Right%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D2%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3DMI-desktop-InFeed_Right%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3DMI-desktop-InFeed_Right-2&eri=1&cust_params=IDS%3Dtimeout%26BSC%3Dtimeout%26pts_pid%3D643f20c3-2cae-432c-a99b-3292bc563226%26ccaud%3D0%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_platform%3Ddesktop%26bc%3D0&sc=1&cookie=ID%3D69fecab004aef02a%3AT%3D1675409078%3AS%3DALNI_MbghLl4WKjuTedm0jDuNPoXKd4e1Q&gpic=UID%3D00000bae4617300d%3AT%3D1675409078%3ART%3D1675409078%3AS%3DALNI_MZwHY3kiBdkldQV65DG1vl4BJynNQ&abxe=1&dt=1675409079532&lmt=1675409073&dlt=1675409077355&idt=1187&adxs=1135%2C165%2C1135&adys=155%2C887%2C895&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.mlive.com%2F&frm=20&vis=1&psz=300x24%7C300x274%7C300x24&msz=300x24%7C300x274%7C300x24&fws=0%2C512%2C512&ohw=0%2C0%2C0&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7&ga_vid=1787032869.1675409078&ga_sid=1675409079&ga_hid=414081515&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y7fimseEwSABSAghkEhsKDGlkNS1zeW5jLmNvbRjC-aax4TBIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjt-Kax4TBIAFICCGQSOwoKcHViY2lkLm9yZxIkYmRkN2Q3YzAtNGY3Mi00YWZiLThhMzMtMTViYmNmOGQ0YTdlGJf5prHhMEgAEh0KDmVzcC5jcml0ZW8uY29tGO34prHhMEgAUgIIZBIUCgVvcGVueBjt-Kax4TBIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a97bd7b3b458e725081b298413b5682a109dd1d4ec57ed0e072184b02cd0e246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18325
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 52ms
16ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=120978121945017&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1675409079551&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1675409079550.1910010827&it=1675409078393&coo=false&rqm=GET

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Feb 2023 07:24:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 51ms
16ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=230823541501762&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1675409079553&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675409079550.1910010827&it=1675409078393&coo=false&rqm=GET

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Feb 2023 07:24:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 52ms
17ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=120978121945017&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1675409079554&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&cd[content_name]=undefined&sw=1600&sh=1200&v=2.9.95&r=stable&ec=1&o=30&fbp=fb.1.1675409079550.1910010827&it=1675409078393&coo=false&tm=1&rqm=GET

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Feb 2023 07:24:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 269ms
234ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=230823541501762&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1675409079555&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&cd[content_name]=undefined&sw=1600&sh=1200&v=2.9.95&r=stable&ec=1&o=30&fbp=fb.1.1675409079550.1910010827&it=1675409078393&coo=false&tm=1&rqm=GET

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Feb 2023 07:24:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 306B 15 KB
6 KB 463ms
17ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mlive.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:24:39 GMT
server: Kestrel
server-processing-duration-in-ticks: 994568
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4EB1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

147ms
67ms

Image
text/html

2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

date: Fri, 03 Feb 2023 07:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 457 Show response
h312.mlive.com/DG/DEFAULT/rest/rpc/ 9 KB
5 KB 388ms
387ms XHR
application/json 13.32.27.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: h312.mlive.com
URL: https://h312.mlive.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-23.fra56.r.cloudfront.net

Software

- /

Resource Hash

0a6aa8f8c7167850a5676e99ecc3ba5ccb626c439c2005fc225dbc3e9e6a4dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 4066
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: qvil8YKGc4l-CEULxSMbAu2HfD-uZxpgc46nU7imonqjVZJJBmaRxQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame E5C7 0
176 B 72ms
26ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 03 Feb 2023 07:24:39 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H2 200 getuserdbdata Show response
app.matheranalytics.com/u/ 54 B
206 B 249ms
201ms XHR
text/plain 35.186.255.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://app.matheranalytics.com/u/getuserdbdata
Requested by: Host: js.matheranalytics.com
URL: https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1616
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.255.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.255.186.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:24:40 GMT
via: 1.1 google
content-type: text/plain
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by: 6-gc-use1-4pvg0112

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 3 KB
2 KB 158ms
124ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=8Gu2Z8RCvZ

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7af6fa10f5baa91dec87c8036eca6afbab6311dcc9b697cf46884bf0f42b9fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Feb 2023 07:24:40 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: u3gsz6gehe
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.mlive.com
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 79396d9d89032bec-FRA

GET
H2 200 container.html Show response
1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1439 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:24:38 GMT
expires: Sat, 03 Feb 2024 07:24:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C6A4 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:24:38 GMT
expires: Sat, 03 Feb 2024 07:24:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7B3A 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:24:38 GMT
expires: Sat, 03 Feb 2024 07:24:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 15ms
15ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=120978121945017&ev=Microdata&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1675409080084&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22og%3Adescription%22%3A%22Get%20the%20latest%20Michigan%20Local%20News%2C%20Sports%20News%20%26amp%3B%20US%20breaking%20News.%20View%20daily%20MI%20weather%20updates%2C%20watch%20videos%20and%20photos%2C%20join%20the%20discussion%20in%20forums.%20Find%20more%20news%20articles%20and%20stories%20online%20at%20MLive.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia.mlive.com%2Fstatic%2Fmlive%2Fstatic%2Fimg%2Flogos%2Flogo_fb.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22og%3Asite_name%22%3A%22mlive%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%22%7D%5D&sw=1600&sh=1200&v=2.9.95&r=stable&ec=2&o=30&fbp=fb.1.1675409079550.1910010827&it=1675409078393&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Feb 2023 07:24:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 15ms
15ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=230823541501762&ev=Microdata&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1675409080085&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22og%3Adescription%22%3A%22Get%20the%20latest%20Michigan%20Local%20News%2C%20Sports%20News%20%26amp%3B%20US%20breaking%20News.%20View%20daily%20MI%20weather%20updates%2C%20watch%20videos%20and%20photos%2C%20join%20the%20discussion%20in%20forums.%20Find%20more%20news%20articles%20and%20stories%20online%20at%20MLive.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia.mlive.com%2Fstatic%2Fmlive%2Fstatic%2Fimg%2Flogos%2Flogo_fb.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22og%3Asite_name%22%3A%22mlive%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%22%2C%22url%22%3A%22https%3A%2F%2Fwww.mlive.com%22%7D%5D&sw=1600&sh=1200&v=2.9.95&r=stable&ec=2&o=30&fbp=fb.1.1675409079550.1910010827&it=1675409078393&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Feb 2023 07:24:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 306B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mlive.com&sn=ChromeSyncframe&so=0&topUrl=www.mlive.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=GyUaX3x4VHBqSXJXcjZXVEFTWXBHTFJyOWthYzM2NklWTW9hdVJOM054bWovN01KMGJXQWFNK08rYi8vR1IxVWZtb1VDdDluV2VEVjYvM0c1RzdraGN3a3hSYXVud1F1NXUvYWwzT21GSGV4SHB1SlIvaVBHalZQSDdITE...

438 B
662 B

367ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=GyUaX3x4VHBqSXJXcjZXVEFTWXBHTFJyOWthYzM2NklWTW9hdVJOM054bWovN01KMGJXQWFNK08rYi8vR1IxVWZtb1VDdDluV2VEVjYvM0c1RzdraGN3a3hSYXVud1F1NXUvYWwzT21GSGV4SHB1SlIvaVBHalZQSDdITE1qY24yM2FzM1JxRUxqUXB1RzRINDBxMkRLT2xwSE9FYkx6UEhiRHRwNTNHemt1UFZrNXVPSmhHTEVCTU5QdmZpdTdHc29jdGNURVRoUURvblRLbC94NnlBRXF2bml1VHBZcGl3R2pRRGxtaGJXUVZkU21PYlp3MDRVTWY3TVEzUkg4dmViWTN6ZmRqU29PNWpEeEh6cktIUkZZQ3ZCdz09fA&cppv=2

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2e369bb818d86c70e2e093d8d9dac787e12efc0c696681a416607e2760eaa48b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1597116
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=GyUaX3x4VHBqSXJXcjZXVEFTWXBHTFJyOWthYzM2NklWTW9hdVJOM054bWovN01KMGJXQWFNK08rYi8vR1IxVWZtb1VDdDluV2VEVjYvM0c1RzdraGN3a3hSYXVud1F1NXUvYWwzT21GSGV4SHB1SlIvaVBHalZQSDdITE1qY24yM2FzM1JxRUxqUXB1RzRINDBxMkRLT2xwSE9FYkx6UEhiRHRwNTNHemt1UFZrNXVPSmhHTEVCTU5QdmZpdTdHc29jdGNURVRoUURvblRLbC94NnlBRXF2bml1VHBZcGl3R2pRRGxtaGJXUVZkU21PYlp3MDRVTWY3TVEzUkg4dmViWTN6ZmRqU29PNWpEeEh6cktIUkZZQ3ZCdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 645621
content-length: 0
expires: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7509 624 B
308 B 66ms
63ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjIuMLbATAB&v=APEucNXJtFRF0KnBJ1K39m_gZJ2zLsgmodUVv3dkgK8grVkUStHETej5msQWbR-ctbM_xq5mQdzHNgKk67BRl6LWaB-_8NVnW4HXvvZHDKGhEBqhjfjcMbunf7rkDnVaWMPmmK_cm4uX3_TO3yNmxPcBCH3o8pPNHr5rT5U4y28dePZWfTH2YDkXgBrZxTyvVzhgD8i1GIKS

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:24:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1439 78 KB
27 KB 138ms
92ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1a9f51121ef00d4bc11c410113432813ddbdcd85c9f2aabbd2c2c23c87408e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27798
x-xss-protection: 0
server: cafe
etag: 12162329123218539290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 07:24:40 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1439 42 B
110 B 94ms
49ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ByCfXBSBZqnYBPG5tFpfhBHkR9nha0uTJhMQlo0Ih3nRLWQ0WGDZ-aR97cGtsqiyQYOZ2qTJWnF0brbQrBCnaPsY9iKs5xHBgFZsNZiKnohgdfgJw

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1439 0
349 B 94ms
49ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2322238139544348275&x=1&ct=76

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 1439 3 KB
1 KB 32ms
30ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 1439 18 KB
8 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1439 0
0 28ms
27ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQgEbjTHC01aqAtRFbLPH0FYSCQaMr2bti6KI0xeT80EuddCB9ec9bQ6ngWXx6qFS6u0Yox_3j-cVnOrf5L6Fz-uOPmUw
Requested by: Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1439 157 KB
49 KB 81ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 07:24:40 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 649B 624 B
285 B 65ms
63ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjIuMLbATAB&v=APEucNWVB-aTuGbq4QyQk_9ZX6sKv3tpN1x0_5KfR-yil-FFAQxXSQl5g63s83qw17KCbsCWRcjL9bfkZ6xuiwkv2kFu4MrWmCVVP9lgCMGUJvQHMUxVU3HZqOxieBRLlxq15KLfwNt8_NGI3qIqeZzCInOvGH7mJpo4I22a3wFOYpL8151Z5B-Ad0z0c2AX8Qe2cGVy9568

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:24:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C6A4 78 KB
27 KB 183ms
140ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 07:24:40 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6A4 42 B
107 B 91ms
50ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANnK7QSQMQJxSmkbcrV8cHrryOC3ai8fzMlUJTBweU2oqLcngVtSF29V8wYlMDeD8LjXE-tGt7FUHjADYK1Gez7jOgmrfV2tazKXw59QLHAb6kvlQ

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6A4 0
47 B 91ms
50ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2445429371500066035&x=1&ct=76

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame C6A4 3 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame C6A4 18 KB
8 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C6A4 0
0 26ms
25ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXkoHa0CtUOrdoH6QeiWdEKX3MDOumLD5eT4dazBLDNQTBKQq9Cv3OsM5mh6qZfdqr7B0DdVW-1bujZw369OfHFlmcsw
Requested by: Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6A4 157 KB
48 KB 110ms
69ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 07:24:40 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 71DA 624 B
285 B 67ms
65ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjIuMLbATAB&v=APEucNUikv9smH1PIa9x15T-aU4ObGiwFlRtkm3cpj36jIw5HGTWQUMVr3Y8VorWqQrZZgVpXkgXTjAcX0d-KS1hjPXd9S6saKw9XA5PWwFBPGsJpvv0vJndC_j1m4G3F9rfZSBAaMT9Gh93x6ltPYmxFQO_S-cJXJF_joDadpfEB5HjMx2cz0jJAMikG13Hqu_vk-YvCa6s

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:24:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7B3A 78 KB
27 KB 172ms
137ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 03 Feb 2023 07:24:40 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B3A 42 B
107 B 85ms
50ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CSieHvLqq8sTJxxb26fSDyQjhwI46mYGObtBkj6M7ARuv7yT5SW_JcKcxjNmjJLazdDuOcH5L9mqrla2d249SdBYiZtmm3mY8ZM1Stag3eUrwQL44

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B3A 0
56 B 90ms
55ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3762939325238897641&x=1&ct=76

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 7B3A 3 KB
1 KB 32ms
30ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 7B3A 18 KB
8 KB 31ms
29ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:25:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7B3A 0
0 26ms
25ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTK5fqhOvno2Mg3kcaGORR3kp6b1bg8QpVr69hdKLEOrNR4AFdMOxOdVfysuJLaozJRljvlkKbDsCUjexfWrk0jEr6e_A
Requested by: Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B3A 157 KB
48 KB 97ms
63ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 07:24:40 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 101ms
101ms Image
image/gif 52.5.29.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ud&error=uid%2Fmuid%2Fduid%20not%20found&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&tid=6058b1bf-6084-4507-ab45-b6f6ae95537a&pid=09e89717-98cc-4821-b878-f60ce3e6a5a0&dtm=1675409080128&qnm=_matherq&visible=1&tabid=b25eb7f4-8466-42dc-92ba-fcf7665b5dc4&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x12736&tofa=1675409079&vid=1&lvidt=1675409079&duid=7fc2f3ceea2c664a&fp=3376026746&cid=ma63527&mrk=484602605&cx=eyJ1c2VyREIiOnsic2VnbWVudHMiOltdLCJtZXRlckRhdGEiOnsibWV0ZXJUaHJlc2hvbGQiOiIwIiwicmVzZXRNZXRlciI6IjAifSwicGFnZVZpZXdzIjoiMiIsInVzZXJEQkZldGNoIjoiMSIsImVyciI6InVpZC9tdWlkL2R1aWQgbm90IGZvdW5kIiwibmV4dFVwZGF0ZSI6IjE4MDAwMDAiLCJuZXh0VXBkYXRlVFMiOiIxNjc1NDEwODc5ODc2In19
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.29.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-29-188.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Fri, 03 Feb 2023 07:24:40 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7509
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&C=1

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjIuMLbATAB&v=APEucNXJtFRF0KnBJ1K39m_gZJ2zLsgmodUVv3dkgK8grVkUStHETej5msQWbR-ctbM_xq5mQdzHNgKk67BRl6LWaB-_8NVnW4HXvvZHDKGhEBqhjfjcMbunf7rkDnVaWMPmmK_cm4uX3_TO3yNmxPcBCH3o8pPNHr5rT5U4y28dePZWfTH2YDkXgBrZxTyvVzhgD8i1GIKS
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7509
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9y2uJ3LbNtCTwJg3Go.swAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&google_hm=2

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjIuMLbATAB&v=APEucNXJtFRF0KnBJ1K39m_gZJ2zLsgmodUVv3dkgK8grVkUStHETej5msQWbR-ctbM_xq5mQdzHNgKk67BRl6LWaB-_8NVnW4HXvvZHDKGhEBqhjfjcMbunf7rkDnVaWMPmmK_cm4uX3_TO3yNmxPcBCH3o8pPNHr5rT5U4y28dePZWfTH2YDkXgBrZxTyvVzhgD8i1GIKS
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7509
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECLj6eGGYTaBke5uSgLm_WA&google_cver=1

43 B
1 KB

16ms
14ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECLj6eGGYTaBke5uSgLm_WA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjIuMLbATAB&v=APEucNXJtFRF0KnBJ1K39m_gZJ2zLsgmodUVv3dkgK8grVkUStHETej5msQWbR-ctbM_xq5mQdzHNgKk67BRl6LWaB-_8NVnW4HXvvZHDKGhEBqhjfjcMbunf7rkDnVaWMPmmK_cm4uX3_TO3yNmxPcBCH3o8pPNHr5rT5U4y28dePZWfTH2YDkXgBrZxTyvVzhgD8i1GIKS

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:40 GMT
AN-X-Request-Uuid: 98d4d6cb-2723-4d54-b30b-a0cea5d5136a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECLj6eGGYTaBke5uSgLm_WA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7509
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIwMjg5MTcyNDY5NzE3NjY1NA%3D%3D

170 B
232 B

26ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIwMjg5MTcyNDY5NzE3NjY1NA%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 03 Feb 2023 07:24:40 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 50b511c8-236e-4da3-89ae-8c673c434d4e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIwMjg5MTcyNDY5NzE3NjY1NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 649B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&C=1

43 B
632 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjIuMLbATAB&v=APEucNWVB-aTuGbq4QyQk_9ZX6sKv3tpN1x0_5KfR-yil-FFAQxXSQl5g63s83qw17KCbsCWRcjL9bfkZ6xuiwkv2kFu4MrWmCVVP9lgCMGUJvQHMUxVU3HZqOxieBRLlxq15KLfwNt8_NGI3qIqeZzCInOvGH7mJpo4I22a3wFOYpL8151Z5B-Ad0z0c2AX8Qe2cGVy9568
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 649B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9y2uJ3LbNtCTwJg3Go.swAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&google_hm=2

43 B
632 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjIuMLbATAB&v=APEucNWVB-aTuGbq4QyQk_9ZX6sKv3tpN1x0_5KfR-yil-FFAQxXSQl5g63s83qw17KCbsCWRcjL9bfkZ6xuiwkv2kFu4MrWmCVVP9lgCMGUJvQHMUxVU3HZqOxieBRLlxq15KLfwNt8_NGI3qIqeZzCInOvGH7mJpo4I22a3wFOYpL8151Z5B-Ad0z0c2AX8Qe2cGVy9568
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 649B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECLj6eGGYTaBke5uSgLm_WA&google_cver=1

43 B
1 KB

15ms
14ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECLj6eGGYTaBke5uSgLm_WA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjIuMLbATAB&v=APEucNWVB-aTuGbq4QyQk_9ZX6sKv3tpN1x0_5KfR-yil-FFAQxXSQl5g63s83qw17KCbsCWRcjL9bfkZ6xuiwkv2kFu4MrWmCVVP9lgCMGUJvQHMUxVU3HZqOxieBRLlxq15KLfwNt8_NGI3qIqeZzCInOvGH7mJpo4I22a3wFOYpL8151Z5B-Ad0z0c2AX8Qe2cGVy9568

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:40 GMT
AN-X-Request-Uuid: bcaddd77-b274-428e-a9ab-89f3551aff8b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECLj6eGGYTaBke5uSgLm_WA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 649B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0OTI3NTI3MTg0MzIwMjIyMQ%3D%3D

170 B
232 B

26ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0OTI3NTI3MTg0MzIwMjIyMQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 03 Feb 2023 07:24:40 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 55fc6c8b-244a-4c4f-923a-1b7680f0c3e6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0OTI3NTI3MTg0MzIwMjIyMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 71DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&C=1

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjIuMLbATAB&v=APEucNUikv9smH1PIa9x15T-aU4ObGiwFlRtkm3cpj36jIw5HGTWQUMVr3Y8VorWqQrZZgVpXkgXTjAcX0d-KS1hjPXd9S6saKw9XA5PWwFBPGsJpvv0vJndC_j1m4G3F9rfZSBAaMT9Gh93x6ltPYmxFQO_S-cJXJF_joDadpfEB5HjMx2cz0jJAMikG13Hqu_vk-YvCa6s
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 71DA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9y2uJ3LbNtCTwJg3Go.swAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&google_hm=2

43 B
766 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjIuMLbATAB&v=APEucNUikv9smH1PIa9x15T-aU4ObGiwFlRtkm3cpj36jIw5HGTWQUMVr3Y8VorWqQrZZgVpXkgXTjAcX0d-KS1hjPXd9S6saKw9XA5PWwFBPGsJpvv0vJndC_j1m4G3F9rfZSBAaMT9Gh93x6ltPYmxFQO_S-cJXJF_joDadpfEB5HjMx2cz0jJAMikG13Hqu_vk-YvCa6s
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ0f4Zf2EYWE7-OzHTgx5gs&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 71DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECLj6eGGYTaBke5uSgLm_WA&google_cver=1

43 B
1 KB

37ms
35ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECLj6eGGYTaBke5uSgLm_WA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjIuMLbATAB&v=APEucNUikv9smH1PIa9x15T-aU4ObGiwFlRtkm3cpj36jIw5HGTWQUMVr3Y8VorWqQrZZgVpXkgXTjAcX0d-KS1hjPXd9S6saKw9XA5PWwFBPGsJpvv0vJndC_j1m4G3F9rfZSBAaMT9Gh93x6ltPYmxFQO_S-cJXJF_joDadpfEB5HjMx2cz0jJAMikG13Hqu_vk-YvCa6s

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:40 GMT
AN-X-Request-Uuid: d11437e7-5157-480b-8b17-bd8249bf66f8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECLj6eGGYTaBke5uSgLm_WA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 71DA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0OTI3NTI3MTg0MzIwMjIyMQ%3D%3D

170 B
243 B

25ms
24ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0OTI3NTI3MTg0MzIwMjIyMQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 03 Feb 2023 07:24:40 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 710b2d49-d102-4203-9645-1c951cb4f8b9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0OTI3NTI3MTg0MzIwMjIyMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1439 0
56 B 48ms
47ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4832790122039&version=m202301300101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1439 0
56 B 47ms
47ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4832790122039&version=m202301300101&ct=76&x=1&cor=2322238139544348000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1439 82 KB
34 KB 83ms
81ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DraURApqTiuWe_sJj3NUUyU5-RFLEALj5q7cVHoClD4yoRuBC8EOF_8dw1vlH64xclgreCdW_8ufZsjY7fvLJ4QEBIiw&cry=1&dbm_d=AKAmf-DacRWhMAffnLoAMdiwUlm-lEm4eg965rVUYjGEKyyUeGStSM5jCNpXkxL24TuRyDWFLY6JeXlODN81GZ2viU9vHX6ak7hziTZW2T4TFJpmGK91hxFxGAm-a1F_bC2yXARyFoQqohl5IhYJ8yrqKhIxjopRzfOeKB0aN98H7S9ZXXx21I9jszOo25mEAr2QhVVODw7lAIF01MestpA0-lkCG6cNMwm_g1ukWV51mrEwlxAtISGGgzR0vLyD4Fi29QLfM-8Y0wwUomoBvezZrXbjFJwxANX6_ARM1XX4AgtDpsPvmBDzhcJoxEIG7xJUrbANegWkTJLfYUbCq3fj8t88JxY--_HYD5g_6If7msF0hE1GoFh5cQJLIWw8sY_z0mnt-g4UjKN_qZWgBM6N8eplvWbV6U_9CmYmI3grO8zEFGex3OLSRhNlhLOkuE02voH04zgXTblZAXo7y7gMrYnLCDi8D0IMIWqAxsdY7iWGvP6hGDqN4R-3GcTU104tKvkb8s1WRlW7UGYROBE9VKeKS-XhLw2iIr4vsZK7fz8hMtIZwo12E_NMjB1SMhvhvg6SIGjKhrfHH44cnGfCXz_7QrBhQTELpXSY_tCYphAo80hyPTksTyPQhmWItWfn9TrHckqMN4Coxrc7-IQuTEgvf1hyuE6hn9foB-QYMcKcam6RxYq7dNFgVBqfgKUVfm4j-G51GPrlgBBaI5T2Dp8Y5vkn4G17GjYSgDi3hIuBjdY0ffimGN65KrNua_rszfsRYC6haWzBA4a1nLiw39n4V2lMlj_tg48i0e4XRZLcEPotdTgJ1P6FLDVOF1xSANRRkzgTKMrr_cSvc-Ys5inTVUCFIh8NTE8kntAQ5fyE84ZLrWAOVYS2O8iPhCmdCjnO1QnCUc2dGXNBn4xJsC1UKRPk-Mz-P9JRxQ4ANeBTTdiVRDhm1iRDfPEMHyJC0vwxLMdbrA8Km5JWQzBWKU2Sgn0QJbVU-Tb_UjsKtC3A4fim1_4R8wC5V7fyrtic4tqJxXjYyTwONRtStc0ghZNJLrmjIEPcNjcLOPy-1hDTaDVG1U8FkwqUd2KLpeVMQslXMfiM3AF6Oj8efPtR6-ivuuPZ4zVWJJi-lU5hamUggYyYEI6_3aeT-FfESk1NFdvc_KCFhrV8uZmRxLv9w52fpFyMD9NLK3bkS9aztIsfR1ZKkL0HE_exvlbgS-DUYSqsdxQTh9V9Wwd2hNvJ1J9O3Zs38gCY56dm6rDCULcJcdkJ9aZMwhXeYeqnl7pNgiws7GeVAzC-kMIymu3MZ4YVjrxthN2fm98il8chQEXhSlUW71hSc-JI3aA_8ZQs45ibY_lCk5evE7-l3ubZLzXHBf1izihg2FXuSFw3OdI6IiUYxAkAlMHIYzAgzQvH2-kMLzoalccow0zubZiLXAlveUH07-UyP5I_f95cQSOY2kttzqdRtKhbyokZ9Th7ENNikGl0lldRvK2m7KEQ0i8XTpgo8fJQWe4_EYNKOMScv7CykYCRgxqWZEvHGIm9svWdYYhpPfTcYJeqK17OKJI6-sbHXkxyV3RuemijO6_lBgCxAoVamrf1MLoKboXAA4aEg02eFwTMsRTKueuQM8GJXVkqc3mgbZDgsmwLlwZfyHL6fxx2auhHswwWPUhsa_yk8XjN61agmaJKDOvYfjVe7emH5IwRGFciM8ojoFb5TpLYH0GBCKPt7iRIXNhryv_NnQZdMK507PwmhLB1AXUw1MRh_KOUuB6YsuV686hydgsSV5xFeIbVBBMqoJ24mUOAe1QVulv0QuH_zOUFczDt2s6tHzblXsMmujS597fHs5IC_Hm0E1UAF2L9SWlGzu6HQ4cfI17lCqGYjrTL9YFQRYCitwSnujMHaCvTlpBdBNcMtKoTDx8RHbWqHEnLa7i1y0fzDA2Y7T8P2DuBUdwp-RDgFiVe0M-sOKREtWxVr6f3gNfevlgL79doo_h-5HEc1wXVaE9iFeIOdjMdeSYqFpG7A1rwR9rzUNUMSL0aAcFqusWh5ansUTuYLWwl2hyzquKQqGCLQ0-gSL0FvD_ImVIYn41fWvwTVAxHSWivFpQnal0TARon9JlyE8naeVDcJY3v74mRvvSENtN_geKD8lmHJ-peYGANec5-8BOmZ1xRBdvlQHjs8MO__kbEtyvZPlAHcklx0FiqVnwTiw2odBDbgCVlEt-xwDSrf_vhSJPXu26T4lx3nnFOECJfM6i9HdRm5_uatJ8mLMA0y_SN8LYbSf2NGGtIij9Qo0EFjLhuSLWzygPDL3y6RhahRdJjbkc-VVGiueUekH3_NfwwK9ASOifR1927C3IdQ44dw6I2ePpCawrglRtqEqzN9fmvTwUCmpkgh_ble0kU7-BK5-kOp0Ioqqi5-G0c59g41fvewm0W-WCqceBezoLlwc9oQq5PvbuqsRUYgilDo4_YBzKhMExTkepCRxLtECoyuxeyO-6boUJxuaRITtW-Ennw8VGK4B4r8qLuI86Mp1hjodGEpA9tM4ROPfMW6Btc2JJV89tbk-XMsd9vrFE33y1iWy2cf69z2aLJXn-M6DG2uw-2L-WJFRANZH5hmWk5JGyTH7zIq12CNfAzt3iCAgYfQcFS5SDFF69FO4G7aO7X5JReN6EsE8k0I0Mf4aurmV5g6k4A3NChlJPQhJ4a5xofFKqZFh_X--aGj9dwBwiT2zJerlcILzATozYEU6gQisdf-jxXwMlsyyDelFHVrfCnPH3W4EJaDUU3B3YAG4uccjUHkIyxc7wcsUju5nJ1Y3IWBmLLDWa89pD-A_sh1iiKNUBTMyTRg909jwxLeKggimmDqCy3thO3bEK4HlMWB_Tl2r8eOIdhYo7oCErcRoB-FMUpghuI6IZamqcx_zjB_-dD_tlgqpnAP0ppdBlEzl7qDiAz6KW1riM_fl7EniqM9nMTyvnggxPbeZKXUJ8uLc94PlHP56VsT1t7ztW8jvgO6SWpIzhmP8_FxJhskfspCNgJ5ia2KOXfjSsQhlqbbwlXvporFfM4qeK3nfU9gdtI4SGn7JNhzn0BQygeomJCGR37zYTDOg-GV2M8nSK-v3_pHjq0b71JGR1DRBgqetkEhZn5CUu511iaeHZR7U6_4OkeWPVHKs1oBMGiAvAFRyBapwbXN0dZgxaHkdI03ZKSE865e_LP9HgDIHTbC1OLgJ_fLouUnFx8FvFKJ4U4tIXdMHpKLCI1qZKqr2YRsXijXkofGqbe2fIsgQCgkhiCKWMKhnr2_F3mJuZ97xpmMhXh0WxKiey4CVA2RWHszJjU1Ls&cid=CAQSOwDUE5ymCEVCO_ZeG-bHzbTH9_AiNhkmyIIlu2X3Nrs0NuQIW2uggEL3zFBtoY6CMzj-lDQzzS-Uw9BJGAE&dc_eid=31072035&dv3_ver=m202301300101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=2322238139544348000&adk=2857193498&idt=147&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca1da7d72f3e91e179815a4f0598369f1133cd552ee45818e8f3d880f987fd66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35270
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B3A 0
20 B 50ms
49ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1205313453368&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B3A 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1205313453368&version=m202301230201&ct=76&x=1&cor=3762939325238897700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7B3A 82 KB
35 KB 88ms
87ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRiUMA9MM4dtFwlHp85E8S_nKhmaIvD8AeSibdzWBTVe0Qg79Q5uloSnHc96pLBT5Q-yBROD_TbvU5-MUNVgrl_LYRSg&cry=1&dbm_d=AKAmf-DJCLwxuZ4uwVVzTHz8LwqCFTs-XoqkRyo0ORCq9pHBFj2xAbh20zEVntdRxp-5d_R3D3GFGp7DDe0qckR3JSYYtFWPUvVezK5NTWcIId0_mZGH-ZQcMwUHqTIVUkNsrzAb5MVgk7TncJ0xeZ1E8i6Af7PJKw34B5Ti183nGWzrVn9QgMNEkM_qtDLSH_yi-Pm346iy7JHqjx0HdgYD6hsUF5w0s4O_K-aoYUmxWKYG8MH-aBMIU6LAouQb_bJNHPvgx8DPJEo26PK7GCiY4BJFaOqDo6z3Hjwhr_wsu_W__L-W7BV8k5VQk9CvrWpD_4x_b8Ca0mWy7fVtaMLttzu3IbbkSZWpHNKjTkBBXjlGsfH4k8pVMu8JFdEVz9ggHUG1Pd9lYhUCdoYVc0EvhiMKw_Ze0Za-PFpnzOCgb1vBPRBDBo1WRSjFvBaWtsOu8PRX-qfAVBlOR6WCMpRfOpUaP6pHTT-n2Zrdp3ZCSogYWXHndBrhLSy_oJD29u2ovV5wErvC35XyUyj7ipqheBSQi6uEoUWsOZa5qu2Xpt9wC8P7MfwcNgM8SwLov7_Nn0PL8yle502bv1DHNH77zdPpRhlPggN3IrjHjQ5qJWy2AzdmAhOiVZT09bVh_JBTDngZUVhY7MaXFBzq1j3JnFmUZbTDDJD3E4IIZA2dLWAMZcBxle1YDMhr3Q0OtQiYSu15vLuqd0q-lj5l--GWcZnWRJeyHxu0qNxibn5v355S4bnEciaIwkLGKQABohw3V8vPULZljjCQMpH66TMhATuDWjFsa84gASl-OFUUb9wy_Ml3y_k3ulVXit95wpcxjQ6erOSmA3T_tS9xodWDbxIh3OncL94R1jW_bsLxODhVkZl_wDFOoInOMFtPWUPs7YcOsIbm6h_j6EU10sLHhMiPrguVI_lrF5BNQUJYowRDH41vcGzt5PQvJr0E2O-KHQTtL0SvZ0z8VqkbbTPu5YPLOUZaLOfF0RZXDOgAsuS6cWcrmpuNIGWuLJ7lzehr1t9FUCzfE_5KN-eVVYyoQtZA34drkZ-wbo1xQbrB_on2cIoR0J53bWAQQa3rNyS6Hu_QrAcFmNruflsN6ecN4GV5LDsQodegH5Siw7B2gPx3YhmFlkszjK9OVl3AMvVaDCMP-KVZM024ha4QCqxArwK2yHll7EsoTsDkn5JIY4Z41vfbmuMqFHkfJfdFQojlKaYrE4z9tLIPZYh_mgzivvQsDcEcDAGpJ8N7K8cb4-fVH81d91YaxvhCgOl1exoO7H-OSN7oJr2Lgn4DnXpmZ4TQnRlc-fttRin4QCspvrNyLDvSvp56MgKFPKflJ2hmxUhIPHrwXCQhUCjiMNIdlXCbnTVdm90Yi3PHUVg0nd-oscHjPgSCFRgHTJ7KWaxAp4aDcbqzSm-f19tx2uM_VkttLvt9Za2hOkuATTJW8Df9f4Jk7fvzsmmh3T2q2DZZCJzjvyUdBYVFwBC6joU4nZjTN6V5JT_CT3_8dEr2G16r0BMpRIUJokGpfy56aBpTy5zm9AVF335IYC_0byO7nkQfsDjAoJW2PucDpZF9TY4TPssHMrnGhdw4RW1VAcDHJNW4ISXhrOhW8kTSkJ1u5nLzjpq2dPuleK7MlP0c7j5oHqGl1Gx7KS9n9wArbrivfo48iB3IHI4sCVpbyUPcmsFsjpgLyfq-ByVyE8X8gb3df9kOtarwJPTkjWynyDRXyuijY2EpaMJ8hCBbdQHQZpCDw_mByl2ZP4RGtooxUyg3fbd2mJ9SkYVLOB3gn_kLbdKXkXLRly35A0oQE0OWMTRkAzsJrg0Ds5rEOiGq_uxam391jo5wa8bTguZgUc0KcUi3Ii3fz4OsJJco13pqWx_nF29_KtAmBup_ONYVJtW5myZZGCsHHy_z9IJSOEe-HySpMNg6LMdopeFzttWNsQk_vZF9okCBkH_HxPYiZuxrwiCuOPwAdZumxjaEJ2wa10iXAMA0CTEpbtHCM5tcl-R4f5xCGE9bj-eqA8ghf6I45iY5n5mVEvRgV36x0EBS4EAb_y_fSux9vyXbfZs5-Sl_JR8gdRMxgP1l9SWQjB7FF_e6u0l8Ja-0wqNAa-Au_n3k5xb6fE4DXAu2hTLtLFGi1jp7uu5iSaewsG3wt7cBhtFfviOS4rc9-XOpd9IYkVtQhFv-DhCgxzA_aVHdNgttJMcoWcsEPAQ1H4h9JWd3qo1q73_nUz9Du7Ch5ZBmG-8u8-beoiHdnPItEsflOQhCO3Yd7B9GjCJ-wEuaAIzPc15e4PBiAjDqR3aPzZu7ieEC5qYfiJtd5JcgE0m5qtbV62Fdx4t8WEYsLDdU0Jyuk6N3Nh7aVFrgJKLCvprCv2U1VlMNy_AJJFX0fEFM6YuZh0lrWsVncZMToZwX0yHcQSNj8wmm5xU4bxStL6GqImVjYRsJxuaCOOcrWJoDoZ6WZ2WG7GdnzhUujUeLXksogcad4dIvx73BFhA8lM9pb21Vfz6SHrO7D3GjoHsTOjHzE2O5I-TJ1R7DUb2zykSD3W9OqiXzWakR4L9kI7omzaAA_m5et3LxAG2uxrgBKHaLPXj8dCq_CbQRc_mXCr2k3V4muYFJ7oKoxCiMZTgXsedDZ0hYKpGHKiaQ6FYDNpZy0r0w51KqFgLEF_d_KqZpTUDFVvTqui3VwVYwuieq-mpFs0mwkrA2SksH5OotdTuY6QBcOzY935PgGJ0oymecR7V5sjzLtasGxaTrggqTSv6qUZbHcQ2qEtF5OUQ5lScIqoVW16rqSn47A4frvso6sQTtkfvMxbKNdrL0cdZGtATjYtsZTcV9FP-AIFv7GmrKa_eLV7SGbcPJr4Wd2UrptEWAsh1Wo16Us2EGLPaWdHcmDupup2ccQEKOlhe78Tk4w9PFYAKCFwRCk2p_UxpeJ9l5gO-3Gt3cCWpF6UP4m_fJpoW90sKvr0q8B9KnNcsIJqa1wnMgcel23zhoMzrFxHKPAxHtrXubXllouLPUuD9zoxdOdNbqY1MWemdGBwx_TZ7LwMc-Z5xdCesV0t_FxQvn4qS0JJ95JdB7PyGA74yfllgXyGwijxeuMR7gE7fqeeZgIBv2Ryh3trQWS6OgJKLheVU6_pexDi4enUrR6v1Tdq_0GMgvOIDTStaKa-WPqPjOJW9KYr29AbAN6zB2WIsh0-vZDJVolmvLVPRFExXN1KszO_Lwf-8lHmVK7DSuBZnxXipGQUkx8_-sVxtvXrzEITiVeEToil9NgrOp_9skGDMzFS3c2pa9OiyWA237ysCeyvQbyi4ExWM2SOlHnUqmx7U&cid=CAQSOwDUE5ymCEVCO_ZeG-bHzbTH9_AiNhkmyIIlu2X3Nrs0NuQIW2uggEL3zFBtoY6CMzj-lDQzzS-Uw9BJGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=3762939325238897700&adk=3944675600&idt=182&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4138d360966621f83b13778fb6c802dc4067d1844b0fc6356add5df466a907c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6A4 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4271612558812&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6A4 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4271612558812&version=m202301230201&ct=76&x=1&cor=2445429371500066000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C6A4 82 KB
34 KB 96ms
95ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dmo1hC_Oftd7PewY6mTuDEh1xce8GKBdQ8Y6yEbwZ9Oux7xJNVhwtm7pqSCSniC14FIk0IF0HAPTcKshqc7jjb0PctuA&cry=1&dbm_d=AKAmf-Dv0Y0HUNZuhl00EaNNXTINxMxqYb7KrzquJKSrHxBnH-cZ-nwjetC1Iv95dflCVxawmxNtW2b8VZdb15wPVpXX8P-efMYF6dXtvtX051mYvvvBMwSjgCc_pWasMrZ5WDERl64x-wV3W1K3Wm4Yah9BHy0__1TdCjyj0cJrG7cNrAoZ16qBExhEZr8QMyOOT-eLnpfMu1-Lgyaj5gZAqV6DDpvNna0g-NB8_WAflZ2Td0R4emvOycBqjuPtlBpxPNGp9F72nxmAu6Wj6kqdkgAYISi2kAdVn__or_LQX82gzBTsrkZ4M0tuUftsmoFrnUcw5buvHMXymbsWPlpFRV-yqMNnWrt-n_BxsIZCUH3kn9wiIYS5f12e95mArmt8YJE62es47mc1QkfN3uZlaFov8VtDokLENH_9YZth3MAVeDBwgM2-XLrSao91PVAO2_jFsbGnPMMSFzR7opkK43C1BvtvrlMwV-SPhPbZv0ahUv03W32Sdz-Gzy9GVt6vAzNZufM3IZqiclxDQxY6UjraqXsUiUx7IIOUaoGhU5CN6iYsDXZ1OwkRrBaFwsgoFCI1DdpPBoEE9rp12n6CmcFue2afYzyWl3cxWq8OS-7fC5C8ftuO-rhVkHKtBFbJcXaj5BLL7-Nq_DWnWjdrXPIIg7zgBdh0Jo92VNgxiF2le7N11wUkXp7_mXdyg7RgGMHDJzz-Qc2q3hwI6XmAcuxVklFaHpuVDF1FWfG8nhyrIO9-6G1_mSprBlxL1IcsAdpaG3pBbUsZqgf6mFHk0CLuc8e6Btq2Ccfq1VPWTxYHmFA4p6lQsmdz-rTHpt1uHkeDvIatZoMPmEyxqkz5k5m-WhuSEMXveIQD6g-S4sh13YcpTC4xA0yf75qcu5HYYQuzW1UU0rVZGIlQMn86uSK92udYxi6LA_UNS1KuHDIZzVF1gdPNh7FVox1jBBFRry83Rn5by6RU58r0dtgBxvBtspUaFlyfUxMi3IQHfrd1eSv87FLfCAh8M4Vz6wn8RI5ktZEr05c55zIQNx_Onk6zN9MU4A8JyRSOwW_RKIV0D0IGwFtGNK7HzyRX9PXFwL3HaHwL9gMwxwSeIORFj1w8mRYRXuk-rWcaQFh83NsWQgwO7PP9mSRFN-QWN6ZBj8hGmlvzsmmJYvRsXNxpVqcpxpNP2Q_MD6pWnjN-bXpxqsqNRTIzJf1MMvANMQkZythmFFnjeOojGLgJJ9pqbaBwqnP1pwAJkXg3LXN5bN8IfM23AK7mzhuuN2NmYFVZWyN_XvhHGdQ6ld0Jj5sXIf620BenJUlEsf3yGgPjzG_zNFQWSfswJJD9geycZNi4invxyuThZBfo3P5ZY2d8ULcvNG8kqx94maaz3pRpt7MyJDtlfutHCSxW-XdcdTkR5PQ7i4ynZL2OJwdXa6Ad9TKttdQXM_Bo3tepd5M4xyTarcdmm-oRKkjsdGqEs52Wnjod4tV4iSNcpsO8wtQOjbe34xjaDK65_QIhknfJ-TPKkpP-4aA4n1QWliQpOtYphlQLjQJ69PCGxgmOCa_hibciaiM3ibu5Ofc0MDKfqFU-2D_M3UOz_k7xXQeTfeuFIHwVCu876V65IDuRjYV_yB0EJ2ANmZ_ZI0Su-5wLSd3INXd0m1ME8LkYjPNvj8njFjN_huhMLfGwujy9Tldi13yMaoOoyZyBXvWp8242ynftjrMSwM4O-dJTD76KaQ0dENT8MtksyN78LF8SOF_LsesM6sVkc9PHESvi8vDJbPAui1WpWyp-iYnjSgI0KfhH4tdky97ZAQ4pW2NZLXbl0byjk9gFDb-Dofd_o1g7y2yLY3Bsl_Y7xP0cSmw5ydXf3t573mqE1MpjrznmVltWKgZW2xFxOlHCrcspza4uhlMk3-DeLWnjA15H8wFZalo93Aqlh7lTsLhcC6G8MAvziZQ_hYRWT2GsD4yiTXS8sDOrhKOydePWBM-o8oXfjB-ZdjQmberOUUgGmnBqBYvbGMhx1Vq7bD0nKLtY5tMDosW__a7yNlZLlx8N4wucBR8XTGU4ZP8VkcDgabltSfj9WwasNueHtbir1iDHfrYFfT_pqGZTrqBgV0yHLkllrxPZ5d0LSvwj2ZzuUmE5ORRI7HPwLlpYzQpdTrL41LcxAkHlgfPP_RpBQ7dMtBrfOMVQ04yq5MXrAZ3l0imuEhzXwwGgY1NxjBsglF-h2Zx-ohBnnQFzQHQx-wl83oTTb4XPR3cMIdRxc2KbeqtAJ5UNhw_ROCGAE9pimxUwhYpU6oIT5-U_fytHTB1kTJhFxroEc01TO7FbgOvhWudG8KJ7B7kbSup4_C0CNL406MZATN5rcOhZGe_o-Fv8n7QZpbve6Sm-ita2LnxE4M0N9MKa-TAYCgy7ZDhSMpLc5Ee39LHe1LFENGfYfnyQb2NAxO-8jvSo1xyBTUIcKgrY8uj4O-icktAV-8jts2iXrF0AOQrXHoJXJiGHA1rpw39D2Vn9vwOY3hcP0igeAfgbRBQyzspn7tCXptYRn241_lm3NdI1aQz4kn4OoYnCoZqmxM1AOhOCAdFAsilshqPw6nkW1dwVgr8XE082bz5R1mULFzx0qtrUnsODEsAL2aESiODZ3_3Ag_E0M1ss6DhRKVVimMtggYNev2TQD37QUscToMVOzRBZInP3xXECpjALglAGRi_5WF95wlVFzbzO8wjWjPjvJapLXM-knbAdtJIfHZ7S952kRGs5TUwODsTdTOVqxxsOslrdNzdNgyaP9YsjqDB8RnVLC88iJKpBRTtIvRe_d1kvwNg2FK55HOe0gfFLCXpVU8zpfqDU8xUxuYLr2ujSrlDw72gthWHWcLGDn8lGn5PdxGifrUZxNyMndzH-KHufyD4KmqNSmkVvfzKuhlEKJ8aHUp90QhFsTKjiylf7Ncq6qSFK9NS9MtJ3xgRtz010lc4qqF9SJKlDw69xdNej-RFpqfnC4FSytF5xuOB4JZceHvHQk835cWjbu1p45Gk0PUJcLIMtoMtU33oKnqMlNwsUP8aBttWCCJcuWlUenPpRu7x5bkD_lsbgiSBJLlXy8v4NWdLIz1B06FlWtF0Q0jjUJ2xjo6cRxBgpnh4poJ7RcS8bD0-chZUuMoqKMzRUmxZ8WUvZ1O_MOkANGE2LdzwBrTVdcZ27fibS3TjUwF_qs5_d6UPAWj7qBwf29ESrewS_Aw_LI1YABtrDVGyoidF_T5VNbny5m8qwFnzd94dYhSdfTgAki6txcETD670CIIfaHMlpfgBNmBtpoXoKD8mrmZh4ZG2oVUIwur3uX94R9w8&cid=CAQSOwDUE5ymCEVCO_ZeG-bHzbTH9_AiNhkmyIIlu2X3Nrs0NuQIW2uggEL3zFBtoY6CMzj-lDQzzS-Uw9BJGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=2445429371500066000&adk=2086295851&idt=193&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a9e185c2ed1b2c88f343651b74e2114b719ec18347a37cb6910317b24ab504d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 1439 106 KB
37 KB 123ms
29ms Script
text/javascript 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
Origin: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78544
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Feb 2023 09:35:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame 1439 8 KB
3 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DraURApqTiuWe_sJj3NUUyU5-RFLEALj5q7cVHoClD4yoRuBC8EOF_8dw1vlH64xclgreCdW_8ufZsjY7fvLJ4QEBIiw&cry=1&dbm_d=AKAmf-DacRWhMAffnLoAMdiwUlm-lEm4eg965rVUYjGEKyyUeGStSM5jCNpXkxL24TuRyDWFLY6JeXlODN81GZ2viU9vHX6ak7hziTZW2T4TFJpmGK91hxFxGAm-a1F_bC2yXARyFoQqohl5IhYJ8yrqKhIxjopRzfOeKB0aN98H7S9ZXXx21I9jszOo25mEAr2QhVVODw7lAIF01MestpA0-lkCG6cNMwm_g1ukWV51mrEwlxAtISGGgzR0vLyD4Fi29QLfM-8Y0wwUomoBvezZrXbjFJwxANX6_ARM1XX4AgtDpsPvmBDzhcJoxEIG7xJUrbANegWkTJLfYUbCq3fj8t88JxY--_HYD5g_6If7msF0hE1GoFh5cQJLIWw8sY_z0mnt-g4UjKN_qZWgBM6N8eplvWbV6U_9CmYmI3grO8zEFGex3OLSRhNlhLOkuE02voH04zgXTblZAXo7y7gMrYnLCDi8D0IMIWqAxsdY7iWGvP6hGDqN4R-3GcTU104tKvkb8s1WRlW7UGYROBE9VKeKS-XhLw2iIr4vsZK7fz8hMtIZwo12E_NMjB1SMhvhvg6SIGjKhrfHH44cnGfCXz_7QrBhQTELpXSY_tCYphAo80hyPTksTyPQhmWItWfn9TrHckqMN4Coxrc7-IQuTEgvf1hyuE6hn9foB-QYMcKcam6RxYq7dNFgVBqfgKUVfm4j-G51GPrlgBBaI5T2Dp8Y5vkn4G17GjYSgDi3hIuBjdY0ffimGN65KrNua_rszfsRYC6haWzBA4a1nLiw39n4V2lMlj_tg48i0e4XRZLcEPotdTgJ1P6FLDVOF1xSANRRkzgTKMrr_cSvc-Ys5inTVUCFIh8NTE8kntAQ5fyE84ZLrWAOVYS2O8iPhCmdCjnO1QnCUc2dGXNBn4xJsC1UKRPk-Mz-P9JRxQ4ANeBTTdiVRDhm1iRDfPEMHyJC0vwxLMdbrA8Km5JWQzBWKU2Sgn0QJbVU-Tb_UjsKtC3A4fim1_4R8wC5V7fyrtic4tqJxXjYyTwONRtStc0ghZNJLrmjIEPcNjcLOPy-1hDTaDVG1U8FkwqUd2KLpeVMQslXMfiM3AF6Oj8efPtR6-ivuuPZ4zVWJJi-lU5hamUggYyYEI6_3aeT-FfESk1NFdvc_KCFhrV8uZmRxLv9w52fpFyMD9NLK3bkS9aztIsfR1ZKkL0HE_exvlbgS-DUYSqsdxQTh9V9Wwd2hNvJ1J9O3Zs38gCY56dm6rDCULcJcdkJ9aZMwhXeYeqnl7pNgiws7GeVAzC-kMIymu3MZ4YVjrxthN2fm98il8chQEXhSlUW71hSc-JI3aA_8ZQs45ibY_lCk5evE7-l3ubZLzXHBf1izihg2FXuSFw3OdI6IiUYxAkAlMHIYzAgzQvH2-kMLzoalccow0zubZiLXAlveUH07-UyP5I_f95cQSOY2kttzqdRtKhbyokZ9Th7ENNikGl0lldRvK2m7KEQ0i8XTpgo8fJQWe4_EYNKOMScv7CykYCRgxqWZEvHGIm9svWdYYhpPfTcYJeqK17OKJI6-sbHXkxyV3RuemijO6_lBgCxAoVamrf1MLoKboXAA4aEg02eFwTMsRTKueuQM8GJXVkqc3mgbZDgsmwLlwZfyHL6fxx2auhHswwWPUhsa_yk8XjN61agmaJKDOvYfjVe7emH5IwRGFciM8ojoFb5TpLYH0GBCKPt7iRIXNhryv_NnQZdMK507PwmhLB1AXUw1MRh_KOUuB6YsuV686hydgsSV5xFeIbVBBMqoJ24mUOAe1QVulv0QuH_zOUFczDt2s6tHzblXsMmujS597fHs5IC_Hm0E1UAF2L9SWlGzu6HQ4cfI17lCqGYjrTL9YFQRYCitwSnujMHaCvTlpBdBNcMtKoTDx8RHbWqHEnLa7i1y0fzDA2Y7T8P2DuBUdwp-RDgFiVe0M-sOKREtWxVr6f3gNfevlgL79doo_h-5HEc1wXVaE9iFeIOdjMdeSYqFpG7A1rwR9rzUNUMSL0aAcFqusWh5ansUTuYLWwl2hyzquKQqGCLQ0-gSL0FvD_ImVIYn41fWvwTVAxHSWivFpQnal0TARon9JlyE8naeVDcJY3v74mRvvSENtN_geKD8lmHJ-peYGANec5-8BOmZ1xRBdvlQHjs8MO__kbEtyvZPlAHcklx0FiqVnwTiw2odBDbgCVlEt-xwDSrf_vhSJPXu26T4lx3nnFOECJfM6i9HdRm5_uatJ8mLMA0y_SN8LYbSf2NGGtIij9Qo0EFjLhuSLWzygPDL3y6RhahRdJjbkc-VVGiueUekH3_NfwwK9ASOifR1927C3IdQ44dw6I2ePpCawrglRtqEqzN9fmvTwUCmpkgh_ble0kU7-BK5-kOp0Ioqqi5-G0c59g41fvewm0W-WCqceBezoLlwc9oQq5PvbuqsRUYgilDo4_YBzKhMExTkepCRxLtECoyuxeyO-6boUJxuaRITtW-Ennw8VGK4B4r8qLuI86Mp1hjodGEpA9tM4ROPfMW6Btc2JJV89tbk-XMsd9vrFE33y1iWy2cf69z2aLJXn-M6DG2uw-2L-WJFRANZH5hmWk5JGyTH7zIq12CNfAzt3iCAgYfQcFS5SDFF69FO4G7aO7X5JReN6EsE8k0I0Mf4aurmV5g6k4A3NChlJPQhJ4a5xofFKqZFh_X--aGj9dwBwiT2zJerlcILzATozYEU6gQisdf-jxXwMlsyyDelFHVrfCnPH3W4EJaDUU3B3YAG4uccjUHkIyxc7wcsUju5nJ1Y3IWBmLLDWa89pD-A_sh1iiKNUBTMyTRg909jwxLeKggimmDqCy3thO3bEK4HlMWB_Tl2r8eOIdhYo7oCErcRoB-FMUpghuI6IZamqcx_zjB_-dD_tlgqpnAP0ppdBlEzl7qDiAz6KW1riM_fl7EniqM9nMTyvnggxPbeZKXUJ8uLc94PlHP56VsT1t7ztW8jvgO6SWpIzhmP8_FxJhskfspCNgJ5ia2KOXfjSsQhlqbbwlXvporFfM4qeK3nfU9gdtI4SGn7JNhzn0BQygeomJCGR37zYTDOg-GV2M8nSK-v3_pHjq0b71JGR1DRBgqetkEhZn5CUu511iaeHZR7U6_4OkeWPVHKs1oBMGiAvAFRyBapwbXN0dZgxaHkdI03ZKSE865e_LP9HgDIHTbC1OLgJ_fLouUnFx8FvFKJ4U4tIXdMHpKLCI1qZKqr2YRsXijXkofGqbe2fIsgQCgkhiCKWMKhnr2_F3mJuZ97xpmMhXh0WxKiey4CVA2RWHszJjU1Ls&cid=CAQSOwDUE5ymCEVCO_ZeG-bHzbTH9_AiNhkmyIIlu2X3Nrs0NuQIW2uggEL3zFBtoY6CMzj-lDQzzS-Uw9BJGAE&dc_eid=31072035&dv3_ver=m202301300101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=2322238139544348000&adk=2857193498&idt=147&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:18:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43586
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:18:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 1439 28 KB
11 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 20:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10940
x-xss-protection: 0
server: cafe
etag: 260008737171085554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 20:08:29 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1439 41 KB
15 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 19:54:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 80BE 1 KB
643 B 14ms
14ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 14:43:17 GMT
etag: 48472445140208031
expires: Fri, 03 Feb 2023 14:43:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1439 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acc670a824e6eb431d318fb2526b92f20de7792d1d9a73d23d23251282c01c93

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 85EE 22 KB
8 KB 36ms
35ms Document
text/html 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 423270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 09:50:10 GMT
expires: Mon, 29 Jan 2024 09:50:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80BE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHW4MsIk1BXID7qyA8InhV4&google_cver=1&google_push=Aa02lx-BQyTgRUhoPw9zwbZNplpEr1f83wEHdcwGGDElVVG1HbKxgxyQcNkbUj9R0f_mYXs15Zouqj_YLKwTEWht...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-BQyTgRUhoPw9zwbZNplpEr1f83wEHdcwGGDElVVG1HbKxgxyQcNkbUj9R0f_mYXs15Zouqj_YLKwTEWhtJMJ24_HRmA4YcQ

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-BQyTgRUhoPw9zwbZNplpEr1f83wEHdcwGGDElVVG1HbKxgxyQcNkbUj9R0f_mYXs15Zouqj_YLKwTEWhtJMJ24_HRmA4YcQ

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 03 Feb 2023 07:24:40 GMT
Server: MT3 421 8749e8d master zrh-pixel-x11 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-BQyTgRUhoPw9zwbZNplpEr1f83wEHdcwGGDElVVG1HbKxgxyQcNkbUj9R0f_mYXs15Zouqj_YLKwTEWhtJMJ24_HRmA4YcQ
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 03 Feb 2023 07:24:39 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 80BE
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEDTxyqTSUxDi8QPuXycdxs&google_cver=1&google_push=Aa02lx-HVpSy_FRphHhP1_oF3OkYhranpmwKnZqg2NnB9xPh5urPxy8PeOmN6LjuWErCLqXiqbVE5yGv-zoLOIw2fbCFzKFHy9gBO...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEDTxyqTSUxDi8QPuXycdxs&google_cver=1&google_push=Aa02lx-HVpSy_FRphHhP1_oF3OkYhranpmwKnZqg2NnB9xPh5urPxy8PeOmN6LjuWErCLqXiqbVE5yGv-zoLOIw2fbCFzKFHy9g...

43 B
411 B

163ms
149ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEDTxyqTSUxDi8QPuXycdxs&google_cver=1&google_push=Aa02lx-HVpSy_FRphHhP1_oF3OkYhranpmwKnZqg2NnB9xPh5urPxy8PeOmN6LjuWErCLqXiqbVE5yGv-zoLOIw2fbCFzKFHy9gBOw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-HVpSy_FRphHhP1_oF3OkYhranpmwKnZqg2NnB9xPh5urPxy8PeOmN6LjuWErCLqXiqbVE5yGv-zoLOIw2fbCFzKFHy9gBOw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79396da25caabb8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 72
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEDTxyqTSUxDi8QPuXycdxs&google_cver=1&google_push=Aa02lx-HVpSy_FRphHhP1_oF3OkYhranpmwKnZqg2NnB9xPh5urPxy8PeOmN6LjuWErCLqXiqbVE5yGv-zoLOIw2fbCFzKFHy9gBOw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-HVpSy_FRphHhP1_oF3OkYhranpmwKnZqg2NnB9xPh5urPxy8PeOmN6LjuWErCLqXiqbVE5yGv-zoLOIw2fbCFzKFHy9gBOw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79396da12b6ebb8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 80BE 70 B
265 B 125ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENBHDZLGineg_om6nXxam88&google_cver=1&google_push=Aa02lx8Q1O9qgY_fRvolDj5WB65uXMt1m5m4IVskGp266Pa4yK7oIAC2lb7xrJZesoZhhusGko95DbM5J6irE5LO3V8oHtuMlHYasg
Requested by: Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 dds
rtb.openx.net/sync/ Frame 80BE 43 B
351 B 71ms
23ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEN5ON7QL3Z4mMF71Dhvp6dE&google_cver=1&google_push=Aa02lx-ZGtnZi6UjIQp-0kWF-Tv5Px0vyFNGb3uNLdVKdjObmYJXVaWbW1vqjVpz1cdXMyjgJqTwVIAlSebb1E9nHgw7dXFEC2bbwA
Requested by: Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:39 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 3ki11n63pggdgb61e8v08jm9ic1kdfu2

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 80BE 0
44 B 985ms
263ms Image
text/plain 52.196.206.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEFdGXgMgVDpqS_CV6rDDVYg&google_cver=1&google_push=Aa02lx9HDHOY5lN0sq-9B4IDRlzuroMX5PylK1TWQzVFaLoUlFhavRyq3r-6-wEFCYAxgMedt2Zs6D9DsxDVt0KfZGOJElsjXhtVAQ
Requested by: Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.206.50 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-206-50.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:41 GMT
server: awselb/2.0

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame 80BE
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEId3TArHulfgp1RUElwQs-U&google_cver=1&google_push=Aa02lx9CuQ-jGaKyyhRiwhHkSqSVUvo2hWFDyeDvESo2RLNnR1NbaOVofl_qeqMj5IVbW_-1geDVqbgts5PhvGzd-k1ezv6Na3HkQQk
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx9CuQ-jGaKyyhRiwhHkSqSVUvo2hWFDyeDvESo2RLNn...

43 B
1 KB

15ms
15ms

Image
image/gif

162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx9CuQ-jGaKyyhRiwhHkSqSVUvo2hWFDyeDvESo2RLNnR1NbaOVofl_qeqMj5IVbW_-1geDVqbgts5PhvGzd-k1ezv6Na3HkQQk

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 03 Feb 2023 07:24:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Fri, 03 Feb 2023 07:24:40 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx9CuQ-jGaKyyhRiwhHkSqSVUvo2hWFDyeDvESo2RLNnR1NbaOVofl_qeqMj5IVbW_-1geDVqbgts5PhvGzd-k1ezv6Na3HkQQk
x-download-options: noopen
vary: Accept
content-length: 274
x-xss-protection: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 80BE
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENcygRZ0e7mFHX2kZnQ1IR4&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx_ut-oe7EPHJlbACzzOZmf0V2t9tjGBn6vHSsSURE20UlEj_1I0O1VEjRPBtf8z3rpagiIhr69XHpYzTJg2vbDzaeEejNWj3Nw
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

30ms
29ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Fri, 03 Feb 2023 07:24:40 GMT
pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 80BE 0
12 B 24ms
23ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kj4v0wEHQ9cNGKbEsNfYh7iYcuekMUG-cKV3ZOfyOECT-k97VpMRYZpUIP7uQO1IDjG7fxH8o

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 7B3A 106 KB
37 KB 73ms
68ms Script
text/javascript 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
Origin: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78544
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Feb 2023 09:35:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame 7B3A 8 KB
3 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRiUMA9MM4dtFwlHp85E8S_nKhmaIvD8AeSibdzWBTVe0Qg79Q5uloSnHc96pLBT5Q-yBROD_TbvU5-MUNVgrl_LYRSg&cry=1&dbm_d=AKAmf-DJCLwxuZ4uwVVzTHz8LwqCFTs-XoqkRyo0ORCq9pHBFj2xAbh20zEVntdRxp-5d_R3D3GFGp7DDe0qckR3JSYYtFWPUvVezK5NTWcIId0_mZGH-ZQcMwUHqTIVUkNsrzAb5MVgk7TncJ0xeZ1E8i6Af7PJKw34B5Ti183nGWzrVn9QgMNEkM_qtDLSH_yi-Pm346iy7JHqjx0HdgYD6hsUF5w0s4O_K-aoYUmxWKYG8MH-aBMIU6LAouQb_bJNHPvgx8DPJEo26PK7GCiY4BJFaOqDo6z3Hjwhr_wsu_W__L-W7BV8k5VQk9CvrWpD_4x_b8Ca0mWy7fVtaMLttzu3IbbkSZWpHNKjTkBBXjlGsfH4k8pVMu8JFdEVz9ggHUG1Pd9lYhUCdoYVc0EvhiMKw_Ze0Za-PFpnzOCgb1vBPRBDBo1WRSjFvBaWtsOu8PRX-qfAVBlOR6WCMpRfOpUaP6pHTT-n2Zrdp3ZCSogYWXHndBrhLSy_oJD29u2ovV5wErvC35XyUyj7ipqheBSQi6uEoUWsOZa5qu2Xpt9wC8P7MfwcNgM8SwLov7_Nn0PL8yle502bv1DHNH77zdPpRhlPggN3IrjHjQ5qJWy2AzdmAhOiVZT09bVh_JBTDngZUVhY7MaXFBzq1j3JnFmUZbTDDJD3E4IIZA2dLWAMZcBxle1YDMhr3Q0OtQiYSu15vLuqd0q-lj5l--GWcZnWRJeyHxu0qNxibn5v355S4bnEciaIwkLGKQABohw3V8vPULZljjCQMpH66TMhATuDWjFsa84gASl-OFUUb9wy_Ml3y_k3ulVXit95wpcxjQ6erOSmA3T_tS9xodWDbxIh3OncL94R1jW_bsLxODhVkZl_wDFOoInOMFtPWUPs7YcOsIbm6h_j6EU10sLHhMiPrguVI_lrF5BNQUJYowRDH41vcGzt5PQvJr0E2O-KHQTtL0SvZ0z8VqkbbTPu5YPLOUZaLOfF0RZXDOgAsuS6cWcrmpuNIGWuLJ7lzehr1t9FUCzfE_5KN-eVVYyoQtZA34drkZ-wbo1xQbrB_on2cIoR0J53bWAQQa3rNyS6Hu_QrAcFmNruflsN6ecN4GV5LDsQodegH5Siw7B2gPx3YhmFlkszjK9OVl3AMvVaDCMP-KVZM024ha4QCqxArwK2yHll7EsoTsDkn5JIY4Z41vfbmuMqFHkfJfdFQojlKaYrE4z9tLIPZYh_mgzivvQsDcEcDAGpJ8N7K8cb4-fVH81d91YaxvhCgOl1exoO7H-OSN7oJr2Lgn4DnXpmZ4TQnRlc-fttRin4QCspvrNyLDvSvp56MgKFPKflJ2hmxUhIPHrwXCQhUCjiMNIdlXCbnTVdm90Yi3PHUVg0nd-oscHjPgSCFRgHTJ7KWaxAp4aDcbqzSm-f19tx2uM_VkttLvt9Za2hOkuATTJW8Df9f4Jk7fvzsmmh3T2q2DZZCJzjvyUdBYVFwBC6joU4nZjTN6V5JT_CT3_8dEr2G16r0BMpRIUJokGpfy56aBpTy5zm9AVF335IYC_0byO7nkQfsDjAoJW2PucDpZF9TY4TPssHMrnGhdw4RW1VAcDHJNW4ISXhrOhW8kTSkJ1u5nLzjpq2dPuleK7MlP0c7j5oHqGl1Gx7KS9n9wArbrivfo48iB3IHI4sCVpbyUPcmsFsjpgLyfq-ByVyE8X8gb3df9kOtarwJPTkjWynyDRXyuijY2EpaMJ8hCBbdQHQZpCDw_mByl2ZP4RGtooxUyg3fbd2mJ9SkYVLOB3gn_kLbdKXkXLRly35A0oQE0OWMTRkAzsJrg0Ds5rEOiGq_uxam391jo5wa8bTguZgUc0KcUi3Ii3fz4OsJJco13pqWx_nF29_KtAmBup_ONYVJtW5myZZGCsHHy_z9IJSOEe-HySpMNg6LMdopeFzttWNsQk_vZF9okCBkH_HxPYiZuxrwiCuOPwAdZumxjaEJ2wa10iXAMA0CTEpbtHCM5tcl-R4f5xCGE9bj-eqA8ghf6I45iY5n5mVEvRgV36x0EBS4EAb_y_fSux9vyXbfZs5-Sl_JR8gdRMxgP1l9SWQjB7FF_e6u0l8Ja-0wqNAa-Au_n3k5xb6fE4DXAu2hTLtLFGi1jp7uu5iSaewsG3wt7cBhtFfviOS4rc9-XOpd9IYkVtQhFv-DhCgxzA_aVHdNgttJMcoWcsEPAQ1H4h9JWd3qo1q73_nUz9Du7Ch5ZBmG-8u8-beoiHdnPItEsflOQhCO3Yd7B9GjCJ-wEuaAIzPc15e4PBiAjDqR3aPzZu7ieEC5qYfiJtd5JcgE0m5qtbV62Fdx4t8WEYsLDdU0Jyuk6N3Nh7aVFrgJKLCvprCv2U1VlMNy_AJJFX0fEFM6YuZh0lrWsVncZMToZwX0yHcQSNj8wmm5xU4bxStL6GqImVjYRsJxuaCOOcrWJoDoZ6WZ2WG7GdnzhUujUeLXksogcad4dIvx73BFhA8lM9pb21Vfz6SHrO7D3GjoHsTOjHzE2O5I-TJ1R7DUb2zykSD3W9OqiXzWakR4L9kI7omzaAA_m5et3LxAG2uxrgBKHaLPXj8dCq_CbQRc_mXCr2k3V4muYFJ7oKoxCiMZTgXsedDZ0hYKpGHKiaQ6FYDNpZy0r0w51KqFgLEF_d_KqZpTUDFVvTqui3VwVYwuieq-mpFs0mwkrA2SksH5OotdTuY6QBcOzY935PgGJ0oymecR7V5sjzLtasGxaTrggqTSv6qUZbHcQ2qEtF5OUQ5lScIqoVW16rqSn47A4frvso6sQTtkfvMxbKNdrL0cdZGtATjYtsZTcV9FP-AIFv7GmrKa_eLV7SGbcPJr4Wd2UrptEWAsh1Wo16Us2EGLPaWdHcmDupup2ccQEKOlhe78Tk4w9PFYAKCFwRCk2p_UxpeJ9l5gO-3Gt3cCWpF6UP4m_fJpoW90sKvr0q8B9KnNcsIJqa1wnMgcel23zhoMzrFxHKPAxHtrXubXllouLPUuD9zoxdOdNbqY1MWemdGBwx_TZ7LwMc-Z5xdCesV0t_FxQvn4qS0JJ95JdB7PyGA74yfllgXyGwijxeuMR7gE7fqeeZgIBv2Ryh3trQWS6OgJKLheVU6_pexDi4enUrR6v1Tdq_0GMgvOIDTStaKa-WPqPjOJW9KYr29AbAN6zB2WIsh0-vZDJVolmvLVPRFExXN1KszO_Lwf-8lHmVK7DSuBZnxXipGQUkx8_-sVxtvXrzEITiVeEToil9NgrOp_9skGDMzFS3c2pa9OiyWA237ysCeyvQbyi4ExWM2SOlHnUqmx7U&cid=CAQSOwDUE5ymCEVCO_ZeG-bHzbTH9_AiNhkmyIIlu2X3Nrs0NuQIW2uggEL3zFBtoY6CMzj-lDQzzS-Uw9BJGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=3762939325238897700&adk=3944675600&idt=182&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:18:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43586
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:18:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 7B3A 28 KB
11 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 20:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10940
x-xss-protection: 0
server: cafe
etag: 260008737171085554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 20:08:29 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C6A4 106 KB
37 KB 87ms
87ms Script
text/javascript 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
Origin: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78544
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Feb 2023 09:35:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame C6A4 8 KB
3 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dmo1hC_Oftd7PewY6mTuDEh1xce8GKBdQ8Y6yEbwZ9Oux7xJNVhwtm7pqSCSniC14FIk0IF0HAPTcKshqc7jjb0PctuA&cry=1&dbm_d=AKAmf-Dv0Y0HUNZuhl00EaNNXTINxMxqYb7KrzquJKSrHxBnH-cZ-nwjetC1Iv95dflCVxawmxNtW2b8VZdb15wPVpXX8P-efMYF6dXtvtX051mYvvvBMwSjgCc_pWasMrZ5WDERl64x-wV3W1K3Wm4Yah9BHy0__1TdCjyj0cJrG7cNrAoZ16qBExhEZr8QMyOOT-eLnpfMu1-Lgyaj5gZAqV6DDpvNna0g-NB8_WAflZ2Td0R4emvOycBqjuPtlBpxPNGp9F72nxmAu6Wj6kqdkgAYISi2kAdVn__or_LQX82gzBTsrkZ4M0tuUftsmoFrnUcw5buvHMXymbsWPlpFRV-yqMNnWrt-n_BxsIZCUH3kn9wiIYS5f12e95mArmt8YJE62es47mc1QkfN3uZlaFov8VtDokLENH_9YZth3MAVeDBwgM2-XLrSao91PVAO2_jFsbGnPMMSFzR7opkK43C1BvtvrlMwV-SPhPbZv0ahUv03W32Sdz-Gzy9GVt6vAzNZufM3IZqiclxDQxY6UjraqXsUiUx7IIOUaoGhU5CN6iYsDXZ1OwkRrBaFwsgoFCI1DdpPBoEE9rp12n6CmcFue2afYzyWl3cxWq8OS-7fC5C8ftuO-rhVkHKtBFbJcXaj5BLL7-Nq_DWnWjdrXPIIg7zgBdh0Jo92VNgxiF2le7N11wUkXp7_mXdyg7RgGMHDJzz-Qc2q3hwI6XmAcuxVklFaHpuVDF1FWfG8nhyrIO9-6G1_mSprBlxL1IcsAdpaG3pBbUsZqgf6mFHk0CLuc8e6Btq2Ccfq1VPWTxYHmFA4p6lQsmdz-rTHpt1uHkeDvIatZoMPmEyxqkz5k5m-WhuSEMXveIQD6g-S4sh13YcpTC4xA0yf75qcu5HYYQuzW1UU0rVZGIlQMn86uSK92udYxi6LA_UNS1KuHDIZzVF1gdPNh7FVox1jBBFRry83Rn5by6RU58r0dtgBxvBtspUaFlyfUxMi3IQHfrd1eSv87FLfCAh8M4Vz6wn8RI5ktZEr05c55zIQNx_Onk6zN9MU4A8JyRSOwW_RKIV0D0IGwFtGNK7HzyRX9PXFwL3HaHwL9gMwxwSeIORFj1w8mRYRXuk-rWcaQFh83NsWQgwO7PP9mSRFN-QWN6ZBj8hGmlvzsmmJYvRsXNxpVqcpxpNP2Q_MD6pWnjN-bXpxqsqNRTIzJf1MMvANMQkZythmFFnjeOojGLgJJ9pqbaBwqnP1pwAJkXg3LXN5bN8IfM23AK7mzhuuN2NmYFVZWyN_XvhHGdQ6ld0Jj5sXIf620BenJUlEsf3yGgPjzG_zNFQWSfswJJD9geycZNi4invxyuThZBfo3P5ZY2d8ULcvNG8kqx94maaz3pRpt7MyJDtlfutHCSxW-XdcdTkR5PQ7i4ynZL2OJwdXa6Ad9TKttdQXM_Bo3tepd5M4xyTarcdmm-oRKkjsdGqEs52Wnjod4tV4iSNcpsO8wtQOjbe34xjaDK65_QIhknfJ-TPKkpP-4aA4n1QWliQpOtYphlQLjQJ69PCGxgmOCa_hibciaiM3ibu5Ofc0MDKfqFU-2D_M3UOz_k7xXQeTfeuFIHwVCu876V65IDuRjYV_yB0EJ2ANmZ_ZI0Su-5wLSd3INXd0m1ME8LkYjPNvj8njFjN_huhMLfGwujy9Tldi13yMaoOoyZyBXvWp8242ynftjrMSwM4O-dJTD76KaQ0dENT8MtksyN78LF8SOF_LsesM6sVkc9PHESvi8vDJbPAui1WpWyp-iYnjSgI0KfhH4tdky97ZAQ4pW2NZLXbl0byjk9gFDb-Dofd_o1g7y2yLY3Bsl_Y7xP0cSmw5ydXf3t573mqE1MpjrznmVltWKgZW2xFxOlHCrcspza4uhlMk3-DeLWnjA15H8wFZalo93Aqlh7lTsLhcC6G8MAvziZQ_hYRWT2GsD4yiTXS8sDOrhKOydePWBM-o8oXfjB-ZdjQmberOUUgGmnBqBYvbGMhx1Vq7bD0nKLtY5tMDosW__a7yNlZLlx8N4wucBR8XTGU4ZP8VkcDgabltSfj9WwasNueHtbir1iDHfrYFfT_pqGZTrqBgV0yHLkllrxPZ5d0LSvwj2ZzuUmE5ORRI7HPwLlpYzQpdTrL41LcxAkHlgfPP_RpBQ7dMtBrfOMVQ04yq5MXrAZ3l0imuEhzXwwGgY1NxjBsglF-h2Zx-ohBnnQFzQHQx-wl83oTTb4XPR3cMIdRxc2KbeqtAJ5UNhw_ROCGAE9pimxUwhYpU6oIT5-U_fytHTB1kTJhFxroEc01TO7FbgOvhWudG8KJ7B7kbSup4_C0CNL406MZATN5rcOhZGe_o-Fv8n7QZpbve6Sm-ita2LnxE4M0N9MKa-TAYCgy7ZDhSMpLc5Ee39LHe1LFENGfYfnyQb2NAxO-8jvSo1xyBTUIcKgrY8uj4O-icktAV-8jts2iXrF0AOQrXHoJXJiGHA1rpw39D2Vn9vwOY3hcP0igeAfgbRBQyzspn7tCXptYRn241_lm3NdI1aQz4kn4OoYnCoZqmxM1AOhOCAdFAsilshqPw6nkW1dwVgr8XE082bz5R1mULFzx0qtrUnsODEsAL2aESiODZ3_3Ag_E0M1ss6DhRKVVimMtggYNev2TQD37QUscToMVOzRBZInP3xXECpjALglAGRi_5WF95wlVFzbzO8wjWjPjvJapLXM-knbAdtJIfHZ7S952kRGs5TUwODsTdTOVqxxsOslrdNzdNgyaP9YsjqDB8RnVLC88iJKpBRTtIvRe_d1kvwNg2FK55HOe0gfFLCXpVU8zpfqDU8xUxuYLr2ujSrlDw72gthWHWcLGDn8lGn5PdxGifrUZxNyMndzH-KHufyD4KmqNSmkVvfzKuhlEKJ8aHUp90QhFsTKjiylf7Ncq6qSFK9NS9MtJ3xgRtz010lc4qqF9SJKlDw69xdNej-RFpqfnC4FSytF5xuOB4JZceHvHQk835cWjbu1p45Gk0PUJcLIMtoMtU33oKnqMlNwsUP8aBttWCCJcuWlUenPpRu7x5bkD_lsbgiSBJLlXy8v4NWdLIz1B06FlWtF0Q0jjUJ2xjo6cRxBgpnh4poJ7RcS8bD0-chZUuMoqKMzRUmxZ8WUvZ1O_MOkANGE2LdzwBrTVdcZ27fibS3TjUwF_qs5_d6UPAWj7qBwf29ESrewS_Aw_LI1YABtrDVGyoidF_T5VNbny5m8qwFnzd94dYhSdfTgAki6txcETD670CIIfaHMlpfgBNmBtpoXoKD8mrmZh4ZG2oVUIwur3uX94R9w8&cid=CAQSOwDUE5ymCEVCO_ZeG-bHzbTH9_AiNhkmyIIlu2X3Nrs0NuQIW2uggEL3zFBtoY6CMzj-lDQzzS-Uw9BJGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=2445429371500066000&adk=2086295851&idt=193&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:18:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43586
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 19:18:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame C6A4 28 KB
11 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 20:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10940
x-xss-protection: 0
server: cafe
etag: 260008737171085554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Feb 2023 20:08:29 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7B3A 41 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 19:54:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5721 1 KB
643 B 17ms
17ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 14:43:17 GMT
etag: 48472445140208031
expires: Fri, 03 Feb 2023 14:43:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7B3A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dedf31b6dd9171d51650f101c4f6e87d5010dd25f8da37567a558d2be0b8c23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame 85EE 36 KB
14 KB 21ms
17ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 19:41:30 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C6A4 41 KB
15 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 19:54:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A99C 1 KB
643 B 15ms
14ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 14:43:17 GMT
etag: 48472445140208031
expires: Fri, 03 Feb 2023 14:43:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C6A4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 764523769db3c801dfa7c8d6a6f2237f424d1142d6b92bba915d57204dfc548c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10641642855527383447/ Frame C135 36 KB
6 KB 94ms
30ms Document
text/html 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10641642855527383447/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23749e992a75881a24825b1aaf9110df21cf1c9cf6f012f2e72cd5decfd07fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 177532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5806
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 06:05:48 GMT
expires: Thu, 01 Feb 2024 06:05:48 GMT
last-modified: Thu, 01 Dec 2022 23:17:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1439 0
0 125ms
57ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuLr2J1lH0F9gQAL_sz2uyUx3MkBFdlGGPnVd8kiZ0MfI8TWvu5bm-RxvpAGFKUnlSuPXESZYPb1MaYoMWKUP6JumI8ixbZSS-0fUJ1H-tdkDUItnyQ0jile42ofummEZ0YToMZzt9CO6CGWm0qlAXSvPL1w5rhKCFeQoxLWhoA7wrtatZ6aUOI8ZcDtcK7aJK7JMI0LTy8RKF_SI-trWtUHROtK713IiGiK87VSBPhvH1UL93W8elc1mPh0e-YvFT2vFWmHm8iIxHLHsZl-W54qVFO9Uj-tx_9Qg-SSIIWYOcBboJee5D7zs-ez5fNw53Lwajml450aY2SYxwDgmFmg6y5py4sguIAItIKqWmT-6PLm5UjUZ28HR24kL76ieiSLa6OW4nxEq8pdF-0eor8YNk2nFVuwRPIYU0r0JFmJWsyCiI3XgN-diQMB7O5JNejVAuKM7vURQWeeQjs0C2GJCtG8_A6BiUpBRPfQodr6O8RjItX-91bFSben5lYeB2Jt3Mdi69UEQQeFP51vSbzqxxH8RFdRtuOFNVa5A_lnNgYktfQ-mmFob6qQRWbj5t5gx37j4-y3Rx8BXTCXvMmSYO-KDjqwbNuN9rlRlYbxgkozvxbb-9Giau8oT2TiNG1JCunvWKGKt8n9fjYOh1gtCvYxcnOKeia5S4Z80VpcYlda02aXcah2s_8gVEgDuxt1OlozgfcZjPfkDpXGOIMEzo9MFUjkI9Jq7grEqtlkXrZQ4Op1lOu_ALDl5fd0oGIPxT3jIBqHh4MPav8PlSobiFaXgq4PMepjTswH95UaY6_asTEIdSr7l88WnT4T8jxinjB6efasYv2YzyNxgIhrxcnP7gHFpwaqdNDluAY-Sex0VHShUd-lIyzdZVZ1QHGGsFJiB1tJDAHrQNcX7MWcduMhIeXdyYaIz8bm3-iUmhvvHJiNX65vB4Mwzp1YBRIgDw6Ryug5lVlz3cvNpGnhWTVDOtkVGo-MfM0bPdPwNoMOhtna10lpYMuMGhhGpFn4j0HGNoNIjF0Tz83VjKLnKkW277VN-GTTIZobxvOEN9D-Yz4oE2hpVOwd8OIvYm0Psg9ex-DvoIlisTf3UXIsZSyvjqlMOy-iX_cuvx1QBzygtFkmzC9Mvkgx_UBkZ0Hxz6G230I9c3YmdZKhjgmQgl1kZbLEPa2d0rL4Er1px-QlLlGTUjzwGQgkE-CBbEYWoapzDku49gVKB7Ahq8fn1MLDBKBoXQWSfmv_7cWvw&sai=AMfl-YTEOKAK9PCLX-B7OvKgu7lPFIRmt19E13loFmFZjfVnBmCzIU_n_ay9SlV8lSyuy9COnSOYPOFPY9z3djzdFsX1bNo8iFhUO9ZDjP4q_mqhjdUCVGkSkJxLuQmFDzru1rafPpEqN-r2nFpcWX0ZzvUgT5-SBLiYeUatK7RX3UQALWwY3s6Z4hCLgDsjBLXsxtXnXls5ZIm2CetOBt-ilT9rBsmK8xa5ygHbePOmHuEy8pRjtGzH-Ap3LAmma3ZA8Dhm&sig=Cg0ArKJSzFxn2C1MdRNlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=218&cbvp=1&cstd=215&cisv=r20230201.82865&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 03 Feb 2023 07:24:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 07:24:40 GMT

GET
H2 200 ca
choices.truste.com/ Frame 1439 27 KB
27 KB 68ms
18ms Image
text/javascript 52.222.139.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont2&w=300&h=250

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-72.ams50.r.cloudfront.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 63cf97e5788a160a76e89d4e12e2ca28.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: AMS50-C1
cross-origin-embedder-policy: unsafe-none
age: 743
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: jbtsGL6rEJdrdZjVUIJcdDTpqRU27ajrT0E4hFkT5XLO5DyM5IA5nQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 5721
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEDTxyqTSUxDi8QPuXycdxs&google_cver=1&google_push=Aa02lx-2Gy0ARiAt2mSruz_fQnSiPVmENP-nK7rSjC-uVlQuZiIJNUBFG7SHX5xEWWeMnCtlb4YmPNMqi4KL5azw3iv6Ws5YU8g&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEDTxyqTSUxDi8QPuXycdxs&google_cver=1&google_push=Aa02lx-2Gy0ARiAt2mSruz_fQnSiPVmENP-nK7rSjC-uVlQuZiIJNUBFG7SHX5xEWWeMnCtlb4YmPNMqi4KL5azw3iv6Ws5YU8g...

43 B
415 B

163ms
162ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEDTxyqTSUxDi8QPuXycdxs&google_cver=1&google_push=Aa02lx-2Gy0ARiAt2mSruz_fQnSiPVmENP-nK7rSjC-uVlQuZiIJNUBFG7SHX5xEWWeMnCtlb4YmPNMqi4KL5azw3iv6Ws5YU8g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-2Gy0ARiAt2mSruz_fQnSiPVmENP-nK7rSjC-uVlQuZiIJNUBFG7SHX5xEWWeMnCtlb4YmPNMqi4KL5azw3iv6Ws5YU8g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:41 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79396da37dd4bb8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 441
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEDTxyqTSUxDi8QPuXycdxs&google_cver=1&google_push=Aa02lx-2Gy0ARiAt2mSruz_fQnSiPVmENP-nK7rSjC-uVlQuZiIJNUBFG7SHX5xEWWeMnCtlb4YmPNMqi4KL5azw3iv6Ws5YU8g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-2Gy0ARiAt2mSruz_fQnSiPVmENP-nK7rSjC-uVlQuZiIJNUBFG7SHX5xEWWeMnCtlb4YmPNMqi4KL5azw3iv6Ws5YU8g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79396da1dc38bb8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 5721 0
173 B 117ms
29ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAX7gv7gNtC8BDTR4aAOIXU&google_cver=1&google_push=Aa02lx9NfbePUR8Zd30BVRBFQUBpa3b92r0vbP-rDFW8vZarqM8Lcn27USLaaH42omD04WrdbAOSPbJKZBx3MrXw3c6X5BKFZuI
Requested by: Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5721
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UrDrHQ73RjetujXNObRtnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UrDrHQ73RjetujXNObRtnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8NbRuYhjWFK0l0uXnKyY84MjwBYuIww4kXJZHj5TxvXUggkFUgY1dLBvQrSfdslz4m8CH0Kbd2uam6oTjs7vDIGwPNuQ

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UrDrHQ73RjetujXNObRtnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8NbRuYhjWFK0l0uXnKyY84MjwBYuIww4kXJZHj5TxvXUggkFUgY1dLBvQrSfdslz4m8CH0Kbd2uam6oTjs7vDIGwPNuQ
date: Fri, 03 Feb 2023 07:24:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5721
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFjAZi35LHWS-KB8YLfL2OI&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFjAZi35LHWS-KB8YLfL2OI&google_hm=Y9y2uK31wN_kLTK5uIWuywAABGwAAAIB&google_nid=index&google_push=Aa02lx-ohAIIg5fuMZ4TUjWaomm7QUyHABQNZ...

170 B
188 B

36ms
28ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFjAZi35LHWS-KB8YLfL2OI&google_hm=Y9y2uK31wN_kLTK5uIWuywAABGwAAAIB&google_nid=index&google_push=Aa02lx-ohAIIg5fuMZ4TUjWaomm7QUyHABQNZ3mRKu0Qts7X1R1pOixhbWlghnS8K617ywwh-iZanneecyPJo9qlM2A7dVeOCGw

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIg4Kj%2Bo%2F77l67sskCV3nO9g8%2BMSmjMBUQ4n48M%2FshZIEYKnz6kl6FXScA1YU0sLP5bosij8gmI7oouOBxNltlT0EnfpA7Y9btF1%2FOTwvYkxyHbxAsJacbHR97P7%2Fw%2Ba6cju39zbjdjiHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFjAZi35LHWS-KB8YLfL2OI&google_hm=Y9y2uK31wN_kLTK5uIWuywAABGwAAAIB&google_nid=index&google_push=Aa02lx-ohAIIg5fuMZ4TUjWaomm7QUyHABQNZ3mRKu0Qts7X1R1pOixhbWlghnS8K617ywwh-iZanneecyPJo9qlM2A7dVeOCGw
cache-control: no-cache
cf-ray: 79396da218c9bbe3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5721
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOPeiVzMN2P-Okaeihm3EX4&google_cver=1&google_push=Aa02lx8hwmCliz0kKp8pH98dsvfyeO0bwXl-se0KLIWhyBieEUCmixkeZ41A9-aCeJcMsFaP8Au_YayckNvq0Uat...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8hwmCliz0kKp8pH98dsvfyeO0bwXl-se0KLIWhyBieEUCmixkeZ41A9-aCeJcMsFaP8Au_YayckNvq0UatqWqrKLyENmw

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8hwmCliz0kKp8pH98dsvfyeO0bwXl-se0KLIWhyBieEUCmixkeZ41A9-aCeJcMsFaP8Au_YayckNvq0UatqWqrKLyENmw

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 03 Feb 2023 07:24:40 GMT
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8hwmCliz0kKp8pH98dsvfyeO0bwXl-se0KLIWhyBieEUCmixkeZ41A9-aCeJcMsFaP8Au_YayckNvq0UatqWqrKLyENmw
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: WJmfjIcEm9GTSpd0r_QMybYqm2-Q_1ru6eTQ1TDYhl4RlHLPRwt-mg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5721
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDSA4b_jZAMaq3aEqSH5O7I&google_cver=1&google_push=Aa02lx_0IsdHT32w20s4C6OtNiSuo08NJbpUMk9s1Ftc_n29IlaLp1Q_6Suh0bGXNoJ777t8bcibZLdp_eRmo-0KrwWvtPc1AUw
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_0IsdHT32w20s4C6OtNiSuo08NJbpUMk9s1Ftc_n29IlaLp1Q_6Suh0bGXNoJ777t8bcibZLdp_eRmo-0KrwWvtPc1AUw...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjA3ODM0MTcxMzIxNzE5ODI4MTc1OA%3D%3D&google_push=Aa02lx_0IsdHT32w20s4C6OtNiSuo08NJbpUMk9s1Ftc_n29IlaLp1Q_...

170 B
188 B

37ms
30ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjA3ODM0MTcxMzIxNzE5ODI4MTc1OA%3D%3D&google_push=Aa02lx_0IsdHT32w20s4C6OtNiSuo08NJbpUMk9s1Ftc_n29IlaLp1Q_6Suh0bGXNoJ777t8bcibZLdp_eRmo-0KrwWvtPc1AUw

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjA3ODM0MTcxMzIxNzE5ODI4MTc1OA%3D%3D&google_push=Aa02lx_0IsdHT32w20s4C6OtNiSuo08NJbpUMk9s1Ftc_n29IlaLp1Q_6Suh0bGXNoJ777t8bcibZLdp_eRmo-0KrwWvtPc1AUw
date: Fri, 03 Feb 2023 07:24:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5721
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEN3C9XAoD8P8VW-op2sCHE0&google_cver=1&google_push=Aa02lx9SUFnD-Zvx4cRMNzDIMFd_Py3aZu_9CPlTzhhJRQbH5OnXkc8Va4xISRQfpDTpdFXbt_3XR...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx9SUFnD-Zvx4cRMNzDIMFd_Py3aZu_9CPlTzhhJRQbH5OnXkc8Va4xISRQfpDTpdFXbt_3XR83POWBg46b8u-euEPVcj8c&google_hm=WTl5MnVjQ284...

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx9SUFnD-Zvx4cRMNzDIMFd_Py3aZu_9CPlTzhhJRQbH5OnXkc8Va4xISRQfpDTpdFXbt_3XR83POWBg46b8u-euEPVcj8c&google_hm=WTl5MnVjQ284WDhBQUM4VkFmWUFBQUFB

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Fri, 03 Feb 2023 07:24:41 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEN3C9XAoD8P8VW-op2sCHE0&google_push=Aa02lx9SUFnD-Zvx4cRMNzDIMFd_Py3aZu_9CPlTzhhJRQbH5OnXkc8Va4xISRQfpDTpdFXbt_3XR83POWBg46b8u-euEPVcj8c&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y9y2ucCo8X8AAC8VAfYAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40182"}
X-SO-Key: Y9y2ucCo8X8AAC8VAfYAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40182
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=Aa02lx9SUFnD-Zvx4cRMNzDIMFd_Py3aZu_9CPlTzhhJRQbH5OnXkc8Va4xISRQfpDTpdFXbt_3XR83POWBg46b8u-euEPVcj8c&google_hm=WTl5MnVjQ284WDhBQUM4VkFmWUFBQUFB
Cache-Control: private
X-SO-HostName: a-ad40182.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 3
Content-Length: 0
X-SO-LB-Hostname: m-tgng27.dc4p.scaleout.jp
X-SO-IP: 37.58.58.246

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5721 0
12 B 25ms
24ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LqYJSg3GvbfLTO7og7WhNkhPUOjcUaZCif8ief9Bcrj27ebpIzRep63WkpuAsepf038eQy

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 140ms
7ms Preflight 18.185.2.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.2.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-2-131.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.mlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 03 Feb 2023 07:24:40 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 13ms
13ms XHR
text/plain 18.185.2.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.2.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-2-131.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 03 Feb 2023 07:24:40 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AFE6 22 KB
8 KB 31ms
31ms Document
text/html 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 423270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 09:50:10 GMT
expires: Mon, 29 Jan 2024 09:50:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2778779413489437490/ Frame 0587 35 KB
6 KB 66ms
37ms Document
text/html 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2778779413489437490/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

627fe5906ba058401530bb08a8f499e651ec9bc539bddbfbb909a35f571cb7b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 180968
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5733
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 05:08:32 GMT
expires: Thu, 01 Feb 2024 05:08:32 GMT
last-modified: Thu, 01 Dec 2022 23:18:14 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7B3A 0
0 91ms
57ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvxyJ7RFDK8k4ofBV-pbfCrKERW1gPn-Se8w6fZGAQBrDi9vdyZFPzNApWBUcseuuWO4IJFl3O7JyVHpSePKIiXvxY1B8FmGx1N2yntIWa94X39hhstTRsg74MS0xZETNRbddbMKAUvom-hCyADBmaalSV8mBVvsOWFiJa4KeUvkpGdacs2F-wKBbqZT3yFHHyB_D8tuJMdDomvWuK_uX2Nc8w69ZPcSSz5XoXPYg00Wmp4cb2lBPL0r8e_86EQLh5bL26dsXsgpilAjioisiu-Hr0SEBZ7UcdKMPffdvu2_s9-Vy-YFmtT8ZhhZGjoUu67f-u2EIZNfHWulpCMEsvDlc53HK3xqsHdgziAgITyyDAd03zBYuKAxR71KdlocEAYlSLN2jkXT-Ak3iwjulPdul479UcoiTwM82_Fz-WEyZWK16ba0jJN7fwcN5zItqDO17tariiPn7htLpdaczWEcVrG86hBRTACzYegLOWg2xMTUoxRe3-2V0WtCTaZ5jE4GDST16DS83QLRZjnSmNb88RiVZjpNgAKBLnLRPHk6c60cgj23i9eZTqCy_AGOlP41fsy1EK5g0Eo97X7m5twLVURNDqZiyBGQtrVkZDvmbkgznyDLncUaOhJgSzkWIlKifmSqiTgZtQuG_bVVe4Uxl_CbFwR9JNJ9yszDXD9Mng-1hb1Cr4tQqZXeZZEcNF3dauIG7naVDUXlJK6gt8bM4OTSf8jM4JyOsS_R1kTD2XjVfHc11xs3jm2mtVOjhim4lfWN6Xh1J2JqAwR3CaR88asTzpt71Y9gixJdrearKJGtQUbiCjqyzLUV3sN4QlBRL5ZECr3UgQI8kysTmtHXXKCtjwsmjOkVS-wHINgGwYVL0yrOTT28ffA6qMNCKNQcQg1D_ldKAOil30bmu081oBUMwR6FumubjMWZQlwM-ro5vhqZmoN0pORWQcq344mRyKap7SpR85OT8D_LxFjDS20JMRPpwKGHTf3ibP6OEzJt8LWWr7GX8FJYQ8TZQTuiQU0lCgJ1W_ObeGxg3LyGbatzsp6oHz019qbTwpB_N_T0qJBMO_eVfOFquKbJb0gT_nh8E-U94oWhbHxPbOS2ndJ_5igAhy1nXZ1XULJPsFQtU6Y3TY4uudRxRZBNDcRwnsT3ZbesRxziQBkudMknlCEXSBeFluy56X-hrfwbFzto_6tepwc4vOPjng4olgxBip9LiS10ulVK2cqC0TLBgxYBRZLZjb4luDivPExaL9pjHE&sai=AMfl-YRxH5aE2H6VRGiV48U53XddAYI7OLj-YLRTe-RhobKlLq58ix-AlX_7dnWt0o5RDR5o7CY7i8SGRHE17YFFA3ZS0MTbqZiAJQ2yXdXGbm-kXysgEtIJxBwAFcX_5MxOMZEFFO2-39byXv5SximZj2pgOvWKujCmhCF3SnvR7muux1B7lXGaE6vGszAtFUUAE8beqhM1E6CRmrqOIc1MjP56xFmbn7_AkLhgKRYolt6UmzNPbXWAB6Vn0WDHrxM2AAYm&sig=Cg0ArKJSzKPC_yLQZtaOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=160&cbvp=1&cstd=159&cisv=r20230201.75214&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 03 Feb 2023 07:24:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 07:24:40 GMT

GET
H2 200 ca
choices.truste.com/ Frame 7B3A 27 KB
27 KB 36ms
21ms Image
text/javascript 52.222.139.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont2&w=300&h=250

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-72.ams50.r.cloudfront.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 63cf97e5788a160a76e89d4e12e2ca28.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: AMS50-C1
cross-origin-embedder-policy: unsafe-none
age: 743
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: 2fmhOqia0GJuevg7Q2UZDU0COT4TXZ7zjLztvoEH0vOgAyyDS6Ng0A==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D136 22 KB
8 KB 38ms
34ms Document
text/html 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 423270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 09:50:10 GMT
expires: Mon, 29 Jan 2024 09:50:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1894223847900607345/ Frame C677 34 KB
6 KB 38ms
36ms Document
text/html 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1894223847900607345/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53fc64ffac26dcb2eea10d1d89eaeae904237ff151f0aa3ab7065c78ab410275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 180948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5705
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 05:08:52 GMT
expires: Thu, 01 Feb 2024 05:08:52 GMT
last-modified: Thu, 01 Dec 2022 23:16:41 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C6A4 0
0 60ms
57ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu_-AsqByqksXYYW5e03RcO9vSJOFTcN4-Qtl6Jrcbr4Blvtnn3mj405i6--rIASh_qYw25jG1q2y43kBaOMBhiWTbnM9Gl-XBUpCGLMfjJATw8heJNhhm-alRA0moKpMgLegWbpZpNAG63xPxQpI8f3WHqPmgfGX4SpW40g5gZctsYtNlZoepLQPGRFMgc3Rn9Rdeo84oDrhESv0C3qVA7jtoi5p_5RkpvpEq3Jvv2eJng51FVH3c4R5uZfYTUiLjvzTU6-G8Q9W6MSrRgrl_KqTnpjEZUp5ENlbGPlDqrv3_oU9KydGLgpBMQXaHZVrQnTxKxwa0n-Hw2n8ave2YZbz1Nsgro4H_LdrK0XKGL8_2wFXWfYFg0pEKoW70c-8uJx9FyOOJXxzC1qNKnxqdRJphKICE41Uy7SUgUKNdVVVgEpQiIS5PUbs0fF5V3gvvHN0BqQVFf0IoemG5j7LsYucbVZ_ObBDZreLNooSLrFDfDEXY7H2qeO1M8wG_JI8zAP-0lppgy1_34LX8UjJOhv7Q3YBF1s4HWiu7JT5NPYB2dybctpCq8qiGQvJrAUcBNczBV1OQ67wstMCY8JBhwKtTUHElFZlEr0csA2HrUS-RFb8e5JE2N-GruAVNC10-T0J5IwAPi0fdUM7PgnDaPCRr0kJPLWUhP99DjOycEtaRaGUZQXlRvNv3cOqbrLkmQF_0LACry7iVWgP4PD9pIzIp4zEKa_EBheEp04CAoq2r-TVtiNCMFyiiPr2ez7HTfeHfGA-51HULmL5bFiGzbAPrBYIbMO-S_siu8U2-CgyYimj8xip8_DxniwPXgVzvP88pdttAt72zPgho8XDrnz-V1jbD5i2looWLR_Mnooac8zsOci8T-EjGTh52XIZ2XlOdyr6R3eKzX8siTBTTZaF5yx83yxaDbRed4tpA8OTO-UTUjL1auTjOn2BHICOwSosRhjaW3NBuC38AevB5b25OxA0KiJY9CRHqmRGzTgVmi0yF5qjMGkU5hPGHGbWwlJuZ5MTLOpC5eI1-4c6YXoVz-vgHwEloQxEkpOn6_Njer88PgiMeOqwI2Ff3MLsRWYYvPOvMmlo6rHF6QHB6WYXxKVikf5Zca42eav0lCj6d_oF0XtIMr5kwshU-Q7lL9LNHGBdtnFlITtXVc2wQDUtuYMVoR5xEcj-fy4yNmGAejDgJUJg9jtQEU-bKZjxPLDuaFQyWFsgx_0o2oQGSaNp6B7UEpjXtambw1fgxOY8ZeWz4&sai=AMfl-YQNzQlj6GbDsvQIwPp4vNwUlySkjyVH0nE68huixeZjzJhAxYfi8yLpPqD2oRLC3IOriJAgVQfqK1CTG_rgyFho4SWki10Ngja0u2I1dQ-hwuvNy0D3u1BoQGYCqIU-p9IsctAmgmrIbcWldNM-n02cK8IjwLQi7y_vQgtFY3R_0_dG7nd1XX1G45egx20LJDr0JY9zO6bicRklWa03xxQr8lyW_rr7AWe2_JyoUdoq3TO8Gd9B1im9zFh8n_q_nj0h&sig=Cg0ArKJSzFRYF25wIhspEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=175&cbvp=1&cstd=172&cisv=r20230201.27057&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 03 Feb 2023 07:24:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 07:24:40 GMT

GET
H2 200 ca
choices.truste.com/ Frame C6A4 27 KB
27 KB 17ms
16ms Image
text/javascript 52.222.139.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont2&w=300&h=250

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-72.ams50.r.cloudfront.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 63cf97e5788a160a76e89d4e12e2ca28.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: AMS50-C1
cross-origin-embedder-policy: unsafe-none
age: 743
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: 45xCb45bpOu3nfnUsTgT2usSO4oLWllbYiXiPHLkgt82xJR4JQLYWQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame A99C 35 B
463 B 49ms
11ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMdcOMbSypkE9FWCmbKLD6g&google_cver=1&google_push=Aa02lx95ydbUk1GMe_t0gSoms6kvQAz5lcWSgxuA62Dn4rHga8VDBeah1pM95ND4i_HtZC9WLPN9Plohoi2474k8xabAvYl-6kla

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A99C
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEE_MM-uoQrVBcqlt2i4JQOM&google_cver=1&google_push=Aa02lx8wAEgBl3K2QYE1d1h4gppJPoqeH1LgNbJbbu3OmwcKfcrM-gLhaRW97eowQq1zyfmBbuC-U7K-6XAgRqlXrL-CCSO...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEE_MM-uoQrVBcqlt2i4JQOM&google_cver=1&google_push=Aa02lx8wAEgBl3K2QYE1d1h4gppJPoqeH1LgNbJbbu3OmwcKfcrM-gLhaRW97eowQq1zyfmBbuC-U7K-6XAgRqlXrL-CC...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8wAEgBl3K2QYE1d1h4gppJPoqeH1LgNbJbbu3OmwcKfcrM-gLhaRW97eowQq1zyfmBbuC-U7K-6XAgRqlXrL-CCSOgun9D

170 B
188 B

26ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8wAEgBl3K2QYE1d1h4gppJPoqeH1LgNbJbbu3OmwcKfcrM-gLhaRW97eowQq1zyfmBbuC-U7K-6XAgRqlXrL-CCSOgun9D

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx8wAEgBl3K2QYE1d1h4gppJPoqeH1LgNbJbbu3OmwcKfcrM-gLhaRW97eowQq1zyfmBbuC-U7K-6XAgRqlXrL-CCSOgun9D
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A99C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_vKaa_qMQ0mDglrw8l9hwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_vKaa_qMQ0mDglrw8l9hwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_f8pZctU8rsJjMlEq6XiBYW1beQosKz8CyPlGiHiD7AKfNhIjSYzxpmQthlOtxS1N_eK5e8o9Qg-Up_l0wq98CbwTt-LQV

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_vKaa_qMQ0mDglrw8l9hwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_f8pZctU8rsJjMlEq6XiBYW1beQosKz8CyPlGiHiD7AKfNhIjSYzxpmQthlOtxS1N_eK5e8o9Qg-Up_l0wq98CbwTt-LQV
date: Fri, 03 Feb 2023 07:24:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A99C
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx903bnB1w4O0Oc3Sreaah9kIK3iKUZ5Jc2IyY1NETVyiZcT_H8g9bVq896K_-LLQw-DYRgUHRS-sdcOY7Y5Kl_Kc0IGC_SR&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-ae17fd3c-e5a1-4ad5-ab5c-328f33640b27-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx903bnB1w4O0Oc3Sreaa...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx903bnB1w4O0Oc3Sreaah9kIK3iKUZ5Jc2IyY1NETVyiZcT_H8g9bVq896K_-LLQw-DYRgUHRS-sdcOY7Y5Kl_Kc0IGC_SR&google_hm=A64X_TzloUrVq1wyjzNkCyc

170 B
188 B

27ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx903bnB1w4O0Oc3Sreaah9kIK3iKUZ5Jc2IyY1NETVyiZcT_H8g9bVq896K_-LLQw-DYRgUHRS-sdcOY7Y5Kl_Kc0IGC_SR&google_hm=A64X_TzloUrVq1wyjzNkCyc

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx903bnB1w4O0Oc3Sreaah9kIK3iKUZ5Jc2IyY1NETVyiZcT_H8g9bVq896K_-LLQw-DYRgUHRS-sdcOY7Y5Kl_Kc0IGC_SR&google_hm=A64X_TzloUrVq1wyjzNkCyc
date: Fri, 03 Feb 2023 07:24:41 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXae17fd3ce5a14ad5ab5c328f33640b27003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A99C
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDSA4b_jZAMaq3aEqSH5O7I&google_cver=1&google_push=Aa02lx_uJvSLdqWd_jzboB3mWTdCl4jUN7o49MJnm28bex-puvJGZq0EVpaS5IaiHO_8dJWblJQ7fTfwOe51fntSGdpeDYp5ygvU
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjA3ODM0MTcxMzIxNzE5ODI4MTc1OA%3D%3D&google_push=Aa02lx_uJvSLdqWd_jzboB3mWTdCl4jUN7o49MJnm28bex-puvJGZq0E...

170 B
188 B

33ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjA3ODM0MTcxMzIxNzE5ODI4MTc1OA%3D%3D&google_push=Aa02lx_uJvSLdqWd_jzboB3mWTdCl4jUN7o49MJnm28bex-puvJGZq0EVpaS5IaiHO_8dJWblJQ7fTfwOe51fntSGdpeDYp5ygvU

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjA3ODM0MTcxMzIxNzE5ODI4MTc1OA%3D%3D&google_push=Aa02lx_uJvSLdqWd_jzboB3mWTdCl4jUN7o49MJnm28bex-puvJGZq0EVpaS5IaiHO_8dJWblJQ7fTfwOe51fntSGdpeDYp5ygvU
date: Fri, 03 Feb 2023 07:24:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A99C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGzPaABrLQi3RYEQqyswxO0&google_cver=1&google_push=Aa02lx_Pf09vPinIJmHHkiPZGoTpYfuJURt3b3GEHf-igFnRi8tqxck9U7MhnXbqbwRdWnzcV1...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGzPaABrLQi3RYEQqyswxO0&google_cver=1&google_push=Aa02lx_Pf09vPinIJmHHkiPZGoTpYfuJURt3b3GEHf-igFnRi8tqxck9U7MhnXbqbwRdWnzcV1...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1nMml1Y09wRTJ1R09RZ29aMENmM2NQYkwxdTR4SDFWUH5B&google_push=Aa02lx_Pf09vPinIJmHHkiPZGoTpYfuJURt3b3GEHf-igFnRi8tqxck9U...

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1nMml1Y09wRTJ1R09RZ29aMENmM2NQYkwxdTR4SDFWUH5B&google_push=Aa02lx_Pf09vPinIJmHHkiPZGoTpYfuJURt3b3GEHf-igFnRi8tqxck9U7MhnXbqbwRdWnzcV15MxmKwbM4m8AkTQHot7ZohZDc-tQ

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1nMml1Y09wRTJ1R09RZ29aMENmM2NQYkwxdTR4SDFWUH5B&google_push=Aa02lx_Pf09vPinIJmHHkiPZGoTpYfuJURt3b3GEHf-igFnRi8tqxck9U7MhnXbqbwRdWnzcV15MxmKwbM4m8AkTQHot7ZohZDc-tQ
date: Fri, 03 Feb 2023 07:24:40 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame A99C
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEL_jTYqBuYqB2j8Wsavua_Q&google_cver=1&google_push=Aa02lx88EvdiFb1Mjf8SrFej5CdZ6BBFcbeWUbWNgqXsyMxNyE_nMjkg-yn5nnmgC7uS7tZSuFsxvLWYyip...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx88EvdiFb1Mjf8SrFej5CdZ6BBFcbeWUbWNgqXsyMxNyE_nMjkg-yn5nnmgC7uS7tZSuFsxvLWYyipMSCA-_QiiarZI1MX7
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

16ms
15ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A99C 0
12 B 24ms
24ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KouOMM3g1V1Ghbffbb907NgUQnVkBOsLqOLOdaDyTo_T0MiMtr5rrpWkopblGWFi-ojpQCUak

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 7699e54fbe06de7a20266585434cad36.js Show response
s0.2mdn.net/sadbundle/10641642855527383447/ Frame C135 98 KB
28 KB 32ms
32ms Script
application/x-javascript 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10641642855527383447/7699e54fbe06de7a20266585434cad36.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b8f66fdfc02bebd4c8fbb2cdcbb4ebe42b27520b9d6f0e6e0b2a799b2fea730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177532
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28767
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:17:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 06:05:48 GMT

GET
H3 200 7699e54fbe06de7a20266585434cad36.js Show response
s0.2mdn.net/sadbundle/2778779413489437490/ Frame 0587 98 KB
28 KB 31ms
30ms Script
application/x-javascript 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2778779413489437490/7699e54fbe06de7a20266585434cad36.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b8f66fdfc02bebd4c8fbb2cdcbb4ebe42b27520b9d6f0e6e0b2a799b2fea730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180968
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28767
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:18:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:08:32 GMT

GET
H3 200 b182a832b34196e08efcebd71ce89df2.js Show response
s0.2mdn.net/sadbundle/1894223847900607345/ Frame C677 98 KB
28 KB 37ms
37ms Script
application/x-javascript 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1894223847900607345/b182a832b34196e08efcebd71ce89df2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f2e05babc78e5979e3f1440814096ff62614932dc2644b6fc209d074bcc564f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180947
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28562
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:16:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:08:53 GMT

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame AFE6 36 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 19:41:30 GMT

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame D136 36 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 19:41:30 GMT

GET
H3 200 metrichpe_501_normal.ttf
s0.2mdn.net/sadbundle/10641642855527383447/fonts/ Frame C135 59 KB
24 KB 30ms
30ms Font
font/ttf 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10641642855527383447/fonts/metrichpe_501_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10641642855527383447/7699e54fbe06de7a20266585434cad36.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3865c0dbe6b11b3a32b8c600acaeda70bae7b1f8287d566bcc0613c217907f2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177532
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24241
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:17:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 06:05:48 GMT

GET
H3 200 73ea633f2df01c00f4e62cea7a1b6a19.jpg
s0.2mdn.net/sadbundle/10641642855527383447/media/ Frame C135 8 KB
8 KB 39ms
38ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10641642855527383447/media/73ea633f2df01c00f4e62cea7a1b6a19.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a7483adcc47b092bcb5a8c059104d47952cd4f8fd3833bde427edeff295e38f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:05:48 GMT
x-content-type-options: nosniff
age: 177532
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7917
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:17:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 06:05:48 GMT

GET
H3 200 395d370bde56edb1a7a13cb7c151fd9f.svg
s0.2mdn.net/sadbundle/10641642855527383447/media/ Frame C135 4 KB
2 KB 38ms
37ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10641642855527383447/media/395d370bde56edb1a7a13cb7c151fd9f.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae9ec49acaff45c6a341e9a552d546bd6fea845331c314261be35a40c37ddc7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 05:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5258
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1630
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:17:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 03 Feb 2024 05:57:02 GMT

GET
H3 200 metrichpe_501_normal.ttf
s0.2mdn.net/sadbundle/2778779413489437490/fonts/ Frame 0587 59 KB
24 KB 32ms
31ms Font
font/ttf 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2778779413489437490/fonts/metrichpe_501_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2778779413489437490/7699e54fbe06de7a20266585434cad36.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3865c0dbe6b11b3a32b8c600acaeda70bae7b1f8287d566bcc0613c217907f2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180934
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24241
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:18:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:09:06 GMT

GET
H3 200 17568fa8b6ddc2613f7cf3db9b85ebbc.jpg
s0.2mdn.net/sadbundle/2778779413489437490/media/ Frame 0587 5 KB
5 KB 37ms
36ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2778779413489437490/media/17568fa8b6ddc2613f7cf3db9b85ebbc.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acb633c4d386102ac7538645f478ea04dd80cd28b5e4e53c2f8fbc4cc9d1dbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:02:12 GMT
x-content-type-options: nosniff
age: 4948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5367
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:18:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 03 Feb 2024 06:02:12 GMT

GET
H3 200 395d370bde56edb1a7a13cb7c151fd9f.svg
s0.2mdn.net/sadbundle/2778779413489437490/media/ Frame 0587 4 KB
2 KB 30ms
30ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2778779413489437490/media/395d370bde56edb1a7a13cb7c151fd9f.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae9ec49acaff45c6a341e9a552d546bd6fea845331c314261be35a40c37ddc7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138750
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1630
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:18:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 16:52:10 GMT

GET
H3 200 metrichpe_501_normal.ttf
s0.2mdn.net/sadbundle/1894223847900607345/fonts/ Frame C677 59 KB
24 KB 31ms
31ms Font
font/ttf 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1894223847900607345/fonts/metrichpe_501_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1894223847900607345/b182a832b34196e08efcebd71ce89df2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3865c0dbe6b11b3a32b8c600acaeda70bae7b1f8287d566bcc0613c217907f2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24241
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:16:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:09:01 GMT

GET
H3 200 4ce9bc67e0a2e7efe55660565f417352.jpg
s0.2mdn.net/sadbundle/1894223847900607345/media/ Frame C677 7 KB
7 KB 34ms
33ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1894223847900607345/media/4ce9bc67e0a2e7efe55660565f417352.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed4f7f2ec06e4817377cdad1256845b66b38c5c788e6abdec0a2d897f9b9ff44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:09:01 GMT
x-content-type-options: nosniff
age: 180939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7436
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:16:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:09:01 GMT

GET
H3 200 395d370bde56edb1a7a13cb7c151fd9f.svg
s0.2mdn.net/sadbundle/1894223847900607345/media/ Frame C677 4 KB
2 KB 33ms
33ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1894223847900607345/media/395d370bde56edb1a7a13cb7c151fd9f.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae9ec49acaff45c6a341e9a552d546bd6fea845331c314261be35a40c37ddc7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 05:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7800
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1630
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:16:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 03 Feb 2024 05:14:40 GMT

GET
H3 200 metrichpe_401_normal.ttf
s0.2mdn.net/sadbundle/10641642855527383447/fonts/ Frame C135 60 KB
25 KB 31ms
30ms Font
font/ttf 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10641642855527383447/fonts/metrichpe_401_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10641642855527383447/7699e54fbe06de7a20266585434cad36.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

671fca35d060e3ce06bbe0848b80e47be23f3322befbeb57bbce5d46994c846b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177532
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26072
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:17:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 06:05:48 GMT

GET
H3 200 metrichpe_601_normal.ttf
s0.2mdn.net/sadbundle/10641642855527383447/fonts/ Frame C135 61 KB
26 KB 33ms
33ms Font
font/ttf 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10641642855527383447/fonts/metrichpe_601_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10641642855527383447/7699e54fbe06de7a20266585434cad36.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39c7c602e0d57a569539f7e8e0b2d75a9f5aa9bb38d59782d2011d9e35c07d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 05:38:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92792
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26501
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:17:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 05:38:08 GMT

GET
H3 200 5a7f8bf311d911e5222b8911c1b494a1.jpg
s0.2mdn.net/sadbundle/10641642855527383447/media/ Frame C135 6 KB
6 KB 30ms
30ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10641642855527383447/media/5a7f8bf311d911e5222b8911c1b494a1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bed9e882e298b832459e512ea18ea9659b5a95876bcbf64c2fc8ca0c5167be36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:05:48 GMT
x-content-type-options: nosniff
age: 177532
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5753
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:17:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 06:05:48 GMT

GET
H3 200 bf92c8be83eeb2dbf186eb1436ebcb5e.svg
s0.2mdn.net/sadbundle/10641642855527383447/media/ Frame C135 4 KB
2 KB 31ms
31ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10641642855527383447/media/bf92c8be83eeb2dbf186eb1436ebcb5e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6648009549b81e81582f3fb8345dd6305ee4a232fd4eac4fd803a78cb69b0c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 10:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506769
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1630
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:17:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Jan 2024 10:38:31 GMT

GET
H3 200 metrichpe_401_normal.ttf
s0.2mdn.net/sadbundle/2778779413489437490/fonts/ Frame 0587 60 KB
25 KB 30ms
30ms Font
font/ttf 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2778779413489437490/fonts/metrichpe_401_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2778779413489437490/7699e54fbe06de7a20266585434cad36.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

671fca35d060e3ce06bbe0848b80e47be23f3322befbeb57bbce5d46994c846b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26072
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:18:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:09:08 GMT

GET
H3 200 metrichpe_601_normal.ttf
s0.2mdn.net/sadbundle/2778779413489437490/fonts/ Frame 0587 61 KB
26 KB 35ms
35ms Font
font/ttf 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2778779413489437490/fonts/metrichpe_601_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2778779413489437490/7699e54fbe06de7a20266585434cad36.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39c7c602e0d57a569539f7e8e0b2d75a9f5aa9bb38d59782d2011d9e35c07d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 08:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514368
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26501
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:18:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Jan 2024 08:31:52 GMT

GET
H3 200 e6540f8a1d17e17b354a56806899312e.jpg
s0.2mdn.net/sadbundle/2778779413489437490/media/ Frame 0587 4 KB
4 KB 30ms
29ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2778779413489437490/media/e6540f8a1d17e17b354a56806899312e.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

334e533282141e65e6b9d0850507edf34c5abdc68678587c648a1e6f46f5a791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:09:08 GMT
x-content-type-options: nosniff
age: 180932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4160
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:18:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:09:08 GMT

GET
H3 200 bf92c8be83eeb2dbf186eb1436ebcb5e.svg
s0.2mdn.net/sadbundle/2778779413489437490/media/ Frame 0587 4 KB
2 KB 31ms
29ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2778779413489437490/media/bf92c8be83eeb2dbf186eb1436ebcb5e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6648009549b81e81582f3fb8345dd6305ee4a232fd4eac4fd803a78cb69b0c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1630
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:18:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:09:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85EE 0
20 B 50ms
49ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Byd-2uLbcY4OME7jN7_UPwYS_YAAAAAA4AeAEAg&bg=!EBOlE1fNAAaq5O5FiuQ7ACkAdvg8WiOWIF9hdkWhukUGvOVDuxQPPCEgDk4GLUtjqBFaMU4X0QkpnwIAAADsUgAAAAJoAQeZAuQbKYu319hoBJYNA1Rvl7z3xhmlaG-F8bRYY4toNgaHOLR1wElakaywGLxkUKv_UYPQQOHSmlXLRH7fW1k_kxSzxizAJCjDtLiWFCSZYhFspEPqbELP6nfqDk1h9bncGR00-2CqIm9mXzsmitdg7r2pitgTx1LjmUzgaE--TfPfMLv71LcUqEqJglW8JdrpFV2VE0Czh1uDCb6zEeQcO708kzYCz3dgclbp5Z7HDL0JkkQgvTbTuLwsK5ro7PtfXYZRrxNwJLzTr6sl32jKHvnhAGDHgmbxPZZolEcmMNnd_-Eh5LLBBiRkjVZE0S_p_sOjMAC0w3WssWyP_A01plmzmCXIbIwrbmmujiCXdxGZ6FfCsW814KWutnMjkeT8DNXNY6TdjlHGpLCSbljBXea7CtvmRdtvvEZ_1eljRTvS2Yp8bVm7-kTenyx50k4TREAPyi5TcRtV1kOUw56E2ccUJc0nslfnORHz1dFb7amqy4uyPDTDeGWjzVmXt2kfsLw5n2LcwuKBdzMT7AboV9K8trdEcwgcWL-PAHdVCcW_5dY_fPzaSIwkvoVBBkASpS8V8VFQ4SNtuKgbfJIagnzhSuJoIL1hw_fyFF2PS_IAoVlQYqwEdgS8jRV_z9wFUc1jTJawL2o_6fTOQPcySdlCEfsrNam5_wBVfQKdG-aVcbxeKLJ2f-4YhnE7d68Y50VSMXz5aYVaAqHtyN7hdrQSUjP7PbvhSGreiWweM6KEmhw7P-zgFDaF07a00YI6ydDKHwS2N7T63QGc6qXGvj2dt5quuz-15U9WeWRUiYr7TXd8kwbATYR6zJ0tI6922qthM7nD1vlCWzLUwimyrzuku6FKUk2Hcbs3LuvvmTyDay8qvtyTxi4T4uCjk8nqsnVjYjSTmcRunDV1yb1maQvDde68GZNAqFq1aWw758l2egSyIYjt52BGX-qPlEulnKIDRFRPM7sD63Ba_FbKKWHbt_7TfQ

Requested by

Host: 1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
URL: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 metrichpe_401_normal.ttf
s0.2mdn.net/sadbundle/1894223847900607345/fonts/ Frame C677 60 KB
25 KB 33ms
31ms Font
font/ttf 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1894223847900607345/fonts/metrichpe_401_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1894223847900607345/b182a832b34196e08efcebd71ce89df2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

671fca35d060e3ce06bbe0848b80e47be23f3322befbeb57bbce5d46994c846b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180936
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26072
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:16:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:09:04 GMT

GET
H3 200 metrichpe_601_normal.ttf
s0.2mdn.net/sadbundle/1894223847900607345/fonts/ Frame C677 61 KB
26 KB 35ms
34ms Font
font/ttf 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1894223847900607345/fonts/metrichpe_601_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1894223847900607345/b182a832b34196e08efcebd71ce89df2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39c7c602e0d57a569539f7e8e0b2d75a9f5aa9bb38d59782d2011d9e35c07d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:38:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175557
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26501
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:16:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 06:38:43 GMT

GET
H3 200 e750916f231cd1e228c30861601aa971.jpg
s0.2mdn.net/sadbundle/1894223847900607345/media/ Frame C677 6 KB
6 KB 30ms
30ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1894223847900607345/media/e750916f231cd1e228c30861601aa971.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd02a589f937051a0197681a0c494abddc8fb3c56aa3ded47621e67b6622303e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 06:33:12 GMT
x-content-type-options: nosniff
age: 89488
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5795
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:16:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 06:33:12 GMT

GET
H3 200 bf92c8be83eeb2dbf186eb1436ebcb5e.svg
s0.2mdn.net/sadbundle/1894223847900607345/media/ Frame C677 4 KB
2 KB 30ms
30ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1894223847900607345/media/bf92c8be83eeb2dbf186eb1436ebcb5e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6648009549b81e81582f3fb8345dd6305ee4a232fd4eac4fd803a78cb69b0c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180936
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1630
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:16:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:09:04 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1439 0
0 52ms
52ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuLr2J1lH0F9gQAL_sz2uyUx3MkBFdlGGPnVd8kiZ0MfI8TWvu5bm-RxvpAGFKUnlSuPXESZYPb1MaYoMWKUP6JumI8ixbZSS-0fUJ1H-tdkDUItnyQ0jile42ofummEZ0YToMZzt9CO6CGWm0qlAXSvPL1w5rhKCFeQoxLWhoA7wrtatZ6aUOI8ZcDtcK7aJK7JMI0LTy8RKF_SI-trWtUHROtK713IiGiK87VSBPhvH1UL93W8elc1mPh0e-YvFT2vFWmHm8iIxHLHsZl-W54qVFO9Uj-tx_9Qg-SSIIWYOcBboJee5D7zs-ez5fNw53Lwajml450aY2SYxwDgmFmg6y5py4sguIAItIKqWmT-6PLm5UjUZ28HR24kL76ieiSLa6OW4nxEq8pdF-0eor8YNk2nFVuwRPIYU0r0JFmJWsyCiI3XgN-diQMB7O5JNejVAuKM7vURQWeeQjs0C2GJCtG8_A6BiUpBRPfQodr6O8RjItX-91bFSben5lYeB2Jt3Mdi69UEQQeFP51vSbzqxxH8RFdRtuOFNVa5A_lnNgYktfQ-mmFob6qQRWbj5t5gx37j4-y3Rx8BXTCXvMmSYO-KDjqwbNuN9rlRlYbxgkozvxbb-9Giau8oT2TiNG1JCunvWKGKt8n9fjYOh1gtCvYxcnOKeia5S4Z80VpcYlda02aXcah2s_8gVEgDuxt1OlozgfcZjPfkDpXGOIMEzo9MFUjkI9Jq7grEqtlkXrZQ4Op1lOu_ALDl5fd0oGIPxT3jIBqHh4MPav8PlSobiFaXgq4PMepjTswH95UaY6_asTEIdSr7l88WnT4T8jxinjB6efasYv2YzyNxgIhrxcnP7gHFpwaqdNDluAY-Sex0VHShUd-lIyzdZVZ1QHGGsFJiB1tJDAHrQNcX7MWcduMhIeXdyYaIz8bm3-iUmhvvHJiNX65vB4Mwzp1YBRIgDw6Ryug5lVlz3cvNpGnhWTVDOtkVGo-MfM0bPdPwNoMOhtna10lpYMuMGhhGpFn4j0HGNoNIjF0Tz83VjKLnKkW277VN-GTTIZobxvOEN9D-Yz4oE2hpVOwd8OIvYm0Psg9ex-DvoIlisTf3UXIsZSyvjqlMOy-iX_cuvx1QBzygtFkmzC9Mvkgx_UBkZ0Hxz6G230I9c3YmdZKhjgmQgl1kZbLEPa2d0rL4Er1px-QlLlGTUjzwGQgkE-CBbEYWoapzDku49gVKB7Ahq8fn1MLDBKBoXQWSfmv_7cWvw&sai=AMfl-YTEOKAK9PCLX-B7OvKgu7lPFIRmt19E13loFmFZjfVnBmCzIU_n_ay9SlV8lSyuy9COnSOYPOFPY9z3djzdFsX1bNo8iFhUO9ZDjP4q_mqhjdUCVGkSkJxLuQmFDzru1rafPpEqN-r2nFpcWX0ZzvUgT5-SBLiYeUatK7RX3UQALWwY3s6Z4hCLgDsjBLXsxtXnXls5ZIm2CetOBt-ilT9rBsmK8xa5ygHbePOmHuEy8pRjtGzH-Ap3LAmma3ZA8Dhm&sig=Cg0ArKJSzFxn2C1MdRNlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=605&vt=11&dtpt=387&dett=3&cstd=215&cisv=r20230201.82865&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 07:24:41 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7B3A 0
0 54ms
52ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvxyJ7RFDK8k4ofBV-pbfCrKERW1gPn-Se8w6fZGAQBrDi9vdyZFPzNApWBUcseuuWO4IJFl3O7JyVHpSePKIiXvxY1B8FmGx1N2yntIWa94X39hhstTRsg74MS0xZETNRbddbMKAUvom-hCyADBmaalSV8mBVvsOWFiJa4KeUvkpGdacs2F-wKBbqZT3yFHHyB_D8tuJMdDomvWuK_uX2Nc8w69ZPcSSz5XoXPYg00Wmp4cb2lBPL0r8e_86EQLh5bL26dsXsgpilAjioisiu-Hr0SEBZ7UcdKMPffdvu2_s9-Vy-YFmtT8ZhhZGjoUu67f-u2EIZNfHWulpCMEsvDlc53HK3xqsHdgziAgITyyDAd03zBYuKAxR71KdlocEAYlSLN2jkXT-Ak3iwjulPdul479UcoiTwM82_Fz-WEyZWK16ba0jJN7fwcN5zItqDO17tariiPn7htLpdaczWEcVrG86hBRTACzYegLOWg2xMTUoxRe3-2V0WtCTaZ5jE4GDST16DS83QLRZjnSmNb88RiVZjpNgAKBLnLRPHk6c60cgj23i9eZTqCy_AGOlP41fsy1EK5g0Eo97X7m5twLVURNDqZiyBGQtrVkZDvmbkgznyDLncUaOhJgSzkWIlKifmSqiTgZtQuG_bVVe4Uxl_CbFwR9JNJ9yszDXD9Mng-1hb1Cr4tQqZXeZZEcNF3dauIG7naVDUXlJK6gt8bM4OTSf8jM4JyOsS_R1kTD2XjVfHc11xs3jm2mtVOjhim4lfWN6Xh1J2JqAwR3CaR88asTzpt71Y9gixJdrearKJGtQUbiCjqyzLUV3sN4QlBRL5ZECr3UgQI8kysTmtHXXKCtjwsmjOkVS-wHINgGwYVL0yrOTT28ffA6qMNCKNQcQg1D_ldKAOil30bmu081oBUMwR6FumubjMWZQlwM-ro5vhqZmoN0pORWQcq344mRyKap7SpR85OT8D_LxFjDS20JMRPpwKGHTf3ibP6OEzJt8LWWr7GX8FJYQ8TZQTuiQU0lCgJ1W_ObeGxg3LyGbatzsp6oHz019qbTwpB_N_T0qJBMO_eVfOFquKbJb0gT_nh8E-U94oWhbHxPbOS2ndJ_5igAhy1nXZ1XULJPsFQtU6Y3TY4uudRxRZBNDcRwnsT3ZbesRxziQBkudMknlCEXSBeFluy56X-hrfwbFzto_6tepwc4vOPjng4olgxBip9LiS10ulVK2cqC0TLBgxYBRZLZjb4luDivPExaL9pjHE&sai=AMfl-YRxH5aE2H6VRGiV48U53XddAYI7OLj-YLRTe-RhobKlLq58ix-AlX_7dnWt0o5RDR5o7CY7i8SGRHE17YFFA3ZS0MTbqZiAJQ2yXdXGbm-kXysgEtIJxBwAFcX_5MxOMZEFFO2-39byXv5SximZj2pgOvWKujCmhCF3SnvR7muux1B7lXGaE6vGszAtFUUAE8beqhM1E6CRmrqOIc1MjP56xFmbn7_AkLhgKRYolt6UmzNPbXWAB6Vn0WDHrxM2AAYm&sig=Cg0ArKJSzKPC_yLQZtaOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=516&vt=11&dtpt=356&dett=3&cstd=159&cisv=r20230201.75214&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 07:24:41 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C6A4 0
0 52ms
51ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu_-AsqByqksXYYW5e03RcO9vSJOFTcN4-Qtl6Jrcbr4Blvtnn3mj405i6--rIASh_qYw25jG1q2y43kBaOMBhiWTbnM9Gl-XBUpCGLMfjJATw8heJNhhm-alRA0moKpMgLegWbpZpNAG63xPxQpI8f3WHqPmgfGX4SpW40g5gZctsYtNlZoepLQPGRFMgc3Rn9Rdeo84oDrhESv0C3qVA7jtoi5p_5RkpvpEq3Jvv2eJng51FVH3c4R5uZfYTUiLjvzTU6-G8Q9W6MSrRgrl_KqTnpjEZUp5ENlbGPlDqrv3_oU9KydGLgpBMQXaHZVrQnTxKxwa0n-Hw2n8ave2YZbz1Nsgro4H_LdrK0XKGL8_2wFXWfYFg0pEKoW70c-8uJx9FyOOJXxzC1qNKnxqdRJphKICE41Uy7SUgUKNdVVVgEpQiIS5PUbs0fF5V3gvvHN0BqQVFf0IoemG5j7LsYucbVZ_ObBDZreLNooSLrFDfDEXY7H2qeO1M8wG_JI8zAP-0lppgy1_34LX8UjJOhv7Q3YBF1s4HWiu7JT5NPYB2dybctpCq8qiGQvJrAUcBNczBV1OQ67wstMCY8JBhwKtTUHElFZlEr0csA2HrUS-RFb8e5JE2N-GruAVNC10-T0J5IwAPi0fdUM7PgnDaPCRr0kJPLWUhP99DjOycEtaRaGUZQXlRvNv3cOqbrLkmQF_0LACry7iVWgP4PD9pIzIp4zEKa_EBheEp04CAoq2r-TVtiNCMFyiiPr2ez7HTfeHfGA-51HULmL5bFiGzbAPrBYIbMO-S_siu8U2-CgyYimj8xip8_DxniwPXgVzvP88pdttAt72zPgho8XDrnz-V1jbD5i2looWLR_Mnooac8zsOci8T-EjGTh52XIZ2XlOdyr6R3eKzX8siTBTTZaF5yx83yxaDbRed4tpA8OTO-UTUjL1auTjOn2BHICOwSosRhjaW3NBuC38AevB5b25OxA0KiJY9CRHqmRGzTgVmi0yF5qjMGkU5hPGHGbWwlJuZ5MTLOpC5eI1-4c6YXoVz-vgHwEloQxEkpOn6_Njer88PgiMeOqwI2Ff3MLsRWYYvPOvMmlo6rHF6QHB6WYXxKVikf5Zca42eav0lCj6d_oF0XtIMr5kwshU-Q7lL9LNHGBdtnFlITtXVc2wQDUtuYMVoR5xEcj-fy4yNmGAejDgJUJg9jtQEU-bKZjxPLDuaFQyWFsgx_0o2oQGSaNp6B7UEpjXtambw1fgxOY8ZeWz4&sai=AMfl-YQNzQlj6GbDsvQIwPp4vNwUlySkjyVH0nE68huixeZjzJhAxYfi8yLpPqD2oRLC3IOriJAgVQfqK1CTG_rgyFho4SWki10Ngja0u2I1dQ-hwuvNy0D3u1BoQGYCqIU-p9IsctAmgmrIbcWldNM-n02cK8IjwLQi7y_vQgtFY3R_0_dG7nd1XX1G45egx20LJDr0JY9zO6bicRklWa03xxQr8lyW_rr7AWe2_JyoUdoq3TO8Gd9B1im9zFh8n_q_nj0h&sig=Cg0ArKJSzFRYF25wIhspEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=525&vt=11&dtpt=350&dett=3&cstd=172&cisv=r20230201.27057&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.mlive.com
URL: https://www.mlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 03 Feb 2023 07:24:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 85ms
10ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_HEADER1&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&t=1675409077743&de=587659762582&rx=362958122213&m=0&ar=8bb996ed3e7-clean&iw=7d4f773&q=1&cb=0&cu=1675409077743&ll=2&lm=0&ln=0&em=0&en=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=advanceddigitalheader640552616592&fd=1&it=500&ti=0&ih=2&pe=1%3A1489%3A1489%3A0%3A1846&fs=201889&na=557079976&cs=0
Requested by: Host: www.mlive.com
URL: https://www.mlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Feb 2023 07:24:41 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 107ms
76ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d6ed9f1d82f2894a09ee48832c0ac2438497370b452346af2d65af9797dfa2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11363
x-xss-protection: 0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame FF0F 0
181 B 35ms
34ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=4pdxx2d&ref=https%3A%2F%2Fwww.mlive.com%2F&upid=p5qqvcp&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Fri, 03 Feb 2023 07:24:41 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 15ms
12ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.mlive.com%2F-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-6%2BU9GJ%2BZ4ONI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-pUX1JxNzs6uFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1675409077743&de=587659762582&rx=362958122213&cu=1675409077743&m=3288&ar=8bb996ed3e7-clean&iw=7d4f773&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=12736&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1489%3A1489%3A0%3A1846&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=201889&na=1588426086&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Feb 2023 07:24:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AFE6 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuVwkuLbcY529GMfB-gaJ2JKwAQAAAAA4AeAEAg&bg=!d3SldDDNAAaq5O5FiuQ7ACkAdvg8WiE2v754Sf7cAFUGWoStuNEYY8-QsLvd4YtyTmgIqlJDf-IHYwIAAAFAUgAAAANoAQeZAvrurKnUdGc3y6qAYsD7PX9k331j6AnP69GrqLfJyyRgNpsZ-YcC86v5ZtPaoRy4e0Gxum-RcDfZG37UQjmVwBvctY1LOP0OiAH2pN47efPLZbyKOJlmZF_fwMZzEHmFw2NNujZ9Nk1OpzKVMWMJOYV1wyQF9kuygBOErj05k0x3fHFADOR6XQ9ERYvtZnRRkKrtoBV6nzN0lixUGqq_EyuL9sUuswqB_qzsgK2cRIjuW_gclAC77UxYb46kweCVBeewxW8EydjynQhS0Ww5VHOv9PlIvpqqZsYfm5nZmobbKBlXT2R5Dh5avepFOFXmjOEH5kumLI9BN86Ayt_nv0ZMdBiU4VUxfD_XbKbnfIsXe9BRMG9Fl8uKRhlzAYsOdxZs7anIsAK_MM5ZMEayGn5spubkDD6nbc2_hE74P8Pt5aFc47OCb2hSetYbWiKXRCKjpXvKp56zkWnkTDYbFx6lcZGcygtOGZWv9ka4F4jtcxABxk4RKXKYHGuN9VQlt26Hp2gXROOOiKyZ1qbWg5AnDGhTFOojWXXGL-dRFwcIgpbjInyoIWSwsB_6aFBAH5g0Va_BoZ95D-eorMlvg6RVVjvZpTTlqbx2IdzpM7LI4HikeNsBTDku-kCO25U16tyIqQ6x0uApKIGBSu1WRGt58_rwCtGe5K6hpEANfRDfShe83w10cuOhnTAQGVWaCPLchDDLnjyPD_8tebviQOrvvLHyrlYCD6JI-E6PK7OtK-2q9wF5ReFG7-dB_0pJcCxtCkaDIBU2eZHqShGaBAe9LHNU0aMvJT1bf_utH1dc-WOIGxNwhErAi_tqAOQeCXoKFuGomfPrjy8V8XhlymzQyVdhVNkCt4yfbbgtA-jDnL4nHnfDohzRo7AmmvJNbjYrDovLqmky6K6vICSlxLz8mzH_aJXkWDuo7Qa5u3-lRs40RR3Xn5dvkkBS6XCtUMhFvIN9223aI2wN4vOnRRQvdTrq0nkTtZDhsmRpEscGqBEWzp3YIX-R6Q4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
684dd32a.akstat.io/ 0
201 B 94ms
92ms Ping
image/gif 2a02:26f0:6c00:1bb::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd32a.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:41 GMT
content-type: image/gif
access-control-allow-origin: https://www.mlive.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Fri, 03 Feb 2023 07:24:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D136 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5S-DuLbcY9-QGeSHjuwP1Pu8kA4AAAAAOAHgBAI&bg=!tbaltvLNAAaq5O5FiuQ7ACkAdvg8WqulHhgeNg38eDSqw91giuUNL7yzPDFj4j1h8VQIyKk-rUHIXQIAAAEJUgAAAAJoAQeZAuOr1zB-BkIqWu2wO653SFPjJtBmkvK67rJVdlb_gLKdVMoHgEuwAImuzeVjWBcYq6-U_pjN4dZGZokxoGq64icMfqHfG6B1nVi-zmDhbZeLJV2LB28eFlyJOIbowTX1PUNTtbQPQ0ZNUA0d5VAGw1bl52gfUqJlYYgFATBIsv0mGkJbF0rCYJqBBVddpmxoGrJNJ9P9eV3d4pK4GfhvJHW-SJR2sI5xBGyJvokD-VVtxN4IL5fSZVdmyTtWWMGxscc45gLyyaMbza9Mqccewen31YWemJo_LQlJGiARJpGzMcd6kuHckX2M8SmQ7BanTSobZkt5naq8BqrgEp-dpCaN9Oj_0gGHtn-mXX3m5lMJLNjJDJBBVe-8waq8aRU2eYiKbsgxXVT9UEH3wIcWwl2W42qNFjAk8tBYLUhDrvz9HWf1DwFTGn9mR-89yDkSq-NqEEFCUBto3fISwi8mDxHyxGDVsNaIfHIas0f3E6KWKVLNULZDhbiawd8GZNfRGcP4pyrjttDhyJMQKGvP2MWpH42rFV8I9-HnVqUt_8D1cmzYbA2im2QaMVM9QrCSrS33aH0ZMh93MetOpciETebabYT2yNqTFKa4X9AfcBUJs-jYGWTdzVS65A6tqx1ZaUt9aqaB9Xfr5bh3XIN-eRlbop3-9RB94yN2692l8ViMDQZ-NPnPjefTGqx87x7v9f6d_Sby4TSCPTOc-Kdpe1svj4yUJs4tAO421ZeCi9vo8cgz8ZR07o5HN7gQfnrVFCQGtSPS5htM0UMduH4xjEZeXurhFowCeNn_VN5uMqHYMF8BHvRIOGxZ55phFH31TNsvDxysDCB_OHkvt_XFUXOb4fj5cXgKi_JzWPbeKcEnlFPeqoJVsrEE7_SXuvSv2gwnRK7nOpHJ1tiMAXhr-_ButMXyz0KDKHnUwitmBxl0j-P8DAPBscrmtIXmwAXLOeVO7ncd9Sw6ihSxUURqeebzLMbt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 76ms
75ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js?cb=31072166

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 07:24:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 59AA 13 KB
5 KB 30ms
30ms Document
text/html 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 168657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 08:33:44 GMT
expires: Thu, 01 Feb 2024 08:33:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A3B5 783 B
535 B 24ms
24ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

90c31d594c482ed8261fe5e14d06ec7090ab75a7b69a06770ffe0afb17ef6811

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EcZf8nCc8OjFj678qq_d4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-EcZf8nCc8OjFj678qq_d4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:24:41 GMT
expires: Fri, 03 Feb 2023 07:24:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A3B5 0
0 47ms
47ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023020201&jk=678597913097256&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js Show response
pagead2.googlesyndication.com/bg/ Frame 59AA 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ltCRSOx5k-1I0D0UILHPXNozEC50ZuHf8HEjBLxTFM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 19:41:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 19:41:30 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 59AA 0
10 B 29ms
29ms Image
text/plain 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cAENbA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1439 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssM4LzxCH-zH0KyqixZJ-Eetkifc7lqJ2DuU9KlzfIIzNEnz_GcRN-PUoWXrWh9SSIBxJ4dVNDQplS883bWSF1aj9u-_TNXjJZAqnNyfWCWEx_NuGyqvTiIOQRVV_xOfRO23P6axA&sai=AMfl-YQW--tuZqKvsm1kaBcIKI_tlfgB4fnEx0Ceu-TZHn7RBD0h091Hoy2pqX5XodsWprYc77n7IRlTF4IRAarrjzMaR957smfIFcQAx-pgCkZXzHbqdEkh8amAuHI&sig=Cg0ArKJSzBvp4Udiff2fEAE&cid=CAQSOwDUE5ymCEVCO_ZeG-bHzbTH9_AiNhkmyIIlu2X3Nrs0NuQIW2uggEL3zFBtoY6CMzj-lDQzzS-Uw9BJGAE&id=lidar2&mcvt=1000&p=155,1135,405,1435&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1117919376&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675409080070&rpt=371&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7B3A 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKuWXKL1IgrWAtEm0vxrXQO0-dzAbkus8iTgZR862Rl12YVAHQBUIdWJ2ucuSJgtCxOCO84ywv8gv7jlWrWVRAa_YrBS8IcrQz-T3UyZ_b3dU1n2Yq9H0fjTcSQYuH0RxeA07uHg&sai=AMfl-YTppasENJbXIgqjIov-HV3LED5i85Z87iLbg75gA48gbh9WnK3fJnbps9CgiNDFowzAS44w5fevAFq08sZjjQhDOfZAr5uWuh0Pj3QDfqDYNxO_15FQHHQ0GCE&sig=Cg0ArKJSzLNSf_F-e_hDEAE&cid=CAQSOwDUE5ymCEVCO_ZeG-bHzbTH9_AiNhkmyIIlu2X3Nrs0NuQIW2uggEL3zFBtoY6CMzj-lDQzzS-Uw9BJGAE&id=lidar2&mcvt=1000&p=895,1135,1145,1435&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3501067380&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675409080077&rpt=453&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C6A4 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuy2oxJRngjqeKd7EcxacVM3Qpdho4qGW4nDwM5C4aeM_mrD3s-OQpZZ32DMJy-4tzLuJ42w5-cbXfPouB2CwYDmVzaRMiQet6HwR5l5WFXTsQDHzEpJRG4CsmOFk0jHgGkyGx41Q&sai=AMfl-YSpBSH_9_bGRzWpGbpheWIB_WhkQwzrKH2x8WZxQhaJsYzePg_ugPqA3HtJj0UZO1Yb5DJ8CCYM94sBek5ZnVSyckvWB0CnP5VTVRwEcwABjrMeIBMJ5KaNF78&sig=Cg0ArKJSzN7waPwDyEi2EAE&cid=CAQSOwDUE5ymCEVCO_ZeG-bHzbTH9_AiNhkmyIIlu2X3Nrs0NuQIW2uggEL3zFBtoY6CMzj-lDQzzS-Uw9BJGAE&id=lidar2&mcvt=1000&p=887,165,1137,465&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1117919391&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675409080075&rpt=516&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 115 Show response
check.analytics.rlcdn.com/check/ 25 B
384 B 81ms
35ms XHR
application/json 143.204.215.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://check.analytics.rlcdn.com/check/115
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-35.fra53.r.cloudfront.net
Software: /
Resource Hash: 8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:24:41 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-trace-id: Root=1-63dcb6b9-70596cf07fddec3b31e3be76
x-amzn-requestid: cb10fa2a-48da-4181-b0ff-db3765ff7556
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: fwF9DHO0DoEFYpQ=
content-length: 25
x-amz-cf-id: qiVsvSuzfn2YmClJ3_tg2j5W66KTDpsQAtbX5UKO_x-RCmS_7p-52w==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023020201&jk=678597913097256&bg=!GhmlGV3NAAaq5O5FiuQ7ACkAdvg8WldE9GcgxYdQqcclTT6aeK97SvfLkw06iwtoT9qM-vDFMpTuHAIAAABJUgAAAANoAQeZAq2EJfGyRm_hr88Z0qHIotEs83XZDzge1rCudA_E0DprMb4NALJX0XpzBc6S1KhmwHhy3GYXM5sL0fMTcl1Z13lUtQ9BPRA7RAGfDGU4gBl9Jd3NOHHHuR4UossC2c51LIQe1sIQxn_z-vqrD1adtTGHVtE-XutzFVbv566EbXM2i53ORDT_PnXceBCaUu_eOaTLSZbDd5kJmazKYeCSoM6nwBDn-b6ZflWef4Y5gd7layottFZ2JL027u0LHDxmDsZce7TV7kjAfx4DnLlS7snqiFzHIpUAubo3Yf4DFCgEL88WcGwVRvkWhnqMq_UNHlxQL2MVTB9mCLeVnVUqNwp2A39HfjqQKYkAXqp14CD9MEpT_5frPMGeqfZiceM85C_C6BC2VDq69ClAYwDAEnq1ahzTZvFUCxLyK0sLAcAmdS6DAlS0cAEFr3KliHoO52MqJnwbplG1H1V3ygw5r-d8M3vl6IED9n355D5PKjqTA2RGN5V_7k3Z0Brd5qfhuOiaQfeNyxd2TVB48CRV4gCLCurzz8kuLmiYaxrmkm-Q4iyjUNzDsNZZMQvnokPXQkNekuiJITOfmC1AhudyPtRap8Uglbr0ug5xJVP73bYAHtiGBpRYy8ELWJmEaeTyMdqTZ9ETvinnw_A9KssxLy0_A9Tj4onj33dJ__3jVPheTR0rIPGO2E0CL6dMRCPtgp92eVJCl1pqQovbIAvYzVHlIUPfZ7QWINJTGgsyyi_KbPH2chOwpo2dKPflCe_dcd4CqTXC3z0bErAi3Q1pDVjaLcq8bkUfJOYbQ9LquLi9dTHI5PT9eCiGYYQYDmPgUnitzE00A9nvZ9hkHDYBDEN0skQPddcSoEqHNhKSxrL3AABKbRAv6XR75fyurKJxHjSo_RpO8MxpVYs9-Fqj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1439 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4832790122039&version=m202301300101&ct=76&x=1&cor=2322238139544348000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B3A 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1205313453368&version=m202301230201&ct=76&x=1&cor=3762939325238897700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6A4 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4271612558812&version=m202301230201&ct=76&x=1&cor=2445429371500066000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 75ms
74ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=45je3210&_p=414081515&cid=1787032869.1675409078&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1675409078&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&en=blueconic&ep.headline=undefined&ep.author=undefined&ep.entry_id=undefined&ep.page_type=homepage&ep.product=homepage-beta&ep.platform=desktop&ep.page_path=%2F&ep.user_subscription_status=undefined&ep.ab_test_group_user=sub-group-c&ep.search_term=undefined&ep.targeting_codes=undefined&ep.targeting_codes2=undefined&ep.targeting_codes3=undefined&ep.targeting_codes4=undefined&ep.targeting_codes5=undefined&ep.targeting_codes6=undefined&ep.entry_tags=undefined&ep.referring_subdomain=undefined&ep.browser_cookie_region=undefined&epn.monthly_visit_number=1&ep.content_region=undefined&ep.content_topics=undefined&ep.blog_category=undefined&ep.section=Home%20Page&ep.article_date_original=undefined&ep.article_date_updated=undefined&ep.entity_type=undefined&ep.entity_value=undefined&ep.auxiliaries=undefined&ep.gigya_user_id=undefined&ep.usprivacy_cookie=undefined&ep.userid_flag=false&ep.ga_bc_1=a0002%2Ca0022&ep.ga_bc_2=undefined&ep.ga_bc_3=undefined&ep.ga_bc_4=undefined&ep.ga_bc_5=undefined&ep.clavis_interest_topics=undefined&ep.site_cdp_segments=undefined&ep.bc_visit_number=1&ep.behavioral_momentum=undefined&ep.frequency=undefined&ep.recency=undefined&ep.intensity=undefined&_et=929
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
249 B 424ms
99ms XHR
application/json 2600:1901:0:8344::

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0014000001PAW0LAAX&gdpr=0&src=pbjs&ver=7.31.0&us_privacy=1---
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:24:44 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.mlive.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
542 B 15ms
15ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Fri, 03 Feb 2023 07:24:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
315 B 49ms
36ms XHR
application/json 63.35.129.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?us_privacy=1---
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.129.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-129-113.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:44 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.mlive.com
cache-control: no-cache
x-server: 10.45.6.74
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
252 B 62ms
20ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=115
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 07:24:44 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.mlive.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 63B1 281 B
554 B 54ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Feb 2023 07:24:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A9EB 16 KB
6 KB 84ms
8ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=20313
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 03 Feb 2023 07:24:44 GMT
expires: Fri, 03 Feb 2023 13:03:17 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 9CA2 3 KB
2 KB 39ms
13ms Document
text/html 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 79396dba7c163a6a-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 03 Feb 2023 07:24:44 GMT
expires: Fri, 03 Feb 2023 11:24:44 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 4344 21 KB
8 KB 130ms
63ms Document
text/html 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0761fe5fd79b175cc226845e762ec424e49e8b3ed382990469fdec9069976b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.mlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7833
content-type: text/html; charset=UTF-8
date: Fri, 03 Feb 2023 07:24:44 GMT
expires: Sun, 05 Feb 2023 07:24:44 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
400 B 16ms
15ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

04848ac69d62f12534cea2cb8d24d9396e349ec772e8674504f3f5147b54d3d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Fri, 03 Feb 2023 07:24:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200 392.json Show response
id5-sync.com/g/v2/ 215 B
622 B 15ms
15ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/392.json

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

621075c8f39ef523d99c188a1fe01ee522e15a7aa3626277bb910ed489d00e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mlive.com
date: Fri, 03 Feb 2023 07:24:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame A039 2 KB
1 KB 27ms
25ms Document
text/html 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a2af1afc12432dbfbb859768af1771b4e8b6bf5e2e4c9b49097ab935d707fcc

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 79396dbaaa26bbe3-FRA
content-encoding: br
content-type: text/html
date: Fri, 03 Feb 2023 07:24:44 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pk8iMnMWF9OcCr61ISdN3eFXAGKUSBTqqlis6to9lkxUjyeEzImLNeKqhTOzYxYjPZ08Jp9y6lO0%2FaTv4MDsKJAENppcEl35BogfJ%2BABK8P3WLUivun5Sda02T3HvBUA4JWqG9YHqx70sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 63B1 34 KB
10 KB 8ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 208deb0b039ea19051704b97bb208fab09cb847e390ba5485594befe689f2b5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Fri, 03 Feb 2023 07:24:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 11:10:49 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=13482
Connection: keep-alive
Content-Length: 10036
Expires: Fri, 03 Feb 2023 11:09:26 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame A039
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9y2uK31wN_kLTK5uIWuywAABGwAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFjAZi35LHWS-KB8YLfL2OI&google_cver=1

43 B
794 B

24ms
24ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFjAZi35LHWS-KB8YLfL2OI&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5qTWRc%2B%2BfnHkmtZpDb4ggWFm%2FvLRD13MokBTmZQFCnPBKjieueqZEP%2Fick77a0JjHoeZ2r3nMFxaqtSs5EcpNWP%2F9XL%2FZ6SrtMWc2PxVRU2xTB2SdHgcaqxDsIc5qZEDyDU%2BK5NOafBFw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 79396dbb09ab9bb8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFjAZi35LHWS-KB8YLfL2OI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame A039
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9y2uK31wN_kLTK5uIWuywAABGwAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9y2uK31wN_kLTK5uIWuywAABGwAAAIB&dcc=t

43 B
855 B

121ms
121ms

Image
image/gif

52.46.128.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9y2uK31wN_kLTK5uIWuywAABGwAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.128.147 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:45 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YM4P1Z0M4RYWNZ7H9K32
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:45 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KM3PB9C2VF3BQ5C8K2M0
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9y2uK31wN_kLTK5uIWuywAABGwAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame A039 70 B
264 B 36ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 03 Feb 2023 07:24:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A039
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6549275271843202221

43 B
632 B

65ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6549275271843202221
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Date: Fri, 03 Feb 2023 07:24:44 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: bce86ef4-2359-4e0a-b74d-853a3d46b6eb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6549275271843202221
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A039
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=68
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=XEtUG4k3R3xsobYuR7B6QCU6OvY

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=XEtUG4k3R3xsobYuR7B6QCU6OvY
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=XEtUG4k3R3xsobYuR7B6QCU6OvY
Date: Fri, 03 Feb 2023 07:24:45 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A039
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

43 B
632 B

33ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date: Fri, 03 Feb 2023 07:24:44 GMT
access-control-allow-credentials: true
x-powered-by: Express
keep-alive: timeout=5
vary: Origin
content-length: 0

GET
H2

200

crum
dsum.casalemedia.com/ Frame A039
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=8297de84-3c2a-cc63-0366cbf0

43 B
780 B

92ms
34ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=8297de84-3c2a-cc63-0366cbf0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4eC9M7MR6vwqdeoxwvxq635u63nwN2%2BK%2BwNuCCTtN0ZaRVln%2B02zOs3WwkDhT4tBj2%2ByhG4UQi3aMQVJNgYv7GrA16qej5v95o0eb9v9sxLpFTyoM3RYgK1ASvHdcwXe805yMsP"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 79396dbc8c8639c7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Fri, 03 Feb 2023 07:24:44 GMT
via: 1.1 google
server: nginx/1.22.1
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=8297de84-3c2a-cc63-0366cbf0
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119

GET
H2 200 Y9y2uK31wN_kLTK5uIWuywAABGwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A039 43 B
601 B 140ms
35ms Image
image/gif 2a05:d018:d29:3605:6b2a:5cae:833b:4670
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y9y2uK31wN_kLTK5uIWuywAABGwAAAIB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:6b2a:5cae:833b:4670 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame A039 43 B
352 B 65ms
13ms Image
image/gif 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y9y2uK31wN-kLTK5uIWuywAA%261132
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:44 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 5791
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 79396dbb4ac1364e-FRA
content-length: 43
expires: Sat, 04 Feb 2023 07:24:44 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A9EB 2 KB
3 KB 13ms
12ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=92589207&p=159879&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 4a1b2ac65a777f5cbd02295a63be826abcd1f48b0ff8d9e41c34d1611e6d5734

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 03 Feb 2023 07:24:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 9952
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=FEF29A6B-FA8C-4349-8382-5AF0F25F61C2&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FEF29A6B-FA8C-4349-8382-5AF0F25F61C2&gdpr=0&gdpr_consent=

35 B
468 B

32ms
25ms

Document
image/gif

37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FEF29A6B-FA8C-4349-8382-5AF0F25F61C2&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Fri, 03 Feb 2023 07:24:44 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Fri, 03 Feb 2023 07:24:44 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=FEF29A6B-FA8C-4349-8382-5AF0F25F61C2&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5287
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee0763dc-b6b9-4e00-8f5a-1d2572650c6a&gdpr=0&gdpr_consent=

42 B
405 B

118ms
19ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee0763dc-b6b9-4e00-8f5a-1d2572650c6a&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:24:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Fri, 03 Feb 2023 07:24:44 GMT
Expires: Fri, 03 Feb 2023 07:24:43 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 421 8749e8d master zrh-pixel-x8 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ee0763dc-b6b9-4e00-8f5a-1d2572650c6a&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 17B0
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
245 B

29ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:24:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 07:24:44 GMT
expires: Fri, 03 Feb 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1708236
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame AA66
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1209811998937673864

42 B
425 B

101ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1209811998937673864
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:24:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1209811998937673864
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 3ABF
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=yO6MkpzrisnTvI7Iz-3Fycvo3ZDT7Y7GzrhZoOWC

42 B
342 B

119ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=yO6MkpzrisnTvI7Iz-3Fycvo3ZDT7Y7GzrhZoOWC
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:24:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Fri, 03 Feb 2023 07:24:44 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=yO6MkpzrisnTvI7Iz-3Fycvo3ZDT7Y7GzrhZoOWC
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D2AA
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6549275271843202221&gdpr=0&gdpr_consent=

42 B
298 B

115ms
19ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6549275271843202221&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:24:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: f4dece68-5418-437c-98a2-5ad6e6568698
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Fri, 03 Feb 2023 07:24:44 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6549275271843202221&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 37.58.58.246; 37.58.58.246; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A9EB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_vKaa_qMQ0mDglrw8l9hwg%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

10ms
9ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:44 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=20313
accept-ranges: bytes
content-length: 5554
expires: Fri, 03 Feb 2023 13:03:17 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame A9EB
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=FEF29A6B-FA8C-4349-8382-5AF0F25F61C2&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0
https://c1.adform.net/serving/cookie/match?CC=1&party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0
https://pixel.onaudience.com/?partner=68&icm&cver&mapped=4602859593002027005&gdpr=0
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
264 B

38ms
38ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 03 Feb 2023 07:24:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame A9EB
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=FEF29A6B-FA8C-4349-8382-5AF0F25F61C2&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=FEF29A6B-FA8C-4349-8382-5AF0F25F61C2&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=FEF29A6B-FA8C-4349-8382-5AF0F25F61C2&addseg=19,36,42

0
0

134ms
20ms

Image
application/json

185.64.190.87
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=FEF29A6B-FA8C-4349-8382-5AF0F25F61C2&addseg=19,36,42
Protocol: H2
Server: 185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

date: Fri, 03 Feb 2023 07:24:44 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=FEF29A6B-FA8C-4349-8382-5AF0F25F61C2&addseg=19,36,42
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A9EB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkVGMjlBNkItRkE4Qy00MzQ5LTgzODItNUFGMEYyNUY2MUMy&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

75ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:24:44 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A9EB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHKr_Qf41-_uTJxTii5GHKE&google_cver=1

42 B
299 B

91ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHKr_Qf41-_uTJxTii5GHKE&google_cver=1
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:24:43 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHKr_Qf41-_uTJxTii5GHKE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame A9EB 43 B
612 B 69ms
16ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 02 Feb 2023 07:24:44 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A9EB
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=575737165844104639

42 B
218 B

20ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=575737165844104639
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 03 Feb 2023 07:24:44 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=575737165844104639
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A9EB 70 B
264 B 42ms
40ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 03 Feb 2023 07:24:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 63B1
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9Z-6H3GfTUao1p0MEtDyFw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9Z-6H3GfTUao1p0MEtDyFw

43 B
479 B

113ms
113ms

Image
image/gif

52.46.128.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9Z-6H3GfTUao1p0MEtDyFw

Protocol

HTTP/1.1

Server

52.46.128.147 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:45 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GPVEAGX9976YA48ED7GH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9Z-6H3GfTUao1p0MEtDyFw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 63B1
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDO7B381-1Q-AQVA&us_privacy=1---

0
142 B

113ms
104ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDO7B381-1Q-AQVA&us_privacy=1---
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:43 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 0028C2DCE8234CD08226AA74FB01E74A Ref B: DUS30EDGE0919 Ref C: 2023-02-03T07:24:44Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzxpNanflJA0VsrgDGeg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDO7B381-1Q-AQVA&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 63B1
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/P-0lOPpu0Luw2LA5j0a4I8n5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cw0lbPJE2oLyI14zf9ze54B_D4z4IlcBntVTSw--~A

0
239 B

9ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cw0lbPJE2oLyI14zf9ze54B_D4z4IlcBntVTSw--~A
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 03 Feb 2023 07:24:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cw0lbPJE2oLyI14zf9ze54B_D4z4IlcBntVTSw--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 63B1
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=45LRGLlARRiRlU9wpQn0Rg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=45LRGLlARRiRlU9wpQn0Rg

43 B
479 B

38ms
37ms

Image
image/gif

67.220.224.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=45LRGLlARRiRlU9wpQn0Rg

Protocol

HTTP/1.1

Server

67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Feb 2023 07:24:45 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T34SHQFT4EANJM214FSR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=45LRGLlARRiRlU9wpQn0Rg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63B1
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDRjZTA0YTg3ODdhOTE1NGYzOGNhYzliN2MxZjkxMDQ1YjRjZDQ0MA&us_privacy=1---

170 B
188 B

31ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDRjZTA0YTg3ODdhOTE1NGYzOGNhYzliN2MxZjkxMDQ1YjRjZDQ0MA&us_privacy=1---

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDRjZTA0YTg3ODdhOTE1NGYzOGNhYzliN2MxZjkxMDQ1YjRjZDQ0MA&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63B1
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPN0IzODEtMVEtQVFWQQ==&us_privacy=1---

170 B
188 B

32ms
26ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPN0IzODEtMVEtQVFWQQ==&us_privacy=1---

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERPN0IzODEtMVEtQVFWQQ==&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 63B1 70 B
264 B 37ms
35ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 03 Feb 2023 07:24:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 63B1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG1KjslLwQAIqgz_eiLo220&google_cver=1

0
239 B

56ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG1KjslLwQAIqgz_eiLo220&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG1KjslLwQAIqgz_eiLo220&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 metrichpe_701_normal.ttf
s0.2mdn.net/sadbundle/2778779413489437490/fonts/ Frame 0587 60 KB
26 KB 31ms
31ms Font
font/ttf 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2778779413489437490/fonts/metrichpe_701_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2778779413489437490/7699e54fbe06de7a20266585434cad36.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e88f4c0915dc02c509e93e39a70d9cd6ac80e9adb85fc1184f73f39d577ec533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 05:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26441
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:18:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 05:15:22 GMT

GET
H3 200 bf92c8be83eeb2dbf186eb1436ebcb5e.svg
s0.2mdn.net/sadbundle/2778779413489437490/media/ Frame 0587 4 KB
2 KB 30ms
29ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2778779413489437490/media/bf92c8be83eeb2dbf186eb1436ebcb5e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2778779413489437490/7699e54fbe06de7a20266585434cad36.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6648009549b81e81582f3fb8345dd6305ee4a232fd4eac4fd803a78cb69b0c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180936
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1630
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:18:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:09:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0587 672 B
769 B 81ms
24ms Stylesheet
text/css 2a00:1450:4001:830::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:700

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2778779413489437490/7699e54fbe06de7a20266585434cad36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

54c7f9dacbd3be07256357be812bd7edf74ac6938ab155493b599a39136e81d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Feb 2023 07:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 06:30:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Feb 2023 07:24:45 GMT

GET
H3 200 e6540f8a1d17e17b354a56806899312e.jpg
s0.2mdn.net/sadbundle/2778779413489437490/media/ Frame 0587 4 KB
4 KB 30ms
29ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2778779413489437490/media/e6540f8a1d17e17b354a56806899312e.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

334e533282141e65e6b9d0850507edf34c5abdc68678587c648a1e6f46f5a791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:09:08 GMT
x-content-type-options: nosniff
age: 180936
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4160
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:18:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:09:08 GMT

GET
H3 200 0cbee69cd23d23b60189882f6c05c6b7.jpg
s0.2mdn.net/sadbundle/2778779413489437490/media/ Frame 0587 2 KB
2 KB 36ms
35ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2778779413489437490/media/0cbee69cd23d23b60189882f6c05c6b7.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693204f603180e40f6b819dddbc2c21395cfe03c08dff631d46888df03596f86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:02:16 GMT
x-content-type-options: nosniff
age: 4948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1601
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:18:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 03 Feb 2024 06:02:16 GMT

GET
H3 200 5a873e7c3c6999c19486f0b2a69773d5.jpg
s0.2mdn.net/sadbundle/2778779413489437490/media/ Frame 0587 7 KB
7 KB 30ms
30ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2778779413489437490/media/5a873e7c3c6999c19486f0b2a69773d5.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c359544b42a6acb9adfacfe34496356624ecbab6bcde301363ee386da5ddddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:09:12 GMT
x-content-type-options: nosniff
age: 180932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6822
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:18:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:09:12 GMT

GET
H3 200 409f667579a3c0ab7819a840cd41bc58.svg
s0.2mdn.net/sadbundle/2778779413489437490/media/ Frame 0587 258 B
261 B 35ms
34ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2778779413489437490/media/409f667579a3c0ab7819a840cd41bc58.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

308e9d764fa59dc2cd4f72128c8e247cebb14c630491107f2539af6066183691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 05:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 223
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:18:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 05:15:22 GMT

GET
H3 200 metrichpe_701_normal.ttf
s0.2mdn.net/sadbundle/1894223847900607345/fonts/ Frame C677 60 KB
26 KB 30ms
30ms Font
font/ttf 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1894223847900607345/fonts/metrichpe_701_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1894223847900607345/b182a832b34196e08efcebd71ce89df2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e88f4c0915dc02c509e93e39a70d9cd6ac80e9adb85fc1184f73f39d577ec533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180935
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26441
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:16:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:09:09 GMT

GET
H3 200 bf92c8be83eeb2dbf186eb1436ebcb5e.svg
s0.2mdn.net/sadbundle/1894223847900607345/media/ Frame C677 4 KB
2 KB 32ms
31ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1894223847900607345/media/bf92c8be83eeb2dbf186eb1436ebcb5e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1894223847900607345/b182a832b34196e08efcebd71ce89df2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6648009549b81e81582f3fb8345dd6305ee4a232fd4eac4fd803a78cb69b0c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1630
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:16:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:09:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C677 672 B
433 B 46ms
24ms Stylesheet
text/css 2a00:1450:4001:830::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:700

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1894223847900607345/b182a832b34196e08efcebd71ce89df2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

54c7f9dacbd3be07256357be812bd7edf74ac6938ab155493b599a39136e81d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Feb 2023 07:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 06:19:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Feb 2023 07:24:45 GMT

GET
H3 200 e750916f231cd1e228c30861601aa971.jpg
s0.2mdn.net/sadbundle/1894223847900607345/media/ Frame C677 6 KB
6 KB 33ms
31ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1894223847900607345/media/e750916f231cd1e228c30861601aa971.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd02a589f937051a0197681a0c494abddc8fb3c56aa3ded47621e67b6622303e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 06:33:12 GMT
x-content-type-options: nosniff
age: 89492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5795
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:16:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 06:33:12 GMT

GET
H3 200 9cf2161f440290c00b282cf96a6892c6.jpg
s0.2mdn.net/sadbundle/1894223847900607345/media/ Frame C677 2 KB
2 KB 34ms
33ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1894223847900607345/media/9cf2161f440290c00b282cf96a6892c6.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03d14efcc603e270537b378f9a2d84e85d56628decbdf233da63c8b769d7bec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:09:09 GMT
x-content-type-options: nosniff
age: 180935
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2198
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:16:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:09:09 GMT

GET
H3 200 c96db5915a7dadee43a6e029e47e2d3a.png
s0.2mdn.net/sadbundle/1894223847900607345/media/ Frame C677 14 KB
14 KB 32ms
31ms Image
image/png 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1894223847900607345/media/c96db5915a7dadee43a6e029e47e2d3a.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b918eee847f716ca2e0f78a6106954e16a22491d9a6445d7d7b25a63294d7b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:09:09 GMT
x-content-type-options: nosniff
age: 180935
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14798
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:16:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:09:09 GMT

GET
H3 200 409f667579a3c0ab7819a840cd41bc58.svg
s0.2mdn.net/sadbundle/1894223847900607345/media/ Frame C677 258 B
262 B 34ms
33ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1894223847900607345/media/409f667579a3c0ab7819a840cd41bc58.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

308e9d764fa59dc2cd4f72128c8e247cebb14c630491107f2539af6066183691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180934
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 223
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:16:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:09:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 10ms
9ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi3M%3BI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-6%2BU9GJ%2BZ4ONI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-pUX1JxNzs6uFgA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=12736&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=12736&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1675409077743&de=587659762582&rx=362958122213&cu=1675409077743&m=8415&ar=8bb996ed3e7-clean&iw=7d4f773&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1489%3A1489%3A5022%3A1846&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5014&cd=0&ah=5014&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=201889&na=653020276&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Feb 2023 07:24:46 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 03 Feb 2023 07:24:46 GMT

GET
H3 200 metrichpe_701_normal.ttf
s0.2mdn.net/sadbundle/10641642855527383447/fonts/ Frame C135 60 KB
26 KB 30ms
30ms Font
font/ttf 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10641642855527383447/fonts/metrichpe_701_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10641642855527383447/7699e54fbe06de7a20266585434cad36.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e88f4c0915dc02c509e93e39a70d9cd6ac80e9adb85fc1184f73f39d577ec533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 07:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26441
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:17:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 07:00:57 GMT

GET
H3 200 bf92c8be83eeb2dbf186eb1436ebcb5e.svg
s0.2mdn.net/sadbundle/10641642855527383447/media/ Frame C135 4 KB
2 KB 33ms
32ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10641642855527383447/media/bf92c8be83eeb2dbf186eb1436ebcb5e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10641642855527383447/7699e54fbe06de7a20266585434cad36.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6648009549b81e81582f3fb8345dd6305ee4a232fd4eac4fd803a78cb69b0c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 10:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1630
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:17:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Jan 2024 10:38:31 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C135 672 B
456 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:830::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:700

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10641642855527383447/7699e54fbe06de7a20266585434cad36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

54c7f9dacbd3be07256357be812bd7edf74ac6938ab155493b599a39136e81d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Feb 2023 07:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 06:10:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Feb 2023 07:24:46 GMT

GET
H3 200 5a7f8bf311d911e5222b8911c1b494a1.jpg
s0.2mdn.net/sadbundle/10641642855527383447/media/ Frame C135 6 KB
6 KB 31ms
30ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10641642855527383447/media/5a7f8bf311d911e5222b8911c1b494a1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bed9e882e298b832459e512ea18ea9659b5a95876bcbf64c2fc8ca0c5167be36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 06:05:48 GMT
x-content-type-options: nosniff
age: 177538
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5753
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:17:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 06:05:48 GMT

GET
H3 200 883c87ce5cb7adcefd4017335f3883a9.jpg
s0.2mdn.net/sadbundle/10641642855527383447/media/ Frame C135 2 KB
2 KB 30ms
29ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10641642855527383447/media/883c87ce5cb7adcefd4017335f3883a9.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0ba10b2289eb0fd569bfb465002cb6fc14d12211b311b83639d9d0eebe182e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 05:38:14 GMT
x-content-type-options: nosniff
age: 92792
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1868
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:17:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Feb 2024 05:38:14 GMT

GET
H3 200 4b0fad683940c1292144cd38decc2350.jpg
s0.2mdn.net/sadbundle/10641642855527383447/media/ Frame C135 7 KB
8 KB 31ms
30ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10641642855527383447/media/4b0fad683940c1292144cd38decc2350.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52146669b90007dc18a5b27df79c7ad8bdf4fb1eda12207c392c0268da21ad9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 13:12:01 GMT
x-content-type-options: nosniff
age: 497565
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7676
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:17:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Jan 2024 13:12:01 GMT

GET
H3 200 409f667579a3c0ab7819a840cd41bc58.svg
s0.2mdn.net/sadbundle/10641642855527383447/media/ Frame C135 258 B
262 B 31ms
30ms Image
image/svg+xml 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10641642855527383447/media/409f667579a3c0ab7819a840cd41bc58.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

308e9d764fa59dc2cd4f72128c8e247cebb14c630491107f2539af6066183691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10641642855527383447/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 07:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 223
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:17:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 07:00:57 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame A9EB 0
260 B 133ms
15ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=159879&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:24:45 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 102ms
102ms Image
image/gif 52.5.29.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.129&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=15&tvcfg=all&f_privb=0&tid=1b5ad7d7-d144-4759-a523-b7fca536055f&pid=09e89717-98cc-4821-b878-f60ce3e6a5a0&dtm=1675409088526&qnm=_matherq&visible=1&tabid=b25eb7f4-8466-42dc-92ba-fcf7665b5dc4&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x12736&tofa=1675409079&vid=1&lvidt=1675409079&duid=7fc2f3ceea2c664a&fp=3376026746&cid=ma63527&mrk=484602605&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY3NTQwOTA3NjAxNSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMG1iIiwiZnN0UGFpbnQiOiIxNDg5IiwiZmV0Y2hTIjoiMTAzNCIsImRvbWFpblMiOiIxMDM0IiwiZG9tYWluRSI6IjExODciLCJjb25uUyI6IjExODciLCJjb25uRSI6IjEyMTIiLCJzc2xTIjoiMTE5NCIsInJlcXVTIjoiMTIxMiIsInJlc3BTIjoiMTMzNyIsInJlc3BFIjoiMTgwMyIsImRvbUxvYWQiOiIxMzQwIiwiZG9tSW50ZXIiOiIxODQ1IiwiZG9tTG9hZFMiOiIxOTEwIiwiZG9tTG9hZEUiOiIyMDY4IiwiZG9tQ21wbHQiOiI1MDEwIiwibG9hZFMiOiI1MDE5IiwibG9hZEUiOiI1MDIyIn19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.29.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-29-188.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Fri, 03 Feb 2023 07:24:48 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 0cbee69cd23d23b60189882f6c05c6b7.jpg
s0.2mdn.net/sadbundle/2778779413489437490/media/ Frame 0587 2 KB
2 KB 30ms
30ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2778779413489437490/media/0cbee69cd23d23b60189882f6c05c6b7.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693204f603180e40f6b819dddbc2c21395cfe03c08dff631d46888df03596f86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:02:16 GMT
x-content-type-options: nosniff
age: 4952
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1601
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:18:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 03 Feb 2024 06:02:16 GMT

GET
H3 200 5a873e7c3c6999c19486f0b2a69773d5.jpg
s0.2mdn.net/sadbundle/2778779413489437490/media/ Frame 0587 7 KB
7 KB 31ms
30ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2778779413489437490/media/5a873e7c3c6999c19486f0b2a69773d5.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c359544b42a6acb9adfacfe34496356624ecbab6bcde301363ee386da5ddddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2778779413489437490/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:09:12 GMT
x-content-type-options: nosniff
age: 180936
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6822
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:18:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:09:12 GMT

GET
H3 200 9cf2161f440290c00b282cf96a6892c6.jpg
s0.2mdn.net/sadbundle/1894223847900607345/media/ Frame C677 2 KB
2 KB 30ms
30ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1894223847900607345/media/9cf2161f440290c00b282cf96a6892c6.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03d14efcc603e270537b378f9a2d84e85d56628decbdf233da63c8b769d7bec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:09:09 GMT
x-content-type-options: nosniff
age: 180939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2198
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:16:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:09:09 GMT

GET
H3 200 c96db5915a7dadee43a6e029e47e2d3a.png
s0.2mdn.net/sadbundle/1894223847900607345/media/ Frame C677 14 KB
14 KB 31ms
30ms Image
image/png 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1894223847900607345/media/c96db5915a7dadee43a6e029e47e2d3a.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b918eee847f716ca2e0f78a6106954e16a22491d9a6445d7d7b25a63294d7b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1894223847900607345/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:09:09 GMT
x-content-type-options: nosniff
age: 180939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14798
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:16:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Feb 2024 05:09:09 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded

Verdicts & Comments Add Verdict or Comment

628 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

128 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
h312.mlive.com/DG/DEFAULT	1970-01-20 18:59:29	Name: BCSessionID Value: ba8bf210-e9c7-4d10-a5e1-d54def2454df
advancelocal.blueconic.net/DG/DEFAULT	1970-01-20 18:09:05	Name: BCSessionID Value: ba8bf210-e9c7-4d10-a5e1-d54def2454df
update-accountcomcast.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ba6c3da7910a27290d73fb0aad986fc1
.mlive.com/	1970-01-20 09:23:30	Name: sophiTagses.073a Value: *
.mlive.com/	1970-01-20 18:59:29	Name: sophiTagid.073a Value: 5a19192b-88b8-4e88-af25-8ca099583365.1675409078.1.1675409078.1675409078.c42834ef-9eb3-46cb-8783-52bdf8bfed8c
.mlive.com/	1970-01-20 18:59:29	Name: _sp_duid Value: 5a19192b-88b8-4e88-af25-8ca099583365
.mlive.com/	1970-01-20 11:33:05	Name: _gcl_au Value: 1.1.1176394596.1675409078
www.mlive.com/	1970-01-20 18:09:05	Name: last_visit_bc Value: 1675409077740
www.mlive.com/	1970-01-20 09:24:55	Name: _lr_geo_location_state Value:
www.mlive.com/	1970-01-20 09:24:55	Name: _lr_geo_location Value: DE
.mlive.com/	1970-01-20 10:06:41	Name: utag_vnum Value: 1678001078122&vn=1
.mlive.com/	1970-01-20 09:23:30	Name: utag_invisit Value: true
.mlive.com/	1970-01-20 09:23:30	Name: utag_dslv_s Value: Less than 1 day
.mlive.com/	1970-01-20 18:09:05	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Feb+03+2023+07%3A24%3A38+GMT%2B0000+(GMT)&version=202210.1.0&hosts=&consentId=0145dab5-18c7-49c8-939c-d2d379370480&interactionCount=0&landingPath=https%3A%2F%2Fwww.mlive.com%2F&groups=1912%3A1%2CC0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
www.mlive.com/	1970-01-20 18:09:05	Name: usprivacy Value: 1---
.mlive.com/	1970-01-20 09:23:29	Name: lotame_domain_check Value: mlive.com
www.mlive.com/	1970-01-20 10:06:41	Name: _pbjs_userid_consent_data Value: 3524755945110770
.mlive.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .mlive.com
.mlive.com/	1970-01-20 18:59:29	Name: _lc2_fpi Value: 94c49eadf2ac--01grb2ke2tbkj8mtkkys5e6np7
.mlive.com/	1970-01-20 10:06:41	Name: pbjs_pubcommonID Value: bdd7d7c0-4f72-4afb-8a33-15bbcf8d4a7e
www.mlive.com/	1970-01-20 18:09:05	Name: ntv_as_us_privacy Value: 1---
.mlive.com/	1970-01-20 15:52:17	Name: _cc_id Value: 24f9519f3039eac0ea524eea39d6ee4b
.linkedin.com/	1970-01-20 10:06:41	Name: UserMatchHistory Value: AQLdIjlfmhyRQAAAAYYWKbi9PS7-dVwRMOCbNNVftLBXri1xxVltpQ3bZYiaAFEMPU-vYP4ifPEw7Q
.linkedin.com/	1970-01-20 10:06:41	Name: AnalyticsSyncHistory Value: AQIEXqozajM91wAAAYYWKbi92lGLSluTkdXJpjoNGKRyz8ktzc3S5vFM4Drx3isPiDp_bZLApp1LupExBFRR2w
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:09:05	Name: bcookie Value: "v=2&9032651c-0be5-4e6f-894a-bd96c9325737"
.linkedin.com/	1970-01-20 09:24:55	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2822:u=1:x=1:i=1675409078:t=1675495478:v=2:sig=AQFujkYDUwsq8gD6vRHrSDDF4IduYJ8Z"
.mlive.com/	1970-01-20 09:23:30	Name: _ml_ses Value: *
www.mlive.com/	1970-01-20 09:24:55	Name: ln_or Value: eyIzMjUyMzc4IjoiZCJ9
.twitter.com/	1970-01-20 18:59:29	Name: guest_id_marketing Value: v1%3A167540907847108351
.twitter.com/	1970-01-20 18:59:29	Name: guest_id_ads Value: v1%3A167540907847108351
.twitter.com/	1970-01-20 18:59:29	Name: personalization_id Value: "v1_EL7FCfnYic+j8zUe+I37RA=="
.twitter.com/	1970-01-20 18:59:29	Name: guest_id Value: v1%3A167540907847108351
.t.co/	1970-01-20 18:59:29	Name: muc_ads Value: 0869ac63-a757-4cff-ac8a-e816c5f8dd90
www.mlive.com/	1970-01-20 09:33:33	Name: authsource_origin Value: false
.mlive.com/	1970-01-20 09:23:30	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.mlive.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1675409078609%2C%22slts%22:0}
.postrelease.com/	1970-01-20 18:09:05	Name: opt_out Value: 1
.mlive.com/	1970-01-20 18:52:53	Name: _parsely_visitor Value: {%22id%22:%22pid=10479e29fc2b2985d5982e867e9d9882%22%2C%22session_count%22:1%2C%22last_session_ts%22:1675409078609}
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:09:05	Name: bscookie Value: "v=1&202302030724381875f476-d12d-48cf-833c-19fb9fb087beAQFlNBSlOBdLE2L-jsiuLBvXWHrD0FgH"
.linkedin.com/	1970-01-20 13:42:41	Name: li_gc Value: MTswOzE2NzU0MDkwNzg7MjswMjFVzDRTjW9zmD73V4mqx3kT90+kjPmaifJLI3J6iloGxQ==
.mlive.com/	1970-01-20 09:23:32	Name: AMP_TOKEN Value: %24NOT_FOUND
.mlive.com/	1970-01-20 18:59:29	Name: _ga Value: GA1.2.1787032869.1675409078
.mlive.com/	1970-01-20 09:24:55	Name: _gid Value: GA1.2.576198689.1675409079
.mlive.com/	1970-01-20 09:23:29	Name: _gat_UA-16643585-16 Value: 1
.mlive.com/	1970-01-20 18:59:29	Name: _awl Value: 2.1675409078.5-3ae6ca598ca877332abd55a5055c47e7-6763652d6575726f70652d7765737431-0
.liadm.com/	1970-01-20 18:59:29	Name: lidid Value: 8f956286-1e3a-4607-abb5-aebc08f09993
www.mlive.com/	1969-12-31 23:59:59	Name: ntvSession Value: {"id":2221714,"placementID":773533,"lastInteraction":1675409078711,"sessionStart":1675409078711,"sessionEndDate":1675468800000,"experiment":""}
.mlive.com/	1970-01-20 18:45:05	Name: __gads Value: ID=69fecab004aef02a:T=1675409078:S=ALNI_MbghLl4WKjuTedm0jDuNPoXKd4e1Q
.mlive.com/	1970-01-20 18:45:05	Name: __gpi Value: UID=00000bae4617300d:T=1675409078:RT=1675409078:S=ALNI_MZwHY3kiBdkldQV65DG1vl4BJynNQ
.postrelease.com/	1970-01-20 18:09:05	Name: visitor Value: ""
.postrelease.com/	1970-01-20 18:09:05	Name: status Value: 0
.postrelease.com/	1970-01-20 18:09:05	Name: ver Value: 1
.doubleclick.net/	1970-01-20 18:45:05	Name: IDE Value: AHWqTUkncLinSITNWUz6wp9B14eJPAx2jcJfe6SalnzmQJXqHlyd19EfAzlR0Cn9-B8
www.mlive.com/	1969-12-31 23:59:59	Name: BCSessionID Value: ba8bf210-e9c7-4d10-a5e1-d54def2454df
.mlive.com/	1969-12-31 23:59:59	Name: utag_vs Value: 3
.mlive.com/	1970-01-20 18:59:29	Name: utag_dslv Value: 1675409079384
.mlive.com/	1970-01-20 18:59:29	Name: _ga_GG8B674XK4 Value: GS1.1.1675409078.1.0.1675409079.0.0.0
.rubiconproject.com/	1970-01-20 18:09:05	Name: khaos Value: LDO7B381-1Q-AQVA
.rubiconproject.com/	1970-01-20 18:09:05	Name: audit Value: 1\|naVuGyos1qqgg9mWaMYo8bJGe4Ni1ThWK2euPP2lVg2b55ZO9yeic+W/9Bn23eL+dMjVyH5gNUsiPnBiMlBpvz/8MtLNt/YeX33aSv+dBZc=
advancelocal.blueconic.net/	1970-01-20 09:33:33	Name: AWSALBCORS Value: AyjqsDIIEUe63RDuxPhkf0r856/8hhPQ3OeSDfubqzVniICad34dwsS4K8eJ93CWfG7lJDc7LswrUJ5Uvm9filxCRH2vqoxpJzK8Cjnh4He891LwKUDnFASIS+ZT
.mlive.com/	1970-01-20 11:33:05	Name: _fbp Value: fb.1.1675409079550.1910010827
.mlive.com/	1970-01-20 09:23:32	Name: __li_idex_cache Value: %7B%7D
.openx.net/	1970-01-20 18:09:05	Name: i Value: 831f3dec-28ad-4d7c-9268-746867a6bfaf\|1675409079
.doubleclick.net/	1970-01-20 09:23:32	Name: DSID Value: NO_DATA
.mlive.com/	1970-01-20 18:52:17	Name: _pcid Value: %7B%22browserId%22%3A%22ldo7b2adzdolis8g%22%7D
.piano.io/	1970-01-20 09:23:30	Name: __cf_bm Value: hh.UnDpYWYC5p_gC6cH3ettlGHQVyCWBzgy2YB1VjZ8-1675409080-0-Afpgavvg2Fs9A9m5F+Peh3sb5SytUOeQUK3bMt8Ne7IqYVsdME5zH2d9Aoj0RyeXes95ZOO6Bgte1laSD3nINNE=
.mlive.com/	1970-01-20 18:59:29	Name: __tbc Value: %7Bkpex%7DAW0WUCy_ukSiRCgBhqTiNSFHU-N62wFqxjdlayIRikeeHqX2PJilglda91ubTy3t
.mlive.com/	1970-01-20 10:06:41	Name: __pat Value: -18000000
.mlive.com/	1970-01-20 09:24:55	Name: __pvi Value: eyJpZCI6InYtMjAyMy0wMi0wMy0wNy0yNC0zOC0xMDktWjlDc0EwY2ZhdEEzd0U5Wi0yODg1MzZiOTVjN2I3YjM3MmVjYmJkYTNjYjRlMDVjZSIsImRvbWFpbiI6Ii5tbGl2ZS5jb20iLCJ0aW1lIjoxNjc1NDA5MDgwMDU2fQ%3D%3D
.mlive.com/	1970-01-20 18:52:17	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXQF8g
.mlive.com/	1970-01-20 18:59:29	Name: xbc Value: %7Bkpex%7DUN-xuzDOX_72rV5l2epPmVHe3eGHTh_0a_dnWF75V54x-zPcBgm1AdANVf6gmYpGj1Oh1Nl6kRvozwdDs3NM3-tDGbd7vYFuaBkBhC0rC-tccXnzaamO_TC5ACcmvcxq03eRRf7KpgFgQZFyHF_M-Nh3WsiThyYf_PIHXbPbgzkPLsouLBeChC08dRLI3AZyIXyL8ZRxvYsFla-geCkD4SYBXOtp5zO2inqveu8NnIJ03cjeuTU75JGMOa3uMmDAr9f3hpt5XH4hDMVgPBQEJRsvspxVioDKxP54wE8tuAfwD-DDyZdIBbFciUYWlV7EtM39YqV7NgiJXfQjxNT4lKnZsaHFsnpU7EhWX4v534FAsDV0489lK2A4l7d8sYDd8n3eIIv-nbr64Uo3zoYPqv52nkfz4oCmK1NOLt0ThrlvizqogkEoU-boiQsFmjw_B95rv4p4xu2BfbscGmXJC5trqNLcHnaEXj046W63eIS_kjA8T8ecHF4LCC2GuQAxdeInx8mED1vMrcjkelGH9EODYCaoX6624n2iqtzdFfohrPSj9ToX3eLA6XuKZY8NKjkxvTnLvRgxJz1U-s29DGAqi4Y0IrSes0h8ikHvsfVrz4xhWUgWSfgMGPUofqdcCVTJ3QYBtdb9Sw_MrLMDIWmW9FTco0PXrHNhOQAXQTcRznF9v5GCtM_P_6E0plQPTauIQkQ8QJ2WDLbfyhpgGDYYsutH-rg6OW69H4OjjK8GuReQ-3nC4jrZva8gfvJsCamkyBq15HFIeVnFyCZalPCU87rjZP68IOEGPZRAE3m7Ya4y2G9lw6f_LsNLA_K1g3sMmRfGRpsjmj2CEL7DlxD4wXC4s8IVmkkQIeqerIc0CraT6PfmehZVbeDX23vRe8BgWiIuW6VaJOqUUomEnA9MCdghLEcJRofzPFHP_Onx6d7arf4oGjFxxwLncne8AwIPt5FFMePWWVkx7j6_6Bcbq2hhSAy0Xitfpd33Ezk
.criteo.com/	1970-01-20 18:45:05	Name: uid Value: b99c75cb-99b3-4393-a083-5b3346f4de42
.mlive.com/	1970-01-20 18:59:29	Name: _ml_id Value: 7fc2f3ceea2c664a.1675409079.1.1675409080.1675409079
h312.mlive.com/	1970-01-20 09:33:33	Name: AWSALB Value: H6okcd3lwtXjrI+G136OBW/gbg6g+jjpYg8qtMppyxRUY9NKnBKkOgjDNDhOz98LCLf7RlrslbeJSVJ89+ye3115iWNz3hSBSP610bFxMZL41iyVIddi8l5/hHdQ
h312.mlive.com/	1970-01-20 09:33:33	Name: AWSALBCORS Value: H6okcd3lwtXjrI+G136OBW/gbg6g+jjpYg8qtMppyxRUY9NKnBKkOgjDNDhOz98LCLf7RlrslbeJSVJ89+ye3115iWNz3hSBSP610bFxMZL41iyVIddi8l5/hHdQ
.adnxs.com/	1970-01-20 11:33:05	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In2k%m?u!]tbPl1M>e)ZlrFUfJ+tGXxpK>V81eb9j)_Y2U9<FpdSy>QyUnYZQt!XF@GQ3If)y3KL9D3I?-!imiU<
.adnxs.com/	1970-01-20 11:33:05	Name: uuid2 Value: 6549275271843202221
.casalemedia.com/	1970-01-20 11:33:05	Name: CMPS Value: 1131
.casalemedia.com/	1970-01-20 18:09:05	Name: CMID Value: Y9y2uK31wN-kLTK5uIWuywAA
.casalemedia.com/	1970-01-20 11:33:05	Name: CMPRO Value: 1132
.mlive.com/	1970-01-20 18:45:05	Name: cto_bundle Value: 5Pj_El9KaWRNYnJMOFNNNk0zZkRvRVQxazVWUFlOSDE0RllpRSUyRndZZzlHWjY5blZ5dEJ3TzIzZWVBOFl2UG5ETVhiUWt1cFozemwwJTJCSVlwbEdjb3g5S1JwdGIlMkJxbUolMkZreSUyQmFwWEZLc3dyalRmcml2Yk5vZEw0ZXJIeDN5RiUyQm5HdHJNJTJGajhxaEE3dnFjaTl0cXMlMkZIJTJGZW9wTFElM0QlM0Q
.mathtag.com/	1970-01-20 18:49:24	Name: uuid Value: ee0763dc-b6b9-4e00-8f5a-1d2572650c6a
.mathtag.com/	1970-01-20 10:06:41	Name: mt_mop Value: 4:1675409081
.3lift.com/	1970-01-20 11:33:05	Name: tluid Value: 2078341713217198281758
.quantserve.com/	1970-01-20 18:53:43	Name: mc Value: 63dcb6b8-af910-8555a-0f70e
.blismedia.com/	1970-01-20 18:09:09	Name: b Value: 63DCB6B876021B2CE8F331A8BLIS
.pubmatic.com/	1970-01-20 18:09:05	Name: KADUSERCOOKIE Value: FEF29A6B-FA8C-4349-8382-5AF0F25F61C2
.yahoo.com/	1970-01-20 18:09:26	Name: A3 Value: d=AQABBLi23GMCEJss2fRs_UTESgGlrM_QhFUFEgEBAQEI3mPmYwAAAAAA_eMAAA&S=AQAAAruVKYuOr30hqa8c1H6ybAQ
.analytics.yahoo.com/	1970-01-20 18:09:05	Name: IDSYNC Value: 18yx~29s7
.1rx.io/	1970-01-20 18:09:05	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-ae17fd3c-e5a1-4ad5-ab5c-328f33640b27-003%22%7D
.de17a.com/	1970-01-20 18:01:53	Name: guid Value: 1.1209811998937673864
.id5-sync.com/	1970-01-20 09:23:29	Name: cf Value:
.id5-sync.com/	1970-01-20 09:23:29	Name: cip Value:
.id5-sync.com/	1970-01-20 09:23:29	Name: cnac Value:
.id5-sync.com/	1970-01-20 09:23:29	Name: car Value:
.id5-sync.com/	1970-01-20 09:23:29	Name: gdpr Value:
.id5-sync.com/	1970-01-20 09:23:29	Name: callback Value:
.tribalfusion.com/	1970-01-20 11:33:05	Name: ANON_ID Value: agnseFSkTsfAutomjp98KEdbYYU3ViMUlunTZaZdgSgZaOwMHQ6Pa2DcSIYosL41whDVZasnQqMYUZdQpF8nLCsYO
.targeting.unrulymedia.com/	1970-01-20 18:09:05	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-ae17fd3c-e5a1-4ad5-ab5c-328f33640b27-003%22%7D
www.mlive.com/	1970-01-20 09:24:55	Name: _lr_sampling_rate Value: 100
www.mlive.com/	1970-01-20 09:24:55	Name: pbjs_li_nonid Value: %7B%7D
www.mlive.com/	1970-01-20 09:23:32	Name: _lr_retry_request Value: true
www.mlive.com/	1970-01-20 10:06:41	Name: _lr_env_src_ats Value: false
.ads.pubmatic.com/	1970-01-20 09:24:55	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 11:33:05	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 09:24:55	Name: pi Value: 159879:3
.pubmatic.com/	1970-01-20 11:33:05	Name: DPSync3 Value: 1676592000%3A221_201_197_219
.pubmatic.com/	1970-01-20 11:33:05	Name: SyncRTB3 Value: 1676592000%3A54_161_220_21_13_56_7_8_3%7C1676678400%3A35
.quantserve.com/	1970-01-20 11:33:05	Name: d Value: EOoBDgGaKIEO-TA
.simpli.fi/	1970-01-20 18:10:31	Name: suid Value: D8546B47EE254614B512FEF50C9F00C2
.fiftyt.com/	1970-01-20 18:09:05	Name: fifid Value: ae51eb5e-4ece-4a89-7aba-a85c8a3893e2
.fiftyt.com/	1970-01-20 18:09:05	Name: cs Value: MTY3NTQwOTA4NHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fNaEArNWnXnoPBZjPt4DYacciFS5aj7UO_Zx347qhNYh
.onaudience.com/	1970-01-20 18:09:05	Name: cookie Value: 6afa0bef7ba313fb
.onaudience.com/	1970-01-20 09:24:55	Name: done_redirects68 Value: 1
.fiftyt.com/	1970-01-20 09:33:33	Name: fppm Value: 20230203072444
.adform.net/	1970-01-20 10:03:48	Name: C Value: 1
.pubmatic.com/	1970-01-20 10:06:41	Name: KRTBCOOKIE_336 Value: 5844-1209811998937673864
.pubmatic.com/	1970-01-20 11:33:05	Name: KRTBCOOKIE_153 Value: 1923-yO6MkpzrisnTvI7Iz-3Fycvo3ZDT7Y7GzrhZoOWC&KRTB&19420-yO6MkpzrisnTvI7Iz-3Fycvo3ZDT7Y7GzrhZoOWC&KRTB&22979-yO6MkpzrisnTvI7Iz-3Fycvo3ZDT7Y7GzrhZoOWC&KRTB&23403-yO6MkpzrisnTvI7Iz-3Fycvo3ZDT7Y7GzrhZoOWC
.pubmatic.com/	1970-01-20 11:33:05	Name: KRTBCOOKIE_80 Value: 22987-CAESEHKr_Qf41-_uTJxTii5GHKE&KRTB&16514-CAESEHKr_Qf41-_uTJxTii5GHKE&KRTB&23025-CAESEHKr_Qf41-_uTJxTii5GHKE&KRTB&23386-CAESEHKr_Qf41-_uTJxTii5GHKE
.pubmatic.com/	1970-01-20 11:33:05	Name: KRTBCOOKIE_27 Value: 16735-uid:ee0763dc-b6b9-4e00-8f5a-1d2572650c6a&KRTB&16736-uid:ee0763dc-b6b9-4e00-8f5a-1d2572650c6a&KRTB&23019-uid:ee0763dc-b6b9-4e00-8f5a-1d2572650c6a&KRTB&23114-uid:ee0763dc-b6b9-4e00-8f5a-1d2572650c6a
.pubmatic.com/	1970-01-20 11:33:05	Name: KRTBCOOKIE_57 Value: 22776-6549275271843202221&KRTB&23339-6549275271843202221
.pubmatic.com/	1970-01-20 10:06:41	Name: PugT Value: 1675409084
.adform.net/	1970-01-20 10:49:53	Name: uid Value: 4602859593002027005
.brand-display.com/	1970-01-20 18:59:29	Name: _knxq_ Value: 8297de84-3c2a-cc63-0366cbf0.1675409084.0.1675409084.1675409084
.pubmatic.com/	1970-01-20 10:06:41	Name: KRTBCOOKIE_391 Value: 22924-575737165844104639&KRTB&23263-575737165844104639
.onaudience.com/	1970-01-20 09:24:55	Name: done_redirects147 Value: 1
.amazon-adsystem.com/	1970-01-20 15:09:05	Name: ad-id Value: A47C-4OZj0H_hiw3ZBK2DZ8\|t

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pub.doubleverify.com/signals/pub.json?ctx=20823471&cmp=DV460143&signals=ids,bsc&url=https%3A%2F%2Fwww.mlive.com%2F Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=115 Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://www.mlive.com/ Message: Access to XMLHttpRequest at 'https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded' from origin 'https://www.mlive.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1a88573b21aea45a315a143156237aaf.safeframe.googlesyndication.com
684dd32a.akstat.io
a.teads.tv
a.tribalfusion.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
accounts.google.com
ads.pubmatic.com
ads.rubiconproject.com
adservice.google.com
adservice.google.de
advancelocal.blueconic.net
ampcid.google.com
ampcid.google.de
analytics.twitter.com
api.rlcdn.com
app.matheranalytics.com
apps.sophi.io
at.teads.tv
ats-wrapper.privacymanager.io
aud.pubmatic.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
c2.piano.io
cc.adingo.jp
cdn.ampproject.org
cdn.cookielaw.org
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.parsely.com
cdn.prod.uidapi.com
cdn.sophi.io
cdn.tinypass.com
check.analytics.rlcdn.com
choices.truste.com
cm.g.doubleclick.net
cms.quantserve.com
collector2.sophi.io
connect.facebook.net
contextual.media.net
d1z2jf7jlzjs58.cloudfront.net
d5p.de17a.com
dis.criteo.com
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ead.mlive.com
eb2.3lift.com
eus.rubiconproject.com
exchange.postrelease.com
experience.tinypass.com
fastlane.rubiconproject.com
fonts.googleapis.com
geo.privacymanager.io
geolocation.onetrust.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
h312.mlive.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idx.liadm.com
image2.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
jadserve.postrelease.com
js-sec.indexww.com
js.adsrvr.org
js.matheranalytics.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
micro.rubiconproject.com
mlive.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.media.net
privacy.crwdcntrl.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pub.doubleverify.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.go-mpulse.net
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
satisfycork.com
sb.scorecardresearch.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.adotmob.com
sync.inmobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.co
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
update-accountcomcast.com
ups.analytics.yahoo.com
visitor.fiftyt.com
vtrk.doubleverify.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.linkedin.com
www.mlive.com
z.moatads.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
104.109.78.125
104.111.217.42
104.18.36.94
104.244.42.133
104.244.42.3
104.96.150.92
107.178.250.234
124.146.215.49
13.107.42.14
13.227.222.181
13.32.27.23
13.32.27.74
13.32.27.90
13.32.28.197
141.94.171.212
142.250.186.162
143.204.215.111
143.204.215.35
146.75.120.157
162.19.138.116
162.19.138.117
172.217.16.130
172.64.154.237
178.250.0.163
178.250.2.146
18.185.2.131
185.183.112.155
185.29.132.241
185.64.189.110
185.64.189.112
185.64.189.115
185.64.190.80
185.64.190.87
185.80.39.216
185.89.210.122
185.89.211.84
198.47.127.20
2.18.232.7
2.19.35.65
20.127.253.7
20.96.11.128
2001:41d0:701:1000::96f
2001:4860:4802:34::36
213.155.156.184
213.19.147.45
23.35.236.201
23.35.237.151
23.35.237.64
2600:1901:0:328a::1
2600:1901:0:8344::
2600:1f18:730:b130:76f1:8db6:2c4f:d1ab
2600:9000:206f:6000:2:53b2:240:93a1
2600:9000:211e:7400:1b:5138:8a40:93a1
2600:9000:214f:c200:8:48e:53c0:93a1
2600:9000:2250:9400:a:e047:752:5701
2602:803:c003:200::21
2606:4700:10::ac43:266a
2606:4700::6810:2a41
2606:4700::6810:9440
2606:4700::6811:bab1
2606:4700::6812:18ad
2606:4700::6812:1b55
2606:4700::6812:a6e0
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:803::2004
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:812::200d
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::200e
2a00:1450:400d:802::2006
2a00:1450:400d:805::2001
2a00:1450:400d:806::2001
2a00:1450:400d:806::2002
2a00:1450:400d:80c::2002
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2002
2a00:1450:4025:401::9b
2a02:2638:1::13
2a02:2638::3
2a02:26f0:3500:16::215:14a0
2a02:26f0:480:f::213:7edb
2a02:26f0:6c00:1b8::11a6
2a02:26f0:6c00:1bb::11a6
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:600::485
2a05:d018:d29:3605:6b2a:5cae:833b:4670
3.126.56.137
3.221.54.232
34.102.146.192
34.107.148.139
34.111.151.213
34.120.133.55
34.120.135.53
34.193.23.165
34.199.56.222
34.240.232.49
34.251.191.149
34.96.105.8
34.98.64.218
35.186.253.211
35.186.255.72
35.201.96.126
35.204.158.49
37.157.5.141
51.89.9.251
52.196.206.50
52.205.53.251
52.222.139.72
52.223.1.76
52.223.40.198
52.46.128.147
52.5.29.188
54.155.18.159
54.159.56.141
54.166.174.230
54.216.26.107
63.34.113.170
63.35.129.113
65.9.58.150
65.9.61.60
65.9.66.61
65.9.66.97
67.220.224.150
69.173.144.165
76.223.111.18
92.123.38.97
95.100.74.20
99.86.3.236
99.86.4.32
0141a68f5a24a71e9f70c3ac2f18c695fd4a1f4cb4f89e52b4c05ae017f21709
03d14efcc603e270537b378f9a2d84e85d56628decbdf233da63c8b769d7bec8
04848ac69d62f12534cea2cb8d24d9396e349ec772e8674504f3f5147b54d3d6
059696c0e05c3746f223b3a43b663247386c482aa8abc960a1842f60bc81c751
060c83fa391a4cd9379f12a8745c43c2e26e600cf6150d5274dba8fa459c7fec
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d78d9e69d13394e16b72734bc2a24c051056988bfcf4cb8766cbd99ccfebbc
0761fe5fd79b175cc226845e762ec424e49e8b3ed382990469fdec9069976b95
07aef9a8a0f9f6aea421fdb533f1ea4baa0ce734e9d07aeaf68fd78e53ec5f05
087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d
096a0419a3787b284e7105edeebc7cf4915cb9549f3b433258f65483acc24510
09b2516d38079efd9279ebc18a4e5521ed7998873d16bab62ad2f48643ef72e4
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0a2af1afc12432dbfbb859768af1771b4e8b6bf5e2e4c9b49097ab935d707fcc
0a6aa8f8c7167850a5676e99ecc3ba5ccb626c439c2005fc225dbc3e9e6a4dff
0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb54d717149189d1547a246d2c709a8973f9b54140bb01a15d2947e78ed6cee
0c359544b42a6acb9adfacfe34496356624ecbab6bcde301363ee386da5ddddb
0c7782feab045c1308fb404edbea86e0ee189938c1ee716b7f8434a7a95ecc98
0d6ed9f1d82f2894a09ee48832c0ac2438497370b452346af2d65af9797dfa2e
10deffcb4d74836b58c8b08ce8fc28fb82ab89d81382f8447b107504b91be19e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14e4901ee2e5c2b93c887cca0a2e3f188379d5ce25edca56836564e10014db76
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02
1c369edd0edf99fe0eafe474183e140e6e2e442be5ddc215fb2a5d6c39f15935
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1de5d68ec5fefa288d30484466e3f802523811b7ec911218e4409251f8323ac4
1e4a0c9ccc2c4293ddf3ea49d31e69611231cc57c8a2f7ed43c7797bdf206545
208deb0b039ea19051704b97bb208fab09cb847e390ba5485594befe689f2b5e
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
24681837991acb13c2a49f2e15693132fbb7d72eb8da8786fe60041c6edc3286
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
299d5a51005452e61a87b85593d7c4204deb8c21193fb8a3f64022728071b841
2a7483adcc47b092bcb5a8c059104d47952cd4f8fd3833bde427edeff295e38f
2ba662897ea9451a2846427af6ca26e9ccd480c4d7a9c5b4306df875af658822
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
2ce565553de9f3f25124a4b2ece8a24438db23680f26e83c9cdc5ade11cfe886
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2dedf31b6dd9171d51650f101c4f6e87d5010dd25f8da37567a558d2be0b8c23
2e369bb818d86c70e2e093d8d9dac787e12efc0c696681a416607e2760eaa48b
308e9d764fa59dc2cd4f72128c8e247cebb14c630491107f2539af6066183691
31038db384774b30a90f372136544f5cfd03cb2cfec40cfc8d06697b80c6e638
311ddcdfdca96cf9dfccd5dec4b4b44d463d7626b8349233b7d2671788256a2a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
334e533282141e65e6b9d0850507edf34c5abdc68678587c648a1e6f46f5a791
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36b72120fc731ea29b1d2cabe92dc59386f9a1d95b25c965d38e63656ba237f8
36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90
3865c0dbe6b11b3a32b8c600acaeda70bae7b1f8287d566bcc0613c217907f2c
3932290bf9f79626040834a3a15e7cb634a0c3f5b627122f81b165c1d1fe8922
39c7c602e0d57a569539f7e8e0b2d75a9f5aa9bb38d59782d2011d9e35c07d77
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3bb4cd88543fb1c4954e395fec63b4d32ad77beddf3e946c610aba2d80c80d0b
3f5684bf5aa4a6eb5c9015394c8739dff39377a73adf72c30ba511d0ab5b50f3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
410e12233ed9d0bb3bae1231e9e5a394d8278fe28e44c8f783628a76dd54e614
42a1a9aa7314dc440f13749c3f85ad6802a3dd3b0467270ff5bde9efee226820
4367435b55e91a47e4ed82be3b071a73871e8537afde581dec38e084570624e2
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47509297bffb666268f5a27277f46f534f6e8a54d8cae48a137e7ab71a33aa90
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a1b2ac65a777f5cbd02295a63be826abcd1f48b0ff8d9e41c34d1611e6d5734
4a31142e331553f8c0f55164db6d3b5a23677a6f85413de49f28bc9084b1dec0
4acb633c4d386102ac7538645f478ea04dd80cd28b5e4e53c2f8fbc4cc9d1dbd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8f66fdfc02bebd4c8fbb2cdcbb4ebe42b27520b9d6f0e6e0b2a799b2fea730
4d8d078acb2e2069da9bad4650bc6ef0ade536a34984aa86ee5026f5163a030a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
4ee93aae396dad4ea17410d0d38abe40a91baaa30c2685aef3c92b704a79bda6
501acb4e4522e173dbe423ddc76c7bd804d5f983d3f7a613a76d1b4a67b21835
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
517958b94ea3e0ce78a0da9a42b3bfe88a5931a7a64474829921da348c59d184
52146669b90007dc18a5b27df79c7ad8bdf4fb1eda12207c392c0268da21ad9b
530752728a396ddcdd46e2a062834d6fdd475ad5199b9beab914088203fb1fac
53fc64ffac26dcb2eea10d1d89eaeae904237ff151f0aa3ab7065c78ab410275
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54c7f9dacbd3be07256357be812bd7edf74ac6938ab155493b599a39136e81d5
54d6fa3b653c5e16db5247062dfcf74cd3dab4d9fccc46b737fc2b84a9da798d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
581a1ea02b36a1133d099529871fbecb8f6cfb380172991c365a6d628e27ecab
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c5592f43ea607d633067ecc76de87b4806452acaedbd312aaa2b644ab1738a5
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628
5eb792320b1c497d8237f24b447a92cdfa6655bb50b14b106837443fb96a140b
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621075c8f39ef523d99c188a1fe01ee522e15a7aa3626277bb910ed489d00e2c
627fe5906ba058401530bb08a8f499e651ec9bc539bddbfbb909a35f571cb7b0
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
645720463c7d884af96d57adc100b4b017e55e2ea2e0aa5fcbfc3b6edd4cb39e
65a099a71ad3b2309e3dfcfa9b2e184ef764b8a2906f0ae974b67b798cb719ec
6648009549b81e81582f3fb8345dd6305ee4a232fd4eac4fd803a78cb69b0c1a
671fca35d060e3ce06bbe0848b80e47be23f3322befbeb57bbce5d46994c846b
68b5df8a16ee7bbfd4789f8533b7f9882f9095625a8be1f56e352bc10710484d
693204f603180e40f6b819dddbc2c21395cfe03c08dff631d46888df03596f86
6a9e185c2ed1b2c88f343651b74e2114b719ec18347a37cb6910317b24ab504d
6b19c22908a21e252aa45e934e7cdf7958436ebd205cdd251de9c22b6b046624
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e67d73f9a36e20f5ec02418f2c160063e3583cef3459d212efd82f9304bd7d2
6f2e05babc78e5979e3f1440814096ff62614932dc2644b6fc209d074bcc564f
6fa8b9c20d5c4f5711f76f4f4adafafc90e8f89bac2c7b3dfc2c7e63abb55d21
702c805fec65a8cc8c6c40aed34123b021e5ed6107cc6dfdebc4b0fc2e229887
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
732cfe462d74f591d636d3e6e0576fa6e30deba18e44e675135f88c06186548c
746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0
764523769db3c801dfa7c8d6a6f2237f424d1142d6b92bba915d57204dfc548c
7af6fa10f5baa91dec87c8036eca6afbab6311dcc9b697cf46884bf0f42b9fa6
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b49dc8f0cf7b7ed617e62de4242a11313b9c8216db493f67d93aedbb1b44bec
7c97dfe662bddf02ed118a3cd826eb9b1d199c4a7dc246367192557362fe2b1f
7d2ec1f120a6f899e9772b5e3db9b4d4a468143f9122962ca07245c54ca21a0e
7ea9327b36f8ea3355ad8a33cf7bd5735cbf2e11ed96744279181a0fedd2401e
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
818da0a99e5c987d95ab810e69c78fc66712db42e23ef755a391bb841817654a
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f8393c6593831a76ea84324c946029082b5c72507176c13387468d21c651ff
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8baef3035ca0cdeb2be78284796226a082ecc642ce45dd85a615d92130f18417
8cc962bf012bdf8476e37ccbffbdb365c8c366ade8356352396ff090ffc380f5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f1c5a1adb61eebadff8e6b258bf6689c1c29fb5aceeec61ccb025a9d941f04c
900e4667d1c2576e226b32744f4630d2cf7c7333a31c2d076cf0884ab143e234
90c31d594c482ed8261fe5e14d06ec7090ab75a7b69a06770ffe0afb17ef6811
931b110c1e59f8b34deae2e7b01bf2690e59b92d6b085217f0b42f0dede8c93c
989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b13424c6d1a5d7a27f2b6b465ced8985d2c2773a0f24e0211babfd3ddfb3392
9d0112c3289999dd04b6bf84a73981ccd4234b0aa6eeaf4feeade71dc049bb44
9d56712c65fd658abe00c4709f0e8857a0c633082a78f3401ea4f3800f75488b
9dc7fcfce25a48164f63dda1f75cb1e3bb7d198cb0fca54f62912cefe5aad6da
9e3947902f8bfefa19b39662366640a7dd3ca12f7936eb1c56082b75a0d649ba
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
9ead871d27f3a0d803f4d6139feb2f2694d3a26c54fd6734f789a06aad0f5303
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a23749e992a75881a24825b1aaf9110df21cf1c9cf6f012f2e72cd5decfd07fe
a39bdf2dd26f9c0fab39bd488478d3a32fdebef36c47651c13a62a6e5f2bac5d
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a61259b8f303768072768b80a9c65d81dbc410ac4089832d362cfec34573d291
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a97bd7b3b458e725081b298413b5682a109dd1d4ec57ed0e072184b02cd0e246
aae0f1131d1f03726e3c493803ec6cfb342ba2019b3518a35e291b24fbcc573e
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acc670a824e6eb431d318fb2526b92f20de7792d1d9a73d23d23251282c01c93
ae9ec49acaff45c6a341e9a552d546bd6fea845331c314261be35a40c37ddc7f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af1cd6d6dbce41580d672d3ad96ecdfe47cf6e1253f821366646291fe0146087
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a9f51121ef00d4bc11c410113432813ddbdcd85c9f2aabbd2c2c23c87408e4
b4138d360966621f83b13778fb6c802dc4067d1844b0fc6356add5df466a907c
b918eee847f716ca2e0f78a6106954e16a22491d9a6445d7d7b25a63294d7b7b
bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc
bcfc3164e0232da8926cc0bc6f48a243af27d14ab8c859df7cbd539e1dde09d1
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bed9e882e298b832459e512ea18ea9659b5a95876bcbf64c2fc8ca0c5167be36
bfdb787aefe473782359c56b779066ca63467fc70469ab913a8b3d0c25511e73
c06f89ed77133ba0b47a4a7082f8c038ee9d3083df61cb7d5a59684f921c52e6
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25ce818c3c2ab4992bc0b61a60d1822f239a638af59ad63ed2fe2028e3037f8
c276285708800494d413ec1eb5884caf4d2e4e2b6e39b63c2f1e4988e568b2ed
c32808db47aa6a3a60054c8b371ef98ecbc7b68c544ff7f71a65913217604f21
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
c942cb01ca7d8956086518f0315ac0be0374cb0f0a38ffe67a52bc4ae7ff5f6f
ca1da7d72f3e91e179815a4f0598369f1133cd552ee45818e8f3d880f987fd66
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca9668504727e46af9d0f49b307fa63ac082d2802edbaf51f5e070c9b2ae5e26
cc063466fc42fe1b789888a932cc7f3a8bdde1c2d70a8a04b4d9896975620da7
cdc09616482b23651a59600f7be19ae57c62086f99faadb86e7da494a585c05a
cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0ba10b2289eb0fd569bfb465002cb6fc14d12211b311b83639d9d0eebe182e0
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d266f653edab118f23d71f1e2d3726cbf2e8a82faa537dab3a7edd1896b4d495
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3dbe61c0d4bd6843709a0c3287613e78c6699b608001771c5d02fc4927a81ff
d65b424523b1e64fb52340f45082c73d7368cc40b9d19b877fc1c48c12f14c53
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d85ad490eff6fe8de4e0eb5ee1913ff61b9d8d83791aaf6011831786ffecf047
db29baf07cca3bee57c860e587ff03c3c45da3875e6214b601a135fcbe581c0c
dc3b5bc58070e3c92bf7c79fd751863e0eb4a3021134454adee5b414cfe91468
dd02a589f937051a0197681a0c494abddc8fb3c56aa3ded47621e67b6622303e
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
e362728fd2d538ac44515898eedba531f5307b34a3085963bd613545e9885c5b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4ca4ac2245a298854b68e7efdabe6e7a518ab2d258e7334a316b434e74e6d07
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
e88f4c0915dc02c509e93e39a70d9cd6ac80e9adb85fc1184f73f39d577ec533
e9b6c722c2dd67616bb65537b58bf42b0c1094082ee4c16d560dfd9910e620b2
ea208f3af14b6c07455dd561aaf81750a537aa358a9d69d6d3f72bc69f6aab21
ea473960b325da47338c91772ba0b6e45561066c51fc17b55ee8d3caaf97909a
ed4f7f2ec06e4817377cdad1256845b66b38c5c788e6abdec0a2d897f9b9ff44
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
f53846431e30e69501f55ea4d80c3a129b4f0a8cfba57bdc9c78e5b794388bb7
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f89eae16b0db1af8e2a1a9c0e4f831bde04b04005664d2e059ddd10a2b352f57
f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af
fc1f75e583afcda339ffe8eb7ae1b4bc3a6b33cc769bac8f5861f9ef22ed2645
fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae

www.mlive.com Open in urlscan Pro 2a02:26f0:480:f::213:7edb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

416 Requests

87 %HTTPS

35 %IPv6

84 Domains

150 Subdomains

119 IPs

12 Countries

4887 kBTransfer

13939 kBSize

128 Cookies

33 Outgoing links

Page URL History

Redirected requests

416 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mlive.com Open in urlscan Pro
2a02:26f0:480:f::213:7edb Public Scan

Screenshot
Live screenshot

Full Image

416
Requests

87 %
HTTPS

35 %
IPv6

84
Domains

150
Subdomains

119
IPs

12
Countries

4887 kB
Transfer

13939 kB
Size

128
Cookies

416 HTTP transactions
4 data transactions