urlscan.io logo urlscan.io
SecurityTrails logo

www.mlive.com Open in urlscan Pro
2a02:26f0:3500:12::1730:17b7  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.mlive.com/
Submission: On January 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 104 IPs in 10 countries across 70 domains to perform 413 HTTP transactions. The main IP is 2a02:26f0:3500:12::1730:17b7, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.mlive.com. The Cisco Umbrella rank of the primary domain is 52120.
TLS certificate: Issued by R3 on January 12th 2024. Valid for: 3 months.
This is the only time www.mlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
36 2a02:26f0:350... 20940 (AKAMAI-ASN1)
11 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.32.121.31 16509 (AMAZON-02)
1 18.245.86.89 16509 (AMAZON-02)
4 2600:1901:0:6... 15169 (GOOGLE)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
4 35.71.130.31 16509 (AMAZON-02)
7 2600:9000:223... 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 23.56.202.187 16625 (AKAMAI-AS)
3 52.222.208.154 16509 (AMAZON-02)
2 65.9.66.97 16509 (AMAZON-02)
1 184.30.21.51 16625 (AKAMAI-AS)
15 52.222.236.105 16509 (AMAZON-02)
5 23.35.237.151 16625 (AKAMAI-AS)
1 143.204.98.19 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.222.250.70 16509 (AMAZON-02)
1 84.53.165.218 16625 (AKAMAI-AS)
2 13.32.99.21 16509 (AMAZON-02)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 146.75.120.157 54113 (FASTLY)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2 107.178.250.234 15169 (GOOGLE)
3 2a00:1450:401... 15169 (GOOGLE)
2 54.75.58.229 16509 (AMAZON-02)
1 99.86.4.30 16509 (AMAZON-02)
1 13.32.99.59 16509 (AMAZON-02)
1 3 23.35.237.56 16625 (AKAMAI-AS)
2 54.235.102.18 14618 (AMAZON-AES)
2 34.252.210.232 16509 (AMAZON-02)
1 23.36.232.182 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 35.244.193.51 396982 (GOOGLE-CL...)
2 162.19.138.83 16276 (OVH)
1 52.5.250.100 14618 (AMAZON-AES)
1 34.120.133.55 396982 (GOOGLE-CL...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.61.60 16509 (AMAZON-02)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.131 13414 (TWITTER)
2 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
4 54.208.1.107 14618 (AMAZON-AES)
1 13.32.119.77 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
7 34.193.251.250 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 162.19.138.117 16276 (OVH)
1 52.223.6.21 16509 (AMAZON-02)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 151.101.65.44 54113 (FASTLY)
1 54.85.156.25 14618 (AMAZON-AES)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2602:803:c003... 26667 (RUBICONPR...)
7 9 104.18.36.155 13335 (CLOUDFLAR...)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 44.209.215.67 14618 (AMAZON-AES)
1 54.155.18.159 16509 (AMAZON-02)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f17... 32934 (FACEBOOK)
43 2a00:1450:400... 15169 (GOOGLE)
1 104.70.86.197 16625 (AKAMAI-AS)
15 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
12 27 142.250.186.66 15169 (GOOGLE)
10 172.64.151.101 13335 (CLOUDFLAR...)
7 10 37.252.172.123 29990 (ASN-APPNEX)
1 35.186.255.72 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 35.158.240.95 16509 (AMAZON-02)
3 6 52.214.121.166 16509 (AMAZON-02)
45 2a00:1450:400... 15169 (GOOGLE)
1 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 18.158.46.130 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 216.52.2.86 32475 (SINGLEHOP...)
2 54.73.193.1 16509 (AMAZON-02)
3 35.214.149.91 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 142.250.185.194 15169 (GOOGLE)
1 1 151.101.2.49 54113 (FASTLY)
2 2 35.204.158.49 396982 (GOOGLE-CL...)
2 178.250.1.9 44788 (ASN-CRITE...)
2 2 37.157.5.84 198622 (ADFORM)
1 2600:9000:211... 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 35.227.252.103 396982 (GOOGLE-CL...)
1 81.17.55.122 60781 (LEASEWEB-...)
1 1 35.214.180.228 15169 (GOOGLE)
16 2606:4700::68... 13335 (CLOUDFLAR...)
4 151.101.2.133 54113 (FASTLY)
21 2600:1f13:800... 16509 (AMAZON-02)
1 143.204.98.66 16509 (AMAZON-02)
3 151.101.194.133 54113 (FASTLY)
1 184.30.20.22 16625 (AKAMAI-AS)
2 172.64.149.180 13335 (CLOUDFLAR...)
2 184.30.22.30 16625 (AKAMAI-AS)
1 23.35.236.201 16625 (AKAMAI-AS)
2 52.223.40.198 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 1 52.202.180.1 14618 (AMAZON-AES)
1 2 52.46.128.147 16509 (AMAZON-02)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 52.211.118.115 16509 (AMAZON-02)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 69.173.144.165 26667 (RUBICONPR...)
413 104
36    2a02:26f0:3500:12::1730:17b7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.mlive.com
11    2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    13.32.121.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-31.fra60.r.cloudfront.net
cdn.sophi.io
1    18.245.86.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-89.fra60.r.cloudfront.net
apps.sophi.io
4    2600:1901:0:636d::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
zephyrlabyrinth.com
1    2a02:26f0:3100:795::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    35.71.130.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8fd921d2017b5f79.awsglobalaccelerator.com
ecollector-us-east.sophi.io
7    2600:9000:223f:3600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
5    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
ads.rubiconproject.com
3    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
15    52.222.236.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-105.fra56.r.cloudfront.net
h312.mlive.com
5    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    143.204.98.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-19.fra50.r.cloudfront.net
ats-wrapper.privacymanager.io
6    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
news.google.com
www.google-analytics.com
8    2606:4700::6812:b07e (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
api-v3.tinypass.com
1    52.222.250.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-70.fra60.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1    84.53.165.218 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a84-53-165-218.deploy.static.akamaitechnologies.com
s.ntv.io
2    13.32.99.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net
sb.scorecardresearch.com
3    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2a02:26f0:3500:16::215:1490 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
3    2a00:1450:4013:c08::54 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
accounts.google.com
2    54.75.58.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-58-229.eu-west-1.compute.amazonaws.com
privacy.crwdcntrl.net
id.crwdcntrl.net
1    99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    13.32.99.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-59.fra60.r.cloudfront.net
geo.privacymanager.io
3    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
at.teads.tv
sync.teads.tv
2    54.235.102.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-102-18.compute-1.amazonaws.com
advancelocal.blueconic.net
2    34.252.210.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-210-232.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    23.36.232.182 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-232-182.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
2    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
1    52.5.250.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-250-100.compute-1.amazonaws.com
idx.liadm.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net
cdn.parsely.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
4    54.208.1.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-1-107.compute-1.amazonaws.com
www.i.matheranalytics.com
1    13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net
aax.amazon-adsystem.com
4    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
7    34.193.251.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-251-250.compute-1.amazonaws.com
jadserve.postrelease.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    52.223.6.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8c33d2b6751b365d.awsglobalaccelerator.com
direct.adsrvr.org
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
display.bidder.taboola.com
1    54.85.156.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-156-25.compute-1.amazonaws.com
exchange.postrelease.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
9    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
1    2600:1f18:730:b150:6603:655:735c:e3cb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    44.209.215.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-215-67.compute-1.amazonaws.com
rp4.liadm.com
1    54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
p1.parsely.com
1    2a02:26f0:7100:594::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
43    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    104.70.86.197 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-86-197.deploy.static.akamaitechnologies.com
ead.mlive.com
15    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
27    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
10    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
10    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    35.186.255.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.255.186.35.bc.googleusercontent.com
app.matheranalytics.com
1    2606:4700::6811:c276 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
2    35.158.240.95 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-240-95.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
6    52.214.121.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-121-166.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
45    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    18.158.46.130 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-46-130.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    216.52.2.86 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    54.73.193.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-193-1.eu-west-1.compute.amazonaws.com
match.360yield.com
3    35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com
x.bidswitch.net
2    2606:4700::6812:907e (United States)

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
6    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads4.g.doubleclick.net
1    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    2600:9000:211e:de00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    2a05:d018:d29:3602:d06d:9b76:9dd0:76fb (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    81.17.55.122 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync.smartadserver.com
1    35.214.180.228 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 228.180.214.35.bc.googleusercontent.com
csync.loopme.me
16    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
static.advance.net
21    2600:1f13:800:7782:7554:8097:1e86:2b70 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
1    143.204.98.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-66.fra50.r.cloudfront.net
check.analytics.rlcdn.com
3    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
fonts.advance.net
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
2    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    52.202.180.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-180-1.compute-1.amazonaws.com
i.liadm.com
2    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    52.211.118.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-118-115.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
Apex Domain
Subdomains		 Transfer
56 googlesyndication.com
2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
346 KB
52 mlive.com
www.mlive.com — Cisco Umbrella Rank: 52120
h312.mlive.com — Cisco Umbrella Rank: 74126
ead.mlive.com — Cisco Umbrella Rank: 87603
2 MB
45 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
534 KB
45 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594
317 KB
34 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 721
fw.adsafeprotected.com — Cisco Umbrella Rank: 1004
dt.adsafeprotected.com — Cisco Umbrella Rank: 719
314 KB
19 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
dsum.casalemedia.com — Cisco Umbrella Rank: 1367
12 KB
16 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
180 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 364
255 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
secure.adnxs.com — Cisco Umbrella Rank: 490
9 KB
10 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 8537
cdn.tinypass.com — Cisco Umbrella Rank: 6134
buy.tinypass.com — Cisco Umbrella Rank: 6622
api-v3.tinypass.com — Cisco Umbrella Rank: 15439
189 KB
10 google.com
news.google.com — Cisco Umbrella Rank: 6054
accounts.google.com — Cisco Umbrella Rank: 23
ampcid.google.com — Cisco Umbrella Rank: 2967
www.google.com — Cisco Umbrella Rank: 2
147 KB
8 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1144
exchange.postrelease.com — Cisco Umbrella Rank: 5105
5 KB
8 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 2971
ads.rubiconproject.com — Cisco Umbrella Rank: 2076
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2989
eus.rubiconproject.com — Cisco Umbrella Rank: 579
token.rubiconproject.com — Cisco Umbrella Rank: 477
178 KB
7 advance.net
static.advance.net — Cisco Umbrella Rank: 30526
fonts.advance.net — Cisco Umbrella Rank: 37896
267 KB
7 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 11005
www.i.matheranalytics.com — Cisco Umbrella Rank: 10770
app.matheranalytics.com — Cisco Umbrella Rank: 16217
45 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
78 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2029
21 KB
6 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1005
privacy.crwdcntrl.net — Cisco Umbrella Rank: 23154
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
id.crwdcntrl.net — Cisco Umbrella Rank: 2323
31 KB
6 sophi.io
cdn.sophi.io — Cisco Umbrella Rank: 16184
apps.sophi.io — Cisco Umbrella Rank: 31003
ecollector-us-east.sophi.io — Cisco Umbrella Rank: 27103
38 KB
5 moatads.com
z.moatads.com — Cisco Umbrella Rank: 704
px.moatads.com — Cisco Umbrella Rank: 660
87 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
278 B
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
px4.ads.linkedin.com — Cisco Umbrella Rank: 6550
2 KB
4 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 2032
rp.liadm.com — Cisco Umbrella Rank: 1497
rp4.liadm.com — Cisco Umbrella Rank: 7027
i.liadm.com — Cisco Umbrella Rank: 550
2 KB
4 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1434
at.teads.tv — Cisco Umbrella Rank: 4698
sync.teads.tv — Cisco Umbrella Rank: 1376
4 KB
4 zephyrlabyrinth.com
zephyrlabyrinth.com — Cisco Umbrella Rank: 36194
25 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
705 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
196 KB
3 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
ads.pubmatic.com — Cisco Umbrella Rank: 535
image6.pubmatic.com — Cisco Umbrella Rank: 805
6 KB
3 adsrvr.org
direct.adsrvr.org — Cisco Umbrella Rank: 2647
match.adsrvr.org — Cisco Umbrella Rank: 357
694 B
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 857
id5-sync.com — Cisco Umbrella Rank: 425
29 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
129 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
cdn.indexww.com — Cisco Umbrella Rank: 1576
2 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
1 KB
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 608
725 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
1 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 1918
397 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 874
s.tribalfusion.com — Cisco Umbrella Rank: 2405
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 843
r.turn.com — Cisco Umbrella Rank: 4167
869 B
2 taboola.com
display.bidder.taboola.com — Cisco Umbrella Rank: 4999
trc.taboola.com — Cisco Umbrella Rank: 646
623 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1229
contextual.media.net — Cisco Umbrella Rank: 709
9 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3040
p1.parsely.com — Cisco Umbrella Rank: 2229
21 KB
2 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1011
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4233
638 B
2 blueconic.net
advancelocal.blueconic.net — Cisco Umbrella Rank: 25668
2 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 177
3 KB
2 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 2199
geo.privacymanager.io — Cisco Umbrella Rank: 1860
51 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 567
539 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
222 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1389
c.go-mpulse.net — Cisco Umbrella Rank: 624
50 KB
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 3039
182 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 555
433 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 841
759 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 897
409 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
45 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 625
236 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
713 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 662
237 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
543 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 5593
4 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914
273 B
1 google.de
ampcid.google.de — Cisco Umbrella Rank: 80806
367 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 789
727 B
1 t.co
t.co — Cisco Umbrella Rank: 656
377 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1517
249 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1157
17 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 783
16 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 745
15 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3637
164 KB
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1 KB
413 70
Domain Requested by
45 s0.2mdn.net www.mlive.com
s0.2mdn.net
37 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
36 www.mlive.com www.mlive.com
27 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
21 dt.adsafeprotected.com 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
16 cdnjs.cloudflare.com s0.2mdn.net
buy.tinypass.com
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.mlive.com
15 h312.mlive.com www.mlive.com
h312.mlive.com
14 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
11 cdn.cookielaw.org www.mlive.com
cdn.cookielaw.org
9 ib.adnxs.com 6 redirects googleads.g.doubleclick.net
7 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
7 jadserve.postrelease.com s.ntv.io
www.mlive.com
7 static.adsafeprotected.com www.mlive.com
2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
6 googleads4.g.doubleclick.net www.mlive.com
6 fw.adsafeprotected.com 3 redirects www.mlive.com
6 googleads.g.doubleclick.net 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
pagead2.googlesyndication.com
5 securepubads.g.doubleclick.net www.mlive.com
securepubads.g.doubleclick.net
4 static.advance.net buy.tinypass.com
www.mlive.com
4 www.google.com 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 www.facebook.com www.mlive.com
4 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.i.matheranalytics.com www.mlive.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 ecollector-us-east.sophi.io cdn.sophi.io
4 zephyrlabyrinth.com www.mlive.com
zephyrlabyrinth.com
3 fonts.advance.net static.advance.net
3 x.bidswitch.net 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 www.googletagservices.com 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
3 px.moatads.com www.mlive.com
3 px.ads.linkedin.com 2 redirects snap.licdn.com
3 accounts.google.com www.mlive.com
accounts.google.com
3 connect.facebook.net www.mlive.com
connect.facebook.net
3 c.amazon-adsystem.com www.mlive.com
c.amazon-adsystem.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 match.adsrvr.org ssum-sec.casalemedia.com
2 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
2 sync.teads.tv 1 redirects 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
2 c1.adform.net 2 redirects
2 dis.criteo.com 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
2 um.simpli.fi 2 redirects
2 match.360yield.com 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
2 ap.lijit.com 2 redirects
2 pm.w55c.net 2 redirects
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 region1.google-analytics.com www.googletagmanager.com
2 id5-sync.com micro.rubiconproject.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 advancelocal.blueconic.net h312.mlive.com
2 js.matheranalytics.com 1 redirects www.mlive.com
2 sb.scorecardresearch.com www.mlive.com
2 news.google.com www.googletagmanager.com
news.google.com
2 z.moatads.com www.mlive.com
z.moatads.com
2 tags.crwdcntrl.net www.mlive.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 www.googletagmanager.com www.mlive.com
www.googletagmanager.com
1 token.rubiconproject.com eus.rubiconproject.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 secure.adnxs.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 i.liadm.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 trc.taboola.com
1 ads.pubmatic.com micro.rubiconproject.com
1 js-sec.indexww.com micro.rubiconproject.com
1 contextual.media.net micro.rubiconproject.com
1 api-v3.tinypass.com cdn.tinypass.com
1 check.analytics.rlcdn.com micro.rubiconproject.com
1 csync.loopme.me 1 redirects
1 ssbsync.smartadserver.com 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
1 rtb.openx.net 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 s.ad.smaato.net 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
1 sync-tm.everesttech.net 1 redirects
1 s.tribalfusion.com 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 r.turn.com 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 c2.piano.io cdn.tinypass.com
1 app.matheranalytics.com js.matheranalytics.com
1 ead.mlive.com
1 stats.g.doubleclick.net www.google-analytics.com
1 c.go-mpulse.net s.go-mpulse.net
1 p1.parsely.com www.mlive.com
1 rp4.liadm.com www.mlive.com
1 rp.liadm.com 1 redirects
1 htlb.casalemedia.com micro.rubiconproject.com
1 fastlane.rubiconproject.com micro.rubiconproject.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 exchange.postrelease.com micro.rubiconproject.com
1 display.bidder.taboola.com micro.rubiconproject.com
1 prebid.media.net micro.rubiconproject.com
1 direct.adsrvr.org micro.rubiconproject.com
1 lb.eu-1-id5-sync.com micro.rubiconproject.com
1 ampcid.google.de www.google-analytics.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 px4.ads.linkedin.com www.mlive.com
1 analytics.twitter.com www.mlive.com
1 t.co www.mlive.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 ampcid.google.com www.google-analytics.com
1 api.rlcdn.com micro.rubiconproject.com
1 idx.liadm.com micro.rubiconproject.com
1 id.crwdcntrl.net micro.rubiconproject.com
1 lexicon.33across.com micro.rubiconproject.com
1 ads.rubiconproject.com micro.rubiconproject.com
1 cdn.id5-sync.com www.mlive.com
1 secure.cdn.fastclick.net www.mlive.com
1 at.teads.tv a.teads.tv
1 geo.privacymanager.io ats-wrapper.privacymanager.io
1 cdn.tinypass.com experience.tinypass.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 privacy.crwdcntrl.net tags.crwdcntrl.net
1 snap.licdn.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 s.ntv.io www.mlive.com
1 d1z2jf7jlzjs58.cloudfront.net www.mlive.com
1 experience.tinypass.com www.mlive.com
1 ats-wrapper.privacymanager.io www.mlive.com
1 a.teads.tv www.googletagmanager.com
1 micro.rubiconproject.com www.mlive.com
1 s.go-mpulse.net www.mlive.com
1 apps.sophi.io www.mlive.com
1 cdn.sophi.io www.mlive.com
413 128
Subject Issuer Validity Valid
advancelocal.web.arc-cdn.net
R3		 2024-01-12 -
2024-04-11		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
cdn.sophi.io
Amazon RSA 2048 M01		 2023-09-17 -
2024-10-15		 a year crt.sh
apps.sophi.io
Amazon RSA 2048 M01		 2023-03-18 -
2024-04-15		 a year crt.sh
zephyrlabyrinth.com
R3		 2024-01-05 -
2024-04-04		 3 months crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.sophi.io
Amazon RSA 2048 M01		 2023-04-11 -
2024-05-10		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
w723.lonestarlive.com
Amazon RSA 2048 M01		 2023-07-07 -
2024-08-04		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-13 -
2024-08-12		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-28 -
2024-08-28		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-29 -
2024-01-27		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.blueconic.net
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-06		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-07 -
2025-01-06		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
www.i.matheranalytics.com
Amazon RSA 2048 M03		 2023-11-15 -
2024-12-14		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.bidder.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-12 -
2024-12-12		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
li.lisecurelink.com
R3		 2023-11-14 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
app.matheranalytics.com
GTS CA 1D4		 2023-12-05 -
2024-03-05		 3 months crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
advancelocal.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-18 -
2025-02-18		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2023-06-27 -
2024-07-24		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M03		 2023-11-28 -
2024-12-26		 a year crt.sh

This page contains 29 frames:

Primary Page: https://www.mlive.com/
Frame ID: 2941379C010632B3C74899A0A8662DF3
Requests: 181 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 80ED11BA9930C679E0989BD04B9B14AD
Requests: 1 HTTP requests in this frame

Frame: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DD63935C98A5990833B4060A44B862F3
Requests: 1 HTTP requests in this frame

Frame: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 77E95FF5136DE3FFB873F0D04E2AAB0A
Requests: 29 HTTP requests in this frame

Frame: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EA04784768E1B780340D507DA589B069
Requests: 28 HTTP requests in this frame

Frame: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E91F45C231B8FF8EEBC0E9D5C0F8499C
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN211YACMAE&v=APEucNVyPEIBub-1flhs8GwwtMQJefO5JuWxI2Oog4gciO-FpMPG85GtxX-xdoFYsex5xsXgBi-Bij5Jns4qoLseaH5RBGDyPCHG97PH1imB3NVafNybQcyDijHNFwO9BJEyqfw_Ydg6-canKthgJ_raHNPsEhBVv6FnIUZ3ALLsRP2bICrvbfM
Frame ID: B9D68D1C18593D79214755F8D25E6C7A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN211YACMAE&v=APEucNUWfx5E0ppDZhLAeLbiIZLlXIoptfqrAfEqtCcNZDNL71J8uqKNsHUB_gYCEWrerx122jVeRHRJygleCsvpLzRkhQJ_Moy34kOsr2N2NGWPcBJSWk_4eIiENfVwyxXBW7aTfU7u0eaywBOApHz6biUy-MjoYnGpihjwZjIuEWBzrXA2LyQ
Frame ID: 8EAA3B8CD3BC49B78C3E74219746CA3D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN211YACMAE&v=APEucNVEpU7mAD_g2QYFR8haEBO21iUU5myvVUBHf2fKU0VFHCLc0in6A8auFmKASS5O9211_FuTNaoxIqU7_VXinP1RgMhGVsZvOHhl7VxdogUyUVDLD4eyVmL5-iNgp5XitJ1ObL7rqZm6hddEluw9ZT2loc-pIkwHQzx3eJwLURTfTCTyIBY
Frame ID: 28BAC2674C3083587201213FE5CC1156
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1718C3446573B160CBC76202B709DE2C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B9B3666828FC1BB79E4C6C471813CFAC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CC5F80E8C9EB76CEF2F0A243B4A93737
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6486E969F22EE185B2DAF14CA2F646E7
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 950A02B8AC360FF582F2F68EC76D073B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D0A155A398C97E7D522A8B842A84EE8E
Requests: 9 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
Frame ID: 9BA0D97C92C6D9FC4484F369B4557733
Requests: 22 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Frame ID: 0693438920F50D771BB24834BCD8A853
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 439FB17145F34A6347331E2F0EA3E75D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C201D1CB40C0AAD777C5896DF4163A92
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Frame ID: 7CA01A0DAE483688973BACF36E3588AA
Requests: 16 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Frame ID: 7E664509FECA1CC87813276D0964B62F
Requests: 16 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 8D6F7E9099C0BEA2A0477D65D63FA82B
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A1A95F05B9A29A553C9577607DBE632B
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 6D57B33EE2BBD45106A75701988FE6EE
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 0BD41D632F7F7BE5E15B448A7C889E72
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3CC01C0A096FB5C3247EB3186AD879E8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0852396563F286E07E3B520708A0C2A7
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Frame ID: 4C73AABD2ABDE0602A2427A492F9998B
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A2D5A0BFC520A1C6CBE72862773B4D59
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Michigan Local News, Breaking News, Sports & WeatherLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronLarge ChevronKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyKeyBack ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

413
Requests

91 %
HTTPS

34 %
IPv6

70
Domains

128
Subdomains

104
IPs

10
Countries

5732 kB
Transfer

16266 kB
Size

102
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62
  • https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1645 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma63527/all/17/ml.br.js
Request Chain 98
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1705700149069&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1705700149069&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1705700149069&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&e_ipv6=AQJDKVUk5bFZ3wAAAY0jpskAKR37WvjmTIkYw014V01CkKeqiFlUa3JfspsauGDP5Qk20NUf
Request Chain 122
  • https://rp.liadm.com/j?dtstmp=1705700149515&se=e30&duid=94c49eadf2ac--01hmhtdhmq6dn94kj76bpprnet&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid HTTP 302
  • https://rp4.liadm.com/j?se=e30&duid=94c49eadf2ac--01hmhtdhmq6dn94kj76bpprnet&dtstmp=1705700149515&wpn=prebid&pu=https%3A%2F%2Fwww.mlive.com%2F&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTE%3D
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
Request Chain 196
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZarrNlt2pIKfPEq7P6JSJwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKJGTeLIzFI2K2veQBiK6f0&google_cver=1
Request Chain 198
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk0NjcxODI4ODQ1MTgzNTQyOA%3D%3D
Request Chain 199
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
Request Chain 200
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZarrNo1xK6sSCVO0lcCv5QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
Request Chain 201
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKJGTeLIzFI2K2veQBiK6f0&google_cver=1
Request Chain 202
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcyMDk5Mjk3MTgzNTUyNjEyNA%3D%3D
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
Request Chain 204
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZarrNmTKW5kSnl78ReQF-gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKJGTeLIzFI2K2veQBiK6f0&google_cver=1
Request Chain 206
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcyMDk5Mjk3MTgzNTUyNjEyNA%3D%3D
Request Chain 235
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHTMncg03cO-SkyKHhv8TE0&google_cver=1&google_push=AXcoOmQnDrTXMG2Nf3NWPnEn3gn-lYPgyfClKZgwG1hFERcsI9IfP7aCvMUHyLvG1XjHMTU8J4sXC3tIxw9IpbmERvYIvysJaKPa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc0NzA5OTE1NTgwNjYyNjIwNQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHTMncg03cO-SkyKHhv8TE0&google_cver=1
Request Chain 236
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPTgMwA6UTCTvrDc3cbK7tg&google_cver=1&google_push=AXcoOmTx83vhwYvOoE-t9Okh4_ZwwqDqsquXM9wRCEdtj67S5lKx9jOlknYDpnbyBcYetOUhzZrholrJCX9cYf-d-k5JMMmyhoER HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPTgMwA6UTCTvrDc3cbK7tg&google_cver=1&google_push=AXcoOmTx83vhwYvOoE-t9Okh4_ZwwqDqsquXM9wRCEdtj67S5lKx9jOlknYDpnbyBcYetOUhzZrholrJCX9cYf-d-k5JMMmyhoER HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dGJmeE1pTk0xUnFXd0w1&google_gid=CAESEPTgMwA6UTCTvrDc3cbK7tg&google_cver=1&google_push=AXcoOmTx83vhwYvOoE-t9Okh4_ZwwqDqsquXM9wRCEdtj67S5lKx9jOlknYDpnbyBcYetOUhzZrholrJCX9cYf-d-k5JMMmyhoER
Request Chain 237
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFMqWVoe5-7MIXtjNbiP9Q0&google_cver=1&google_push=AXcoOmS1q6Ok96JgJ4OeNfgn7CumnDpAgBYZpzlg2BYUpcvKIG5AsiBDXx77nzaAJHy0t-UQFCARiayumycgnPYUFy1QTTqBBJDR&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS1q6Ok96JgJ4OeNfgn7CumnDpAgBYZpzlg2BYUpcvKIG5AsiBDXx77nzaAJHy0t-UQFCARiayumycgnPYUFy1QTTqBBJDR%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFMqWVoe5-7MIXtjNbiP9Q0&google_cver=1&google_push=AXcoOmS1q6Ok96JgJ4OeNfgn7CumnDpAgBYZpzlg2BYUpcvKIG5AsiBDXx77nzaAJHy0t-UQFCARiayumycgnPYUFy1QTTqBBJDR&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS1q6Ok96JgJ4OeNfgn7CumnDpAgBYZpzlg2BYUpcvKIG5AsiBDXx77nzaAJHy0t-UQFCARiayumycgnPYUFy1QTTqBBJDR%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 238
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENfPjUKncNGMhHjbYuI3PJc&google_cver=1&google_push=AXcoOmQxomhVVeVU1eyvzwFRqDYxxnveFv4-RAmdjiKJexEM-6YpjD5Z-GOcaMvsCAEXeJJ5nIA9e7MCSru5puG2dINvTfGg3VNN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENfPjUKncNGMhHjbYuI3PJc&google_hm=ZarrNo1xK6sSCVO0lcCv5QAABIkAAAIB&google_nid=index&google_push=AXcoOmQxomhVVeVU1eyvzwFRqDYxxnveFv4-RAmdjiKJexEM-6YpjD5Z-GOcaMvsCAEXeJJ5nIA9e7MCSru5puG2dINvTfGg3VNN
Request Chain 239
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAo4-uRO7R3cT2TekuPYV-Q&google_cver=1&google_push=AXcoOmRO58SBb_8kr-g10LHtiF2bSIV5tP9qV_6nRAYekOcHDek2sjuc5gdQ_-atEdJ0vhT20V1tyBETNbRdo3E9Nv6Qa8P4Mq0Z HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAo4-uRO7R3cT2TekuPYV-Q&google_cver=1&google_push=AXcoOmRO58SBb_8kr-g10LHtiF2bSIV5tP9qV_6nRAYekOcHDek2sjuc5gdQ_-atEdJ0vhT20V1tyBETNbRdo3E9Nv6Qa8P4Mq0Z&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRO58SBb_8kr-g10LHtiF2bSIV5tP9qV_6nRAYekOcHDek2sjuc5gdQ_-atEdJ0vhT20V1tyBETNbRdo3E9Nv6Qa8P4Mq0Z&google_hm=IBPvsGZHcLoOibSVQ6yb4Fjg
Request Chain 262
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAuntwOg9C2XtvCEQOm7D0s&google_cver=1&google_push=AXcoOmROjL5sc6MYAKljrtW4RLpU_wIZzASGbvs-PUgcI11iu8XeyFTUSEuUVlQodj7R3OlWFlZNy0_bQLq2KmZHdTZ4jmVEhVK1iA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAuntwOg9C2XtvCEQOm7D0s&google_push=AXcoOmROjL5sc6MYAKljrtW4RLpU_wIZzASGbvs-PUgcI11iu8XeyFTUSEuUVlQodj7R3OlWFlZNy0_bQLq2KmZHdTZ4jmVEhVK1iA
Request Chain 263
  • https://um.simpli.fi/gp_match?google_gid=CAESEIa_oRKY7cr8Csg0k0lgTTM&google_cver=1&google_push=AXcoOmSVs2tOL6QUhulGZM1OOHLItN56cdSHjDTtytvgnUp8Qqrj5YzF0fNi3SZBZMjcbbKVNq6vno76wC4GyTM5kABBytpd2M7BBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801D8183E2914A7EAA96E5DED04816FC&google_push=AXcoOmSVs2tOL6QUhulGZM1OOHLItN56cdSHjDTtytvgnUp8Qqrj5YzF0fNi3SZBZMjcbbKVNq6vno76wC4GyTM5kABBytpd2M7BBA
Request Chain 265
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEH69sqM3FdIA946y5Jbgw9U&google_cver=1&google_push=AXcoOmRAW7yICn_nPTzSdhQp4J0sEgpI-0p468NCjGD3DGeiCbF5pWsHSltaRFysanBcCw-yDShODc8eQuL85Vn3qgRMtTswkf1LmQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEH69sqM3FdIA946y5Jbgw9U&google_cver=1&google_push=AXcoOmRAW7yICn_nPTzSdhQp4J0sEgpI-0p468NCjGD3DGeiCbF5pWsHSltaRFysanBcCw-yDShODc8eQuL85Vn3qgRMtTswkf1LmQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU2MjE5MTcyNTU1MTM1NDkxNw&google_push=AXcoOmRAW7yICn_nPTzSdhQp4J0sEgpI-0p468NCjGD3DGeiCbF5pWsHSltaRFysanBcCw-yDShODc8eQuL85Vn3qgRMtTswkf1LmQ
Request Chain 270
  • https://um.simpli.fi/gp_match?google_gid=CAESEIa_oRKY7cr8Csg0k0lgTTM&google_cver=1&google_push=AXcoOmQzPtgHRUhteq8sD_7h1n65GgbniELGeny0-JCm9fHetcMUluHO964df18ljJMa2kJVe_4aD_qkNHriYcYNiICKbuQT7gsd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C32CC49A9E914818B67A826048446904&google_push=AXcoOmQzPtgHRUhteq8sD_7h1n65GgbniELGeny0-JCm9fHetcMUluHO964df18ljJMa2kJVe_4aD_qkNHriYcYNiICKbuQT7gsd
Request Chain 272
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEM2Mn8vwbHpwJxRvmIB7m-U&google_cver=1&google_push=AXcoOmSDsZ0Jb0GPtGlEpcfzPNHKQckBVlmyNOU73QWbKqHmreECX_hsqz3B5RQSgQxxAlKQq879bMNc_yLhaVxuHCbCjnvZifU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSDsZ0Jb0GPtGlEpcfzPNHKQckBVlmyNOU73QWbKqHmreECX_hsqz3B5RQSgQxxAlKQq879bMNc_yLhaVxuHCbCjnvZifU&google_hm=eS1LQmhoVU9SRTJwRmVXYzRzRklYSXZUMzFMaGptcU9ka35B
Request Chain 275
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEM70T5lsvQH1aRDKM2G7zXc&google_cver=1&google_push=AXcoOmRTs2C45ro2T_mGOkab-IkymltZKIesjBn6Xl9a79YsIRtpG2yenc-uonuy4v3tUzk2q6pZ7Kj8XRbDXhQazKOM38H54bSoWA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRTs2C45ro2T_mGOkab-IkymltZKIesjBn6Xl9a79YsIRtpG2yenc-uonuy4v3tUzk2q6pZ7Kj8XRbDXhQazKOM38H54bSoWA HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 276
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEMRBNRWfE7t3WSb1oPHn7nA&google_cver=1&google_push=AXcoOmQd1l7w2-J_yECT16yHBqtYi_T2cKds_YoBQL5YG_HlZzHPi8Y1NiJYoGylcjP0bELu9tRrMsPdr5xeUyuxUr90Ex1y53PNCQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=f3bccc05-6f84-47eb-9952-585c9da6ef4f&google_cver=1&google_gid=CAESEMRBNRWfE7t3WSb1oPHn7nA&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQd1l7w2-J_yECT16yHBqtYi_T2cKds_YoBQL5YG_HlZzHPi8Y1NiJYoGylcjP0bELu9tRrMsPdr5xeUyuxUr90Ex1y53PNCQ&gdpr=${GDPR}
Request Chain 281
  • https://fw.adsafeprotected.com/rfw/st/1874223/77019482/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=20839929287&bidurl=https://www.mlive.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hVMdfqzbgqPMeZtpMv1dZy&adContainerId=brand_safety_NuuqZbaFOKCWx_AP966o0A0&cbFunctionName=goog_wrapCb_NuuqZbaFOKCWx_AP966o0A0&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.mlive.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.mlive.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:33110bad-c45a-f07f-9cc1-f43d58777aba,c:1MKNPy,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-9klgw,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:7,mot:0,app:0,maw:0,fm:u1QA0uI+11%7C12%7C13%7C14%7C15*.1874223-77019482%7C151%7C152%7C1531%7C154%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C18%7C19%7C1a,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:64,oid:b791e4dc-b712-11ee-bae1-7a6ea223c92c,v:19.8.473,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_NuuqZbaFOKCWx_AP966o0A0&cbFunctionName=goog_wrapCb_NuuqZbaFOKCWx_AP966o0A0&true_pb=
Request Chain 345
  • https://fw.adsafeprotected.com/rfw/st/1874223/77019482/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=20843742424&bidurl=https://www.mlive.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0i9gASSZv26r_AbaAPxweKG&adContainerId=brand_safety_N-uqZavmA9WojuwPj7WlwAE&cbFunctionName=goog_wrapCb_N-uqZavmA9WojuwPj7WlwAE&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.mlive.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.mlive.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:7a03b63b-3834-3415-db72-ecf614054dec,c:1MKNRK,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-bkjrm,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:u1QA0xA+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C154%7C155%7C16*.1874223-77019482%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C18%7C19,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:22,oid:b7928129-b712-11ee-88d4-6eb9b19baff0,v:19.8.473,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_N-uqZavmA9WojuwPj7WlwAE&cbFunctionName=goog_wrapCb_N-uqZavmA9WojuwPj7WlwAE&true_pb=
Request Chain 347
  • https://fw.adsafeprotected.com/rfw/st/1874223/77019482/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=20833643169&bidurl=https://www.mlive.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jghhreLa-Nyn73wsYCYxSW&adContainerId=brand_safety_N-uqZZzlA6erjuwPm4OuoAk&cbFunctionName=goog_wrapCb_N-uqZZzlA6erjuwPm4OuoAk&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.mlive.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.mlive.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:3ba1e317-9d71-b45e-93fd-71d047da65b5,c:1MKNSL,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-vxb7j,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:u1QA0yx+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C154%7C155%7C161%7C162%7C163%7C164%7C165%7C17*.1874223-77019482%7C171%7C172%7C173%7C174%7C18%7C19,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:27,oid:b794f1ce-b712-11ee-ab05-12179ee5d5a0,v:19.8.473,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_N-uqZZzlA6erjuwPm4OuoAk&cbFunctionName=goog_wrapCb_N-uqZZzlA6erjuwPm4OuoAk&true_pb=
Request Chain 403
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZarrNo1xK6sSCVO0lcCv5QAA%261161&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 404
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZarrNo1xK6sSCVO0lcCv5QAABIkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENfPjUKncNGMhHjbYuI3PJc&google_cver=1
Request Chain 405
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZarrNo1xK6sSCVO0lcCv5QAABIkAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZarrNo1xK6sSCVO0lcCv5QAABIkAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 407
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329529971518225
Request Chain 409
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1705786555
Request Chain 410
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8946718288451835428

413 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mlive.com/ 		454 KB
84 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
d0f7ce6332bb03bbcd16077e6af3c2d405c49e988d54c19849a8d126c3abf48d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-true-ttl
-1
cache-control
private, max-age=60
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Fri, 19 Jan 2024 21:35:47 GMT
etag
W/"70507-WvX6zFzeXrfjvyxC4XOn1HI77po"
expires
Fri, 19 Jan 2024 21:36:47 GMT
last-modified
Fri, 19 Jan 2024 21:35:26 GMT
prerender-cache-tag
prerender-advancelocal-mlive-prod-b308edcd
referrer-policy
no-referrer-when-downgrade
server
openresty
server-timing
cdn-cache; desc=HIT edge; dur=55 origin; dur=0 ak_p; desc="1705700147163_389027511_333183160_5439_10277_38_81_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 83221 0 pmb=mRUM,2
x-amz-cf-id
K3rTR9TZsK20C9nay2qnF9t54-tR8fxtzc8i6hLm2QVx1YJKh3oJBA==
x-amz-cf-pop
FRA56-P7
x-arc-pb-request-id
a14a59ce-4c74-44cd-99c0-dce8dfedc188 14adbca6-7513-45c7-9de5-9f624dab6c8f
x-arc-request-id
0.b7163017.1705700147.13dbf8b8
default.css
www.mlive.com/pf/dist/components/output-types/ 		45 B
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/output-types/default.css?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 21:35:47 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700147.13dbfaa1
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705700147516_389027511_333183649_5500_9108_38_0_255";dur=1
content-length
57
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:48 GMT
server
openresty
etag
"534bb0614e61e484cae7d5dc8ecc424c"
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
oZ3q3hHwFtQgtiGn-JsJE2kau2f8ggqjrdb3tMAx981ZLsppFhMKFQ==
expires
Sat, 18 Jan 2025 21:35:47 GMT
default.css
www.mlive.com/pf/dist/components/combinations/ 		454 KB
68 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
bf953a14fd997f3fa2c67f2895bac7f2dd57ea39188d6bd6ba54e2839550d300
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 21:35:47 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ORD56-P6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700147.13dbfaa2
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705700147515_389027511_333183650_5359_7504_38_0_255";dur=1
content-length
68817
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:47 GMT
server
openresty
etag
W/"a2d52e6560fd2b0423d6742ba4813d36"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
26qbiLwNi7Tr-tQr5ui_dgwD4TJ8xbzje9zcdHNVB-z4hr8ThyEN9g==
expires
Sat, 18 Jan 2025 21:35:47 GMT
style.css
www.mlive.com/pf/resources/dist/mlive/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3f4ed00e423237a4e09c3776a9f65599fdcaca98da414e20f292c076a6abce7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 21:35:47 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700147.13dbfaa3
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705700147515_389027511_333183651_5358_7536_38_0_255";dur=1
content-length
522
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:46 GMT
server
openresty
etag
W/"f22df5693f5733872492ad90b16bc616"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
6avZnw-2DreZnagY9mch92wwO7OCbR_NhwhrcF5cVQcOAUjot-DZsg==
expires
Sat, 18 Jan 2025 21:35:47 GMT
react.js
www.mlive.com/pf/dist/engine/ 		374 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/engine/react.js?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
3b840d8070796f53501ddcb715cecf4df01336619cdf30101a8398d6e46727a3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 21:35:47 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700147.13dbfc12
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705700147730_389027511_333184018_3921_7332_38_0_146";dur=1
content-length
110455
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:48 GMT
server
openresty
etag
W/"ccc259d6ab97cbe69f9e868aad99c24e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
e2LAmi1cCiSSp4yTsP-e3GWiaePrF8kVbOLKVpYaIYCjEsWQ9i1oug==
expires
Sat, 18 Jan 2025 21:35:47 GMT
default.js
www.mlive.com/pf/dist/components/combinations/ 		2 MB
538 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/dist/components/combinations/default.js?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
fc1583be60e1827aedbb3924bddd37bf229ca6be36624463c807c7a32bfd08b9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 21:35:47 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
MIA3-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700147.13dbfc13
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705700147731_389027511_333184019_3945_6764_38_0_146";dur=1
content-length
549510
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:48 GMT
server
openresty
etag
W/"f0bc0d14ce3626fa674116fc2981c17f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
3WepXBWl6DzcfjEO4Ki_U04j61iURm5bVYmuz9Poc9Uvbbg7zbz4FA==
expires
Sat, 18 Jan 2025 21:35:47 GMT
farnhamheadline-medium.woff
www.mlive.com/pf/resources/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/farnhamheadline-medium.woff?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 21:35:47 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
MIA3-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700147.13dbfaa4
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705700147523_389027511_333183652_6069_8494_38_0_219";dur=1
content-length
36831
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:46 GMT
server
openresty
etag
W/"05b85684cbf3bc11490297c50cfd67c3"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
TT1swy9FX-xHouKfctjonjkwzUMxfrdrNFbf-ZGnxgeTMaM1-Mv2_Q==
expires
Sat, 18 Jan 2025 21:35:47 GMT
farnhamheadline-semi-bold.woff
www.mlive.com/pf/resources/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/farnhamheadline-semi-bold.woff?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 21:35:47 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL58-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700147.13dbfaa5
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705700147515_389027511_333183653_5390_7388_38_0_219";dur=1
content-length
37066
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:46 GMT
server
openresty
etag
W/"c9a8222fbabe6b700baacd21dd7a1f61"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
8tk0tr6_2E4eTme1j-fPiGfkfWhO1bjW636O_uJNTMs2cT5Vmjs6lg==
expires
Sat, 18 Jan 2025 21:35:47 GMT
Inter-Regular.woff2
www.mlive.com/pf/resources/fonts/Inter/ 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/Inter/Inter-Regular.woff2?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 21:35:47 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL58-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700147.13dbfaa6
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705700147515_389027511_333183654_5396_7545_38_0_219";dur=1
content-length
98868
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:46 GMT
server
openresty
etag
"dc131113894217b5031000575d9de002"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_SRHfVFrsGOMFGBalbWgXc0K3kMsJVy4_CIMU4toq76TZfGhYOO6CA==
expires
Sat, 18 Jan 2025 21:35:47 GMT
Inter-Italic.woff2
www.mlive.com/pf/resources/fonts/Inter/ 		104 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/Inter/Inter-Italic.woff2?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
900058dffaf216c9a853e2d7e4109bfa2a58994237b2d4e5793734e4c2ecb4ac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 21:35:47 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700147.13dbfaa7
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1705700147519_389027511_333183655_5860_9520_38_0_219";dur=1
content-length
106876
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:46 GMT
server
openresty
etag
"fd26ff23f831db9ae85a805386529385"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
YQkzg3VOoDqTtbx7D58ldYE6nrcqOK9qDk8ZUMM2YTJ0fqWhILpkDg==
expires
Sat, 18 Jan 2025 21:35:47 GMT
Inter-SemiBold.woff2
www.mlive.com/pf/resources/fonts/Inter/ 		103 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/Inter/Inter-SemiBold.woff2?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 21:35:47 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL58-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700147.13dbfaa8
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705700147515_389027511_333183656_5447_7487_38_0_219";dur=1
content-length
105804
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:46 GMT
server
openresty
etag
"007ad31a53f4ab3f58ee74f2308482ce"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
W9eyyVzCNu8DVzLNQiOUzKNrDcWTUwPfZo3OEK7gzRDNYa_4mTGXJw==
expires
Sat, 18 Jan 2025 21:35:47 GMT
UGRQPHQ3JFFBTIJMGJOOBQRMJM.png
www.mlive.com/resizer/_V_0zEMIXjUEIkxCb52bidaVCWQ=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/_V_0zEMIXjUEIkxCb52bidaVCWQ=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/UGRQPHQ3JFFBTIJMGJOOBQRMJM.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
8feed7982c3fcc4545d03a29e8dd8d81fc7fcda53aaa86fb0529dfc89df56fbe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 19 Jan 2024 21:35:47 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Jan 2024 18:56:20 GMT
server
Akamai Image Manager
x-serial
512
x-check-cacheable
YES
etag
"800cd6536ab991de5644b98fbb93c5e2ee5b070e"
x-arc-request-id
0.b7163017.1705700147.13dbfc0f
content-type
image/avif
cache-control
private, no-transform, max-age=31526396
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705700147729_389027511_333184015_3821_9426_38_0_219";dur=1
content-length
6038
expires
Sat, 18 Jan 2025 18:55:43 GMT
iabCcpaIntegrationScript-noGAM.js
cdn.cookielaw.org/opt-out/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 19 Jan 2024 21:35:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ZkLmnzyu8aoAQNwZHm6Yqw==
age
53553
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bf9deafd-201e-0065-58ff-2197c7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
848235a37ea8907c-FRA
logo_main.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_main.svg?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 21:35:47 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
MIA3-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700147.13dbfaa9
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705700147515_389027511_333183657_5408_7092_38_0_182";dur=1
content-length
660
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:47 GMT
server
openresty
etag
W/"351c57e1a77c618772f5966a7f2094ee"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
a1MdWzGOTVro6E4o8-fONzwWAOHtSg-bv24Z0Hj-zmtTf9T8beTIZg==
expires
Sat, 18 Jan 2025 21:35:47 GMT
logo_main_sm.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_main_sm.svg?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 21:35:47 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
MIA3-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700147.13dbfaaa
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705700147515_389027511_333183658_5370_8028_38_0_182";dur=1
content-length
902
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:47 GMT
server
openresty
etag
W/"cb98cda61d359616349bbc2a92540ddb"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
r4svYrANUm3LcAUP2egSKJ0z8xWjdsBx7GnjqJz_erZOXX4nqhQtIg==
expires
Sat, 18 Jan 2025 21:35:47 GMT
social-monochrome.svg
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/social-monochrome.svg?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 21:35:47 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL58-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700147.13dbfc10
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705700147729_389027511_333184016_3805_10059_38_0_219";dur=1
content-length
603
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:47 GMT
server
openresty
etag
W/"7819fa78e2e7770bb40587187d83cb87"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
Kzq-_Ib75N40MiEcko5vdMIc-2YWURKEIwrJ-FbNzmX-rhJurSr4yg==
expires
Sat, 18 Jan 2025 21:35:47 GMT
logo_footer.png
www.mlive.com/pf/resources/images/mlive/logos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/logos/logo_footer.png?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
0c1194491324f0e5b99036c8ae0ad83d12f0f21d841cc31eae81caf10c05d76b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 19 Jan 2024 21:35:47 GMT
x-check-cacheable
YES
x-arc-request-id
0.b7163017.1705700147.13dbfc14
server-timing
cdn-cache; desc=HIT, edge; dur=10, ak_p; desc="1705700147732_389027511_333184020_4953_12046_38_0_146";dur=1
content-length
1398
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:29:07 GMT
server
Akamai Image Manager
x-serial
1951
etag
W/"be8042e858f0c6b5cd87834c8aafe76d"
content-type
image/avif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31431281
expires
Fri, 17 Jan 2025 16:30:28 GMT
AdvanceLocal_horizontal.svg
www.mlive.com/pf/resources/images/common/logos/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/logos/AdvanceLocal_horizontal.svg?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
702c805fec65a8cc8c6c40aed34123b021e5ed6107cc6dfdebc4b0fc2e229887
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 21:35:47 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
MIA3-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700147.13dbfc11
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705700147730_389027511_333184017_3974_8074_38_0_182";dur=1
content-length
3554
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:47 GMT
server
openresty
etag
W/"3770993da506fb6d4bbccfcdcc3a4800"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
NDWOGm_v_buzlp0NMi52vgCuBxyOu71mlhFJwDCKt3lUKjLH8XtQvw==
expires
Sat, 18 Jan 2025 21:35:47 GMT
privacyoptions29x14.png
www.mlive.com/pf/resources/images/common/icons/ 		572 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/privacyoptions29x14.png?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
2a70c011ae2744e9d6486d31e25e621e6d7c5334224c69f04409012afba00c2b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 19 Jan 2024 21:35:47 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:29:07 GMT
server
Akamai Image Manager
etag
W/"3becc0b0069622544a1ffb2da90eebe3"
x-arc-request-id
0.b7163017.1705700147.13dbfc15
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31431224
server-timing
cdn-cache; desc=HIT, edge; dur=87, ak_p; desc="1705700147730_389027511_333184021_12547_8932_39_0_146";dur=1
content-length
572
expires
Fri, 17 Jan 2025 16:29:31 GMT
ad-choices-arrow.png
www.mlive.com/pf/resources/images/common/logos/ 		184 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/logos/ad-choices-arrow.png?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
000875f535d3c8342137670778185a66af35c904fd6d5e5f19fb57438eea12db
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 19 Jan 2024 21:35:47 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:29:15 GMT
server
Akamai Image Manager
etag
W/"c6e75cc6be8dcb2f2d1ab36209f3c3b7"
x-arc-request-id
0.b7163017.1705700147.13dbfc16
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31431173
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705700147730_389027511_333184022_3901_9149_38_0_146";dur=1
content-length
184
expires
Fri, 17 Jan 2025 16:28:40 GMT
sophi.min.js
cdn.sophi.io/advancelocal/ 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sophi.io/advancelocal/sophi.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b9afeb90db17ffa772a8bbc38f8ae37524ac4c0660dfc228f528cfe36a38d53d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 03:10:56 GMT
x-amz-version-id
.qZXsiAWjTa0yWFLcXE5U.grm2eEgIL7
content-encoding
br
last-modified
Mon, 27 Feb 2023 17:38:35 GMT
server
AmazonS3
via
1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
etag
W/"0915af152c652f927c398faa26e9904b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
66291
x-amz-cf-id
hWAvZGrio6Ko0NwyVvzw0sb8kR3Cyj1y-OhMDgSqxW0pA9orlCIokw==
al-mlive.segments.min.js
apps.sophi.io/latest/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.sophi.io/latest/al-mlive.segments.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0709e11f34bb1e47193a170bc8baf94732a32a867443b29be840c550cc03981d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
5x.gfjtiZoE7IFt5eELjKuStLmrI5ZXL
content-encoding
gzip
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
date
Fri, 19 Jan 2024 21:35:31 GMT
last-modified
Thu, 09 Feb 2023 19:54:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
age
17
x-amz-server-side-encryption
AES256
etag
W/"25a09f4745cf7bc62917c4a8bea2a575"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=0
x-amz-cf-id
0DbFHgi2L6Nia7_v18zwx6lH5KCj16bBI_ZSJXbDww1jkFIGa9J6Cg==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 19 Jan 2024 21:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
FWT01iLvZ++xUAz3aesSug==
age
62856
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6841
x-ms-lease-status
unlocked
last-modified
Thu, 18 Jan 2024 03:30:15 GMT
server
cloudflare
etag
0x8DC17D5C943CD25
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3072541c-501e-00a4-5d84-4a3025000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
848235a37ea9907c-FRA
3d27c0d9c071fc88e68e2cb
zephyrlabyrinth.com/scripts/3cdd00adbd84b/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zephyrlabyrinth.com/scripts/3cdd00adbd84b/3d27c0d9c071fc88e68e2cb
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
2d89346a207a8fa660ac40fbebb4296574f469b31b4e1189288c84a8c662d1bd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Fri, 19 Jan 2024 21:35:47 GMT
x-datacenter
gce-europe-west1
etag
"2854b3f1ba5b4367dd114884f5ff2a5f7e5cd23ea2e6aecb43f8a278675ddd17"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-lbtz
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3100:795::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:47 GMT
content-encoding
br
last-modified
Tue, 02 Jan 2024 18:57:19 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
x-n
S
timing-allow-origin
*
content-length
50393
gtm.js
www.googletagmanager.com/ 		488 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
45a10885433bd6967aa8f1cf13702cefc600adaae5801c65171279b3952622fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
136753
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 19 Jan 2024 21:35:47 GMT
chevron-white.svg
www.mlive.com/pf/resources/images/common/arrows/ 		864 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/arrows/chevron-white.svg?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 21:35:47 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700147.13dbfc17
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705700147729_389027511_333184023_3848_8292_38_0_219";dur=1
content-length
486
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:47 GMT
server
openresty
etag
W/"691552a6377a1dfc9eeae87d6aeb8931"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
2-UzdkFND-Jy3K_tzoEMBwCJU5otrQadz35HdMkSadgbSnE9HKh11A==
expires
Sat, 18 Jan 2025 21:35:47 GMT
podcast.svg
www.mlive.com/pf/resources/images/mlive/promo/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/mlive/promo/podcast.svg?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
b396ae4c9dc4cec9c79931da5c8993ffb15d5d6ed98a14fc00bb4d159c7dd739
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/resources/dist/mlive/css/style.css?d=1206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 19 Jan 2024 21:35:47 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
MIA3-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700147.13dbfc18
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705700147730_389027511_333184024_3915_8178_38_0_219";dur=1
content-length
2589
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:47 GMT
server
openresty
etag
W/"562343e31998148153bc8be55796e6e1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
rCe75nvkDi2fUQ-mV7JDcuXd0bW4LrrDDn85_Vc8hYJGRwPJ8juE5w==
expires
Sat, 18 Jan 2025 21:35:47 GMT
chevron-black-right.svg
www.mlive.com/pf/resources/images/common/arrows/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/arrows/chevron-black-right.svg?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 19 Jan 2024 21:35:47 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD55-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700147.13dbfc19
server-timing
cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="1705700147730_389027511_333184025_4289_8148_38_0_219";dur=1
content-length
746
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:47 GMT
server
openresty
etag
W/"4347be806f2c6a630a5407afb75ab920"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
blFZUEapNShJhrxxO0FvzY49D_JQ34ggZwio26uSLTtgNnP2u8TBMQ==
expires
Sat, 18 Jan 2025 21:35:47 GMT
Inter-Bold.woff2
www.mlive.com/pf/resources/fonts/Inter/ 		104 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mlive.com/pf/resources/fonts/Inter/Inter-Bold.woff2?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1206
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 21:35:47 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
JFK50-P5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700147.13dbfc1a
server-timing
cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1705700147730_389027511_333184026_4282_7949_38_0_255";dur=1
content-length
106140
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:46 GMT
server
openresty
etag
"444a7284663a3bc886683eb81450b294"
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
font/woff2
access-control-allow-origin
*, *
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
fiSNsIEYrzhU3qMnlCKpVMx0LXUSa-ZdPsECH-IidNNBaqoAds3OXQ==
expires
Sat, 18 Jan 2025 21:35:47 GMT
7ZHAT5KP55CUTIHPEKHB7YJ72I.jpg
www.mlive.com/resizer/_My-t0sRh9hLyglCKn3LkaYDb2k=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/_My-t0sRh9hLyglCKn3LkaYDb2k=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/7ZHAT5KP55CUTIHPEKHB7YJ72I.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
b09261a8172c5583df6dc9ccdee21913ed41bc0a8e105a03cb0d93a3e16dc9e0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 19 Jan 2024 21:35:47 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Jan 2024 16:56:12 GMT
server
Akamai Image Manager
etag
"2b4cdb2aaef105d29e4ac159ba60b5ac7568dafb"
x-arc-request-id
0.b7163017.1705700147.13dbfc1b
content-type
image/avif
cache-control
private, no-transform, max-age=31173603
server-timing
cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1705700147730_389027511_333184027_4240_8195_38_0_146";dur=1
content-length
18498
expires
Tue, 14 Jan 2025 16:55:50 GMT
FYOVQR2RHBFZDA6CMVNDINPMWI.JPG
www.mlive.com/resizer/vp6bijQ78KeXK7mAbxqVf58qGDs=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/vp6bijQ78KeXK7mAbxqVf58qGDs=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/FYOVQR2RHBFZDA6CMVNDINPMWI.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e95291a130ec1ba08ed18cdc551e29439401a31daf0896307e72064d792da0c1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 19 Jan 2024 21:35:47 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Jan 2024 18:43:46 GMT
server
Akamai Image Manager
x-serial
1475
x-check-cacheable
YES
etag
"dec3269dfc0eed91842ca5dd652bd03dd9843956"
x-arc-request-id
0.b7163017.1705700147.13dbfc1d
content-type
image/avif
cache-control
private, no-transform, max-age=31525693
server-timing
cdn-cache; desc=HIT, edge; dur=28, ak_p; desc="1705700147745_389027511_333184029_7927_13379_39_0_146";dur=1
content-length
22919
expires
Sat, 18 Jan 2025 18:44:00 GMT
XXBU5H52TVHPZFMYKUB35AZYII.jpg
www.mlive.com/resizer/-9_6NIpBIglCuCKmfQDPrzBmZ48=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/-9_6NIpBIglCuCKmfQDPrzBmZ48=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/XXBU5H52TVHPZFMYKUB35AZYII.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
b6fed74b924cdb4b659d96fdba0bff7542bcf6cab9ab5ceb20756a11772a4bc6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 19 Jan 2024 21:35:47 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Jan 2024 19:57:53 GMT
server
Akamai Image Manager
x-serial
1168
x-check-cacheable
YES
etag
"e7b0ed0cd6044df11ee01c2147a09e5287053eb5"
x-arc-request-id
0.b7163017.1705700147.13dbfc1e
content-type
image/avif
cache-control
private, no-transform, max-age=31530201
server-timing
cdn-cache; desc=HIT, edge; dur=12, ak_p; desc="1705700147730_389027511_333184030_5057_8640_38_0_146";dur=1
content-length
15700
expires
Sat, 18 Jan 2025 19:59:08 GMT
LQTAV55XTZBF5KC5S73O2VGT2A.jpg
www.mlive.com/resizer/mpa_4EnRQUNI8--eRrn9iPntjec=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/mpa_4EnRQUNI8--eRrn9iPntjec=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/LQTAV55XTZBF5KC5S73O2VGT2A.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
faffc677dfc60c6527146ac91caaf6a0b82ef60169a1dc9b4c2e68060a433335
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 19 Jan 2024 21:35:47 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 23:02:05 GMT
server
Akamai Image Manager
x-serial
1516
x-check-cacheable
YES
etag
"7114c7caa34996e9442ef521d765cc6bf3001abf"
x-arc-request-id
0.b7163017.1705700147.13dbfc49
content-type
image/avif
cache-control
private, no-transform, max-age=31454788
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705700147764_389027511_333184073_6823_11527_39_0_146";dur=1
content-length
18111
expires
Fri, 17 Jan 2025 23:02:15 GMT
6PCJM6PBOZA23LY2IAR6W5C4IM.jpg
www.mlive.com/resizer/ofshivtaYOi4QPqPb1c1EV9x28A=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/ofshivtaYOi4QPqPb1c1EV9x28A=/600x450/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/6PCJM6PBOZA23LY2IAR6W5C4IM.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
b8118b879770d1974b54886ae9a822090ada9fe8d12d7fc67f7a8764ae269c81
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 19 Jan 2024 21:35:47 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Jan 2024 15:21:20 GMT
server
Akamai Image Manager
x-serial
1245
x-check-cacheable
YES
etag
"3b961bb095513b7a23aa85e923fefc212f08ed9d"
x-arc-request-id
0.b7163017.1705700147.13dbfc4a
content-type
image/avif
cache-control
private, no-transform, max-age=31513541
server-timing
cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="1705700147764_389027511_333184074_7254_11409_39_0_146";dur=1
content-length
7504
expires
Sat, 18 Jan 2025 15:21:28 GMT
SY6LMQMFJZEJTDNWZ3SCCKVHNY.jpg
www.mlive.com/resizer/eMdNMvKXJohNGmW9j2dwokixVoE=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/eMdNMvKXJohNGmW9j2dwokixVoE=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/SY6LMQMFJZEJTDNWZ3SCCKVHNY.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
206bc8642d99c7410b6e25e672cca8d13d8c70ac2821ee6fefe896eb35a7c3b7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 19 Jan 2024 21:35:47 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Jan 2024 19:53:22 GMT
server
Akamai Image Manager
x-serial
845
x-check-cacheable
YES
etag
"1604be15101ba54a92b439c637580a41b625900b"
x-arc-request-id
0.b7163017.1705700147.13dbfc4b
content-type
image/avif
cache-control
private, no-transform, max-age=31529909
server-timing
cdn-cache; desc=HIT, edge; dur=66, ak_p; desc="1705700147776_389027511_333184075_14175_11361_39_0_146";dur=1
content-length
12167
expires
Sat, 18 Jan 2025 19:54:16 GMT
KDZKTI33L5F5PKUGOQN5CLEZ44.PNG
www.mlive.com/resizer/urZAOmVm7QHkH6d4iph9IKzDbcY=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/urZAOmVm7QHkH6d4iph9IKzDbcY=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/KDZKTI33L5F5PKUGOQN5CLEZ44.PNG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
01d8dfbe899ce45481cde63e6a59c11532a8323f9715e37dc69320c31bd76d13
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 19 Jan 2024 21:35:47 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Jan 2024 17:58:49 GMT
server
Akamai Image Manager
etag
"d182f6db4794b2b90756b18fe4bc1e3d43efb849"
x-edgeconnect-cache-status
1
x-arc-request-id
0.b7163017.1705700147.13dbfc4c
content-type
image/avif
cache-control
private, no-transform, max-age=31522871
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1705700147764_389027511_333184076_6777_11345_39_0_146";dur=1
content-length
17103
expires
Sat, 18 Jan 2025 17:56:58 GMT
6PWAWGTKTFHOZF4VJALHFHE3VU.png
www.mlive.com/resizer/E_SBdBwDTPmFzW1W9Ys3p6soZmc=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/E_SBdBwDTPmFzW1W9Ys3p6soZmc=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/6PWAWGTKTFHOZF4VJALHFHE3VU.png
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
61c6d55944664ea05fc63a29cba6ef737c7a961f22e616cd2b7e9dc6139aa5fd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 19 Jan 2024 21:35:47 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 08 Nov 2023 21:33:21 GMT
server
Akamai Image Manager
x-serial
332
x-check-cacheable
YES
etag
"b063eca7a2bb6a72c86a58e25b50ed32efb5ddaa"
x-arc-request-id
0.b7163017.1705700147.13dbfc4d
content-type
image/avif
cache-control
private, no-transform, max-age=30710299
server-timing
cdn-cache; desc=HIT, edge; dur=59, origin; dur=0, ak_p; desc="1705700147766_389027511_333184077_12736_12640_39_0_146";dur=1
content-length
7619
expires
Thu, 09 Jan 2025 08:14:06 GMT
AHPC7WHF45EWLECEQNF5PQEFMM.JPG
www.mlive.com/resizer/7iJHuud_oPeUcppdf_sBSU1YYJg=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/7iJHuud_oPeUcppdf_sBSU1YYJg=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/AHPC7WHF45EWLECEQNF5PQEFMM.JPG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
da61423d470b45048f857e630633899cfeb8818c58132d479fe0160f1f358aa6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 19 Jan 2024 21:35:47 GMT
x-check-cacheable
YES
x-arc-request-id
0.b7163017.1705700147.13dbfc4e
server-timing
cdn-cache; desc=HIT, edge; dur=76, ak_p; desc="1705700147765_389027511_333184078_14270_11279_39_0_146";dur=1
content-length
24047
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Jan 2024 18:51:31 GMT
server
Akamai Image Manager
x-serial
902
etag
"740ee2e4a54510c34d7a96472e94f839608bece5"
x-edgeconnect-cache-status
1
content-type
image/avif
cache-control
private, no-transform, max-age=31526140
expires
Sat, 18 Jan 2025 18:51:27 GMT
92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd4831ce5e4604e3554bea94ceb387ef7d7bad029a81853464e741211a5e5f23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 19 Jan 2024 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
82691
content-md5
FJZTKvfUq+KQjAWVwn5ytw==
content-length
1959
x-ms-lease-status
unlocked
last-modified
Tue, 02 Jan 2024 21:54:28 GMT
server
cloudflare
etag
0x8DC0BDD64FB9152
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7513a50d-901e-003d-63c6-3d4f98000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
848235a558b19b25-FRA
expires
Sat, 20 Jan 2024 21:35:48 GMT
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
600
content-length
0
date
Fri, 19 Jan 2024 21:35:48 GMT
server
nginx
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/advancelocal/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 19 Jan 2024 21:35:48 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
skeleton.gif
static.adsafeprotected.com/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=zaaegs_728x90_
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
3384365
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
Garl749UrT0jvuaYqWW8FhR5Lusr243xyg9IKJCUTDWbIQ3pwXVmeg==
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		68 B
235 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/iabCcpaIntegrationScript-noGAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
848235a69d889164-FRA
vary
Accept-Encoding
content-type
text/javascript
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
848235a6d8643655-FRA
access-control-allow-headers
Content-Type
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efffe0562bfcd5cb285e52b35a8f953a0b5318f364b4e9b67bfcddef83b45a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29541
x-xss-protection
0
server
cafe
etag
361 / 19741 / m202401160101 / config-hash: 15866861927224639442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 19 Jan 2024 21:35:48 GMT
10071.js
micro.rubiconproject.com/prebid/dynamic/ 		537 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/10071.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
cf1983cc4f67382a213de3a21f7b0b7e765caab56b81ba58b70d18d069b67f35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:48 GMT
content-encoding
gzip
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-10071_MI_Desktop_Mobile.js
content-type
text/javascript;charset=UTF-8
cache-control
public, must-revalidate, max-age=14400
content-length
155151
expires
Sat, 20 Jan 2024 10:40:58 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fdd7dee6d9646659484627be1b021802c63b5aad59e54578fc78907d7656122f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:13:49 GMT
content-encoding
gzip
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront), 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
last-modified
Thu, 18 Jan 2024 20:22:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
1320
x-amz-server-side-encryption
AES256
etag
W/"52fe24770c24b721be36a89d69576119"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
QazIsoJdLy3cEba-LZX4GgoWNRup5SLpk4AlvEkL7MjJ8phVY7dkZg==
lt.min.js
tags.crwdcntrl.net/lt/c/963/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fb1d13154b4b396d3ce77eb8294a859bef473d7d991624d266b0247c419a9ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 09:30:35 GMT
content-encoding
gzip
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified
Fri, 27 Oct 2023 11:15:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
43762
x-amz-server-side-encryption
AES256
etag
W/"acf40b9beb60ff814c409d1a2b654497"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
QB2jspCDoKmaIroXmNNzfYhc9dQ7SukPJzdbDkK3R5buOLn4YmlZ8g==
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
q9b9clsZLLfdBtwdmheOfdbmJj61AqqK
date
Fri, 19 Jan 2024 21:35:48 GMT
content-encoding
br
last-modified
Wed, 16 Aug 2023 09:22:55 GMT
x-amz-request-id
C6B5FEERVA1A11H6
etag
"ee3af1e29ac1607ef3d41c515d1e05ad"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3418
x-amz-id-2
zrivopb8YEnYj76syfolsN2/G891f+L5/Thj2bsdzYEVCrwk33PBlctD+xqoN46vnP3lMYcuYrw=
script.js
h312.mlive.com/ 		139 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/script.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-105.fra56.r.cloudfront.net
Software
- /
Resource Hash
ee9d11c373870aee4391c291c71c32919add23f19e67b5da86421d8d067c60a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
age
393
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
42761
x-xss-protection
1; mode=block
last-modified
Fri, 19 Jan 2024 21:29:02 GMT
server
-
etag
5c45f35780f8bb4bd55c5b3f4f0e65a0
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
5ouBniznVC78Pe849jIr7mcY-JxLN2SWFoFLkZTTjvS2mFB2eTHa2A==
expires
Fri, 19 Jan 2024 21:39:15 GMT
moatheader.js
z.moatads.com/advanceddigitalheader640552616592/ 		242 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
22e73aa72fd7f4df68fab3940ac0961a7535ae8c50bf753125e658b388280113

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:48 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 10:57:45 GMT
server
AmazonS3
x-amz-request-id
YJQ4X9Z5E41QV8HX
etag
"dc1b701c40250188dc9ea8fca26d2d98"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43280
accept-ranges
bytes
content-length
86532
x-amz-id-2
xJaTglvXIT0BmU8LnVZ0Lgi8NZEd7aV1mzcnuZLrpLEp4iHwKCsdhLVSbBVuHPxmQPgXLoBPTy8XVl39veMjqFIje8ITLoPw8uBPZKmwAAk=
ats.js
ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ 		157 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-19.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fcef857804b8d1cf1fa3a19dc80b9b2d92f344332538b39585706b228534a3f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
16lvTSFUApQaXENO5lQT92wT39YBTdKZ
content-encoding
gzip
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
date
Fri, 19 Jan 2024 21:08:05 GMT
last-modified
Thu, 14 Dec 2023 12:38:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
1664
x-amz-server-side-encryption
AES256
etag
W/"f670b565db91584d0a525e0851d49a56"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
2nSd9__JbSlLfjWhxWvzJHOdfoD1uUF5c9z1qNLZbh9nv9cWUDRKtg==
swg.js
news.google.com/swg/js/v1/ 		206 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5409ed14e9dff7a05818b8dbedd143cf9dbfb9dafc9cb643c7c8b7b75ed94d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60638
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 19:56:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Jan 2024 22:01:32 GMT
load
experience.tinypass.com/xbuilder/experience/ 		338 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
date
Fri, 19 Jan 2024 21:35:48 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Jan 2024 21:02:55 GMT
server
cloudflare
age
1973
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
848235a81fdc30e8-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
6pvtrb6zko
expires
Fri, 19 Jan 2024 22:05:48 GMT
icon-menu-outline.svg
www.mlive.com/pf/resources/images/common/icons/ 		523 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/icon-menu-outline.svg?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
3f5684bf5aa4a6eb5c9015394c8739dff39377a73adf72c30ba511d0ab5b50f3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1206
Origin
https://www.mlive.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
date
Fri, 19 Jan 2024 21:35:48 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL58-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700148.13dc00c7
server-timing
cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="1705700148492_389027511_333185223_592_10832_42_0_219";dur=1
content-length
278
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:47 GMT
server
openresty
etag
W/"ef41b0e325b0902f9a8781e21cc20457"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
image/svg+xml
access-control-allow-origin
*, *
cache-control
public, max-age=31536000
x-amz-cf-id
f-apIdl9-WH-fyDVkDO7ZgIKxauqGN2VAln_rd-o6wFAR3V8s_et1g==
expires
Sat, 18 Jan 2025 21:35:48 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jan 2024 19:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6459
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 19 Jan 2024 21:48:09 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-70.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 06:35:14 GMT
Via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P3
Age
54034
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
ceqMp7DTuxAdS9uLHdeLUrtEQaRlpEWK9YbVovZNSPuwolvCy3Ea2w==
Expires
Sat, 20 Jan 2024 06:35:14 GMT
load.js
s.ntv.io/serve/ 		621 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.53.165.218 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a84-53-165-218.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
573d17471db486e8c1db97968103afd30442952396917f633312ab4b0fc2bcf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 21:35:48 GMT
Content-Encoding
gzip
x-amz-request-id
90ASG4EHD56FKRCJ
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
PveM5PCVgl/4HAqle+uY7HmaHK+Y44y5XAx1d612JkqQkg0GbIJdDSM9jT3zS9N1nwww4UszQ1A=
Last-Modified
Wed, 17 Jan 2024 18:43:59 GMT
Server
AmazonS3
ETag
"84c06ac06d449c75d911853d474891fa"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 02:20:26 GMT
content-encoding
gzip
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
69939
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
rxWB7OQxHuNpdG2K_8xtijQ85xNECXVCdD69Jmq3NyfSSzhkn4DJ5g==
fbevents.js
connect.facebook.net/en_US/ 		213 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7d32db5e7f8166ca472c3703592e17b044a0bfd5b49150c5c888a20164105b08
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 19 Jan 2024 21:35:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57023
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
IPfodGG9Jpeg1loz2TIDvw8Wb01dxoInCCaZ3Ud+9KORppH5AbPRRWWV5obyRhSf1Ug0uzYAdQJ3bxBFestgtA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:48 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-etou8220103-FRA
insight.min.js
snap.licdn.com/li.lms-analytics/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Jan 2024 16:29:26 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=42215
accept-ranges
bytes
content-length
15732
ml.br.js
js.matheranalytics.com/static/ltm/ma63527/all/17/
Redirect Chain
  • https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1645
  • https://js.matheranalytics.com/static/ltm/ma63527/all/17/ml.br.js
149 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma63527/all/17/ml.br.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
6bfe280c501d01dc9b39511ab8b8f9346efdf243c3db60a935f108c8e36b56d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 17:37:36 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 13 Oct 2023 19:41:13 GMT
server
nginx
age
14292
etag
"d57e309468cdb5833b84963f20429014"
vary
Accept-Encoding
x-cache
HIT Fri, 13 Oct 2023 19:49:11 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44099

Redirect headers

date
Fri, 19 Jan 2024 21:35:48 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma63527/all/17/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-served-by
6-gc-europe-west6-8j341036
destination
www.googletagmanager.com/gtag/ 		260 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-GG8B674XK4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXFLCR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
80371c2afc0c8363e2e7cf7562727bc1a2eae8d88fad3a3f1e45c577bd76be50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89942
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 19 Jan 2024 21:35:48 GMT
client
accounts.google.com/gsi/ 		207 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.js?d=1206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c08::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c8707dba26f742f04d8a5da9ded33781ce61eb77721dd365b13ebe8421bace6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZMDtBL2FKWPkgK9MVSC7HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-ZMDtBL2FKWPkgK9MVSC7HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 19 Jan 2024 21:35:48 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202311.1.0/ 		427 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4ad3a7c4aa97b074c4d59a438bb5813ded8ad1d8bb8cf630abb4c6ee075d54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 19 Jan 2024 21:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Jal9ZuZ5o01PB+RcMoFDzw==
age
40164
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
105099
x-ms-lease-status
unlocked
last-modified
Wed, 20 Dec 2023 03:30:51 GMT
server
cloudflare
etag
0x8DC010C10DEF255
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
390b8f8c-601e-0090-780f-3303ed000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
848235a95d5c907c-FRA
user-white.svg
www.mlive.com/pf/resources/images/common/icons/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/pf/resources/images/common/icons/user-white.svg?d=1206
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/pf/dist/components/combinations/default.css?d=1206
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/pf/dist/components/combinations/default.css?d=1206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 19 Jan 2024 21:35:48 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL58-P2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.b7163017.1705700148.13dc0273
server-timing
cdn-cache; desc=HIT, edge; dur=8, ak_p; desc="1705700148698_389027511_333185651_480_10256_41_0_146";dur=1
content-length
2508
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jan 2024 16:24:47 GMT
server
openresty
etag
W/"fdc13d9553130cf8463df06e8ba5682d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
kBWfklkCiHSOpgEYFtKmqbcJMRHloaE0hJVfnteG87Imiz1k8_Qvsw==
expires
Sat, 18 Jan 2025 21:35:48 GMT
set
privacy.crwdcntrl.net/consent/ 		61 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy.crwdcntrl.net/consent/set?ct=skip&ca=1&ccd=1&cds=1&cta=1&c=963&src=LTJS
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.58.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-58-229.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
5f26dfc3f5d603822dd5eb17c772720fd8d984f3fa596f757973dabe24ebda6e

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:48 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.24.215
access-control-allow-credentials
true
content-length
61
expires
0
3178
config.aps.amazon-adsystem.com/configs/ 		532 B
797 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3178
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-30.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
918ccb31b604ae16c7341c3efaa1361f185196f26fb8a6784032c74001266f8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 20:41:41 GMT
via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
3247
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
jwPKEJ3NN4832capa8Apugkum7kL6q5lescZkPXcKLPWzB29N4LF5Q==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3178&u=https%3A%2F%2Fwww.mlive.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e5696a4c04cb9236e69390a6a84619091cfe6ce887e5747c74f3214a69419484

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:29:41 GMT
via
1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
7567
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1692
x-amz-cf-id
vKjfyJoZN-eLiBjOA_Wq7nztrdbTXYCuPgGz65CW5pkZj7vTL9o3qQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
date
Fri, 19 Jan 2024 06:05:32 GMT
x-amz-cf-pop
FRA56-P3
age
55817
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
NwnDw1-bpUrGUQqiQKPSasmDi3qEmgyLS7X6Kt_TcK2GNt87mzrY2w==
tinypass.min.js
cdn.tinypass.com/api/ 		388 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=8Gu2Z8RCvZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d01a1013f2e1428beeb351111924257112a89e6150eac8fd84c00b7a84e69b8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:48 GMT
x-amz-version-id
H7a115WEqNXFo.QtnkpxpTVDitW2prKU
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
NW6X2MS1BC46G913
age
9627
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
RiuCDVA2vUd8IuAHuUaYci1bIneeIW1xbmmIp0bGLw3s03YvR8u4RO5w9o49PWurpZj1c/strMY=
last-modified
Mon, 15 Jan 2024 07:11:57 GMT
server
cloudflare
etag
W/"aa1d660c48c990b14bcbd31be164beca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
848235aa094630e8-FRA
expires
Sat, 20 Jan 2024 01:35:48 GMT
/
geo.privacymanager.io/ 		28 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f4105e35-d596-4694-b9a4-ed81ae9873a1/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-59.fra60.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 02:00:29 GMT
via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront), 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
70519
x-amzn-requestid
45c93b68-7fd3-43bf-8061-74ae1cf6b40e
x-amzn-trace-id
Root=1-65a9d7bd-2f38fa6a4d61b2e372edbbd2;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
Rw6lnH9GjoEElbg=
content-length
28
x-amz-cf-id
D5JGnfUBwOamDdhaaSkPGgDabOPV7CP3z6SdaftnKTHCLWCz1tq1QQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
fpc
at.teads.tv/ 		0
336 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_11014&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=471b531&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 21:35:48 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.mlive.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Fri, 19 Jan 2024 21:35:48 GMT
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		17 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?&callback=bc_json1047
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.235.102.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-102-18.compute-1.amazonaws.com
Software
- /
Resource Hash
28e4c8bed7db8dc1ea3309d40f4372b4c0c520ea91af6761a07aa2e78c8a5a3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
37
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/ 		430 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 20:46:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
2947
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138162
x-xss-protection
0
server
cafe
etag
1666572220375911148
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 18 Jan 2025 20:46:41 GMT
data
bcp.crwdcntrl.net/6/ 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/963/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.210.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-210-232.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
0ee3351cb91eab4f8b449f55a653152dfdf47a8b6a00b0af7a5bd0ce460d8b9b

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:48 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.15.211
access-control-allow-credentials
true
content-length
60
expires
0
swg-button.css
news.google.com/swg/js/v1/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
934
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5195
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 21:19:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Jan 2024 22:10:14 GMT
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ 		2 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.sophi.io
URL: https://cdn.sophi.io/advancelocal/sophi.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 19 Jan 2024 21:35:49 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
tp2
ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ecollector-us-east.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.130.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8fd921d2017b5f79.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.mlive.com
access-control-max-age
600
content-length
0
date
Fri, 19 Jan 2024 21:35:48 GMT
server
nginx
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.232.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-232-182.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:48 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 19 Jan 2024 21:50:48 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 02:12:54 GMT
content-encoding
gzip
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
69775
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
fL0RZMYVOZ_186E6WiAb0P8pggAgsKMDLujZfLbQ-7GCyTe0-IeUfA==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		113 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
3K7JHCZJENBBQ898
age
1306
etag
W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
848235aaea7218c7-FRA
x-amz-id-2
bjWowwapkVSb0HP6x/GH+CsDoqfBpNJVhhNCfbhpc4shK5LQQ1/EieWWEm078S+elvhv0rXgDi4FCxQ7+vg1LA==
10071-pbjs-floors.json
ads.rubiconproject.com/floors/ 		67 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/10071-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
85fbfa04d4c2343ca39e74cccdc51a1a51bd078a1e22011132835a7d94351837

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 19 Jan 2024 21:35:48 GMT
content-encoding
gzip
last-modified
Fri, 19 Jan 2024 20:40:31 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
7198
envelope
lexicon.33across.com/v1/ 		49 B
249 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000001PAW0LAAX&gdpr=0&src=pbjs&ver=8.23.0&coppa=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 19 Jan 2024 21:35:48 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
prebid
id5-sync.com/api/config/ 		135 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 19 Jan 2024 21:35:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		43 B
316 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.58.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-58-229.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:48 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.15.159
access-control-allow-credentials
true
content-length
43
expires
0
3723
idx.liadm.com/idex/prebid/ 		0
370 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/3723?duid=94c49eadf2ac--01hmhtdhmq6dn94kj76bpprnet&resolve=nonId&resolve=uid2&resolve=index&resolve=magnite&resolve=medianet&resolve=bidswitch
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.250.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-250-100.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 19 Jan 2024 21:35:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
2
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=3599, private
access-control-allow-credentials
true
trace-id
a0b051cdf6ad490f
expires
Fri, 19 Jan 2024 22:35:49 GMT
envelope
api.rlcdn.com/api/identity/ 		0
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 19 Jan 2024 21:35:49 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
iframe.html
z.moatads.com/hd09824092/ Frame 80ED 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/advanceddigitalheader640552616592/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=1206
content-length
1374
content-type
text/html
date
Fri, 19 Jan 2024 21:35:48 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
unused62
8096267
x-amz-id-2
tXhAc64MXavoo2Ys7gL4K0CHvWdnnjW6yMDYhattkSwkbmjydK4ZTHB9EYLhbnHzR5lAnVYPFb8=
x-amz-request-id
7Y2H1YDSCY2G4ZCG
collect
region1.google-analytics.com/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=45je41h0v875661087z878133989&_p=1705700147628&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=259527336.1705700149&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1705700149&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&en=page_view&_fv=1&_nsi=1&_ss=1&ep.headline=undefined&ep.author=undefined&ep.entry_id=undefined&ep.page_type=homepage&ep.product=homepage-beta&ep.platform=desktop&ep.user_subscription_status=undefined&ep.ab_test_group_user=sub-group-b&ep.search_term=undefined&ep.targeting_codes=undefined&ep.targeting_codes2=undefined&ep.targeting_codes3=undefined&ep.targeting_codes4=undefined&ep.targeting_codes5=undefined&ep.targeting_codes6=undefined&ep.entry_tags=undefined&ep.referring_subdomain=undefined&ep.browser_cookie_region=undefined&ep.monthly_visit_number=1&ep.content_region=undefined&ep.content_topics=undefined&ep.blog_category=undefined&ep.section=Home%20Page&ep.article_date_original=undefined&ep.article_date_updated=undefined&ep.entity_type=undefined&ep.entity_value=undefined&ep.auxiliaries=undefined&ep.gigya_user_id=undefined&ep.usprivacy_cookie=undefined&ep.userid_flag=false&ep.targeting_codes7=undefined&ep.targeting_codes8=undefined&ep.targeting_codes9=undefined&ep.chrome_3p_deprecation=undefined&tfd=1961
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 21:35:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6034988&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1705700149036&ns_c=UTF-8&c3=&c4=https%3A%2F%2Fwww.mlive.com%2F&c7=https%3A%2F%2Fwww.mlive.com%2F&c8=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&c9=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-21.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:49 GMT
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
E7d_709u5QLtwXmXA2z2n5zH8gmhqhbFCLm7TcFUD1fJNtSr62Xtaw==
x-cache
Miss from cloudfront
en.json
cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/dcc11641-5af3-4d05-ba88-aa9a0907e461/ 		116 KB
26 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/92a6747a-ce11-46a4-93d3-d5b3bd38e0ac/dcc11641-5af3-4d05-ba88-aa9a0907e461/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44d1b9a191c08a9aad1680e6e927e197ee36821a4b37c90d839448ba918929be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 19 Jan 2024 21:35:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
80706
content-md5
Bj2p7Y6RmAISblJRyIrJmg==
content-length
26330
x-ms-lease-status
unlocked
last-modified
Tue, 02 Jan 2024 21:54:42 GMT
server
cloudflare
etag
0x8DC0BDD6D574B64
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
96064682-101e-000c-27c6-3dae8b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
848235abad5c9b25-FRA
expires
Sat, 20 Jan 2024 21:35:49 GMT
p.js
cdn.parsely.com/keys/mlive.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/mlive.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-61-60.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Fri, 19 Jan 2024 10:44:01 GMT
content-encoding
gzip
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
last-modified
Wed, 29 Jun 2022 14:34:05 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
39108
etag
W/"62bc62dd-df3e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
kSUB4_j7Nn7z4fk20xlOAOu3yx8h1X03g34KvALf2EWrv_NGrdng0w==
expires
Sat, 20 Jan 2024 10:44:01 GMT
adsct
t.co/1/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=46a5d6cc-a87b-4d9c-a7da-04ce5588ee21&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=9d4a7a9d-c693-4238-9d2d-1d6385d433df&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.29
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
110
date
Fri, 19 Jan 2024 21:35:48 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
40e87baf31ca27fe
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
f354a2bf8c6c64d93fbb70439ef1169a9688d277db45b405e7258dffc0793f71
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=46a5d6cc-a87b-4d9c-a7da-04ce5588ee21&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=9d4a7a9d-c693-4238-9d2d-1d6385d433df&tw_document_href=https%3A%2F%2Fwww.mlive.com%2F&tw_iframe_status=0&txn_id=o8yo8&type=javascript&version=2.3.29
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
109
date
Fri, 19 Jan 2024 21:35:48 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
752336c3fa8af514
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
8d3b3116ab4375df58b9346a201b3edcb2819c2f54345e919b1062b03b35d915
content-length
43
/
px.ads.linkedin.com/wa/ 		0
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 19 Jan 2024 21:35:49 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 28E755A30E09496F8F1EC7AFB77E543E Ref B: FRAEDGE2019 Ref C: 2024-01-19T21:35:49Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://www.mlive.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYPU0N9S7GMYZMnLX9/og==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1705700149069&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1705700149069&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1705700149069&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&e_ipv6=AQJDKVUk5bFZ3wAAAY0jpskAKR37WvjmTIkYw014V01CkKeqiF...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1705700149069&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&e_ipv6=AQJDKVUk5bFZ3wAAAY0jpskAKR37WvjmTIkYw014V01CkKeqiFlUa3JfspsauGDP5Qk20NUf
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:49 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 39966134A3FA488FA76D29E84568F2A6 Ref B: DUS30EDGE0321 Ref C: 2024-01-19T21:35:49Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPU0OF4TBZ5P8Xri57nQ==

Redirect headers

date
Fri, 19 Jan 2024 21:35:49 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 9554328801194567ADCDB587CA2F0BB5 Ref B: FRAEDGE2019 Ref C: 2024-01-19T21:35:49Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3252378&time=1705700149069&url=https%3A%2F%2Fwww.mlive.com%2F&tm=gtmv2&cookiesTest=true&e_ipv6=AQJDKVUk5bFZ3wAAAY0jpskAKR37WvjmTIkYw014V01CkKeqiFlUa3JfspsauGDP5Qk20NUf
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPU0OBDLsIchwPaf5PaA==
120978121945017
connect.facebook.net/signals/config/ 		145 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/120978121945017?v=2.9.141&r=stable&domain=www.mlive.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
009b647f56f4608e97285885d950830fe9976284b8ba22be0c4e6685a762eb00
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 19 Jan 2024 21:35:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
37874
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
WOIDkbsQiDmAA2xnzNzlmFq72N/7mPKlms7ggt5ZvMMWwrjjm8ZzaCi0NR6Cf/OQt/qocZFucWLQshWZ9Nm6Iw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
style
accounts.google.com/gsi/ 		533 B
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c08::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nlpiWM-XUUuMDcU5gFLvRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-nlpiWM-XUUuMDcU5gFLvRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 19 Jan 2024 21:35:49 GMT
status
accounts.google.com/gsi/ 		40 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=339703812340-kido2ms26ssegr4jpn27vo7ro7hgkjme.apps.googleusercontent.com&as=4jMqKwynvnQthnPlldxFXA
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c08::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc9e655a5f38f242850d48b077d08edc7085ff3e94440c1296d8d2db0043aacf
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-FZ0vDOAnp1iGEwzScwnfWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-FZ0vDOAnp1iGEwzScwnfWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&ptype=homepage&prem=0&sec=Home%20Page&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=17&tvcfg=all&tid=ba5df3d3-c2e5-401a-8237-749e2e9be81f&pid=caee0ffe-279e-4742-afd5-80498fce2f2f&dtm=1705700149169&qnm=_matherq&visible=1&tabid=35c06796-7ac2-424d-adf9-1aec59f260ad&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x13503&tofa=1705700149&vid=1&lvidt=1705700149&duid=50d28e3c-3c15-429c-89c7-a96038e677a0&fp=3292556798&cid=ma63527&mrk=484602605&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcwNTcwMDE0NzA2MSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxOS4zbWIiLCJoZWFwVCI6IjI2bWIiLCJmc3RQYWludCI6IjY5NyIsImZldGNoUyI6IjAiLCJkb21haW5TIjoiNDkiLCJkb21haW5FIjoiNDkiLCJjb25uUyI6IjQ5IiwiY29ubkUiOiIxNjkiLCJzc2xTIjoiODgiLCJyZXF1UyI6IjE3MCIsInJlc3BTIjoiMjczIiwicmVzcEUiOiI3NjUiLCJkb21Mb2FkIjoiMjc4IiwiZG9tSW50ZXIiOiI4NjMiLCJkb21Mb2FkUyI6IjEwNjUiLCJkb21Mb2FkRSI6IjEwNzYifSwiaWRlbnRpdGllcyI6W3sidHlwZSI6ImdhIiwiaWQiOiIyNTk1MjczMzYiLCJyZWZUaW1lIjoiMTcwNTcwMDE0OTE2OCJ9XSwidXNlckRhdGEiOnsiaXNMb2NhbCI6IjAifX0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.1.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-1-107.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 19 Jan 2024 21:35:49 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3178&u=https%3A%2F%2Fwww.mlive.com%2F&pid=Vy6JpTh3DP1xG&cb=0&ws=1600x1200&v=24.116.2102&t=1500&slots=%5B%7B%22sd%22%3A%22ad-small-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22desktop-InFeed_Right%22%7D%2C%7B%22sd%22%3A%22ad-small-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22desktop-InFeed_Left%22%7D%2C%7B%22sd%22%3A%22ad-large-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22desktop-InFeed_Right%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:49 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
XW2M2XEKBBRB4C1SJK5Q
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
UrMWf8UxfXBQrrpMBB8FSv3vEdMWjZXXK1EcKpKo1Sd7SJuFxEM26Q==
ads
securepubads.g.doubleclick.net/gampad/ 		691 B
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3190671483869847&correlator=828334333725580&eid=31080564%2C31079963%2C44807746%2C31079724%2C31068826%2C31080117&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=728x91%7C970x91&ifi=1&sfv=1-0-40&fsbs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705700149252&lmt=1705700126&adxs=0&adys=13507&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mlive.com%2F&vis=1&psz=728x4&msz=728x0&fws=4&ohw=728&ga_vid=259527336.1705700149&ga_sid=1705700149&ga_hid=1095691862&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJDQwMTBhZjUyLTUzY2MtNGU1OS1hZDUyLWYxOTUyNWU3NTYxZFgB&dlt=1705700147339&idt=1838&prev_scp=rg_adslot%3DInFeed_Center_Wide_Adhesion%26rg_atf%3Dtrue%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Center_Wide_Adhesion%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3Ddesktop-InFeed_Center_Wide_Adhesion%26rg_a9%3DAdvance_MI_ATF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta&cust_params=ccaud%3D%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_cdlabel%3Da%26rg_platform%3Ddesktop&adks=2024654923&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1d0d52c15fd5c4966cfef2fee1e3cd94369dea0c8982dab92a353c7a7118053
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
338
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DD63 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 21:35:49 GMT
expires
Sat, 18 Jan 2025 21:35:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
t
jadserve.postrelease.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.mlive.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.251.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-251-250.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cab5dfcbef72f9520887ece2e13aecab9d0d134e87e5b242d5a8568c0e6866c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:49 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
1727
expires
Mon, 1 Jan 1990 12:00:00 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 21:35:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
map
bcp.crwdcntrl.net/6/ 		60 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.210.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-210-232.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ad7eb3cec2ef6898f6fa6221ba2abe2bf62cee76ff62d4081832a4cf2ccce092

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:49 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
x-server
10.45.9.132
access-control-allow-credentials
true
content-length
60
expires
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
aedbab3d401de0c838fd7454b765d9aea9eafa12e66c82290b9caae8fb8281f9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 19 Jan 2024 21:35:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
advancelocal
direct.adsrvr.org/bid/bidder/ 		0
397 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/advancelocal
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.223.6.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a8c33d2b6751b365d.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 19 Jan 2024 21:35:49 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
prebid
prebid.media.net/rtb/ 		338 B
644 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU211111
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
53ceb8e5cb1d9917fcc210cefee77cfcd54b38450de0abf63cf7d6ec40312e09

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:48 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 19 Jan 2024 21:35:49 GMT
auction
display.bidder.taboola.com/OpenRTB/TaboolaHB/ 		0
215 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://display.bidder.taboola.com/OpenRTB/TaboolaHB/auction?publisher=1494809
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

x-served-by
cache-fra-etou8220099-FRA
date
Fri, 19 Jan 2024 21:35:49 GMT
via
1.1 varnish
server
nginx
x-timer
S1705700150.559193,VS0,VE12
x-cache
MISS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mlive.com
x-envoy-upstream-service-time
3
accept-ranges
bytes
x-cache-hits
0
prebid
exchange.postrelease.com/ 		0
392 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_eid=W3sic291cmNlIjoicHViY2lkLm9yZyIsInVpZHMiOlt7ImlkIjoiNDAxMGFmNTItNTNjYy00ZTU5LWFkNTItZjE5NTI1ZTc1NjFkIiwiYXR5cGUiOjF9XX1d&ntv_ptd=1134022,1134019&ntv_pas=eyIxMTM0MDE5IjpbWzMwMCwyNTBdXSwiMTEzNDAyMiI6W1szMDAsMjUwXV0sImxlbmd0aCI6Mn0=&ntv_ppf=eyJhZC1zbWFsbC0yIjp7ImJhbm5lciI6eyIzMDB4MjUwIjowLjE5LCIqIjowLjE5fSwiKiI6eyIqIjowLjE2LCIzMDB4MjUwIjowLjE2fX0sImFkLXNtYWxsLTEiOnsiYmFubmVyIjp7IjMwMHgyNTAiOjAuMjYsIioiOjAuMjZ9LCIqIjp7IioiOjAuMTYsIjMwMHgyNTAiOjAuMTZ9fSwiYWQtbGFyZ2UtMSI6eyJiYW5uZXIiOnsiMzAweDI1MCI6MC4yLCIqIjowLjJ9LCIqIjp7IioiOjAuMTYsIjMwMHgyNTAiOjAuMTZ9fX0=&ntv_pbv=v8.23.0&ntv_pb_rid=13304c446e32ef9&ntv_ppc=W3siYWRVbml0Q29kZSI6ImFkLXNtYWxsLTIiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX0seyJhZFVuaXRDb2RlIjoiYWQtc21hbGwtMSIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fSx7ImFkVW5pdENvZGUiOiJhZC1sYXJnZS0xIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19XQ==&ntv_dbr=eyJhZC1zbWFsbC0yIjowLCJhZC1zbWFsbC0xIjowLCJhZC1sYXJnZS0xIjowfQ==&ntv_url=https%3A%2F%2Fwww.mlive.com%2F
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.156.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-156-25.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:49 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mlive.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
112 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 19 Jan 2024 21:35:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		13 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10071&site_id=311380&zone_id=1580874%3B1580870%3B1580874&size_id=15&eid_pubcid.org=4010af52-53cc-4e59-ad52-f19525e7561d%5E1&rf=https%3A%2F%2Fwww.mlive.com%2F&tg_i.domain=mlive.com&tg_i.page=https%3A%2F%2Fwww.mlive.com%2F&tg_i.aupname=344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right%2Crg_platform%3Ddesktop%3B344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Left%2Crg_platform%3Ddesktop%3B344101295%2FMI%2F.*%26rg_adslot%3DInFeed_Right%2Crg_platform%3Ddesktop&tg_i.pbadslot=desktop-InFeed_Right%3Bdesktop-InFeed_Left%3Bdesktop-InFeed_Right&tk_flint=dmpbjs_v8.23.0&x_source.tid=8abd0647-0307-49b3-9974-bc3c736436e4&l_pb_bid_id=22154ed15f2b82%3B23d9102d9516a8e%3B24a080fed9bcc81&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=6b14fce7-852b-453c-ae95-fd39bb0346d3%3B06b6e028-7a7c-4b53-8e85-9549761d8773%3Bc99f92b4-ee6f-4def-809d-fbde04164dcc&rp_hard_floor=0.19%3B0.26%3B0.2&rp_maxbids=1&p_gpid=desktop-InFeed_Right%3Bdesktop-InFeed_Left%3Bdesktop-InFeed_Right&slots=3&rand=0.6187819296040002
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
367c5dee2bb14e9b8ef56fdb85568b5bb676ee5bb60606d9016e08c45e1365d9

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:49 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
540 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=488240
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cd788d35fb4536ae8289236f218bf8f7ce383731c6c479da441a002a16d3ae2

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLS2o3XAsnOt50E4FSEnHS2VsacvpZ0DdiVZlSk9LkAMErQu7t22d%2B9K6euauRSI1jltAoAZJe9vuev6WYfO8j71eURU14jgTyLI9tC0Pw9nPzoAROzcKJKnnAxG5fHU5bfpuJ7x"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
848235aeab274480-TXL
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
otFlat.json
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 19 Jan 2024 21:35:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
k/F42BQAEUqNDKd4RaNADA==
age
8059
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Wed, 20 Dec 2023 03:30:44 GMT
server
cloudflare
etag
0x8DC010C0C89850E
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
d33c659a-c01e-0099-3b59-33463e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
848235ae882d9b25-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a811246367093979c01fc9ea67e8db8c1b1e5abbd10fd669d6de163702c942b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 19 Jan 2024 21:35:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
yvXg9cqHerDDeRorhtpvbQ==
age
9638
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12700
x-ms-lease-status
unlocked
last-modified
Wed, 20 Dec 2023 03:30:46 GMT
server
cloudflare
etag
0x8DC010C0DDC5F1F
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
12b9f5b8-801e-000e-4f59-331033000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
848235ae88319b25-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 19 Jan 2024 21:35:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
8059
x-ms-lease-status
unlocked
last-modified
Wed, 20 Dec 2023 03:30:55 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
db1ccba4-301e-0034-2259-330a4b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
848235ae88349b25-FRA
1046
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		173 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1046?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2024-01-19T22%3A35%3A49%2B01%3A00&ts=1705700149507
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-105.fra56.r.cloudfront.net
Software
- /
Resource Hash
4b70f0061a33cf144e6e879ca9c956fc852a85bf80cb0f75e756c132bd05980e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 21:35:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
36872
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
WVuPsRdO5rvl8oBsHlN1Q5tR4Z0saMOO2DCboB5zuf7xdjmwfVAyBg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
230823541501762
connect.facebook.net/signals/config/ 		134 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/230823541501762?v=2.9.141&r=stable&domain=www.mlive.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bdbeeef12f878163780f30d02b7d2743e9d70a432c4f063994c950bf74ff19fe
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 19 Jan 2024 21:35:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35621
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
2WkKiYX9eklu49NR80eTQPdjWxq0972WO0ygRXhTPt+T46833yC5l3k1NBPj0o0XogW97lMG6qIu3jBB+1Txig==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1705700149515&se=e30&duid=94c49eadf2ac--01hmhtdhmq6dn94kj76bpprnet&pu=https%3A%2F%2Fwww.mlive.com%2F&wpn=prebid
  • https://rp4.liadm.com/j?se=e30&duid=94c49eadf2ac--01hmhtdhmq6dn94kj76bpprnet&dtstmp=1705700149515&wpn=prebid&pu=https%3A%2F%2Fwww.mlive.com%2F&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTE%3D
42 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?se=e30&duid=94c49eadf2ac--01hmhtdhmq6dn94kj76bpprnet&dtstmp=1705700149515&wpn=prebid&pu=https%3A%2F%2Fwww.mlive.com%2F&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTE%3D
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Server
44.209.215.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-215-67.compute-1.amazonaws.com
Software
/
Resource Hash
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
x-pixel-event-id
437faf65-ad36-4041-9462-ff2a44c3c46c
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
null
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
42

Redirect headers

location
https://rp4.liadm.com/j?se=e30&duid=94c49eadf2ac--01hmhtdhmq6dn94kj76bpprnet&dtstmp=1705700149515&wpn=prebid&pu=https%3A%2F%2Fwww.mlive.com%2F&i6=MmEwMTo0YTA6MTMzODo5Mjo6MTE%3D
access-control-allow-origin
https://www.mlive.com
date
Fri, 19 Jan 2024 21:35:49 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1705700149553&plid=83115055&idsite=mlive.com&url=https%3A%2F%2Fwww.mlive.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.mlive.com%2F&sref=&sts=1705700149544&slts=0&title=Michigan+Local+News%2C+Breaking+News%2C+Sports+%26amp%3B+Weather&date=Fri+Jan+19+2024+22%3A35%3A49+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&js=1&pvid=89371203&u=pid%3Da352f0313006b1aacf296123cc8f344e
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 21:35:49 GMT
Cache-Control
no-cache
Last-Modified
Friday, 19-Jan-2024 21:35:49 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
config.json
c.go-mpulse.net/api/ 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ&d=www.mlive.com&t=5685667&v=1.720.0&sl=0&si=a61fac14-9e50-4f09-9508-53a9950a2ebf-s7j2nn&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=468260
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SXLFM-YCJLY-MS7KS-HCEH6-BFYPJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:594::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
28445ab5a58bac3609ddba4d1200c1797a766b538fd6b0bdb0926fbe386f327c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 19 Jan 2024 21:35:49 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1095691862&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAQCACgFK~&jid=586527781&gjid=1806375444&cid=259527336.1705700149&tid=UA-16643585-16&_gid=1134932906.1705700150&_r=1&_slc=1&gtm=45He41h0n81TLXFLCRv78133989&cd1=undefined&cd2=undefined&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=GA%20pageview%20-%20template%20-%20All%20Pages&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd65=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-b&cd102=undefined&cd103=undefined&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd61=259527336.1705700149&z=1113535310
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
392.json
id5-sync.com/g/v2/ 		251 B
530 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/392.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
4af5f3a02356a5f17f2b43763cc0201d9eec1a2501e4588db0a9e2ef1b59d931
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.mlive.com
date
Fri, 19 Jan 2024 21:35:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 19 Jan 2024 21:35:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
33339
x-ms-lease-status
unlocked
last-modified
Thu, 18 Jan 2024 03:30:17 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d82eafde-d01e-002c-51de-49d52c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
848235af48e09b25-FRA
FormLogo.jpg
cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/0820a53f-bf37-4e26-90be-016196d39852/63d4f326-4506-4914-9e18-8751853c7769/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/57316691-7a35-4427-b868-f6c059de9bc0/0820a53f-bf37-4e26-90be-016196d39852/63d4f326-4506-4914-9e18-8751853c7769/FormLogo.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 19 Jan 2024 21:35:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/VgjLzERih8MeSo4vme4Lw==
age
53164
content-length
90639
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Mon, 15 May 2023 15:10:31 GMT
server
cloudflare
etag
0x8DB555686483EB7
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
f6a7de44-501e-0022-07fc-14fc9c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
848235af5ba1907c-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 19 Jan 2024 21:35:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
52313
x-ms-lease-status
unlocked
last-modified
Thu, 18 Jan 2024 03:30:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a69a7916-701e-0068-7ac2-495f13000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
848235af5ba5907c-FRA
3d7202e5665c5a16001ce07d7e4996468e11e75ae7fa811784f9
zephyrlabyrinth.com/create/ 		303 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephyrlabyrinth.com/create/3d7202e5665c5a16001ce07d7e4996468e11e75ae7fa811784f9
Requested by
Host: zephyrlabyrinth.com
URL: https://zephyrlabyrinth.com/scripts/3cdd00adbd84b/3d27c0d9c071fc88e68e2cb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
589436035c6111e3167719fef25b71eb75cf32f41d797b340d452b988e31b273
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 19 Jan 2024 21:35:49 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
303
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
x-hostname
fen-hoothoot-europe-west1-lbtz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 19 Jan 2024 21:35:48 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-16643585-16&cid=259527336.1705700149&jid=586527781&gjid=1806375444&_gid=1134932906.1705700150&_u=aADAAEAAAAQCACgFK~&z=1061556460
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 19 Jan 2024 21:35:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1705700149714&sw=1600&sh=1200&v=2.9.141&r=stable&ec=0&o=4126&fbp=fb.1.1705700149651.445716903&cs_est=true&ler=empty&it=1705700149083&coo=false&cdl=&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 19 Jan 2024 21:35:49 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=PageView&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1705700149714&sw=1600&sh=1200&v=2.9.141&r=stable&ec=0&o=4126&fbp=fb.1.1705700149651.445716903&ler=empty&it=1705700149083&coo=false&cdl=&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 19 Jan 2024 21:35:49 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=120978121945017&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1705700149715&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&sw=1600&sh=1200&v=2.9.141&r=stable&ec=1&o=4126&fbp=fb.1.1705700149651.445716903&ler=empty&it=1705700149083&coo=false&tm=1&cdl=&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 19 Jan 2024 21:35:49 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=230823541501762&ev=ViewContent&dl=https%3A%2F%2Fwww.mlive.com%2F&rl=&if=false&ts=1705700149715&cd[article_content_tier]=free&cd[is_subscriber]=false&cd[is_registered]=false&cd[content_id]=undefined&cd[content_type]=homepage&cd[content_category]=Home%20Page&sw=1600&sh=1200&v=2.9.141&r=stable&ec=1&o=4126&fbp=fb.1.1705700149651.445716903&ler=empty&it=1705700149083&coo=false&tm=1&cdl=&rqm=GET
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 19 Jan 2024 21:35:49 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
trk.gif
jadserve.postrelease.com/ 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=5014366&ntv_pl=773533
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.251.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-251-250.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:49 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=309bf380-8874-44ae-bcb9-f7fd787eb614&ntv_fl=MMTdWyeJBcdLcDTtFfyiRBPe8Vq-ba7jHN1vT59Rb8AaNiZSTjfYm3Al67hUUyWeEv4xysM9ZFSDJ81O15ndqjfb1_8HMLFj78seNGpMaWJZoLzMMyHC2YPKaDFCA81aNxC4c5fcNVgltEuAfwID8iu5_hLhx4-zoQ7kmUapwNC4-ZEIUKh--uEvc3a1PiAzky0nrQAUE4WOtN2T80TqTB1BP0a_Bvo_q8KClj0Hg8tMxLRq1ftzIrkd2ybOd7qb&ntv_ht=NeuqZQA&ntv_at=303,302&ntv_a=AAAAAAAAAAnc0LA&ord=1705700149736&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.251.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-251-250.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:49 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=57e6b645-9e49-42d0-b847-95867c578f2d&ntv_fl=wklKktgzCnjHRw7QsGHOxzNhXSYYdxQ6qfiLggX0SK77uLCGRUzUVU1eZnhoGwNYmykzwCMhcxXWoI8nh0pPkFe4kFaHXSQC5JQQ8R1rtuFY8clAUWiJiUWJYAM1l0i-lkne6ybtfFzpA9DUASElRGTledB3QQJ1H_9U88UOaTAIDm2uqhdngBdjfW1S21f041-7xm875hYNfXaNN9bSZeo6yPCA1mszM61SwWKjxQM3lZoau88ExcYwGgvYm_IK&ntv_ht=NeuqZQA&ntv_at=303&ntv_a=AAAAAAAAAAUr0QA&ord=1705700149738&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.251.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-251-250.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:49 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=512eb529-3602-4bf0-925c-e41a148c9474&ntv_fl=No53AUp_qTJmWJYNLYz3zDH7Dla8D2Bigrcdt2SscM1CRBKMW2f8vMgrBDdCrlBZyr4z7L4Elf3Ok_N4vU4yFlPyMR3V1wQ5YSOUxO_2FpUZu7uchLTGXiS10Vet2MXSCafxgz3gFs317Jf4hCHfBmWXiENU4U_SZ_Ug2XWSdUHh37uf7onZg6NAbxiHdA8kPVQtIH5sWy0uyTo-gv1Qgu4m9-DK3H5Yo64l0LU3Zb9ndHhXeRiL3KzSA2-P0jzE&ntv_ht=NeuqZQA&ntv_at=303&ntv_a=AAAAAAAAAAU70QA&ord=1705700149738&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.251.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-251-250.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:49 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=6622e5b4-c80b-4078-af2f-6f30f9a939fe&ntv_fl=miNEdYZhkQ016qn5OkGErteWbVfee99L6iQoR7ftguR8sGyRsJGan1-4hz5rpXnvydFDKPHOdMaouei4fqwEKCAVPbVPQyzoA3Ur-uMvFCGwBWpS3ZnqPZn57YMXOaZHAnIgPbs8aCSjJ9W7ZwTxDdHhtOUJZh9w9AEbKEVl3pclAj1tiPpnQL7RyC4AiYYoYfRf9ifGU_ER45uJpHIYesAEUKUq3tkvrI2rJFMLVrbcBP72Hg9UEGX-vTKwISRf&ntv_ht=NeuqZQA&ntv_at=303&ntv_a=AAAAAAAAAAVL0QA&ord=1705700149739&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.251.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-251-250.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:49 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
privacyConsent
jadserve.postrelease.com/ 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/privacyConsent?ntv_pl=1097042&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.251.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-251-250.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:49 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		322 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3190671483869847&correlator=828334333725580&eid=31080564%2C31079963%2C44807746%2C31079724%2C31068826%2C31080117&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50&fluid=height&ifi=2&sfv=1-0-40&fsbs=1&eri=1&sc=1&cookie=ID%3D4344c355bf922839%3AT%3D1705700149%3ART%3D1705700149%3AS%3DALNI_MbdYTEUC6QSsMJ_urNU7-bPZ-81yA&gpic=UID%3D00000d4436268273%3AT%3D1705700149%3ART%3D1705700149%3AS%3DALNI_Mathn6x99GsgGjbeNgjyyuY_FibYg&abxe=1&dt=1705700149756&lmt=1705700126&adxs=517&adys=1326&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mlive.com%2F&vis=1&psz=566x24&msz=566x24&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=259527336.1705700149&ga_sid=1705700149&ga_hid=1095691862&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJDQwMTBhZjUyLTUzY2MtNGU1OS1hZDUyLWYxOTUyNWU3NTYxZFgB&dlt=1705700147339&idt=1838&prev_scp=rg_adslot%3DInFeed_Native_C%26rg_atf%3Dfalse%26rg_iab%3Dfalse%26rg_grid%3D1%26rg_counter%3D1%26rg_gpid%3Ddesktop-InFeed_Native_C%26rg_pagetype%3Dhomepage%26rg_product%3Diabfalse&cust_params=ccaud%3D%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_cdlabel%3Da%26rg_platform%3Ddesktop%26li-module-enabled%3Don&adks=767953642&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9568cb9faf8b7d569901e9cc4c5389c7aee847ae237fd3bf1c4121187d931863
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
1243cfa227f654548f7c4a002ab70944025f6cbfb6
zephyrlabyrinth.com/6e8fe88f54/ 		3 B
29 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zephyrlabyrinth.com/6e8fe88f54/1243cfa227f654548f7c4a002ab70944025f6cbfb6
Requested by
Host: zephyrlabyrinth.com
URL: https://zephyrlabyrinth.com/scripts/3cdd00adbd84b/3d27c0d9c071fc88e68e2cb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 19 Jan 2024 21:35:49 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
x-hostname
fen-hoothoot-europe-west1-lbtz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 19 Jan 2024 21:35:48 GMT
XDRUB2LBSJBJ7O4GW7K7VNEIWA.jpg
www.mlive.com/resizer/BxRn233U-l1H-CiGxSIaQooVLh0=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/BxRn233U-l1H-CiGxSIaQooVLh0=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/XDRUB2LBSJBJ7O4GW7K7VNEIWA.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
77ad1d5e1aeedf805d08202b5efe04cdb8ba55a5094c82978cca57c58d7115da
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 19 Jan 2024 21:35:49 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Jan 2024 18:34:18 GMT
server
Akamai Image Manager
etag
"3a9ad81a42ed3bf6ed4a1a89327863b5c5caeba9"
x-arc-request-id
0.b7163017.1705700149.13dc0afe
content-type
image/avif
cache-control
private, no-transform, max-age=31525194
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1705700149922_389027511_333187838_152_18546_46_0_146";dur=1
content-length
30028
expires
Sat, 18 Jan 2025 18:35:43 GMT
AWZ3Z4WMXZBSFNY4AA6NRHJEGM.jpg
www.mlive.com/resizer/Lvt44iCUcIV_gGp-z8A22lZGN0o=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mlive.com/resizer/Lvt44iCUcIV_gGp-z8A22lZGN0o=/600x337/smart/cloudfront-us-east-1.images.arcpublishing.com/advancelocal/AWZ3Z4WMXZBSFNY4AA6NRHJEGM.jpg
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17b7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
443d516c99b0a849070b0b85b9892a81f8fc66ea9ae688d00c71321be63fd2a0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 19 Jan 2024 21:35:49 GMT
x-check-cacheable
YES
x-arc-request-id
0.b7163017.1705700149.13dc0aff
server-timing
cdn-cache; desc=HIT, edge; dur=22, ak_p; desc="1705700149922_389027511_333187839_2156_16430_46_0_146";dur=1
content-length
11219
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 17 Jan 2024 08:01:13 GMT
server
Akamai Image Manager
x-serial
2019
etag
"914561a01f993f1beb06c904b99e71a8ea440963"
x-edgeconnect-cache-status
3
content-type
image/avif
cache-control
private, no-transform, max-age=31314410
expires
Thu, 16 Jan 2025 08:02:39 GMT
3c3885ad0fa761126e05c713bb68c1bf
h312.mlive.com/plugin/plugin/ 		89 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/plugin/plugin/3c3885ad0fa761126e05c713bb68c1bf
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-105.fra56.r.cloudfront.net
Software
- /
Resource Hash
b5af004daafe813511ba3a5127eef79b185233fb1e297c3f53213c643a09c073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 08:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
age
3245457
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
21619
x-xss-protection
1; mode=block
last-modified
Tue, 12 Dec 2023 08:04:52 GMT
server
-
etag
3c3885ad0fa761126e05c713bb68c1bf
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
MX6UfA4jRulwOfpNEefYr5xD42xMXUm5-W9PRuvFgqIi68D-H4BLBQ==
expires
Thu, 12 Dec 2024 08:04:52 GMT
LB-Zone-3
h312.mlive.com/DG/DEFAULT/rest/rpc/1046/ 		354 B
1017 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1046/LB-Zone-3?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=60100f93-6b55-4dd1-9539-3884fb04f673&overruleReferrer=&time=2024-01-19T22%3A35%3A49%2B01%3A00&ts=1705700149951
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-105.fra56.r.cloudfront.net
Software
- /
Resource Hash
d9971315b13517985dc3a7d67ebbc06ac6f5ff9bb8b8cfb25be29ded9b5062c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
233
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
J7IHWixoNDM-1OpMtHXRy1-Tf2eWaT-ssCNv4tTXEiETUP9fOWhRqQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		75 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3190671483869847&correlator=828334333725580&eid=31080564%2C31079963%2C44807746%2C31079724%2C31068826%2C31080117&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=344101295%2CMI%2Cwww.mlive.com%2Cindex.ssf&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F3%2C0%2F1%2F2%2F3&prev_iu_szs=300x250%2C300x250%2C300x250&ifi=3&sfv=1-0-40&fsbs=1%2C1%2C1&eri=1&sc=1&cookie=ID%3D4344c355bf922839%3AT%3D1705700149%3ART%3D1705700149%3AS%3DALNI_MbdYTEUC6QSsMJ_urNU7-bPZ-81yA&gpic=UID%3D00000d4436268273%3AT%3D1705700149%3ART%3D1705700149%3AS%3DALNI_Mathn6x99GsgGjbeNgjyyuY_FibYg&abxe=1&dt=1705700149986&lmt=1705700126&adxs=1135%2C165%2C1135&adys=165%2C937%2C905&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.mlive.com%2F&vis=1&psz=300x24%7C300x274%7C300x24&msz=300x24%7C300x274%7C300x24&fws=0%2C512%2C512&ohw=0%2C0%2C0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=259527336.1705700149&ga_sid=1705700149&ga_hid=1095691862&ga_fc=true&a3p=EjQKCnB1YmNpZC5vcmcSJDQwMTBhZjUyLTUzY2MtNGU1OS1hZDUyLWYxOTUyNWU3NTYxZFgBEhMKDGlkNS1zeW5jLmNvbRIBMFgB&dlt=1705700147339&idt=1838&prev_scp=rg_adslot%3DInFeed_Right%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3Ddesktop-InFeed_Right%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3Ddesktop-InFeed_Right-2%7Crg_adslot%3DInFeed_Left%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D1%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Left%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3Ddesktop-InFeed_Left%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Left%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3Ddesktop-InFeed_Left-2%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.40%26hb_adid_rubicon%3D29e99724987ea76%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.40%26hb_adid%3D29e99724987ea76%26hb_bidder%3Drubicon%7Crg_adslot%3DInFeed_Right%26rg_atf%3Dfalse%26rg_iab%3Dtrue%26rg_grid%3D1%26rg_counter%3D2%26rg_pr-pl-as%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%26rg_pr-pl%3Dhomepage-beta%257Cdesktop%26rg_gpid%3Ddesktop-InFeed_Right%26rg_refresh-counter%3D0%26rg_pr-pl-as-rc%3Dhomepage-beta%257Cdesktop%257CInFeed_Right%257C0%26rg_a9%3DAdvance_MI_BTF_DESKTOP%26rg_pagetype%3Dhomepage%26rg_product%3Dhomepage-beta%26amznbid%3D2%26amznp%3D2%26rg_a9b%3DAdvance_MI_BTF_DESKTOP_2%26rg_gpid-tam%3Ddesktop-InFeed_Right-2&cust_params=ccaud%3D%26rg_auth%3Dfalse%26rg_sub%3Dfalse%26rg_idl%3Dfalse%26rg_product%3Dhomepage-beta%26rg_pagetype%3Dhomepage%26rg_fbwv%3Dfalse%26rg_pv%3D1%26rg_usp%3Dfalse%26rg_cdlabel%3Da%26rg_platform%3Ddesktop%26li-module-enabled%3Don&adks=1117919376%2C1117919391%2C3501067380&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a062595999ba82169e1500e44952b19d82aa2f89c4531f1361aafa119a938b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23640
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
aa4cd109c31a008049713f8d93edaa05
h312.mlive.com/plugin/library/ 		296 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/plugin/library/aa4cd109c31a008049713f8d93edaa05
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-105.fra56.r.cloudfront.net
Software
- /
Resource Hash
eb3bf98cf3f5fb2a171fd8b82319b4a5706155049eb9be0747141baeb8ac4691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 08:04:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
age
3245457
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
95069
x-xss-protection
1; mode=block
last-modified
Tue, 12 Dec 2023 08:04:53 GMT
server
-
etag
aa4cd109c31a008049713f8d93edaa05
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
ToBC3NPVuV3hVW4dc5QEvB45G8BLwRJ7m0cZBZ8SfI-erNmT2sC_Uw==
expires
Thu, 12 Dec 2024 08:04:53 GMT
LB-Zone-3
h312.mlive.com/DG/DEFAULT/rest/rpc/1046/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1046/LB-Zone-3?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=&bctempid=60100f93-6b55-4dd1-9539-3884fb04f673&overruleReferrer=&time=2024-01-19T22%3A35%3A50%2B01%3A00&ts=1705700150024
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-105.fra56.r.cloudfront.net
Software
- /
Resource Hash
5867821da5ee59d6b03869058a73a02ee909d0f9f93d7583a349caa7c1bb6bdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1309
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
5gs90Y32abqsXF9mBw8IMP9ArLpAzJGirS_NKmtZ4n7_HA9Gn_uSGg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ADVANCEDDIGITAL_HEADER1&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&t=1705700148815&de=461336940950&rx=37715904049&m=0&ar=805b0ce1b97-clean&iw=e29cab5&q=1&cb=0&cu=1705700148815&ll=2&lm=0&ln=0&em=0&en=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=advanceddigitalheader640552616592&fd=1&it=500&ti=0&ih=2&pe=1%3A697%3A697%3A0%3A863&fs=207009&na=1117424113&cs=0
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Fri, 19 Jan 2024 21:35:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 19 Jan 2024 21:35:50 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401160101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d1faee09125bb65bc03a50d968c27903128989788d0ca97cc9a72004fbdf458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12077
x-xss-protection
0
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.mlive.com%2F-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLmEV2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-7OAlZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-nzvc02JHG%2BoudQ%3D%3D&sc=1&os=1-Bw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1705700148815&de=461336940950&rx=37715904049&cu=1705700148815&m=1312&ar=805b0ce1b97-clean&iw=e29cab5&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=13194&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A697%3A697%3A0%3A863&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=1910520029&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Fri, 19 Jan 2024 21:35:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 19 Jan 2024 21:35:50 GMT
cs
advancelocal.blueconic.net/DG/DEFAULT/ 		67 B
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advancelocal.blueconic.net/DG/DEFAULT/cs?bcsessionid=60100f93-6b55-4dd1-9539-3884fb04f673&&callback=bc_json1048
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.235.102.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-102-18.compute-1.amazonaws.com
Software
- /
Resource Hash
717549cd7e2ed50b0ce3c27e6208949de14ac4ff4ff27af91e6ca853dca48faa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
87
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
baker
ead.mlive.com/ 		19 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ead.mlive.com/baker?dtstmp=1705700150281
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.70.86.197 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-86-197.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires
Fri, 19 Jan 2024 21:35:50 GMT
Pragma
no-cache
Date
Fri, 19 Jan 2024 21:35:50 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Jan 2024 21:35:50 GMT
1046
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1046?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=60100f93-6b55-4dd1-9539-3884fb04f673&bctempid=&overruleReferrer=&time=2024-01-19T22%3A35%3A50%2B01%3A00&ts=1705700150386
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-105.fra56.r.cloudfront.net
Software
- /
Resource Hash
caebfaf8db2c43b22f3c3a617aeba31d4d79fafd65e23b2331f4d99b9cac5d81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
3608
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
TAU9KCj5w4-xnNaQ6YV8YPwGzoPuOuSywO9x4TkYiVEAlLajzRe-2w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
predict
h312.mlive.com/rest/v2/custom/frontend/listener_realtime_model/ 		2 B
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/rest/v2/custom/frontend/listener_realtime_model/predict?itemId=93193c90-1299-460a-add2-602384af02fc&profileId=60100f93-6b55-4dd1-9539-3884fb04f673
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/plugin/plugin/3c3885ad0fa761126e05c713bb68c1bf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-105.fra56.r.cloudfront.net
Software
- /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
22
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache="Set-Cookie"
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
_I9ndtV5rdi6p8kSNqXFO84s-gqQJIerXKhRll0RKvyVSWjCr-rLxw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1046
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		547 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1046?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=60100f93-6b55-4dd1-9539-3884fb04f673&bctempid=&overruleReferrer=&time=2024-01-19T22%3A35%3A50%2B01%3A00&ts=1705700150403
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-105.fra56.r.cloudfront.net
Software
- /
Resource Hash
da0024a1b4d03c578acc68ca41bfd096e011f3d2fa314b44f5c66c311304abf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
177
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
TskF-q5RTQDLLIdFDQwDws14TWNqHClWlVuga-TUnWt6QbrKhujZ1Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1046
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1046?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=60100f93-6b55-4dd1-9539-3884fb04f673&bctempid=&overruleReferrer=&time=2024-01-19T22%3A35%3A50%2B01%3A00&ts=1705700150404
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-105.fra56.r.cloudfront.net
Software
- /
Resource Hash
a946100ed12bd9fe3cfc7be235fe5a1722efd74b81de7b2b5888d4b76ed13dec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
164
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
CA8AyZdTfLjASgDpqPgqJJuPIWZJsV1oTfFxek1MakBnQzqtd_sXdg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1046
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1046?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=60100f93-6b55-4dd1-9539-3884fb04f673&bctempid=&overruleReferrer=&time=2024-01-19T22%3A35%3A50%2B01%3A00&ts=1705700150437
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-105.fra56.r.cloudfront.net
Software
- /
Resource Hash
236f4230c6e43270a4dbb4f51e16ac7f11145c4aff5b644d20e7d637c325b749
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
164
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
u8xs7rE16To1Xikr4NzIqwtVsriIsykAFFiSjwDWoetQ4cIkFaq2GQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1046
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1046?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=60100f93-6b55-4dd1-9539-3884fb04f673&bctempid=&overruleReferrer=&time=2024-01-19T22%3A35%3A50%2B01%3A00&ts=1705700150440
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-105.fra56.r.cloudfront.net
Software
- /
Resource Hash
e426cf237514c32ac78c4bfff3f8fd85449197531958289734187e55700b5eef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
165
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
ziC9ertL5xLR9CbTEDx_teAQtU2cwlTS0e66H4YlxY6iqj_jMJnG4w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1095691862&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blueconic&ea=segments&_u=aDDAAEABAAQCACgFKAC~&jid=&gjid=&cid=259527336.1705700149&tid=UA-16643585-16&_gid=1134932906.1705700150&gtm=45He41h0n81TLXFLCRv78133989&cd1=undefined&cd2=1---&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=Blueconic%20-%20event%20call&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd64=undefined&cd65=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-b&cd99=undefined&cd102=undefined&cd103=undefined&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd61=259527336.1705700149&cd76=a0002%2Ca0022%2Ca0054%2Ca0107&cd77=undefined&cd78=undefined&cd79=undefined&cd80=undefined&cd85=undefined&cd89=undefined&cd96=1&cm1=undefined&cm2=undefined&cm3=undefined&cm4=undefined&z=1206391882
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 01:10:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
73545
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1046
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		183 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1046?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=60100f93-6b55-4dd1-9539-3884fb04f673&bctempid=&overruleReferrer=&time=2024-01-19T22%3A35%3A50%2B01%3A00&ts=1705700150445
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-105.fra56.r.cloudfront.net
Software
- /
Resource Hash
9ce2617230bcfe611a75ef8492984c534b4f81eaadb93299be5d48fadb354292
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
163
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
cEbTXo2PtH6GrggQmiJNUGdwdpblo9vbn88Xp-R5ky6ZbMOAEUHX3w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
container.html
2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 77E9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 21:35:49 GMT
expires
Sat, 18 Jan 2025 21:35:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EA04 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 21:35:49 GMT
expires
Sat, 18 Jan 2025 21:35:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E91F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 21:35:49 GMT
expires
Sat, 18 Jan 2025 21:35:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1046
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1046?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=60100f93-6b55-4dd1-9539-3884fb04f673&bctempid=&overruleReferrer=&time=2024-01-19T22%3A35%3A50%2B01%3A00&ts=1705700150488
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-105.fra56.r.cloudfront.net
Software
- /
Resource Hash
72ce4d234e2b58210160531c2fe21f4c5c1efe5586a8b8d72182ece4e50caa3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4641
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
bBmhjR9-TwlSf7epIeHW-ibEeBbHnlvJkn1W0jr3noW_BtCc3T65aQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B9D6 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN211YACMAE&v=APEucNVyPEIBub-1flhs8GwwtMQJefO5JuWxI2Oog4gciO-FpMPG85GtxX-xdoFYsex5xsXgBi-Bij5Jns4qoLseaH5RBGDyPCHG97PH1imB3NVafNybQcyDijHNFwO9BJEyqfw_Ydg6-canKthgJ_raHNPsEhBVv6FnIUZ3ALLsRP2bICrvbfM
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 21:35:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 77E9 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 19 Jan 2024 21:35:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 77E9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DDLRh65jZwy0BYWoeyuYe8A1BjUIZMIt0STucxZRQ2jfbJcif6SofTP6axw3IjlLRGl7Vc1oFpXyXXHzSryIc5R5uFiQ9b7y2A1Mj3-L3k8qZ4F4g
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 77E9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 14:00:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
27347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 14:00:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 77E9 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 18:28:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
11211
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 18:28:59 GMT
l
www.google.com/ads/measurement/ Frame 77E9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRU0HssU1SeVwuHaoDvlV_W5LDs5foN0atWxM_K5Q6NU4apsaDFZlFWfCEsiOFrzyb_lVXzHsHJgHYRPoVYnHcaHk4i5g
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 77E9 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 21:35:50 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8EAA 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN211YACMAE&v=APEucNUWfx5E0ppDZhLAeLbiIZLlXIoptfqrAfEqtCcNZDNL71J8uqKNsHUB_gYCEWrerx122jVeRHRJygleCsvpLzRkhQJ_Moy34kOsr2N2NGWPcBJSWk_4eIiENfVwyxXBW7aTfU7u0eaywBOApHz6biUy-MjoYnGpihjwZjIuEWBzrXA2LyQ
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 21:35:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame EA04 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 19 Jan 2024 21:35:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA04 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AWK2sHM759YP1ts3yF9aCyaHx-HeOkNJvbbZWap7-lh5nhA5P9RAXqvQ268fE6OIGj4a_U_hSoTV6ZkkJxz0mjVz8NkCBSKkdQG3SRALkfRHGzpAM
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame EA04 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 14:00:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
27347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 14:00:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame EA04 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 18:28:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
11211
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 18:28:59 GMT
l
www.google.com/ads/measurement/ Frame EA04 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSQQp0HDdvpQ4MhoqDVAbJaAmAklu93a_SPdDANFQVKepgBnEQIAmKAOYF_Iaqzufxxj2rU0SOnjAuXe01kQYjS2Z0IIw
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame EA04 		206 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 21:35:50 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 28BA 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN211YACMAE&v=APEucNVEpU7mAD_g2QYFR8haEBO21iUU5myvVUBHf2fKU0VFHCLc0in6A8auFmKASS5O9211_FuTNaoxIqU7_VXinP1RgMhGVsZvOHhl7VxdogUyUVDLD4eyVmL5-iNgp5XitJ1ObL7rqZm6hddEluw9ZT2loc-pIkwHQzx3eJwLURTfTCTyIBY
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 21:35:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E91F 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 19 Jan 2024 21:35:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E91F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C7vrCsHuG539wEQEMsG9MDBQKMma0B3aCmtCVrvjiYXjsVgisPJXSmqUhMWBKdYSfTT2Uny4AzQdZbuaPsZYIEHjTBLDV1k2Q-mvfd_Hl5dFbboJg
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E91F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 14:00:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
27347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 14:00:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E91F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 18:28:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
11211
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 18:28:59 GMT
l
www.google.com/ads/measurement/ Frame E91F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJlcDOnkuiznwLbxUqxpqRvjQWbLX5eIJKqR7Sbt_ru0ttE_bCjKFZEBWPzVRzIIvFnzVbJ8Hc_4y1LkWmICkG06FA7A
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E91F 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 21:35:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1718 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
27347
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 14:00:03 GMT
expires
Sat, 18 Jan 2025 14:00:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B9B3 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1fcac5753e7ebb0db188d18f7a296cf711046d696ed3460b33ee5f0b8e9bc86c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cXRAEI_bzfbkWeAkuYV7_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-cXRAEI_bzfbkWeAkuYV7_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 21:35:50 GMT
expires
Fri, 19 Jan 2024 21:35:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 1718 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 14:00:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
27346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jan 2025 14:00:04 GMT
1046
h312.mlive.com/DG/DEFAULT/rest/rpc/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h312.mlive.com/DG/DEFAULT/rest/rpc/1046?referer=https%3A%2F%2Fwww.mlive.com%2F&bcsessionid=60100f93-6b55-4dd1-9539-3884fb04f673&bctempid=&overruleReferrer=&time=2024-01-19T22%3A35%3A50%2B01%3A00&ts=1705700150732
Requested by
Host: h312.mlive.com
URL: https://h312.mlive.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-105.fra56.r.cloudfront.net
Software
- /
Resource Hash
e9dca6b2e193b2ce787ee3057730cc93b60b029eb8b6956942c5c3caaf74b0db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
4637
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
hEo-_oxhyBjisqsR7d0C3FBLMPmIkAk2dz3-kRfHsxYeFtiYAs5MFA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B9B3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401160101&jk=3190671483869847&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame B9D6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
43 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN211YACMAE&v=APEucNVyPEIBub-1flhs8GwwtMQJefO5JuWxI2Oog4gciO-FpMPG85GtxX-xdoFYsex5xsXgBi-Bij5Jns4qoLseaH5RBGDyPCHG97PH1imB3NVafNybQcyDijHNFwO9BJEyqfw_Ydg6-canKthgJ_raHNPsEhBVv6FnIUZ3ALLsRP2bICrvbfM
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u684szCByqIVyfEj2iNFNBITV8hWJrrShH6AZt86nQE05f83fLz%2B3cxLqH8cJ6vKwpWHqfvVs8dtBMQAXfDamUHmc5x%2BqGHCbbOkHn%2BYqY8lvpOU1SJYtc8cUMrUR4ccbnCgwidNjbtSyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848235b82acc4534-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B9D6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZarrNlt2pIKfPEq7P6JSJwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN211YACMAE&v=APEucNVyPEIBub-1flhs8GwwtMQJefO5JuWxI2Oog4gciO-FpMPG85GtxX-xdoFYsex5xsXgBi-Bij5Jns4qoLseaH5RBGDyPCHG97PH1imB3NVafNybQcyDijHNFwO9BJEyqfw_Ydg6-canKthgJ_raHNPsEhBVv6FnIUZ3ALLsRP2bICrvbfM
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSrPimTv3NpJaNHZh6T9pacG1wlW95GcWBXBSJjFn7e7TKzhJlL%2BOPVmnT9Zq5L8QzaRGTo%2Bs35nqE03hiihWmXcsMaXTyoqBaK86V7htw%2BQfGmptQrQahue8Oe47nX8pWnLcUlW7gcVRw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848235b88b794534-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B9D6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKJGTeLIzFI2K2veQBiK6f0&google_cver=1
43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKJGTeLIzFI2K2veQBiK6f0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN211YACMAE&v=APEucNVyPEIBub-1flhs8GwwtMQJefO5JuWxI2Oog4gciO-FpMPG85GtxX-xdoFYsex5xsXgBi-Bij5Jns4qoLseaH5RBGDyPCHG97PH1imB3NVafNybQcyDijHNFwO9BJEyqfw_Ydg6-canKthgJ_raHNPsEhBVv6FnIUZ3ALLsRP2bICrvbfM
Protocol
H2
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
an-x-request-uuid
e7321506-9884-4fcc-b9e9-7b99d5cd33ef
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.105; 80.255.7.105; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKJGTeLIzFI2K2veQBiK6f0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B9D6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk0NjcxODI4ODQ1MTgzNTQyOA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk0NjcxODI4ODQ1MTgzNTQyOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN211YACMAE&v=APEucNVyPEIBub-1flhs8GwwtMQJefO5JuWxI2Oog4gciO-FpMPG85GtxX-xdoFYsex5xsXgBi-Bij5Jns4qoLseaH5RBGDyPCHG97PH1imB3NVafNybQcyDijHNFwO9BJEyqfw_Ydg6-canKthgJ_raHNPsEhBVv6FnIUZ3ALLsRP2bICrvbfM
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
an-x-request-uuid
4f73a4bb-04e5-4c1f-a61c-1c4897d737a5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk0NjcxODI4ODQ1MTgzNTQyOA%3D%3D
x-proxy-origin
80.255.7.105; 80.255.7.105; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8EAA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN211YACMAE&v=APEucNUWfx5E0ppDZhLAeLbiIZLlXIoptfqrAfEqtCcNZDNL71J8uqKNsHUB_gYCEWrerx122jVeRHRJygleCsvpLzRkhQJ_Moy34kOsr2N2NGWPcBJSWk_4eIiENfVwyxXBW7aTfU7u0eaywBOApHz6biUy-MjoYnGpihjwZjIuEWBzrXA2LyQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82O5MneIdagYSDgsX0HU%2FbBEitQVCmzCi5wmWrHLw6XXLVVeATHs3h%2BuIqVYfE2YSnstE%2FjUHGFf349IUcG1onNNmB7uqSOyXUIcwopRn47uB7FFsHeRoy6JVNp5%2BBvdPGu8JDmXFydfEA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848235b82ac84534-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8EAA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZarrNo1xK6sSCVO0lcCv5QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN211YACMAE&v=APEucNUWfx5E0ppDZhLAeLbiIZLlXIoptfqrAfEqtCcNZDNL71J8uqKNsHUB_gYCEWrerx122jVeRHRJygleCsvpLzRkhQJ_Moy34kOsr2N2NGWPcBJSWk_4eIiENfVwyxXBW7aTfU7u0eaywBOApHz6biUy-MjoYnGpihjwZjIuEWBzrXA2LyQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oENWHvNfXezETMT0mXjrok8jzuXkfLduRp8m92r6ckjOGW5%2BgQUOiqMm8T5mNLpJRM2zWHxGH2ESxhaxU2MXjdinRI4xGzkq6fLpPdgVQwRdRCiFh4WJNoYTD23TxctOqZJRoDQiMNuCLA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848235b88b7b4534-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8EAA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKJGTeLIzFI2K2veQBiK6f0&google_cver=1
43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKJGTeLIzFI2K2veQBiK6f0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN211YACMAE&v=APEucNUWfx5E0ppDZhLAeLbiIZLlXIoptfqrAfEqtCcNZDNL71J8uqKNsHUB_gYCEWrerx122jVeRHRJygleCsvpLzRkhQJ_Moy34kOsr2N2NGWPcBJSWk_4eIiENfVwyxXBW7aTfU7u0eaywBOApHz6biUy-MjoYnGpihjwZjIuEWBzrXA2LyQ
Protocol
H2
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
an-x-request-uuid
79b16020-0982-4c05-8a21-9aff94ed7258
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.105; 80.255.7.105; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKJGTeLIzFI2K2veQBiK6f0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8EAA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcyMDk5Mjk3MTgzNTUyNjEyNA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcyMDk5Mjk3MTgzNTUyNjEyNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN211YACMAE&v=APEucNUWfx5E0ppDZhLAeLbiIZLlXIoptfqrAfEqtCcNZDNL71J8uqKNsHUB_gYCEWrerx122jVeRHRJygleCsvpLzRkhQJ_Moy34kOsr2N2NGWPcBJSWk_4eIiENfVwyxXBW7aTfU7u0eaywBOApHz6biUy-MjoYnGpihjwZjIuEWBzrXA2LyQ
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
an-x-request-uuid
2717a4c7-980f-45a1-a285-f841fe158be1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcyMDk5Mjk3MTgzNTUyNjEyNA%3D%3D
x-proxy-origin
80.255.7.105; 80.255.7.105; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 28BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN211YACMAE&v=APEucNVEpU7mAD_g2QYFR8haEBO21iUU5myvVUBHf2fKU0VFHCLc0in6A8auFmKASS5O9211_FuTNaoxIqU7_VXinP1RgMhGVsZvOHhl7VxdogUyUVDLD4eyVmL5-iNgp5XitJ1ObL7rqZm6hddEluw9ZT2loc-pIkwHQzx3eJwLURTfTCTyIBY
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fsmz6AXexAwIPQ05y5xKiqxjTiKnYPWW1HQUxVRZOsLkf3h22jqB9uBl8r0TA96Ve7J6Ig%2FERW1CBDzvhdZBu1fe1Tizk8IRFDEqg%2FpDv82FP8a8l%2BhzTrbZCp6f8IEhaezRRh%2FyLz7HFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848235b82ac54534-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 28BA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZarrNmTKW5kSnl78ReQF-gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN211YACMAE&v=APEucNVEpU7mAD_g2QYFR8haEBO21iUU5myvVUBHf2fKU0VFHCLc0in6A8auFmKASS5O9211_FuTNaoxIqU7_VXinP1RgMhGVsZvOHhl7VxdogUyUVDLD4eyVmL5-iNgp5XitJ1ObL7rqZm6hddEluw9ZT2loc-pIkwHQzx3eJwLURTfTCTyIBY
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HoaLhwqUXsYTTmdrHbFB7M0rvW3j9ZwAieGFwG3qU%2BmrVR2jDGLbft%2FYJapGm0SxdDrcUvqBWrVQtcgBTPsmRwYGglL9vBYMu0LzWAD7uJiQ0%2BuyKJwK3e0OvOl5ME4qoxGMt9eny%2BtvbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848235b88b764534-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMapfXFgcEBcjJt3JgibGcU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 28BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKJGTeLIzFI2K2veQBiK6f0&google_cver=1
43 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKJGTeLIzFI2K2veQBiK6f0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN211YACMAE&v=APEucNVEpU7mAD_g2QYFR8haEBO21iUU5myvVUBHf2fKU0VFHCLc0in6A8auFmKASS5O9211_FuTNaoxIqU7_VXinP1RgMhGVsZvOHhl7VxdogUyUVDLD4eyVmL5-iNgp5XitJ1ObL7rqZm6hddEluw9ZT2loc-pIkwHQzx3eJwLURTfTCTyIBY
Protocol
H2
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
an-x-request-uuid
7ac31454-03bc-48da-ac96-6dbc64cbc1ca
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.105; 80.255.7.105; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKJGTeLIzFI2K2veQBiK6f0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 28BA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcyMDk5Mjk3MTgzNTUyNjEyNA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcyMDk5Mjk3MTgzNTUyNjEyNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN211YACMAE&v=APEucNVEpU7mAD_g2QYFR8haEBO21iUU5myvVUBHf2fKU0VFHCLc0in6A8auFmKASS5O9211_FuTNaoxIqU7_VXinP1RgMhGVsZvOHhl7VxdogUyUVDLD4eyVmL5-iNgp5XitJ1ObL7rqZm6hddEluw9ZT2loc-pIkwHQzx3eJwLURTfTCTyIBY
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
an-x-request-uuid
099583f5-89c2-4e9c-90a2-158c600eb341
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzcyMDk5Mjk3MTgzNTUyNjEyNA%3D%3D
x-proxy-origin
80.255.7.105; 80.255.7.105; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
d896f055bf08ce6e8a1f2264c0eb36c6b7b34ea7bf2
zephyrlabyrinth.com/f7815b88a/ 		2 B
326 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://zephyrlabyrinth.com/f7815b88a/d896f055bf08ce6e8a1f2264c0eb36c6b7b34ea7bf2
Requested by
Host: zephyrlabyrinth.com
URL: https://zephyrlabyrinth.com/scripts/3cdd00adbd84b/3d27c0d9c071fc88e68e2cb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 19 Jan 2024 21:35:50 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mlive.com
x-hostname
fen-hoothoot-europe-west1-lbtz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 19 Jan 2024 21:35:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 77E9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5680060220746&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 77E9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5680060220746&version=m202309260101&ct=76&x=1&cor=6368955907148292000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 77E9 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AJBlNsygfhHrnZ_K3gdS7jNBggjvbgW4zi3GgxXiN1-tLaGrkg9qutOZ0zkNaSZpt6-ascahJJRilm_qf_N2wHGCRL6-bHEV_b_5-_Km-vx_FHspX9CwXmJz9l4-NeMvzClpjWvnsQiYORrE4ggcKFjPcaLsuYyQzhfLmsNTyHXhIueuc&dbm_d=AKAmf-DEHfBsJGmZXSpp0xzWEin7quBgFLoL8vlxJ324boxuhBh49ETAw2cTmLw8YNKxwIF8FD-HO6pDsXdSjGdo_SWLTK59t5WwiaU2NEzPkej8gmf1KRySRs5hy6H4BACBcg6TOofgIMaMLxRRltJyVpkV2ZeyN5RJJvJkPDpJX82lVgIO2_--hRWFhm66C9I-YZOAx6tj_d7JJ-PlAX5BKDDTA-1UComn2HsYM0GA_ebRwsgIMp3VjdHIMif8cszNVw7_DDm8PIoEItUNQ_XLiTE1uCB37ahp9URbI3PmV0i1NA6aiVYfhFq9ADQ7XBOGk1topPf0rosfaziElUeQzCAy6vVHQ-BMCQtecF9h6Yj6PWiHE9CeG9NMShwEHeLhWi1uLUulxCzqC1TtagtQjbWOQx7GJuR0rS0LfHxp0KAQY7YF01YQbz6TuGHxVeMPRadrNhciV5SRdF4hNnlJvF4wedBaqkzkX1JYNHE82cgCp-fyI60azyCFUDPyDDyUiTSdy9-KoO-PcOsATL7kPT2ZHwBMytVyrwu1iP-0nG1CByI8GpMj3i5Z3U27pubUkygCZonwRCyoXNtl7Mgyh_Cs1sYwgj4r2HPeIp10i7CR21hn-I_xyWDgx3ZziAbOEe1xcFbmwWRMypqiqZb2eOYMA7HvqG3RtCBwr_lLXGat9HiQzxyzWamImX4YvoyXbSAD0Pt3aN5j4XsJKkRSzfd7kbVmqdT68z7JDgsgl_knQ2Jg5CESFQYmpSexX9uGFX67o0PhtFGYq6NCq7F8CNGMHsZeGs7GUX2b4srjCX8utTp-fkRzfHY_CAoJw0KYxreVwJUqbkEEscQkN7VbdKq-D-kuPcJJSnPTtTyyEun2dSrXKYZDCzKVEsBibQCL7GJGxLnn8_Cg1UO0tAZJ2YfGi-s2egMV1-pmb3vSgfBxPMwy3QgXWuAUFgVrVCXVD_KNVfWRr5RI5qQ8YomrNCUf7frTqi_aql26wTKALa21gc_KVXIY17hFBTZYUbMLbrn0jYGfTSzRzvs9eUduNTbZbl3MIfGgQOZAclPG3hEE0rRy7oWQf-AG8h92fkeDsLb_yYx2cLUekpFsbRZF5hD7Z4Q8EtCmLWwcLqsaZPNYjyzkDk2dpUf-VMWJOWKlfCMOjNgVdE0NeNyORJTDLypDN0NrthV2V2XP3gpguCrzSeHIdOLD8hdkFzspm1V0SIMWYjlghhl7loZqIdZcCL8sCe7mwjNYWpQV_UPgQLsacODmb2nDdazOs51zXz9GbwZn62mCVYoMfe3pdNFQOiAePJttubEld6H1J6LwkIyz3fvu5D9P9m6aLF1gTrdK0TbE7_tUKRRQbL2BveNfs7CevEoqbZir92MVpW1MM0Zdf3kwe8I7opCxOEfowLWI5U5E2EE7g2DFTOo-Qf6lxzeuz8Y4xouQ_KpCMguFPOoJ0deMtzKF9P-zNh5EXYhTIu9Egf2K69iFAG1Eh7PUOEzrSpH9KoA1OsYMXna19iJi2_o15TEc2j1qNgGfP5AxVWjEByX9loFq6ICPkQwI0kkSU4zDoWxhElRHu7kLFJfmSmzEYb_QxrZJSDxCBloHXuMHHrCzzEMCoYW9mDzWtLnihuQXp58aCYYxAv6NIRXLYjkOgS4rmn09EJ6kRzYJeTWWOLKhxB7aAA8GZm1C2WMQw_ojYLsHO7gg7qce_don6x7gF5hEinZOKYbk49v6PNz8TjgVyFllfnlbSer8Pn1W3nvezO6Pz2U_s9wKypwoP-4PSOD5caOJOKZIgv3nQ21iwIYlv-oqeBbXNQhn3jEExLwl3KLaXP4xzKmiBjjChdR4xh1ZJTWvy_-qrTbcCo7cLU1GJS9532_kOlQm8SLiW_E7HrR56Hd2uwFsfcQoGvHwTAOqTlLKVOY6XkEKQI8NGcrVlrPXgRoOvTgKtABZTBvtJ--1RXWBfarEctmo84HXDCR5hyTqptdlofCRfthKHEnH09anfzU7cbr10on7YjnCskgzv0PgtuXXG8sVdeEr7pBjJc5jyJPUFEKVQJzEGRTwXF3li2mP9BwaWGp-szoEltuFD3OqU1oN1vlgp-EKHnbQNxSmMpj2ZAiB74bzexA2R8m6G6Ac9oCZHhKgcLemVREiuund9nxV6kHJ6efQ2d26EyfYiKRjx2RQ5MFDFHpD_YbOKp1p9lx5tA_sEEdA5kNivsCTQ2eaPxasuUmo8nnweQHiqJvx-XWTO93J3EOXu8dz_0g_2ZME2dWYjRah_Xotubr_Jo2t0wpK25bO0lbUpUq90BXYpgXOdfeU-aAStMWS4CQYl8TukdiwJLoupy3x1K3OWY-ym8PjsyR2JlF0nH-pqhvImUFSTQ9z_hbS1J9wi5-SaAXyySO69SR3QrZCSwKMeh-MUL8feSx9ocMOsUDRLqOZZbZBrKQF5l5nW1VIkKu7gUE3qqHp7uq0desm9aWg85nbrbIb00CSHV1SetsjcDwGgORZ4qc7s24wYUrLokUozu-cfLc828GPRwwbMOMdoyK4T_xitLp-EzDaGqMpfspaJg-mes_Kmqq8qOkdWFHIrRj7F9ezl7Ey2oiN4qy8p0bcwAc6pSP2Men2Lzs0L9-KtJ5zUgJFgkI3BhWA4NtrI8_adk6DLLB41K9NkSrFhWbsrPfIVS6V3lMGrLYl9aIBM41WZkYpIVgAgkDE6piNrq_4uHSBlCdCeP4nEvN5naGGzP63Ridngnu3BMSmO9NP64P419kTdhA71s44FKsOpyV-YZ2RI3mdyvLb9XedtwwLDlmX34xbDR8SOp1-Esgp44I7ASuGO2vH_xUW3IXmmidBVND-xdcqxROtHN1Vm-svWyykQllPHq0jH7C__Amh03q9XTgWlUTDDerf_kNr1KsS_TUVmGbKUccy2CJN13RPMuGBlJpmQ8cu4DJim5dvP85_HcVsDV2eG1ZGGIZ4LmO4Cr3Jpucn4AVyj9uoD8aCe0IkbaUGmxi-5gVJVSGkxI7SHQl70H5Q7jbZpgSxJg3cxZhdMH9oVnDdNWgTw6jQEjfjvDcXmYh5H6DVLMdmxE8R_oAAlmtn4VOUSqhFbCq4nyD3LAQHqML7dYbL65ut6wxL_osaymTWdBE1_MdSsqk5Rz7QJFgiAU9Ii0Ff0mDZi1rN04pYfkb_fwm2iN8edc_Byo67u5CmdCjf68o5mtQ0iD4Jr12lriH6vAMQyBZJaIpcmK8n7UVmdtY6mbR3iVm5lvD5OU600Jze0WAJiND2fuDhYshzd0aRKr6XPWRryqgYbGKd7-Ons_8EAwGykEICDLZmf4sGfAljy3TTs60KPdNjj9DM5RUvWgoxCd9Qo-wG_wXik2awzyFrrNdtd0UcTrP17ubtvdWjfGrGGc-QQhg-DWFd2kTx2TD69jS9xvdvQWdBnPHYze2zX2OeCtrDjWcMX5syPRRxIKEjPR5IxkFWh2UpCf-11RpjEEYDlwQPx03Eir1kafGXfgIA-ufJONi8qTJj1TvnGZHx7lNqNJMLKbXGFxoJzs_CnTIyDqdmvzPFFqtc71QL-bL-SPvmUI3aKQn1hEvo7kk8KySN_qZh9qms9Sa_DgUR51gd-8K2xlKRmPfSE1zR2ExsGBYKORnE2QfS_cpGvrGXIaBu2KQx5-bO80Ci8VhCy5p0gwd8-sg8upbEVL2eobKtzdmiQ8ZCYKkYa_8Cz1GHaHqLB0gm5qBZItolGqYz_AfUSs1jka-GJvrJ0E38j1uangMDqVnT919ckKqxXU2NL9AWtKr7d-HRbhizDId_KMRlLoxXmpNhUk1yMhy5AX9qT_OOD5OWkiQKCAazQV8P5pIj6Qp6IQD1JsW_XcJnnhDXtD25Bn28qCH5UJLGPkaBoRPTriywOApKneakcj1CCRWvGQfve9Y-&cid=CAQSOwAvHhf_6SoPc4UWnwSQrGFe4fnWscxRPGy7DksfJwGZGxPiEqPykY8kanUzf7jX2qyr0TRjZKr2d9VZGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=6368955907148292000&adk=1964084971&idt=224&cac=0&dtd=21
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
885c0828db5bbb09199e49b549f0d00187f4d0816a40b75715beb9c853fabd1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 1718 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?w_EgSg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
getuserdbdata
app.matheranalytics.com/u/ 		54 B
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.matheranalytics.com/u/getuserdbdata
Requested by
Host: js.matheranalytics.com
URL: https://js.matheranalytics.com/s/ma63527/484602605/all/ml.js?cb=1645
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.255.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
72.255.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 19 Jan 2024 21:35:51 GMT
via
1.1 google
content-type
text/plain
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
5-gc-use1-h7vv0117
execute
c2.piano.io/xbuilder/experience/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed9c399a7d7e4f99ca3f54a1f22371f570e7e45ef5804e9328671ca61ecbc80
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
8ynb90g5a3
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.mlive.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
848235b89922360b-FRA
gen_204
pagead2.googlesyndication.com/pagead/ Frame E91F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7452545670572&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E91F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7452545670572&version=m202309260101&ct=76&x=1&cor=17120359627771159000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E91F 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTQtN7gOS9x-mvLWb_IiXgotwONocHsW9KrRU4kfVXZdHseuim-l7GpFQECb0v1_RGgHuXl4x7PeROhmQt7LBE8b23PZxJDn4-USjDTjVp2_4M1_k5_5WlIGBsBt5d37Qm20ITjGWOd13PVHhVm1o_4-DGIX3-wQWrDNisfmeqfDnu_Og&dbm_d=AKAmf-CSYn-LwbzNqlDVXsib1xT5RKf9xt121tDlW-yYRhEfBBH9URYJuS7wBwAOx3LqUBUgRbcTGiEgwJKN2xFiNPydEWpy_uBFXw-4lNo2dqD-PfuoIW-09t8FaAZ4aB-qyZTmlm1WFv2DH25VFPDzGlE8KFeKQpcftGrdp7oyn84k9DsAVqe1Zu4mor76UY6qyRJrCmxW4nb3Ldx_mJ8wcVEzcncJdiqs7mHL9WYjhzyRnPzQKRs4UZx758gFIcbDAfEx6rdQVYz3SNbHsZWrs-fCe_HQz4O6pLhKR07xtPNB0rsN_QlmbwIq5NtZN2KeBI8orZ5_d5uV1QtoE7qcr5V8Ups32j0uhIlDH3XC5scH0fqtVQmjAqDTZvHLZTaVHgoDP1CcOYyS5lTskdNzWe4R3Pw-mJcj6uwHEGSX4dHKy1Nu7GmEwlWyVVb4E44k6Z7CUnmVqCtSpfPMD3AImLU_x9t1vlJQ5XXp6xTsdit-Lf-D5GQpVPUaUP0Q4HeQhksh4ewHAHiMNxUq9nAeb7UjWv732Qc4DMtGt9AME9tXx_8Hvv80v5eBFHM-Xwbhqhy5IcbAKwTYWQ6VAjWLcrTud-q-f1M_LALC21p7Gn-7eEP0Gs8XDGeq3oW_2rRUMKLNvMwvf1ueJ3NmlQk4PZBdwG2JfHv5pKXFWZOaidJbpqzYSc9Rghf_g1ANPXF5FwhzWL1xUJBGOKt0Da_UmcCmevhyiWFd__gFO2xVjHROtfckFz1rmroW4fLrnolEPoLsA5r5h-PKTUG-TUnA1RcHSD9iHt1_SUVX5tdK4C-IaeA-e9lzpHZvgLsyfVjoN-LIN2PoVbtlATwyv7b9pCFvZ97hfsolCCMDqZAD2hu-0BtoUZEPwsMh33TZuvsEwSiaysNXRwgBdbuYVOKlMIaVTdpdJSO-Ts2GaDaATP-hhWp-OovVymKNarFDbw9ztGx65Q1NLKvKK-vXtYNx3mKXYpUYQUmGv-XBl7BMzykwreDUnyWF5TjM3PCrVUhwE0mcyokYMHHBIOteT4gFlOXZpONUTQoIDm_n6S-dXacHknbk8Tu7kRFfBR4OdtsVTWOLsZ9_co92WG088jbR6lgJzesfKXEemxhpbvVH8ZwHZH_rJ57BS40Krb0A0XLxfURg8dPQRVMGrDcMtEX7W6-u_Luw2PGo7yYJgW9FBK4nSLAZRNw5hhEEdGORn5cr0TR0qPZeqiS_Y8Re3UY7XjJApWfWv8sn5EwfQb96x8LzJsxK67NmM7QZzLk4F1wrvbskgduO99gOBwShdHCO-WITQC3mqk9uu_WrD3rv8lxxNx46DYE8bErRmKweOqgxDjPPPC74gBPWHh2CBzGOz0sfmWqQiLhAYq9dw_GIk4ktF78Ckp8dy0MuJ3KDD11eCvXUOkLrsruFwtP6jDvOEPnqtAUjfEE83KhBomGMJ8l3BjMbxBUoC8hlHvozEWSJqlwmfcE6j9kQ8yKz9AgwN_IVdsxn2eokUYu5SzZT-Ysoc0erRqTV0oXhVAPurYtMspU0EXeh10Wq4c5dKZ5XQTtgrlU6prLN03iFImami79hwJHOwbXwD15LxAU1abvLmA7bY3y6ZTcOkw58jDkD5IJ7i4u6CzrzA7mPcapqhi5Z6JpxMz5Y0iUHMhjhtJjK0ijyGNhKZtDaTb1WxwL96_HMMCuiWbC_QmtXSzR2D2Ga0pbf8D9AvebSeKZK2pYJX0WxGxph82AJdhB-QvfFKPDtzLp8amgjIv0XU4BbdXZaD_I_J1YEmAmCvmGNeFqG19w-xFqSlqY2Ymw97nUuUoxMlc7VxlunKA9fZNxs2aqszX1Bj3wCP140To_arXH6bE0P6mwPEcNw6QStNW2N1bdQ7nrP7wjJWnbPN_6jqVNoqQI-MPtOzJ672q6wNDe-PIaZGPm6QDaMMspTx14iQBCG27WD9xAij5Btz2l7-Ma8dM0Tzd2TyMyIKTz1lICzpdK9tHrByqHyo1RiJvaOeVNiAEIS8AeDL0R29tkQVmgWHTs0od7T94kWwSg59YZPWMGxpe7rGiDFqn30xm2h0rWj7vFWRE0M3r5fEhemxGwEAqo4K2T_ZGi028GAQObVrFEPb6frgONf_lJHxkfE6wrrTdgmsLnhlnJ_e4Y8pbT-pjv28DBjBJcx4mZiSpSRStLnERkc8mWtYvGJ_PmMh8lj67iCscPvJrdOJFlSa8DhQ1QksBQC31AzcSwwZlctBO1hdgCnwJ_qVtQFM7tuCgRuNAGiknULA-MPFYJxpULkTAIGPm3wKXH0AXnxRHgNdhBifzTlus1NlJKTUF9oKqwptbKVxtNB-YItP0FZwdvwj7oTKWCEo7xYbjb9LpR-7bNWTBrNGniq8eq_XjYuPuZQW83M--EfiS8CeUrc_LG1frSsdVRWAKG9TCeY6kFwBfyaU-MzevWkbtHot8tHGlDCCdgqW7ZM09PprDE1q9a1zOmuxPQL_i1V9w8P84Ajx5ZEmcTc225DdES6OuzAbVcCw_bqgiCawU6dK9VqT_lnCOqKvKDy52AcgcoqO0LVzayzXtWuA7_Yz10mexWn7EEUVsqK9RkPnKE0tivBMGk3TJxKC409lanfgYP9mFlf18E4yrTZ78bDqM21ZHdPJOK_RN8xict9vHJsVVO6jLZuHXfnFaOg8dTjmW4cSVPMpDMKpJfU0RA7f0e-Ximd-28xQQh83ljaaNsDQ-2bB1-T6vCVSs-qMFYs_AJp4bx14R8l7wxt1o6t_eOSu_dtBlv4l4qlmTdR4sJUb3LhF4w89vElacB9ORy0hSVyRuxKfmPTpoxpNiStNCOYoIS9VceHQhPmcNiYwInIlaUKYLtirc_rjdLgQa6YVuIGp-Sx-wwQL0ezMpX0yWwYmuIaY9cAhHOaM40C-0--vDN-iYMlgW_dbYnAVP7y4_mCJmvnJH5eL7wjlFcmiJ32N4Jo-UXfRl3FPEFKYJBQzqmZD8yyFb55nFXy1IV65fKQZ3nDGEm3YwXyuSApvQIidhMSET6PQDWwW0y-a_w-__kN4NvzQx_yV5q9D2cJLMuv2VCFDbrf2R4Z_vwiaTdlb6CbuIssCQSD9zCA7DigKSgsho6yhV46uwGBhGkq2Qquq6TVLgMEuPfTqLYYI6AlrkGzko7EOEjGRDlx8YlLqCjxbfC2CNazh1CTwS6QtzhK9bsmRx4QVkbxz2xrppk0Ms7s9hiCSyzTT2yn6DskLnLCNlXjj0SfXDcnc0YiVZ4O3joDNZqISvj9AqtfyR2BHNcP4jXYWTZQbIB0HnwO2C4zm4AcIngv2D3ykFDHYgVmtiW-uRtLuQoxmzLfHHZIfk3NULa2AnT8RD8P4zUEgomSCgUXs5XMbYpsmXlvq23FJaadyssIrcH050wZfWzUQP9cWg8dqeiVpsJQkC0m5cADTLygDAKTIjqUyT6Ag6KdWZPXsqvWrS4pe4LgaFuYeNipceA-jfEQ4xlH64sLHUgAE0GxDEKo0-BtGwmXbDwO16qGE46vZUqH2SZTEzvNaQ_B_-kfr2ml1OGLfMvC2m0Mn8EHwDvaPa-xGPA-yheGNI4smljpJETJU8bh-nUybsVlvFYnhRzfmjHAJUC55YJ68UT8EQJE8VPTKFwwZFs56-tX6Mn-pkzE7YvplCK-ML86PNhN7COsirjDsG7b2UevBHrIpemilTOX2Lu3HJBXjMJvVMiazAKIyW70CcJAfpHe0fDdAI1s3nyfirQ6fwo9GukOoz2CTsD1QaY5R4LAWAA0LD_2np0alkOSwsSIJ0mv-m85zh7wnZ6MVrFkkZbCH_sx93TsM71zHF-KLf1wIO5cxbkEOlBoGgxKGifsaKmZCTr1VL1OS2KLsmJUI-905U3B7rRin2mUdkfD6ySnOyasqcGaZLMH&cid=CAQSOwAvHhf_6SoPc4UWnwSQrGFe4fnWscxRPGy7DksfJwGZGxPiEqPykY8kanUzf7jX2qyr0TRjZKr2d9VZGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=17120359627771159000&adk=3047537734&idt=276&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9206759d2752015a79bd682c704fab78e5e6b752956e184a11394f435eb7cb5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42418
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA04 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8450894212482&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA04 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8450894212482&version=m202309260101&ct=76&x=1&cor=11076463951323701000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame EA04 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-zLyHzuvdwFSYMrbpT_TJhSftZO-sxDDyfP6g9CJ-Ok6whwUGwL23BXPQRS5Bs7_99KLK3iyzfvYLkqSZdL9Vy339GtauxSRikfnN-SWaJJKCEo02psJtk47MH2PuIuqMJpbiS9s2nWnNV1x_T6r7WxlWuYYG1H1ltXFYMycU4yzzyHc&dbm_d=AKAmf-CVe-pnHCT_YtgWvcyvrQmKYfcg3H4ekg2mUiL92WAf2-gZdORsKF3HvV3fRkGkp_vrSxDYXF-wT2NLNwAuBbP0I-IQnJeZ7jX_fwxlnMiLmXEpO72IhAqTvp0O09WzMpi2ra9T_jlBUfIeKMejaMgqr8iDRFGJ5ShJ_fP1uCNXPlI0NyAsFgY3_toKOTnQ8sFh6ICS9b4fEi1N4vrdSfqFG_CGAM41u_ok-ziap0Fn6F_fjF9Uhu86DB8-9XaxMLxys_qcSKwJeRXMjn-pUUj5ga61sWUrBe0vN_9U48z5pbwO1UL252_5YtdZfsD0k1YsZ2w_U9rLL5emcUhZ0cUW1ca_Vv4yJwsmw0UjwlcKfIkhg1irznY34-6t1VhXIJ5sFREvip_HRz-YlOHrawwwkELeSeSAe15cc9L05PAQJiziqTkSYrLXecGQAUwpkxFLrWpU64w7sD0NiPpFlNnw0HZfCNLu7lXvFjVn6kbbEuPrSGk11EIRf3N_4QIJ43aNUGwdwlxUAA5m5VqzUbwauGhGYLVM7_Zgr541dBHlwhYuuDSPiylF1Oxgh1Rh8GciVHgnGmzlctdeV2PjMK7xNjzJDzJFhXiXlAOH1UY3MbetZgbJPhO86_RtXYvxwW0keZ5Dmt-D15LamY3XyGM5ypF2-HOULuhspjz6-pFrdtW-zm6qJJoj3vGWApz0ad7mP3kwCPSQS6shvmoplxfxDfYid24bL17LRmq1xWpV3pw8X4IGJo54g-pe1aiAuReVtWzMrHu7XTFM1ttmt_lPrmpCEGafXUXMmBFJN9LpcyMEdMjbLZeU_kMoH09cjaLkfLKRAGsoMatdojV3SAHke0b8A1MKa7Msm2sInNwXJ2TF0deVi1irI1fROBlW__U5evrJiu_VRu9nIhd_4YDDwKIOnHuGG5-kXO2WX0u5OAd2G9vxb9H_z62mjVgzUU-dAcgFpyzNW0oRx5Qjbvec53GrauvKKvtsgvQbU_ok2bBxBWU8Qtjrdu92k8OC4_ly8CbnGo9pBNqox8nm4jK3mLA0XVBqOtHCWASAt4aIzlyzCJrqQ510QZoQM3alWiX5hgoXGrH09tiS8Q-fgdB42iAgUCllCyvoo4tNX4tJzZlMry4JI1SrBqmtM6feU6jvX0Kr3stZYkn__WGgdwHGxMYBx6kkTff1EVUPp8Py1luETEOT8JaIxAcPiNiARFA-gKtRN5FZK3kw4F5sdjOV3oiT9Sk-iLQ6Cv773dNn2aaQqAjm1zqvgMSzjKzBfR5qpSS0FjxdIgp7ushnvDdnK4ZPwqRzXeV0_pVgPbsYuQuffYGv0ZoqYo_Ky3GgvpPQcyhYpHz7A26MHjZBAQp2lWcVcIjw75aSyOum8ukMg_5_8S7Unt3tGhEb1oe6yXU6UAzgHQd0W-2ayheAxGzFvP6sRlvqOhRsZApfEp4yvfW86k0mv-WknCwpEB8555QTR3YH1vgg5o0ndnD2GXZs9rVQJLuMimlj6BhKMSwTGcVmQC67wqoVjCMi20-HMgsnhyoUU79FZHVPK5bmUjgYnGRXh1efOmQeOuN4uU5DTdCTEV7MLfcgJ8H-mb_yHHskd3FOPpzeuEn09S-pNbdL1cUc3Y4WMVgypw_2AcfzkCN9tKbq4mLdTFi9waECpprFd3z0K-mnrZyrgsbpasVxWAoOy_YKFMLsjZOtmHAKqgB16CdpaxRppQ4yf1INT3zJMIfI2Gg02Nx6Kw79eYZgDBUOGr9yYn1_SR4yqYhrHFCxOpVp_Jy-Vca3Z_8eMkQPQpo_PBwkmp5rOOz5tIJdYrFgn7i8yfhMVHma23Z3HXAUuGg-9W6st6VBbIRv-cD2vv_tarisZKR4wOEhIt0YyZUti-9EPz7dsGM4Xi8ul1n11SFIlDVNSgfvWwkmZuvrBziJQgUE_tXA-MCkvZG-YFjlS-5sYkmLYDFM5m297hD2qhFEzGoaBPOA6fswQanvk0hXUFvb4P1c9kkE4o6xW1k_ClQrRJzK5SCvGwOwoyiPjaYlGhsrc0Mke88fiAoXjy4qQp1BR2GeHbfLwSYTrO_vx9I858nn4OhppWx9-yXGQyHW3HaoryRI3Fa7Pq6d6HyNPmfY3380iqwhdVgsxgC5opzYTPKSX1kSutrmlNtri5ggGziSSj_qjV-AHNz2_KTOVuQIY9BgXAjXU7BU6CKixzJz5rJ1Y1VCeXOxX3LX-FppB8wegSLvKhX01LgVlP_bNKH2gJ4ZgDOZXC3Z_qJayl1WjQa63bIRj_UJq5rknqQtMvKWB2a6z6FVrZQvJfnLb05inpBd1frXNDNBln2uMHif3hwKEeEdLFzGrN7FiotX3B-CuSeFo89OhuVTtBa0xtTD4Do5pUEb32ITn5bH3VheSUv3J8h8Z5q2bvRSdhnk2WMZaPOeQ8VBYiAf3c7eVe4hWTlDstbJf-FnYnyNWRqJDoiDTelFmG56OZT9vYWkD8ss08diT5OfLh_e5FV3-9WG6BwwP2_t77TG3QZxi3iRCgPw1p1VOme5kNCbTNPACkKJR6zlNEAPwtfaDqiaC9hjXzq5eWiLcHFu17wvt88xijPmPbrYzZvX-d5x5KwN27LMjEVk2p9v-mB8TR93Uzsf-xdWaHKmrSE4UlbXiYaCdqOELr1-QgEtj8i6UaRHT9p9Aw58IBByCi90t5RXs1uA_YSD_ExJR7zStsdz9SNAtIE3EjkRAGyAiTJNutqmofFwKKkVsCjgt6S5TpJMSTTkrowUPGKb5XLLAy14so_8pF0Jm7PBuuS2Ha1q6pJ1e0uPWIJNdJ5zbBa6cCICuRu3JZH3DAykodf2kJvxU5xvj2SNnpAmRBKClMLhaQo5oC07W1NL7yCnQy9xd2emL2GQA3ssZzd_dF7MgWMfNte_2qU0jPBssWnSXH-g_8krAaRJWxc76Skm7d7xuNqt541cT9UNvyy8r7Zyh4uLx3HNupDjBcNr42-VliTqC-p6JmqSfp7Ncv_5ZRE0LGDom1PsZ19l-j4xQO2uf8e5eMl-lWzDwSHcYSAfCvQDyHBwBtTKSngZOQfZc0xC-hKVjGc1oKfAM2VHgmpAWAQQVeyMI7UmUD9IhI3LfBLCdzzh2RKCfwPiqOM48GRD9FHQ55Gfa7i8Dic_MNofE6PNBIRn2Zx0JNYSA_awQRzAlcoosLh74iJnmIaE-uGBB_mPz7kN1GdvIoDU4IIJGpqOpzteD9nUBg9_tUpIQaOS64gDUHYeK9q29jLIJ56KNNzDNCOk0OzUbPiGwsYKUa3SDwxQji9JA1y2rMLfkwjb7BE12MC1LEyPg6iVHfUeCurjUVqUX-Ktw5oKgvCLXcQf10ZMZDQi7Yfl7xjN-rHJEk69l1lGSkNfmBVos0VwKqAOozlgRg8p8gUFJvckXZqiI8hsmxrL94qSoMU5CCg5nOhfQ17dZ_oSEXMIgyO-WKzRFfVti8FMmn0lHZDdElsal6fR9VOi6Q3D2ZkUElbUL1u6Gcy_vHNY8k_iRj4Wdi5u_Y9we20wUDLjR7ZJWusfQQn_Wk4nglq_h7UfQKVpai2TQHiVJ7gdO-omNXV7evnkZ6_PFijQraRmwrLAu0-NBvMrP3dj_weyy7x-r5kvR1NLkPxC2n-vblhp2Sibd080QSgNMaXX-My5fHu7TWbqN1bDuZA0yVM_LdLtSXqiU0leMVm1F3gezrWqUKHhE9bJlVdZjGvsCMWaEvM3UQ102z46HajbzzH2VVg-V84kI-v3QcHW81XZpW27SUFsWDz-yMeq_BXR_IicknJIl6hN8_xRxqOlaVMIEN9O_tO2hs0mBStBBLq2UzEVBrnKANscKRhp6wUMvCDkydoiTkwjGkATY7pXJkRdtSc7aYgs_iVjuzyhS8Bkrb0iduMzKi4q&cid=CAQSOwAvHhf_6SoPc4UWnwSQrGFe4fnWscxRPGy7DksfJwGZGxPiEqPykY8kanUzf7jX2qyr0TRjZKr2d9VZGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=11076463951323701000&adk=2228999114&idt=293&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d94829da82cf70bf1f6b832a3274300080bec941cfd506033101f1270b739db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42352
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.240.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-240-95.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 19 Jan 2024 21:35:51 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.240.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-240-95.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mlive.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 19 Jan 2024 21:35:51 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
skeleton.js
fw.adsafeprotected.com/rjss/st/1874223/77019482/ Frame 77E9 		270 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1874223/77019482/skeleton.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=20839929287&bidurl=https://www.mlive.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hVMdfqzbgqPMeZtpMv1dZy
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.121.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-121-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ca05fcf13410d92a3c9ed10beed9be26221caa4887d93dea6b2dec33030bbb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 77E9 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
Origin
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 21:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Jan 2024 21:44:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 77E9 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AJBlNsygfhHrnZ_K3gdS7jNBggjvbgW4zi3GgxXiN1-tLaGrkg9qutOZ0zkNaSZpt6-ascahJJRilm_qf_N2wHGCRL6-bHEV_b_5-_Km-vx_FHspX9CwXmJz9l4-NeMvzClpjWvnsQiYORrE4ggcKFjPcaLsuYyQzhfLmsNTyHXhIueuc&dbm_d=AKAmf-DEHfBsJGmZXSpp0xzWEin7quBgFLoL8vlxJ324boxuhBh49ETAw2cTmLw8YNKxwIF8FD-HO6pDsXdSjGdo_SWLTK59t5WwiaU2NEzPkej8gmf1KRySRs5hy6H4BACBcg6TOofgIMaMLxRRltJyVpkV2ZeyN5RJJvJkPDpJX82lVgIO2_--hRWFhm66C9I-YZOAx6tj_d7JJ-PlAX5BKDDTA-1UComn2HsYM0GA_ebRwsgIMp3VjdHIMif8cszNVw7_DDm8PIoEItUNQ_XLiTE1uCB37ahp9URbI3PmV0i1NA6aiVYfhFq9ADQ7XBOGk1topPf0rosfaziElUeQzCAy6vVHQ-BMCQtecF9h6Yj6PWiHE9CeG9NMShwEHeLhWi1uLUulxCzqC1TtagtQjbWOQx7GJuR0rS0LfHxp0KAQY7YF01YQbz6TuGHxVeMPRadrNhciV5SRdF4hNnlJvF4wedBaqkzkX1JYNHE82cgCp-fyI60azyCFUDPyDDyUiTSdy9-KoO-PcOsATL7kPT2ZHwBMytVyrwu1iP-0nG1CByI8GpMj3i5Z3U27pubUkygCZonwRCyoXNtl7Mgyh_Cs1sYwgj4r2HPeIp10i7CR21hn-I_xyWDgx3ZziAbOEe1xcFbmwWRMypqiqZb2eOYMA7HvqG3RtCBwr_lLXGat9HiQzxyzWamImX4YvoyXbSAD0Pt3aN5j4XsJKkRSzfd7kbVmqdT68z7JDgsgl_knQ2Jg5CESFQYmpSexX9uGFX67o0PhtFGYq6NCq7F8CNGMHsZeGs7GUX2b4srjCX8utTp-fkRzfHY_CAoJw0KYxreVwJUqbkEEscQkN7VbdKq-D-kuPcJJSnPTtTyyEun2dSrXKYZDCzKVEsBibQCL7GJGxLnn8_Cg1UO0tAZJ2YfGi-s2egMV1-pmb3vSgfBxPMwy3QgXWuAUFgVrVCXVD_KNVfWRr5RI5qQ8YomrNCUf7frTqi_aql26wTKALa21gc_KVXIY17hFBTZYUbMLbrn0jYGfTSzRzvs9eUduNTbZbl3MIfGgQOZAclPG3hEE0rRy7oWQf-AG8h92fkeDsLb_yYx2cLUekpFsbRZF5hD7Z4Q8EtCmLWwcLqsaZPNYjyzkDk2dpUf-VMWJOWKlfCMOjNgVdE0NeNyORJTDLypDN0NrthV2V2XP3gpguCrzSeHIdOLD8hdkFzspm1V0SIMWYjlghhl7loZqIdZcCL8sCe7mwjNYWpQV_UPgQLsacODmb2nDdazOs51zXz9GbwZn62mCVYoMfe3pdNFQOiAePJttubEld6H1J6LwkIyz3fvu5D9P9m6aLF1gTrdK0TbE7_tUKRRQbL2BveNfs7CevEoqbZir92MVpW1MM0Zdf3kwe8I7opCxOEfowLWI5U5E2EE7g2DFTOo-Qf6lxzeuz8Y4xouQ_KpCMguFPOoJ0deMtzKF9P-zNh5EXYhTIu9Egf2K69iFAG1Eh7PUOEzrSpH9KoA1OsYMXna19iJi2_o15TEc2j1qNgGfP5AxVWjEByX9loFq6ICPkQwI0kkSU4zDoWxhElRHu7kLFJfmSmzEYb_QxrZJSDxCBloHXuMHHrCzzEMCoYW9mDzWtLnihuQXp58aCYYxAv6NIRXLYjkOgS4rmn09EJ6kRzYJeTWWOLKhxB7aAA8GZm1C2WMQw_ojYLsHO7gg7qce_don6x7gF5hEinZOKYbk49v6PNz8TjgVyFllfnlbSer8Pn1W3nvezO6Pz2U_s9wKypwoP-4PSOD5caOJOKZIgv3nQ21iwIYlv-oqeBbXNQhn3jEExLwl3KLaXP4xzKmiBjjChdR4xh1ZJTWvy_-qrTbcCo7cLU1GJS9532_kOlQm8SLiW_E7HrR56Hd2uwFsfcQoGvHwTAOqTlLKVOY6XkEKQI8NGcrVlrPXgRoOvTgKtABZTBvtJ--1RXWBfarEctmo84HXDCR5hyTqptdlofCRfthKHEnH09anfzU7cbr10on7YjnCskgzv0PgtuXXG8sVdeEr7pBjJc5jyJPUFEKVQJzEGRTwXF3li2mP9BwaWGp-szoEltuFD3OqU1oN1vlgp-EKHnbQNxSmMpj2ZAiB74bzexA2R8m6G6Ac9oCZHhKgcLemVREiuund9nxV6kHJ6efQ2d26EyfYiKRjx2RQ5MFDFHpD_YbOKp1p9lx5tA_sEEdA5kNivsCTQ2eaPxasuUmo8nnweQHiqJvx-XWTO93J3EOXu8dz_0g_2ZME2dWYjRah_Xotubr_Jo2t0wpK25bO0lbUpUq90BXYpgXOdfeU-aAStMWS4CQYl8TukdiwJLoupy3x1K3OWY-ym8PjsyR2JlF0nH-pqhvImUFSTQ9z_hbS1J9wi5-SaAXyySO69SR3QrZCSwKMeh-MUL8feSx9ocMOsUDRLqOZZbZBrKQF5l5nW1VIkKu7gUE3qqHp7uq0desm9aWg85nbrbIb00CSHV1SetsjcDwGgORZ4qc7s24wYUrLokUozu-cfLc828GPRwwbMOMdoyK4T_xitLp-EzDaGqMpfspaJg-mes_Kmqq8qOkdWFHIrRj7F9ezl7Ey2oiN4qy8p0bcwAc6pSP2Men2Lzs0L9-KtJ5zUgJFgkI3BhWA4NtrI8_adk6DLLB41K9NkSrFhWbsrPfIVS6V3lMGrLYl9aIBM41WZkYpIVgAgkDE6piNrq_4uHSBlCdCeP4nEvN5naGGzP63Ridngnu3BMSmO9NP64P419kTdhA71s44FKsOpyV-YZ2RI3mdyvLb9XedtwwLDlmX34xbDR8SOp1-Esgp44I7ASuGO2vH_xUW3IXmmidBVND-xdcqxROtHN1Vm-svWyykQllPHq0jH7C__Amh03q9XTgWlUTDDerf_kNr1KsS_TUVmGbKUccy2CJN13RPMuGBlJpmQ8cu4DJim5dvP85_HcVsDV2eG1ZGGIZ4LmO4Cr3Jpucn4AVyj9uoD8aCe0IkbaUGmxi-5gVJVSGkxI7SHQl70H5Q7jbZpgSxJg3cxZhdMH9oVnDdNWgTw6jQEjfjvDcXmYh5H6DVLMdmxE8R_oAAlmtn4VOUSqhFbCq4nyD3LAQHqML7dYbL65ut6wxL_osaymTWdBE1_MdSsqk5Rz7QJFgiAU9Ii0Ff0mDZi1rN04pYfkb_fwm2iN8edc_Byo67u5CmdCjf68o5mtQ0iD4Jr12lriH6vAMQyBZJaIpcmK8n7UVmdtY6mbR3iVm5lvD5OU600Jze0WAJiND2fuDhYshzd0aRKr6XPWRryqgYbGKd7-Ons_8EAwGykEICDLZmf4sGfAljy3TTs60KPdNjj9DM5RUvWgoxCd9Qo-wG_wXik2awzyFrrNdtd0UcTrP17ubtvdWjfGrGGc-QQhg-DWFd2kTx2TD69jS9xvdvQWdBnPHYze2zX2OeCtrDjWcMX5syPRRxIKEjPR5IxkFWh2UpCf-11RpjEEYDlwQPx03Eir1kafGXfgIA-ufJONi8qTJj1TvnGZHx7lNqNJMLKbXGFxoJzs_CnTIyDqdmvzPFFqtc71QL-bL-SPvmUI3aKQn1hEvo7kk8KySN_qZh9qms9Sa_DgUR51gd-8K2xlKRmPfSE1zR2ExsGBYKORnE2QfS_cpGvrGXIaBu2KQx5-bO80Ci8VhCy5p0gwd8-sg8upbEVL2eobKtzdmiQ8ZCYKkYa_8Cz1GHaHqLB0gm5qBZItolGqYz_AfUSs1jka-GJvrJ0E38j1uangMDqVnT919ckKqxXU2NL9AWtKr7d-HRbhizDId_KMRlLoxXmpNhUk1yMhy5AX9qT_OOD5OWkiQKCAazQV8P5pIj6Qp6IQD1JsW_XcJnnhDXtD25Bn28qCH5UJLGPkaBoRPTriywOApKneakcj1CCRWvGQfve9Y-&cid=CAQSOwAvHhf_6SoPc4UWnwSQrGFe4fnWscxRPGy7DksfJwGZGxPiEqPykY8kanUzf7jX2qyr0TRjZKr2d9VZGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=6368955907148292000&adk=1964084971&idt=224&cac=0&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 18:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
11142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 18:30:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 77E9 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AJBlNsygfhHrnZ_K3gdS7jNBggjvbgW4zi3GgxXiN1-tLaGrkg9qutOZ0zkNaSZpt6-ascahJJRilm_qf_N2wHGCRL6-bHEV_b_5-_Km-vx_FHspX9CwXmJz9l4-NeMvzClpjWvnsQiYORrE4ggcKFjPcaLsuYyQzhfLmsNTyHXhIueuc&dbm_d=AKAmf-DEHfBsJGmZXSpp0xzWEin7quBgFLoL8vlxJ324boxuhBh49ETAw2cTmLw8YNKxwIF8FD-HO6pDsXdSjGdo_SWLTK59t5WwiaU2NEzPkej8gmf1KRySRs5hy6H4BACBcg6TOofgIMaMLxRRltJyVpkV2ZeyN5RJJvJkPDpJX82lVgIO2_--hRWFhm66C9I-YZOAx6tj_d7JJ-PlAX5BKDDTA-1UComn2HsYM0GA_ebRwsgIMp3VjdHIMif8cszNVw7_DDm8PIoEItUNQ_XLiTE1uCB37ahp9URbI3PmV0i1NA6aiVYfhFq9ADQ7XBOGk1topPf0rosfaziElUeQzCAy6vVHQ-BMCQtecF9h6Yj6PWiHE9CeG9NMShwEHeLhWi1uLUulxCzqC1TtagtQjbWOQx7GJuR0rS0LfHxp0KAQY7YF01YQbz6TuGHxVeMPRadrNhciV5SRdF4hNnlJvF4wedBaqkzkX1JYNHE82cgCp-fyI60azyCFUDPyDDyUiTSdy9-KoO-PcOsATL7kPT2ZHwBMytVyrwu1iP-0nG1CByI8GpMj3i5Z3U27pubUkygCZonwRCyoXNtl7Mgyh_Cs1sYwgj4r2HPeIp10i7CR21hn-I_xyWDgx3ZziAbOEe1xcFbmwWRMypqiqZb2eOYMA7HvqG3RtCBwr_lLXGat9HiQzxyzWamImX4YvoyXbSAD0Pt3aN5j4XsJKkRSzfd7kbVmqdT68z7JDgsgl_knQ2Jg5CESFQYmpSexX9uGFX67o0PhtFGYq6NCq7F8CNGMHsZeGs7GUX2b4srjCX8utTp-fkRzfHY_CAoJw0KYxreVwJUqbkEEscQkN7VbdKq-D-kuPcJJSnPTtTyyEun2dSrXKYZDCzKVEsBibQCL7GJGxLnn8_Cg1UO0tAZJ2YfGi-s2egMV1-pmb3vSgfBxPMwy3QgXWuAUFgVrVCXVD_KNVfWRr5RI5qQ8YomrNCUf7frTqi_aql26wTKALa21gc_KVXIY17hFBTZYUbMLbrn0jYGfTSzRzvs9eUduNTbZbl3MIfGgQOZAclPG3hEE0rRy7oWQf-AG8h92fkeDsLb_yYx2cLUekpFsbRZF5hD7Z4Q8EtCmLWwcLqsaZPNYjyzkDk2dpUf-VMWJOWKlfCMOjNgVdE0NeNyORJTDLypDN0NrthV2V2XP3gpguCrzSeHIdOLD8hdkFzspm1V0SIMWYjlghhl7loZqIdZcCL8sCe7mwjNYWpQV_UPgQLsacODmb2nDdazOs51zXz9GbwZn62mCVYoMfe3pdNFQOiAePJttubEld6H1J6LwkIyz3fvu5D9P9m6aLF1gTrdK0TbE7_tUKRRQbL2BveNfs7CevEoqbZir92MVpW1MM0Zdf3kwe8I7opCxOEfowLWI5U5E2EE7g2DFTOo-Qf6lxzeuz8Y4xouQ_KpCMguFPOoJ0deMtzKF9P-zNh5EXYhTIu9Egf2K69iFAG1Eh7PUOEzrSpH9KoA1OsYMXna19iJi2_o15TEc2j1qNgGfP5AxVWjEByX9loFq6ICPkQwI0kkSU4zDoWxhElRHu7kLFJfmSmzEYb_QxrZJSDxCBloHXuMHHrCzzEMCoYW9mDzWtLnihuQXp58aCYYxAv6NIRXLYjkOgS4rmn09EJ6kRzYJeTWWOLKhxB7aAA8GZm1C2WMQw_ojYLsHO7gg7qce_don6x7gF5hEinZOKYbk49v6PNz8TjgVyFllfnlbSer8Pn1W3nvezO6Pz2U_s9wKypwoP-4PSOD5caOJOKZIgv3nQ21iwIYlv-oqeBbXNQhn3jEExLwl3KLaXP4xzKmiBjjChdR4xh1ZJTWvy_-qrTbcCo7cLU1GJS9532_kOlQm8SLiW_E7HrR56Hd2uwFsfcQoGvHwTAOqTlLKVOY6XkEKQI8NGcrVlrPXgRoOvTgKtABZTBvtJ--1RXWBfarEctmo84HXDCR5hyTqptdlofCRfthKHEnH09anfzU7cbr10on7YjnCskgzv0PgtuXXG8sVdeEr7pBjJc5jyJPUFEKVQJzEGRTwXF3li2mP9BwaWGp-szoEltuFD3OqU1oN1vlgp-EKHnbQNxSmMpj2ZAiB74bzexA2R8m6G6Ac9oCZHhKgcLemVREiuund9nxV6kHJ6efQ2d26EyfYiKRjx2RQ5MFDFHpD_YbOKp1p9lx5tA_sEEdA5kNivsCTQ2eaPxasuUmo8nnweQHiqJvx-XWTO93J3EOXu8dz_0g_2ZME2dWYjRah_Xotubr_Jo2t0wpK25bO0lbUpUq90BXYpgXOdfeU-aAStMWS4CQYl8TukdiwJLoupy3x1K3OWY-ym8PjsyR2JlF0nH-pqhvImUFSTQ9z_hbS1J9wi5-SaAXyySO69SR3QrZCSwKMeh-MUL8feSx9ocMOsUDRLqOZZbZBrKQF5l5nW1VIkKu7gUE3qqHp7uq0desm9aWg85nbrbIb00CSHV1SetsjcDwGgORZ4qc7s24wYUrLokUozu-cfLc828GPRwwbMOMdoyK4T_xitLp-EzDaGqMpfspaJg-mes_Kmqq8qOkdWFHIrRj7F9ezl7Ey2oiN4qy8p0bcwAc6pSP2Men2Lzs0L9-KtJ5zUgJFgkI3BhWA4NtrI8_adk6DLLB41K9NkSrFhWbsrPfIVS6V3lMGrLYl9aIBM41WZkYpIVgAgkDE6piNrq_4uHSBlCdCeP4nEvN5naGGzP63Ridngnu3BMSmO9NP64P419kTdhA71s44FKsOpyV-YZ2RI3mdyvLb9XedtwwLDlmX34xbDR8SOp1-Esgp44I7ASuGO2vH_xUW3IXmmidBVND-xdcqxROtHN1Vm-svWyykQllPHq0jH7C__Amh03q9XTgWlUTDDerf_kNr1KsS_TUVmGbKUccy2CJN13RPMuGBlJpmQ8cu4DJim5dvP85_HcVsDV2eG1ZGGIZ4LmO4Cr3Jpucn4AVyj9uoD8aCe0IkbaUGmxi-5gVJVSGkxI7SHQl70H5Q7jbZpgSxJg3cxZhdMH9oVnDdNWgTw6jQEjfjvDcXmYh5H6DVLMdmxE8R_oAAlmtn4VOUSqhFbCq4nyD3LAQHqML7dYbL65ut6wxL_osaymTWdBE1_MdSsqk5Rz7QJFgiAU9Ii0Ff0mDZi1rN04pYfkb_fwm2iN8edc_Byo67u5CmdCjf68o5mtQ0iD4Jr12lriH6vAMQyBZJaIpcmK8n7UVmdtY6mbR3iVm5lvD5OU600Jze0WAJiND2fuDhYshzd0aRKr6XPWRryqgYbGKd7-Ons_8EAwGykEICDLZmf4sGfAljy3TTs60KPdNjj9DM5RUvWgoxCd9Qo-wG_wXik2awzyFrrNdtd0UcTrP17ubtvdWjfGrGGc-QQhg-DWFd2kTx2TD69jS9xvdvQWdBnPHYze2zX2OeCtrDjWcMX5syPRRxIKEjPR5IxkFWh2UpCf-11RpjEEYDlwQPx03Eir1kafGXfgIA-ufJONi8qTJj1TvnGZHx7lNqNJMLKbXGFxoJzs_CnTIyDqdmvzPFFqtc71QL-bL-SPvmUI3aKQn1hEvo7kk8KySN_qZh9qms9Sa_DgUR51gd-8K2xlKRmPfSE1zR2ExsGBYKORnE2QfS_cpGvrGXIaBu2KQx5-bO80Ci8VhCy5p0gwd8-sg8upbEVL2eobKtzdmiQ8ZCYKkYa_8Cz1GHaHqLB0gm5qBZItolGqYz_AfUSs1jka-GJvrJ0E38j1uangMDqVnT919ckKqxXU2NL9AWtKr7d-HRbhizDId_KMRlLoxXmpNhUk1yMhy5AX9qT_OOD5OWkiQKCAazQV8P5pIj6Qp6IQD1JsW_XcJnnhDXtD25Bn28qCH5UJLGPkaBoRPTriywOApKneakcj1CCRWvGQfve9Y-&cid=CAQSOwAvHhf_6SoPc4UWnwSQrGFe4fnWscxRPGy7DksfJwGZGxPiEqPykY8kanUzf7jX2qyr0TRjZKr2d9VZGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=6368955907148292000&adk=1964084971&idt=224&cac=0&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 18:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
11142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 18:30:09 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 77E9 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
241658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:28:13 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CC5F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
15907
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 17:10:44 GMT
etag
48472445140208031
expires
Sat, 20 Jan 2024 17:10:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 77E9 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf3e430154bc1d8c1985f5d09f0d4d4598f27c9aa02c12755a16b193e3a41582

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 6486 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
261703
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 20:54:08 GMT
expires
Wed, 15 Jan 2025 20:54:08 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1874223/77019482/ Frame EA04 		270 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1874223/77019482/skeleton.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=20843742424&bidurl=https://www.mlive.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0i9gASSZv26r_AbaAPxweKG
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.121.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-121-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6d4b7c36ba0ebaf52b79d7691ba09f2eb070a7c8b6fb2417e379356949e5a361

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame EA04 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
Origin
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 21:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Jan 2024 21:44:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame EA04 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-zLyHzuvdwFSYMrbpT_TJhSftZO-sxDDyfP6g9CJ-Ok6whwUGwL23BXPQRS5Bs7_99KLK3iyzfvYLkqSZdL9Vy339GtauxSRikfnN-SWaJJKCEo02psJtk47MH2PuIuqMJpbiS9s2nWnNV1x_T6r7WxlWuYYG1H1ltXFYMycU4yzzyHc&dbm_d=AKAmf-CVe-pnHCT_YtgWvcyvrQmKYfcg3H4ekg2mUiL92WAf2-gZdORsKF3HvV3fRkGkp_vrSxDYXF-wT2NLNwAuBbP0I-IQnJeZ7jX_fwxlnMiLmXEpO72IhAqTvp0O09WzMpi2ra9T_jlBUfIeKMejaMgqr8iDRFGJ5ShJ_fP1uCNXPlI0NyAsFgY3_toKOTnQ8sFh6ICS9b4fEi1N4vrdSfqFG_CGAM41u_ok-ziap0Fn6F_fjF9Uhu86DB8-9XaxMLxys_qcSKwJeRXMjn-pUUj5ga61sWUrBe0vN_9U48z5pbwO1UL252_5YtdZfsD0k1YsZ2w_U9rLL5emcUhZ0cUW1ca_Vv4yJwsmw0UjwlcKfIkhg1irznY34-6t1VhXIJ5sFREvip_HRz-YlOHrawwwkELeSeSAe15cc9L05PAQJiziqTkSYrLXecGQAUwpkxFLrWpU64w7sD0NiPpFlNnw0HZfCNLu7lXvFjVn6kbbEuPrSGk11EIRf3N_4QIJ43aNUGwdwlxUAA5m5VqzUbwauGhGYLVM7_Zgr541dBHlwhYuuDSPiylF1Oxgh1Rh8GciVHgnGmzlctdeV2PjMK7xNjzJDzJFhXiXlAOH1UY3MbetZgbJPhO86_RtXYvxwW0keZ5Dmt-D15LamY3XyGM5ypF2-HOULuhspjz6-pFrdtW-zm6qJJoj3vGWApz0ad7mP3kwCPSQS6shvmoplxfxDfYid24bL17LRmq1xWpV3pw8X4IGJo54g-pe1aiAuReVtWzMrHu7XTFM1ttmt_lPrmpCEGafXUXMmBFJN9LpcyMEdMjbLZeU_kMoH09cjaLkfLKRAGsoMatdojV3SAHke0b8A1MKa7Msm2sInNwXJ2TF0deVi1irI1fROBlW__U5evrJiu_VRu9nIhd_4YDDwKIOnHuGG5-kXO2WX0u5OAd2G9vxb9H_z62mjVgzUU-dAcgFpyzNW0oRx5Qjbvec53GrauvKKvtsgvQbU_ok2bBxBWU8Qtjrdu92k8OC4_ly8CbnGo9pBNqox8nm4jK3mLA0XVBqOtHCWASAt4aIzlyzCJrqQ510QZoQM3alWiX5hgoXGrH09tiS8Q-fgdB42iAgUCllCyvoo4tNX4tJzZlMry4JI1SrBqmtM6feU6jvX0Kr3stZYkn__WGgdwHGxMYBx6kkTff1EVUPp8Py1luETEOT8JaIxAcPiNiARFA-gKtRN5FZK3kw4F5sdjOV3oiT9Sk-iLQ6Cv773dNn2aaQqAjm1zqvgMSzjKzBfR5qpSS0FjxdIgp7ushnvDdnK4ZPwqRzXeV0_pVgPbsYuQuffYGv0ZoqYo_Ky3GgvpPQcyhYpHz7A26MHjZBAQp2lWcVcIjw75aSyOum8ukMg_5_8S7Unt3tGhEb1oe6yXU6UAzgHQd0W-2ayheAxGzFvP6sRlvqOhRsZApfEp4yvfW86k0mv-WknCwpEB8555QTR3YH1vgg5o0ndnD2GXZs9rVQJLuMimlj6BhKMSwTGcVmQC67wqoVjCMi20-HMgsnhyoUU79FZHVPK5bmUjgYnGRXh1efOmQeOuN4uU5DTdCTEV7MLfcgJ8H-mb_yHHskd3FOPpzeuEn09S-pNbdL1cUc3Y4WMVgypw_2AcfzkCN9tKbq4mLdTFi9waECpprFd3z0K-mnrZyrgsbpasVxWAoOy_YKFMLsjZOtmHAKqgB16CdpaxRppQ4yf1INT3zJMIfI2Gg02Nx6Kw79eYZgDBUOGr9yYn1_SR4yqYhrHFCxOpVp_Jy-Vca3Z_8eMkQPQpo_PBwkmp5rOOz5tIJdYrFgn7i8yfhMVHma23Z3HXAUuGg-9W6st6VBbIRv-cD2vv_tarisZKR4wOEhIt0YyZUti-9EPz7dsGM4Xi8ul1n11SFIlDVNSgfvWwkmZuvrBziJQgUE_tXA-MCkvZG-YFjlS-5sYkmLYDFM5m297hD2qhFEzGoaBPOA6fswQanvk0hXUFvb4P1c9kkE4o6xW1k_ClQrRJzK5SCvGwOwoyiPjaYlGhsrc0Mke88fiAoXjy4qQp1BR2GeHbfLwSYTrO_vx9I858nn4OhppWx9-yXGQyHW3HaoryRI3Fa7Pq6d6HyNPmfY3380iqwhdVgsxgC5opzYTPKSX1kSutrmlNtri5ggGziSSj_qjV-AHNz2_KTOVuQIY9BgXAjXU7BU6CKixzJz5rJ1Y1VCeXOxX3LX-FppB8wegSLvKhX01LgVlP_bNKH2gJ4ZgDOZXC3Z_qJayl1WjQa63bIRj_UJq5rknqQtMvKWB2a6z6FVrZQvJfnLb05inpBd1frXNDNBln2uMHif3hwKEeEdLFzGrN7FiotX3B-CuSeFo89OhuVTtBa0xtTD4Do5pUEb32ITn5bH3VheSUv3J8h8Z5q2bvRSdhnk2WMZaPOeQ8VBYiAf3c7eVe4hWTlDstbJf-FnYnyNWRqJDoiDTelFmG56OZT9vYWkD8ss08diT5OfLh_e5FV3-9WG6BwwP2_t77TG3QZxi3iRCgPw1p1VOme5kNCbTNPACkKJR6zlNEAPwtfaDqiaC9hjXzq5eWiLcHFu17wvt88xijPmPbrYzZvX-d5x5KwN27LMjEVk2p9v-mB8TR93Uzsf-xdWaHKmrSE4UlbXiYaCdqOELr1-QgEtj8i6UaRHT9p9Aw58IBByCi90t5RXs1uA_YSD_ExJR7zStsdz9SNAtIE3EjkRAGyAiTJNutqmofFwKKkVsCjgt6S5TpJMSTTkrowUPGKb5XLLAy14so_8pF0Jm7PBuuS2Ha1q6pJ1e0uPWIJNdJ5zbBa6cCICuRu3JZH3DAykodf2kJvxU5xvj2SNnpAmRBKClMLhaQo5oC07W1NL7yCnQy9xd2emL2GQA3ssZzd_dF7MgWMfNte_2qU0jPBssWnSXH-g_8krAaRJWxc76Skm7d7xuNqt541cT9UNvyy8r7Zyh4uLx3HNupDjBcNr42-VliTqC-p6JmqSfp7Ncv_5ZRE0LGDom1PsZ19l-j4xQO2uf8e5eMl-lWzDwSHcYSAfCvQDyHBwBtTKSngZOQfZc0xC-hKVjGc1oKfAM2VHgmpAWAQQVeyMI7UmUD9IhI3LfBLCdzzh2RKCfwPiqOM48GRD9FHQ55Gfa7i8Dic_MNofE6PNBIRn2Zx0JNYSA_awQRzAlcoosLh74iJnmIaE-uGBB_mPz7kN1GdvIoDU4IIJGpqOpzteD9nUBg9_tUpIQaOS64gDUHYeK9q29jLIJ56KNNzDNCOk0OzUbPiGwsYKUa3SDwxQji9JA1y2rMLfkwjb7BE12MC1LEyPg6iVHfUeCurjUVqUX-Ktw5oKgvCLXcQf10ZMZDQi7Yfl7xjN-rHJEk69l1lGSkNfmBVos0VwKqAOozlgRg8p8gUFJvckXZqiI8hsmxrL94qSoMU5CCg5nOhfQ17dZ_oSEXMIgyO-WKzRFfVti8FMmn0lHZDdElsal6fR9VOi6Q3D2ZkUElbUL1u6Gcy_vHNY8k_iRj4Wdi5u_Y9we20wUDLjR7ZJWusfQQn_Wk4nglq_h7UfQKVpai2TQHiVJ7gdO-omNXV7evnkZ6_PFijQraRmwrLAu0-NBvMrP3dj_weyy7x-r5kvR1NLkPxC2n-vblhp2Sibd080QSgNMaXX-My5fHu7TWbqN1bDuZA0yVM_LdLtSXqiU0leMVm1F3gezrWqUKHhE9bJlVdZjGvsCMWaEvM3UQ102z46HajbzzH2VVg-V84kI-v3QcHW81XZpW27SUFsWDz-yMeq_BXR_IicknJIl6hN8_xRxqOlaVMIEN9O_tO2hs0mBStBBLq2UzEVBrnKANscKRhp6wUMvCDkydoiTkwjGkATY7pXJkRdtSc7aYgs_iVjuzyhS8Bkrb0iduMzKi4q&cid=CAQSOwAvHhf_6SoPc4UWnwSQrGFe4fnWscxRPGy7DksfJwGZGxPiEqPykY8kanUzf7jX2qyr0TRjZKr2d9VZGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=11076463951323701000&adk=2228999114&idt=293&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 18:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
11142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 18:30:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame EA04 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-zLyHzuvdwFSYMrbpT_TJhSftZO-sxDDyfP6g9CJ-Ok6whwUGwL23BXPQRS5Bs7_99KLK3iyzfvYLkqSZdL9Vy339GtauxSRikfnN-SWaJJKCEo02psJtk47MH2PuIuqMJpbiS9s2nWnNV1x_T6r7WxlWuYYG1H1ltXFYMycU4yzzyHc&dbm_d=AKAmf-CVe-pnHCT_YtgWvcyvrQmKYfcg3H4ekg2mUiL92WAf2-gZdORsKF3HvV3fRkGkp_vrSxDYXF-wT2NLNwAuBbP0I-IQnJeZ7jX_fwxlnMiLmXEpO72IhAqTvp0O09WzMpi2ra9T_jlBUfIeKMejaMgqr8iDRFGJ5ShJ_fP1uCNXPlI0NyAsFgY3_toKOTnQ8sFh6ICS9b4fEi1N4vrdSfqFG_CGAM41u_ok-ziap0Fn6F_fjF9Uhu86DB8-9XaxMLxys_qcSKwJeRXMjn-pUUj5ga61sWUrBe0vN_9U48z5pbwO1UL252_5YtdZfsD0k1YsZ2w_U9rLL5emcUhZ0cUW1ca_Vv4yJwsmw0UjwlcKfIkhg1irznY34-6t1VhXIJ5sFREvip_HRz-YlOHrawwwkELeSeSAe15cc9L05PAQJiziqTkSYrLXecGQAUwpkxFLrWpU64w7sD0NiPpFlNnw0HZfCNLu7lXvFjVn6kbbEuPrSGk11EIRf3N_4QIJ43aNUGwdwlxUAA5m5VqzUbwauGhGYLVM7_Zgr541dBHlwhYuuDSPiylF1Oxgh1Rh8GciVHgnGmzlctdeV2PjMK7xNjzJDzJFhXiXlAOH1UY3MbetZgbJPhO86_RtXYvxwW0keZ5Dmt-D15LamY3XyGM5ypF2-HOULuhspjz6-pFrdtW-zm6qJJoj3vGWApz0ad7mP3kwCPSQS6shvmoplxfxDfYid24bL17LRmq1xWpV3pw8X4IGJo54g-pe1aiAuReVtWzMrHu7XTFM1ttmt_lPrmpCEGafXUXMmBFJN9LpcyMEdMjbLZeU_kMoH09cjaLkfLKRAGsoMatdojV3SAHke0b8A1MKa7Msm2sInNwXJ2TF0deVi1irI1fROBlW__U5evrJiu_VRu9nIhd_4YDDwKIOnHuGG5-kXO2WX0u5OAd2G9vxb9H_z62mjVgzUU-dAcgFpyzNW0oRx5Qjbvec53GrauvKKvtsgvQbU_ok2bBxBWU8Qtjrdu92k8OC4_ly8CbnGo9pBNqox8nm4jK3mLA0XVBqOtHCWASAt4aIzlyzCJrqQ510QZoQM3alWiX5hgoXGrH09tiS8Q-fgdB42iAgUCllCyvoo4tNX4tJzZlMry4JI1SrBqmtM6feU6jvX0Kr3stZYkn__WGgdwHGxMYBx6kkTff1EVUPp8Py1luETEOT8JaIxAcPiNiARFA-gKtRN5FZK3kw4F5sdjOV3oiT9Sk-iLQ6Cv773dNn2aaQqAjm1zqvgMSzjKzBfR5qpSS0FjxdIgp7ushnvDdnK4ZPwqRzXeV0_pVgPbsYuQuffYGv0ZoqYo_Ky3GgvpPQcyhYpHz7A26MHjZBAQp2lWcVcIjw75aSyOum8ukMg_5_8S7Unt3tGhEb1oe6yXU6UAzgHQd0W-2ayheAxGzFvP6sRlvqOhRsZApfEp4yvfW86k0mv-WknCwpEB8555QTR3YH1vgg5o0ndnD2GXZs9rVQJLuMimlj6BhKMSwTGcVmQC67wqoVjCMi20-HMgsnhyoUU79FZHVPK5bmUjgYnGRXh1efOmQeOuN4uU5DTdCTEV7MLfcgJ8H-mb_yHHskd3FOPpzeuEn09S-pNbdL1cUc3Y4WMVgypw_2AcfzkCN9tKbq4mLdTFi9waECpprFd3z0K-mnrZyrgsbpasVxWAoOy_YKFMLsjZOtmHAKqgB16CdpaxRppQ4yf1INT3zJMIfI2Gg02Nx6Kw79eYZgDBUOGr9yYn1_SR4yqYhrHFCxOpVp_Jy-Vca3Z_8eMkQPQpo_PBwkmp5rOOz5tIJdYrFgn7i8yfhMVHma23Z3HXAUuGg-9W6st6VBbIRv-cD2vv_tarisZKR4wOEhIt0YyZUti-9EPz7dsGM4Xi8ul1n11SFIlDVNSgfvWwkmZuvrBziJQgUE_tXA-MCkvZG-YFjlS-5sYkmLYDFM5m297hD2qhFEzGoaBPOA6fswQanvk0hXUFvb4P1c9kkE4o6xW1k_ClQrRJzK5SCvGwOwoyiPjaYlGhsrc0Mke88fiAoXjy4qQp1BR2GeHbfLwSYTrO_vx9I858nn4OhppWx9-yXGQyHW3HaoryRI3Fa7Pq6d6HyNPmfY3380iqwhdVgsxgC5opzYTPKSX1kSutrmlNtri5ggGziSSj_qjV-AHNz2_KTOVuQIY9BgXAjXU7BU6CKixzJz5rJ1Y1VCeXOxX3LX-FppB8wegSLvKhX01LgVlP_bNKH2gJ4ZgDOZXC3Z_qJayl1WjQa63bIRj_UJq5rknqQtMvKWB2a6z6FVrZQvJfnLb05inpBd1frXNDNBln2uMHif3hwKEeEdLFzGrN7FiotX3B-CuSeFo89OhuVTtBa0xtTD4Do5pUEb32ITn5bH3VheSUv3J8h8Z5q2bvRSdhnk2WMZaPOeQ8VBYiAf3c7eVe4hWTlDstbJf-FnYnyNWRqJDoiDTelFmG56OZT9vYWkD8ss08diT5OfLh_e5FV3-9WG6BwwP2_t77TG3QZxi3iRCgPw1p1VOme5kNCbTNPACkKJR6zlNEAPwtfaDqiaC9hjXzq5eWiLcHFu17wvt88xijPmPbrYzZvX-d5x5KwN27LMjEVk2p9v-mB8TR93Uzsf-xdWaHKmrSE4UlbXiYaCdqOELr1-QgEtj8i6UaRHT9p9Aw58IBByCi90t5RXs1uA_YSD_ExJR7zStsdz9SNAtIE3EjkRAGyAiTJNutqmofFwKKkVsCjgt6S5TpJMSTTkrowUPGKb5XLLAy14so_8pF0Jm7PBuuS2Ha1q6pJ1e0uPWIJNdJ5zbBa6cCICuRu3JZH3DAykodf2kJvxU5xvj2SNnpAmRBKClMLhaQo5oC07W1NL7yCnQy9xd2emL2GQA3ssZzd_dF7MgWMfNte_2qU0jPBssWnSXH-g_8krAaRJWxc76Skm7d7xuNqt541cT9UNvyy8r7Zyh4uLx3HNupDjBcNr42-VliTqC-p6JmqSfp7Ncv_5ZRE0LGDom1PsZ19l-j4xQO2uf8e5eMl-lWzDwSHcYSAfCvQDyHBwBtTKSngZOQfZc0xC-hKVjGc1oKfAM2VHgmpAWAQQVeyMI7UmUD9IhI3LfBLCdzzh2RKCfwPiqOM48GRD9FHQ55Gfa7i8Dic_MNofE6PNBIRn2Zx0JNYSA_awQRzAlcoosLh74iJnmIaE-uGBB_mPz7kN1GdvIoDU4IIJGpqOpzteD9nUBg9_tUpIQaOS64gDUHYeK9q29jLIJ56KNNzDNCOk0OzUbPiGwsYKUa3SDwxQji9JA1y2rMLfkwjb7BE12MC1LEyPg6iVHfUeCurjUVqUX-Ktw5oKgvCLXcQf10ZMZDQi7Yfl7xjN-rHJEk69l1lGSkNfmBVos0VwKqAOozlgRg8p8gUFJvckXZqiI8hsmxrL94qSoMU5CCg5nOhfQ17dZ_oSEXMIgyO-WKzRFfVti8FMmn0lHZDdElsal6fR9VOi6Q3D2ZkUElbUL1u6Gcy_vHNY8k_iRj4Wdi5u_Y9we20wUDLjR7ZJWusfQQn_Wk4nglq_h7UfQKVpai2TQHiVJ7gdO-omNXV7evnkZ6_PFijQraRmwrLAu0-NBvMrP3dj_weyy7x-r5kvR1NLkPxC2n-vblhp2Sibd080QSgNMaXX-My5fHu7TWbqN1bDuZA0yVM_LdLtSXqiU0leMVm1F3gezrWqUKHhE9bJlVdZjGvsCMWaEvM3UQ102z46HajbzzH2VVg-V84kI-v3QcHW81XZpW27SUFsWDz-yMeq_BXR_IicknJIl6hN8_xRxqOlaVMIEN9O_tO2hs0mBStBBLq2UzEVBrnKANscKRhp6wUMvCDkydoiTkwjGkATY7pXJkRdtSc7aYgs_iVjuzyhS8Bkrb0iduMzKi4q&cid=CAQSOwAvHhf_6SoPc4UWnwSQrGFe4fnWscxRPGy7DksfJwGZGxPiEqPykY8kanUzf7jX2qyr0TRjZKr2d9VZGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=11076463951323701000&adk=2228999114&idt=293&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 18:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
11142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 18:30:09 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame EA04 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
241658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:28:13 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame CC5F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHTMncg03cO-SkyKHhv8TE0&google_cver=1&google_push=AXcoOmQnDrTXMG2Nf3NWPnEn3gn-lYPgyfClKZgwG1hFERcsI9IfP7aCvMUHyLvG1XjHMTU8J4sXC3tIxw9IpbmERvYIvysJaKPa
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc0NzA5OTE1NTgwNjYyNjIwNQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHTMncg03cO-SkyKHhv8TE0&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHTMncg03cO-SkyKHhv8TE0&google_cver=1
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHTMncg03cO-SkyKHhv8TE0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CC5F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPTgMwA6UTCTvrDc3cbK7tg&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPTgMwA6UTCTvrDc3cbK7tg&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dGJmeE1pTk0xUnFXd0w1&google_gid=CAESEPTgMwA6UTCTvrDc3cbK7tg&google_cver=1&google_push=AXcoOmTx83vhwYvOoE-t9Okh4_ZwwqDqsquXM9wRCEdtj67...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dGJmeE1pTk0xUnFXd0w1&google_gid=CAESEPTgMwA6UTCTvrDc3cbK7tg&google_cver=1&google_push=AXcoOmTx83vhwYvOoE-t9Okh4_ZwwqDqsquXM9wRCEdtj67S5lKx9jOlknYDpnbyBcYetOUhzZrholrJCX9cYf-d-k5JMMmyhoER
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 21:35:50 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-092dd177afc8cc107@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dGJmeE1pTk0xUnFXd0w1&google_gid=CAESEPTgMwA6UTCTvrDc3cbK7tg&google_cver=1&google_push=AXcoOmTx83vhwYvOoE-t9Okh4_ZwwqDqsquXM9wRCEdtj67S5lKx9jOlknYDpnbyBcYetOUhzZrholrJCX9cYf-d-k5JMMmyhoER
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame CC5F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFMqWVoe5-7MIXtjNbiP9Q0&google_cver=1&google_push=AXcoOmS1q6Ok96JgJ4OeNfgn7CumnDpAgBYZpzlg2BYUpcvKIG5AsiBDXx77nzaAJHy0t-UQFCARiayumycgnPYUFy1QTTqBBJDR&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFMqWVoe5-7MIXtjNbiP9Q0&google_cver=1&google_push=AXcoOmS1q6Ok96JgJ4OeNfgn7CumnDpAgBYZpzlg2BYUpcvKIG5AsiBDXx77nzaAJHy0t-UQFCARiayumycgnPYUFy1QTTqBBJD...
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFMqWVoe5-7MIXtjNbiP9Q0&google_cver=1&google_push=AXcoOmS1q6Ok96JgJ4OeNfgn7CumnDpAgBYZpzlg2BYUpcvKIG5AsiBDXx77nzaAJHy0t-UQFCARiayumycgnPYUFy1QTTqBBJDR&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS1q6Ok96JgJ4OeNfgn7CumnDpAgBYZpzlg2BYUpcvKIG5AsiBDXx77nzaAJHy0t-UQFCARiayumycgnPYUFy1QTTqBBJDR%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
848235bb3e688ffe-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
437
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFMqWVoe5-7MIXtjNbiP9Q0&google_cver=1&google_push=AXcoOmS1q6Ok96JgJ4OeNfgn7CumnDpAgBYZpzlg2BYUpcvKIG5AsiBDXx77nzaAJHy0t-UQFCARiayumycgnPYUFy1QTTqBBJDR&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS1q6Ok96JgJ4OeNfgn7CumnDpAgBYZpzlg2BYUpcvKIG5AsiBDXx77nzaAJHy0t-UQFCARiayumycgnPYUFy1QTTqBBJDR%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
848235b9cd508ffe-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CC5F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENfPjUKncNGMhHjbYuI3PJc&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENfPjUKncNGMhHjbYuI3PJc&google_hm=ZarrNo1xK6sSCVO0lcCv5QAABIkAAAIB&google_nid=index&google_push=AXcoOmQxomhVVeVU1eyvzwFRqDYxxnveFv4-R...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENfPjUKncNGMhHjbYuI3PJc&google_hm=ZarrNo1xK6sSCVO0lcCv5QAABIkAAAIB&google_nid=index&google_push=AXcoOmQxomhVVeVU1eyvzwFRqDYxxnveFv4-RAmdjiKJexEM-6YpjD5Z-GOcaMvsCAEXeJJ5nIA9e7MCSru5puG2dINvTfGg3VNN
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iE5fd0QhIyYgUxmI3UetaAd4DFgIQ0TrLc%2BlipQju5fPzjbiQje2%2BndxGdoDvHw9OpqdcojiSk%2FFMhKKwgKfW5lSGeef5A2KmXOE9kz%2F8IkD%2FLnGh%2FDAOeOxZR801wdd6XXasS88Bme7AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENfPjUKncNGMhHjbYuI3PJc&google_hm=ZarrNo1xK6sSCVO0lcCv5QAABIkAAAIB&google_nid=index&google_push=AXcoOmQxomhVVeVU1eyvzwFRqDYxxnveFv4-RAmdjiKJexEM-6YpjD5Z-GOcaMvsCAEXeJJ5nIA9e7MCSru5puG2dINvTfGg3VNN
cache-control
no-cache
cf-ray
848235b92e384480-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame CC5F
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAo4-uRO7R3cT2TekuPYV-Q&google_cver=1&google_push=AXcoOmRO58SBb_8kr-g10LHtiF2bSIV5tP9qV_6nRAYekOcHDek2sjuc5gdQ_-atEdJ0vhT20V1tyBETNbRdo3E9N...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAo4-uRO7R3cT2TekuPYV-Q&google_cver=1&google_push=AXcoOmRO58SBb_8kr-g10LHtiF2bSIV5tP9qV_6nRAYekOcHDek2sjuc5gdQ_-atEdJ0vhT20V1tyBETNbRdo3E9N...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRO58SBb_8kr-g10LHtiF2bSIV5tP9qV_6nRAYekOcHDek2sjuc5gdQ_-atEdJ0vhT20V1tyBETNbRdo3E9Nv6Qa8P4Mq0Z&google_hm=IBPvsGZHcLoOibSVQ6yb4Fjg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRO58SBb_8kr-g10LHtiF2bSIV5tP9qV_6nRAYekOcHDek2sjuc5gdQ_-atEdJ0vhT20V1tyBETNbRdo3E9Nv6Qa8P4Mq0Z&google_hm=IBPvsGZHcLoOibSVQ6yb4Fjg
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 19 Jan 2024 21:35:52 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRO58SBb_8kr-g10LHtiF2bSIV5tP9qV_6nRAYekOcHDek2sjuc5gdQ_-atEdJ0vhT20V1tyBETNbRdo3E9Nv6Qa8P4Mq0Z&google_hm=IBPvsGZHcLoOibSVQ6yb4Fjg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
ebda
match.360yield.com/match/ Frame CC5F 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEPn9iFJHOAK7rVhpMrkhgMk&google_cver=1&google_push=AXcoOmRJSF0xvrjpNP5zd8By4J5eQvWtoZOt_ZoKQqVSPgtuUuTMKD3kkQW1wgXqhw3MGR-tlT2bZWeIfWlgAU-7fHGrYa8ICd8N
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.73.193.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-193-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 19 Jan 2024 21:35:51 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame CC5F 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOVx1pocyNOeZcJIVfvBA4o&google_cver=1&google_push=AXcoOmS-bFUJ7c9zb-gjGUVZvUCNs-YK8VoDL_dWBWxZ1FR8I4XpptpcynMG34xXDJLyBeJBygoWp2Zz92CTIxjrFTQ2iAquNBDBcQ
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 21:35:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame CC5F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L1UAzb2nLBoHelVln-3w8_WV5M18Ni8DQ8IbD0Jc37YBVmKy20e3th_mrwYI73Vzioahy6VQ
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
skeleton.js
fw.adsafeprotected.com/rjss/st/1874223/77019482/ Frame E91F 		270 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1874223/77019482/skeleton.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=20833643169&bidurl=https://www.mlive.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jghhreLa-Nyn73wsYCYxSW
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.121.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-121-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c51f270ac2b83a9abc02401a42c08f472e84b49a392dd18e29ac76cceb022593

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame E91F 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
Origin
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 21:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Jan 2024 21:44:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame E91F 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTQtN7gOS9x-mvLWb_IiXgotwONocHsW9KrRU4kfVXZdHseuim-l7GpFQECb0v1_RGgHuXl4x7PeROhmQt7LBE8b23PZxJDn4-USjDTjVp2_4M1_k5_5WlIGBsBt5d37Qm20ITjGWOd13PVHhVm1o_4-DGIX3-wQWrDNisfmeqfDnu_Og&dbm_d=AKAmf-CSYn-LwbzNqlDVXsib1xT5RKf9xt121tDlW-yYRhEfBBH9URYJuS7wBwAOx3LqUBUgRbcTGiEgwJKN2xFiNPydEWpy_uBFXw-4lNo2dqD-PfuoIW-09t8FaAZ4aB-qyZTmlm1WFv2DH25VFPDzGlE8KFeKQpcftGrdp7oyn84k9DsAVqe1Zu4mor76UY6qyRJrCmxW4nb3Ldx_mJ8wcVEzcncJdiqs7mHL9WYjhzyRnPzQKRs4UZx758gFIcbDAfEx6rdQVYz3SNbHsZWrs-fCe_HQz4O6pLhKR07xtPNB0rsN_QlmbwIq5NtZN2KeBI8orZ5_d5uV1QtoE7qcr5V8Ups32j0uhIlDH3XC5scH0fqtVQmjAqDTZvHLZTaVHgoDP1CcOYyS5lTskdNzWe4R3Pw-mJcj6uwHEGSX4dHKy1Nu7GmEwlWyVVb4E44k6Z7CUnmVqCtSpfPMD3AImLU_x9t1vlJQ5XXp6xTsdit-Lf-D5GQpVPUaUP0Q4HeQhksh4ewHAHiMNxUq9nAeb7UjWv732Qc4DMtGt9AME9tXx_8Hvv80v5eBFHM-Xwbhqhy5IcbAKwTYWQ6VAjWLcrTud-q-f1M_LALC21p7Gn-7eEP0Gs8XDGeq3oW_2rRUMKLNvMwvf1ueJ3NmlQk4PZBdwG2JfHv5pKXFWZOaidJbpqzYSc9Rghf_g1ANPXF5FwhzWL1xUJBGOKt0Da_UmcCmevhyiWFd__gFO2xVjHROtfckFz1rmroW4fLrnolEPoLsA5r5h-PKTUG-TUnA1RcHSD9iHt1_SUVX5tdK4C-IaeA-e9lzpHZvgLsyfVjoN-LIN2PoVbtlATwyv7b9pCFvZ97hfsolCCMDqZAD2hu-0BtoUZEPwsMh33TZuvsEwSiaysNXRwgBdbuYVOKlMIaVTdpdJSO-Ts2GaDaATP-hhWp-OovVymKNarFDbw9ztGx65Q1NLKvKK-vXtYNx3mKXYpUYQUmGv-XBl7BMzykwreDUnyWF5TjM3PCrVUhwE0mcyokYMHHBIOteT4gFlOXZpONUTQoIDm_n6S-dXacHknbk8Tu7kRFfBR4OdtsVTWOLsZ9_co92WG088jbR6lgJzesfKXEemxhpbvVH8ZwHZH_rJ57BS40Krb0A0XLxfURg8dPQRVMGrDcMtEX7W6-u_Luw2PGo7yYJgW9FBK4nSLAZRNw5hhEEdGORn5cr0TR0qPZeqiS_Y8Re3UY7XjJApWfWv8sn5EwfQb96x8LzJsxK67NmM7QZzLk4F1wrvbskgduO99gOBwShdHCO-WITQC3mqk9uu_WrD3rv8lxxNx46DYE8bErRmKweOqgxDjPPPC74gBPWHh2CBzGOz0sfmWqQiLhAYq9dw_GIk4ktF78Ckp8dy0MuJ3KDD11eCvXUOkLrsruFwtP6jDvOEPnqtAUjfEE83KhBomGMJ8l3BjMbxBUoC8hlHvozEWSJqlwmfcE6j9kQ8yKz9AgwN_IVdsxn2eokUYu5SzZT-Ysoc0erRqTV0oXhVAPurYtMspU0EXeh10Wq4c5dKZ5XQTtgrlU6prLN03iFImami79hwJHOwbXwD15LxAU1abvLmA7bY3y6ZTcOkw58jDkD5IJ7i4u6CzrzA7mPcapqhi5Z6JpxMz5Y0iUHMhjhtJjK0ijyGNhKZtDaTb1WxwL96_HMMCuiWbC_QmtXSzR2D2Ga0pbf8D9AvebSeKZK2pYJX0WxGxph82AJdhB-QvfFKPDtzLp8amgjIv0XU4BbdXZaD_I_J1YEmAmCvmGNeFqG19w-xFqSlqY2Ymw97nUuUoxMlc7VxlunKA9fZNxs2aqszX1Bj3wCP140To_arXH6bE0P6mwPEcNw6QStNW2N1bdQ7nrP7wjJWnbPN_6jqVNoqQI-MPtOzJ672q6wNDe-PIaZGPm6QDaMMspTx14iQBCG27WD9xAij5Btz2l7-Ma8dM0Tzd2TyMyIKTz1lICzpdK9tHrByqHyo1RiJvaOeVNiAEIS8AeDL0R29tkQVmgWHTs0od7T94kWwSg59YZPWMGxpe7rGiDFqn30xm2h0rWj7vFWRE0M3r5fEhemxGwEAqo4K2T_ZGi028GAQObVrFEPb6frgONf_lJHxkfE6wrrTdgmsLnhlnJ_e4Y8pbT-pjv28DBjBJcx4mZiSpSRStLnERkc8mWtYvGJ_PmMh8lj67iCscPvJrdOJFlSa8DhQ1QksBQC31AzcSwwZlctBO1hdgCnwJ_qVtQFM7tuCgRuNAGiknULA-MPFYJxpULkTAIGPm3wKXH0AXnxRHgNdhBifzTlus1NlJKTUF9oKqwptbKVxtNB-YItP0FZwdvwj7oTKWCEo7xYbjb9LpR-7bNWTBrNGniq8eq_XjYuPuZQW83M--EfiS8CeUrc_LG1frSsdVRWAKG9TCeY6kFwBfyaU-MzevWkbtHot8tHGlDCCdgqW7ZM09PprDE1q9a1zOmuxPQL_i1V9w8P84Ajx5ZEmcTc225DdES6OuzAbVcCw_bqgiCawU6dK9VqT_lnCOqKvKDy52AcgcoqO0LVzayzXtWuA7_Yz10mexWn7EEUVsqK9RkPnKE0tivBMGk3TJxKC409lanfgYP9mFlf18E4yrTZ78bDqM21ZHdPJOK_RN8xict9vHJsVVO6jLZuHXfnFaOg8dTjmW4cSVPMpDMKpJfU0RA7f0e-Ximd-28xQQh83ljaaNsDQ-2bB1-T6vCVSs-qMFYs_AJp4bx14R8l7wxt1o6t_eOSu_dtBlv4l4qlmTdR4sJUb3LhF4w89vElacB9ORy0hSVyRuxKfmPTpoxpNiStNCOYoIS9VceHQhPmcNiYwInIlaUKYLtirc_rjdLgQa6YVuIGp-Sx-wwQL0ezMpX0yWwYmuIaY9cAhHOaM40C-0--vDN-iYMlgW_dbYnAVP7y4_mCJmvnJH5eL7wjlFcmiJ32N4Jo-UXfRl3FPEFKYJBQzqmZD8yyFb55nFXy1IV65fKQZ3nDGEm3YwXyuSApvQIidhMSET6PQDWwW0y-a_w-__kN4NvzQx_yV5q9D2cJLMuv2VCFDbrf2R4Z_vwiaTdlb6CbuIssCQSD9zCA7DigKSgsho6yhV46uwGBhGkq2Qquq6TVLgMEuPfTqLYYI6AlrkGzko7EOEjGRDlx8YlLqCjxbfC2CNazh1CTwS6QtzhK9bsmRx4QVkbxz2xrppk0Ms7s9hiCSyzTT2yn6DskLnLCNlXjj0SfXDcnc0YiVZ4O3joDNZqISvj9AqtfyR2BHNcP4jXYWTZQbIB0HnwO2C4zm4AcIngv2D3ykFDHYgVmtiW-uRtLuQoxmzLfHHZIfk3NULa2AnT8RD8P4zUEgomSCgUXs5XMbYpsmXlvq23FJaadyssIrcH050wZfWzUQP9cWg8dqeiVpsJQkC0m5cADTLygDAKTIjqUyT6Ag6KdWZPXsqvWrS4pe4LgaFuYeNipceA-jfEQ4xlH64sLHUgAE0GxDEKo0-BtGwmXbDwO16qGE46vZUqH2SZTEzvNaQ_B_-kfr2ml1OGLfMvC2m0Mn8EHwDvaPa-xGPA-yheGNI4smljpJETJU8bh-nUybsVlvFYnhRzfmjHAJUC55YJ68UT8EQJE8VPTKFwwZFs56-tX6Mn-pkzE7YvplCK-ML86PNhN7COsirjDsG7b2UevBHrIpemilTOX2Lu3HJBXjMJvVMiazAKIyW70CcJAfpHe0fDdAI1s3nyfirQ6fwo9GukOoz2CTsD1QaY5R4LAWAA0LD_2np0alkOSwsSIJ0mv-m85zh7wnZ6MVrFkkZbCH_sx93TsM71zHF-KLf1wIO5cxbkEOlBoGgxKGifsaKmZCTr1VL1OS2KLsmJUI-905U3B7rRin2mUdkfD6ySnOyasqcGaZLMH&cid=CAQSOwAvHhf_6SoPc4UWnwSQrGFe4fnWscxRPGy7DksfJwGZGxPiEqPykY8kanUzf7jX2qyr0TRjZKr2d9VZGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=17120359627771159000&adk=3047537734&idt=276&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 18:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
11142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 18:30:09 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame E91F 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTQtN7gOS9x-mvLWb_IiXgotwONocHsW9KrRU4kfVXZdHseuim-l7GpFQECb0v1_RGgHuXl4x7PeROhmQt7LBE8b23PZxJDn4-USjDTjVp2_4M1_k5_5WlIGBsBt5d37Qm20ITjGWOd13PVHhVm1o_4-DGIX3-wQWrDNisfmeqfDnu_Og&dbm_d=AKAmf-CSYn-LwbzNqlDVXsib1xT5RKf9xt121tDlW-yYRhEfBBH9URYJuS7wBwAOx3LqUBUgRbcTGiEgwJKN2xFiNPydEWpy_uBFXw-4lNo2dqD-PfuoIW-09t8FaAZ4aB-qyZTmlm1WFv2DH25VFPDzGlE8KFeKQpcftGrdp7oyn84k9DsAVqe1Zu4mor76UY6qyRJrCmxW4nb3Ldx_mJ8wcVEzcncJdiqs7mHL9WYjhzyRnPzQKRs4UZx758gFIcbDAfEx6rdQVYz3SNbHsZWrs-fCe_HQz4O6pLhKR07xtPNB0rsN_QlmbwIq5NtZN2KeBI8orZ5_d5uV1QtoE7qcr5V8Ups32j0uhIlDH3XC5scH0fqtVQmjAqDTZvHLZTaVHgoDP1CcOYyS5lTskdNzWe4R3Pw-mJcj6uwHEGSX4dHKy1Nu7GmEwlWyVVb4E44k6Z7CUnmVqCtSpfPMD3AImLU_x9t1vlJQ5XXp6xTsdit-Lf-D5GQpVPUaUP0Q4HeQhksh4ewHAHiMNxUq9nAeb7UjWv732Qc4DMtGt9AME9tXx_8Hvv80v5eBFHM-Xwbhqhy5IcbAKwTYWQ6VAjWLcrTud-q-f1M_LALC21p7Gn-7eEP0Gs8XDGeq3oW_2rRUMKLNvMwvf1ueJ3NmlQk4PZBdwG2JfHv5pKXFWZOaidJbpqzYSc9Rghf_g1ANPXF5FwhzWL1xUJBGOKt0Da_UmcCmevhyiWFd__gFO2xVjHROtfckFz1rmroW4fLrnolEPoLsA5r5h-PKTUG-TUnA1RcHSD9iHt1_SUVX5tdK4C-IaeA-e9lzpHZvgLsyfVjoN-LIN2PoVbtlATwyv7b9pCFvZ97hfsolCCMDqZAD2hu-0BtoUZEPwsMh33TZuvsEwSiaysNXRwgBdbuYVOKlMIaVTdpdJSO-Ts2GaDaATP-hhWp-OovVymKNarFDbw9ztGx65Q1NLKvKK-vXtYNx3mKXYpUYQUmGv-XBl7BMzykwreDUnyWF5TjM3PCrVUhwE0mcyokYMHHBIOteT4gFlOXZpONUTQoIDm_n6S-dXacHknbk8Tu7kRFfBR4OdtsVTWOLsZ9_co92WG088jbR6lgJzesfKXEemxhpbvVH8ZwHZH_rJ57BS40Krb0A0XLxfURg8dPQRVMGrDcMtEX7W6-u_Luw2PGo7yYJgW9FBK4nSLAZRNw5hhEEdGORn5cr0TR0qPZeqiS_Y8Re3UY7XjJApWfWv8sn5EwfQb96x8LzJsxK67NmM7QZzLk4F1wrvbskgduO99gOBwShdHCO-WITQC3mqk9uu_WrD3rv8lxxNx46DYE8bErRmKweOqgxDjPPPC74gBPWHh2CBzGOz0sfmWqQiLhAYq9dw_GIk4ktF78Ckp8dy0MuJ3KDD11eCvXUOkLrsruFwtP6jDvOEPnqtAUjfEE83KhBomGMJ8l3BjMbxBUoC8hlHvozEWSJqlwmfcE6j9kQ8yKz9AgwN_IVdsxn2eokUYu5SzZT-Ysoc0erRqTV0oXhVAPurYtMspU0EXeh10Wq4c5dKZ5XQTtgrlU6prLN03iFImami79hwJHOwbXwD15LxAU1abvLmA7bY3y6ZTcOkw58jDkD5IJ7i4u6CzrzA7mPcapqhi5Z6JpxMz5Y0iUHMhjhtJjK0ijyGNhKZtDaTb1WxwL96_HMMCuiWbC_QmtXSzR2D2Ga0pbf8D9AvebSeKZK2pYJX0WxGxph82AJdhB-QvfFKPDtzLp8amgjIv0XU4BbdXZaD_I_J1YEmAmCvmGNeFqG19w-xFqSlqY2Ymw97nUuUoxMlc7VxlunKA9fZNxs2aqszX1Bj3wCP140To_arXH6bE0P6mwPEcNw6QStNW2N1bdQ7nrP7wjJWnbPN_6jqVNoqQI-MPtOzJ672q6wNDe-PIaZGPm6QDaMMspTx14iQBCG27WD9xAij5Btz2l7-Ma8dM0Tzd2TyMyIKTz1lICzpdK9tHrByqHyo1RiJvaOeVNiAEIS8AeDL0R29tkQVmgWHTs0od7T94kWwSg59YZPWMGxpe7rGiDFqn30xm2h0rWj7vFWRE0M3r5fEhemxGwEAqo4K2T_ZGi028GAQObVrFEPb6frgONf_lJHxkfE6wrrTdgmsLnhlnJ_e4Y8pbT-pjv28DBjBJcx4mZiSpSRStLnERkc8mWtYvGJ_PmMh8lj67iCscPvJrdOJFlSa8DhQ1QksBQC31AzcSwwZlctBO1hdgCnwJ_qVtQFM7tuCgRuNAGiknULA-MPFYJxpULkTAIGPm3wKXH0AXnxRHgNdhBifzTlus1NlJKTUF9oKqwptbKVxtNB-YItP0FZwdvwj7oTKWCEo7xYbjb9LpR-7bNWTBrNGniq8eq_XjYuPuZQW83M--EfiS8CeUrc_LG1frSsdVRWAKG9TCeY6kFwBfyaU-MzevWkbtHot8tHGlDCCdgqW7ZM09PprDE1q9a1zOmuxPQL_i1V9w8P84Ajx5ZEmcTc225DdES6OuzAbVcCw_bqgiCawU6dK9VqT_lnCOqKvKDy52AcgcoqO0LVzayzXtWuA7_Yz10mexWn7EEUVsqK9RkPnKE0tivBMGk3TJxKC409lanfgYP9mFlf18E4yrTZ78bDqM21ZHdPJOK_RN8xict9vHJsVVO6jLZuHXfnFaOg8dTjmW4cSVPMpDMKpJfU0RA7f0e-Ximd-28xQQh83ljaaNsDQ-2bB1-T6vCVSs-qMFYs_AJp4bx14R8l7wxt1o6t_eOSu_dtBlv4l4qlmTdR4sJUb3LhF4w89vElacB9ORy0hSVyRuxKfmPTpoxpNiStNCOYoIS9VceHQhPmcNiYwInIlaUKYLtirc_rjdLgQa6YVuIGp-Sx-wwQL0ezMpX0yWwYmuIaY9cAhHOaM40C-0--vDN-iYMlgW_dbYnAVP7y4_mCJmvnJH5eL7wjlFcmiJ32N4Jo-UXfRl3FPEFKYJBQzqmZD8yyFb55nFXy1IV65fKQZ3nDGEm3YwXyuSApvQIidhMSET6PQDWwW0y-a_w-__kN4NvzQx_yV5q9D2cJLMuv2VCFDbrf2R4Z_vwiaTdlb6CbuIssCQSD9zCA7DigKSgsho6yhV46uwGBhGkq2Qquq6TVLgMEuPfTqLYYI6AlrkGzko7EOEjGRDlx8YlLqCjxbfC2CNazh1CTwS6QtzhK9bsmRx4QVkbxz2xrppk0Ms7s9hiCSyzTT2yn6DskLnLCNlXjj0SfXDcnc0YiVZ4O3joDNZqISvj9AqtfyR2BHNcP4jXYWTZQbIB0HnwO2C4zm4AcIngv2D3ykFDHYgVmtiW-uRtLuQoxmzLfHHZIfk3NULa2AnT8RD8P4zUEgomSCgUXs5XMbYpsmXlvq23FJaadyssIrcH050wZfWzUQP9cWg8dqeiVpsJQkC0m5cADTLygDAKTIjqUyT6Ag6KdWZPXsqvWrS4pe4LgaFuYeNipceA-jfEQ4xlH64sLHUgAE0GxDEKo0-BtGwmXbDwO16qGE46vZUqH2SZTEzvNaQ_B_-kfr2ml1OGLfMvC2m0Mn8EHwDvaPa-xGPA-yheGNI4smljpJETJU8bh-nUybsVlvFYnhRzfmjHAJUC55YJ68UT8EQJE8VPTKFwwZFs56-tX6Mn-pkzE7YvplCK-ML86PNhN7COsirjDsG7b2UevBHrIpemilTOX2Lu3HJBXjMJvVMiazAKIyW70CcJAfpHe0fDdAI1s3nyfirQ6fwo9GukOoz2CTsD1QaY5R4LAWAA0LD_2np0alkOSwsSIJ0mv-m85zh7wnZ6MVrFkkZbCH_sx93TsM71zHF-KLf1wIO5cxbkEOlBoGgxKGifsaKmZCTr1VL1OS2KLsmJUI-905U3B7rRin2mUdkfD6ySnOyasqcGaZLMH&cid=CAQSOwAvHhf_6SoPc4UWnwSQrGFe4fnWscxRPGy7DksfJwGZGxPiEqPykY8kanUzf7jX2qyr0TRjZKr2d9VZGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.mlive.com%2F&ds=l&xdt=1&iif=1&cor=17120359627771159000&adk=3047537734&idt=276&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 18:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
11142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Feb 2024 18:30:09 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame E91F 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
241658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:28:13 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 950A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
15907
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 17:10:44 GMT
etag
48472445140208031
expires
Sat, 20 Jan 2024 17:10:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame EA04 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5205a0a79ee67d4dea6d6bf9e4672b7f30c67e6bd7ca6384f645197b4b9486d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D0A1 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
15907
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 17:10:44 GMT
etag
48472445140208031
expires
Sat, 20 Jan 2024 17:10:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E91F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93bbeaced30cd5a8ce8e75290feecd41d329c0c41de6c99d0708f0357d713e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		585 B
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f2be85a7f43099aad9cf77f4c0ce5f85669a36deea238fd10322f5c3188af4
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mrn2j7s3HdE
pragma
no-cache
wn
prod-dash-10-0-138-250
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.003
cache-control
no-cache, no-store, must-revalidate
cf-ray
848235bab8802be6-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 9BA0 		23 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3784ad69e09edd41065834a5317ab3d1444a2a291bc3de864f28f1703686bc5d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
848235ba3e7c30e8-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Fri, 19 Jan 2024 21:35:51 GMT
expires
Fri, 19 Jan 2024 21:50:51 GMT
last-modified
Fri, 19 Jan 2024 21:35:51 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.002
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-82-50
x-forwarded-https
on
x-request-id
Mrn2j7s102k
x-xss-protection
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metered=1%7C7&metername=Support%20Meter&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=17&tvcfg=all&tid=ce72a9c7-4e6f-4f21-a2a5-11b0beb2a570&pid=caee0ffe-279e-4742-afd5-80498fce2f2f&dtm=1705700151356&qnm=_matherq&visible=1&tabid=35c06796-7ac2-424d-adf9-1aec59f260ad&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x13194&tofa=1705700149&vid=1&lvidt=1705700149&duid=50d28e3c-3c15-429c-89c7-a96038e677a0&fp=3292556798&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoidGVtcGxhdGUiLCJkYXRhIjp7IjAiOnsidGVtcGxhdGVJZCI6Ik9UQzE3WDMyQkpDSSIsImRpc3BsYXlNb2RlIjoiaW5saW5lIiwiZXhwZXJpZW5jZUFjdGlvbklkIjoic2hvd1RlbXBsYXRlMU9EU0xBR1pYN1dYNzEiLCJleHBlcmllbmNlSWQiOiJFWEtFVTdZWDNaQUwiLCJvZmZlcklkIjoiZmFrZU9mZmVySWQiLCJzaG93Q2xvc2VCdXR0b24iOiIwIn19LCJ2ZW5kb3IiOiJwaWFubyIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMjU5NTI3MzM2IiwicmVmVGltZSI6IjE3MDU3MDAxNTEzNTQifV19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.1.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-1-107.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 19 Jan 2024 21:35:51 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 6486 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 14:00:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
27347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jan 2025 14:00:04 GMT
index.html
s0.2mdn.net/sadbundle/10322374245016296065/ Frame 0693 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c2afe310f81e0cc65e85d2ef9550b4cdae58b8ee6317eb39b163f0c289ae2ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
423081
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2375
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 00:04:30 GMT
expires
Tue, 14 Jan 2025 00:04:30 GMT
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 77E9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNPUdZFlacfPbZDWI79T0rDG8OwZa4znAqFpN3mlqLyjnPAYyWizxpn_BrNnaV8auOuyJBLeaxc_pRlA3vQF0jfpxopBwRVQY_GZqKTkD1waetY-OHdoHjrEo_T0CValQAOogv5BRm8Wd1p23lHMt6jIVV3cMKOZanOy7MVL0UymSNiArbUDOKHollGsPsOqt6WtiJzzy4oFGBBHzJTY7g652Mj31eKTvjaKujMB2sM39AfwStomKGG5tIMNu56WgZfc_-GLPR96W_aut_4ShxfQ2uhMKmISZE5RJOv9uoVF2KvvaG6RQtSMKJo1rLHLw4_2H1_3ex0CBENj4qHbW5JTNgreDl8GbSEEsmgCI4VRZK1ZRywwUWFK0IRa70Os3dMNNviZo4v8-lpFxkwBr7Vjz2AHUrrog9iYWL2kXWttWEMMasE-5-Mqxz_Z0JB4Y9qGs1Ldb97G3YKeCXj5wyhzrKhSHF7BgoaKKHQ8tQuI0HE3mypDQBur0czi_Q0ZfenjaOgjI90kUS0oAzxBd09AiLtS4dzKFHdbiH00Vmmw3hKsFWA6VFvY5NYGAAvl11YtuIVYv-nm2RePreC3m9rZABq7b0nY1eGK-E_jNX2UmFqN2CPBt6wv59qczh1GaDe_3P-xG8WwSxYQBJ1xVV0hsHhk9Nc036b2RYA26LY7p4VqEiy6kUSrRm_aUSZSO84-JlUiwk9BCewzn-oDQ4DK7y9COKCLEKFdYlO4c4HxvAYoXOodjpXyyYdRoHKEfhMVGJZ3aA-Hpk_Hf5FbauRiLvwwCYRHO9Jv0a_Oe3sjlHkJilzefP9QkV5CIJJKN0fx1t4JHp9Q4kjUzfbIE16JTXamIbwIvVmqSlYUuyqn9dUeVKBvb1jGfRqq1jVpeCOBTyQat2Z9Ild0UR8lcF0NCqLWzZ7dr_bCD3Zqso37-GDmZKOLU9H4IPCRtG5oiSCZajpM17Zxvxi6WBVvDLdhkbl5tDaSID4Yj4U5dVnUt4Qe1cZcnhhHb3vajMI2IOSg_9HDdgrpPIL4t9btWCOPXWG9m0oBMUa5QkCqSlv6F829RB5x0Xx6f5pH2tQpqsJ27WfO6QZrY62PIiHFwRRvy5RurBPu4ShpNcO7VAeFkTZ6fwZg88785QiVsWaLRy_kfAl39m-BQBfSvW1BhujhsQYoHHFBXoVaGDPA-X-4UznQ2FyD_QQLEzvQy0mwDnp5ubFQc3UwiFXfe5ghul2lPb_BTpqyFkTJUZzlgCmeT6JPaT_5DRWIKjaSdISar84Q1F2AtrSiTV9miqjcw66lG8xdrQN2GZDVuWtj7sjUjJFKHQG-V1liUfzZ4_0NQLRxM0S6-En70U6wmKYitRLZL5u5_AbSV5LeA3BEeTXxzN7QmYZz4&sai=AMfl-YS8qPbFlPB-J1LkUo671aHxpiQiMWAd2zHgKDLn69adMWRDA_pXEGc0i0yiAL8d4ZXuB5tsr9u1SPJ-TGjoRxDvtQK3367IvxmYEdRI2sRFCTQ0xFMBLgKa1RGl6sNu3inmoHV-p7JH_ghjNA95aSOKt2YeC2z90e_WWKivCfra-f_4FqFbW72wIm1b6KkVUS60vrhcYntg5pzw1v88kutO1BxB94samcQ2Rq5vSUkx5gKoP988gbIhkpdIuc3wjcKy&sig=Cg0ArKJSzCZD3yMKYUqZEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=335&cbvp=1&cstd=331&cisv=r20240118.33147&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 19 Jan 2024 21:35:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 439F 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
261703
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 20:54:08 GMT
expires
Wed, 15 Jan 2025 20:54:08 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame C201 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
261703
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 20:54:08 GMT
expires
Wed, 15 Jan 2025 20:54:08 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/10322374245016296065/ Frame 7CA0 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c2afe310f81e0cc65e85d2ef9550b4cdae58b8ee6317eb39b163f0c289ae2ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
423081
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2375
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 00:04:30 GMT
expires
Tue, 14 Jan 2025 00:04:30 GMT
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame EA04 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuz5zsSuDBLl-UEddC12dfDCEoeDJIw8M6EDaDaqyTboM9IWP66kRbl2YWyEm1v5pnFZespKXACKgh_WiLwxxczT0BgYM8FvCLx07D9httO_2aE5NIJw2Y-bqrqnJv_fIVbVC-bBxuQp9HyCxeMOeRKLx4u1w0F8f26zErmSFYrNYsOoq-6jZibQquZXikPke1uiNWhigZ4GL1JMmSlMUavVXKZdJPhLvYFe-olWsh7QuSSuE6MrWe5PQ6yhuvOVce-407oXatfmAlVE0zCFGwcr7baEmeV8FSEzWfyFDXyMF8WTa2xpQ2l0noMH562zRUPSc_PAQWyyMNf8qf_Vr50YZ_IfVH4d2ORABXZXSaE0ToJLxbCugQURS2X8VXAO1JnJ9MNyb4TFDRAkptNVH7WVKQ0Oiz-XC9tlI7wao8E9wEZSsuOXoXtEy4XVGbtB3iE2ibiRcMPndvAqbgsH_vpD07e933pd1luY4pfkQ9D4TOr6CwJZDjiB6Qqem4zEYkivkzsEsf-bmMYHd81qz2pn0XLSNBszh_xB-ZcbCITdhpYWcfQRcQILzGaE0EBkPqxc7f91fuDaSJsLf9IHe9SNug-S-uiSWyB7eLJHNzcfLwjBemi7zGjTy_1Ki_imUz5jsctS5Dd2iIcagSWq9vOXYN_lEQAbhs3JH0lQycgVIh2MFlPHFeXzO-Q-Lw_6Y1Md2yY8Csx06C-oKx0wnnO_yUEsjoV0CNkCezoRItpMyOzw8nH6MBA8X2kTAfee_gOAlwYLJ4mkk5olqLS1LugJQSYUab13HauSSiawwKVznw4Y4i_C0PJTd8RltCz8TWvnBFhd2XyTg4uYmUbEqi1Bc-0rI61L-RgQUGG30_99wp-fdvmPzZpCjqVTZgyvqFEqs6GrIBdWL7GlOWoLPjxGrNKLJu40rYyiHTgauRJG6yo6Q1S8O5OYsXUwDYGcdfQyvs0gQLcibr8Rl9Xi-E5hcxUUbQPvtXnHvR_XXNMf4raO_yXYKjb7TAyooMdNIV-scr_zV8cdWkhdMzGViW-9A9b6gw6inZ6ZrEWTVhex-l2rBklXq4yW2M3ah5MhPYFtFhjcGRjbaZefWkVfEAjfhcwYuxzdjuJHk1Jsxr2osOWvMW2W7VUlaX3dXb7mf7kjd7FrEq9Y0QdegLqhdEwTZkUfpV_OmvRqMVJeVxssWBrsfVI8gxfUxqvmLleIZYGJ4-vjpewzWuzt9rbYkai4nmcddrKzz8xPsKzI3RCP3YijMArWqVtJtB-GvO90bVTGTmrVl1CZWAtB70dEYKtquGPMt0AFP7xA9ACGUg6X5lqVB4HzjZ2iK6zaTekik94Lopo7XugcY7GlA9gS4aFgEZ-6c1hxaX-l-b1ulU6DR5cKCrgpo3xErfe&sai=AMfl-YTHqMZ0WQHevPJWwEm_dihgc8dDezofpFRl2hr5gk9qDiWqvo2XQ_LAaN5JX9GbJHZp8o7XLQeudp6RkiKmvUvcSCqM_3Gmn0O49eiBKr7y8E-bYatOIkxuqD7qzveTM_7K3ml8W75sMQ8CsnHJ7wsbSGZybxT10kQhI0l6Yx_YceSw-bGkA16kV4a5N4C1njYd4HJq_Boc8tEutr8ov97ynN5ekqb4phCBK0hI04kbjzPqNkFAEgxsFG9ylgr7IBfU&sig=Cg0ArKJSzLxDlciyl7COEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=230&cbvp=1&cstd=228&cisv=r20240118.66559&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 19 Jan 2024 21:35:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 950A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAuntwOg9C2XtvCEQOm7D0s&google_push=AXcoOmROjL5sc6MYAKljrtW4RLpU_wIZzASGbvs-PUgcI11iu8XeyFTUSE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAuntwOg9C2XtvCEQOm7D0s&google_push=AXcoOmROjL5sc6MYAKljrtW4RLpU_wIZzASGbvs-PUgcI11iu8XeyFTUSEuUVlQodj7R3OlWFlZNy0_bQLq2KmZHdTZ4jmVEhVK1iA
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220115-FRA
pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1705700152.562207,VS0,VE99
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAuntwOg9C2XtvCEQOm7D0s&google_push=AXcoOmROjL5sc6MYAKljrtW4RLpU_wIZzASGbvs-PUgcI11iu8XeyFTUSEuUVlQodj7R3OlWFlZNy0_bQLq2KmZHdTZ4jmVEhVK1iA
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 950A
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEIa_oRKY7cr8Csg0k0lgTTM&google_cver=1&google_push=AXcoOmSVs2tOL6QUhulGZM1OOHLItN56cdSHjDTtytvgnUp8Qqrj5YzF0fNi3SZBZMjcbbKVNq6vno76wC4GyTM5kABBytpd2M7BBA
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801D8183E2914A7EAA96E5DED04816FC&google_push=AXcoOmSVs2tOL6QUhulGZM1OOHLItN56cdSHjDTtytvgnUp8Qqrj5YzF0fNi3SZBZMjcbbKVNq6vno76wC4GyTM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801D8183E2914A7EAA96E5DED04816FC&google_push=AXcoOmSVs2tOL6QUhulGZM1OOHLItN56cdSHjDTtytvgnUp8Qqrj5YzF0fNi3SZBZMjcbbKVNq6vno76wC4GyTM5kABBytpd2M7BBA
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 19 Jan 2024 21:35:51 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=801D8183E2914A7EAA96E5DED04816FC&google_push=AXcoOmSVs2tOL6QUhulGZM1OOHLItN56cdSHjDTtytvgnUp8Qqrj5YzF0fNi3SZBZMjcbbKVNq6vno76wC4GyTM5kABBytpd2M7BBA
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 18 Jan 2024 21:35:51 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 950A 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSSYJNVWbstScDQ_OGhkPdRF3JKu74rd5IKJjvP_SFj7PzF0LsIoYpvfQDbjDLeU-eARGPyfQLgVoVKNmInaC4kN8x4sZyO7w&google_gid=CAESEDYUDVgxGk7zplC2uheKp64&google_cver=1
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
276119
expires
Fri, 19 Jan 2024 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 950A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEH69sqM3FdIA946y5Jbgw9U&google_cver=1&google_push=AXcoOmRAW7yICn_nPTzSdhQp4J0sEgpI-0p468NCjGD3DGeiCbF5pWsHSltaRFysanBcCw-yDShODc8e...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEH69sqM3FdIA946y5Jbgw9U&google_cver=1&google_push=AXcoOmRAW7yICn_nPTzSdhQp4J0sEgpI-0p468NCjGD3DGeiCbF5pWsHSltaRFysanBcCw-yDSh...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU2MjE5MTcyNTU1MTM1NDkxNw&google_push=AXcoOmRAW7yICn_nPTzSdhQp4J0sEgpI-0p468NCjGD3DGeiCbF5pWsHSltaRFysanBcCw-yDShODc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU2MjE5MTcyNTU1MTM1NDkxNw&google_push=AXcoOmRAW7yICn_nPTzSdhQp4J0sEgpI-0p468NCjGD3DGeiCbF5pWsHSltaRFysanBcCw-yDShODc8eQuL85Vn3qgRMtTswkf1LmQ
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU2MjE5MTcyNTU1MTM1NDkxNw&google_push=AXcoOmRAW7yICn_nPTzSdhQp4J0sEgpI-0p468NCjGD3DGeiCbF5pWsHSltaRFysanBcCw-yDShODc8eQuL85Vn3qgRMtTswkf1LmQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
-
s.ad.smaato.net/c/n/// Frame 950A 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHgPXpFsNvZUCLAKXdDV3vg&google_cver=1&google_push=AXcoOmQVbNOjNt82j3JDdBerwNx_pwIfGOpvQ7si27bxlI5QwjkX_NkGtcIT81UrxhLwg4Nvxd2Cc70websUP-dotn8J_MGguhkKzA
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:de00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
cache-control
no-cache, must-revalidate
via
1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
1ao05s7JpaHwvWgVs4NRs31fMGBE1wUGzFOoNjBPRxKR5uy6vbZe7A==
x-cache
Miss from cloudfront
ebda
match.360yield.com/match/ Frame 950A 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEPn9iFJHOAK7rVhpMrkhgMk&google_cver=1&google_push=AXcoOmSYDzNYLIGqGNEt6IHcj-GPA1xnd3IE1EseoM5hBm0gNOe-Rlluuzx5-8TF56k62UEx4XT8H1fRQW8Mwr3uxzfcpAxsYoWVog
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.73.193.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-193-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 19 Jan 2024 21:35:51 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 950A 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOVx1pocyNOeZcJIVfvBA4o&google_cver=1&google_push=AXcoOmQatpaEKtukOyEsEmOLq5x8lZBhQTdXBQr5Oq6f1FI9MWoCbWltB0v8v_kgSS5h9h_MYpB24Oiywo5j1eLU-MNor-irs2wc_O0
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 21:35:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 950A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KTOdHTqxGQvqhIrnSy6KFqxgJx6C6z1VH8EOsmQ6yb2y6Sen-A4kIFfiokWbGv0bUTcoNGCA
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame D0A1
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEIa_oRKY7cr8Csg0k0lgTTM&google_cver=1&google_push=AXcoOmQzPtgHRUhteq8sD_7h1n65GgbniELGeny0-JCm9fHetcMUluHO964df18ljJMa2kJVe_4aD_qkNHriYcYNiICKbuQT7gsd
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C32CC49A9E914818B67A826048446904&google_push=AXcoOmQzPtgHRUhteq8sD_7h1n65GgbniELGeny0-JCm9fHetcMUluHO964df18ljJMa2kJVe_4aD_qkNHriYcY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C32CC49A9E914818B67A826048446904&google_push=AXcoOmQzPtgHRUhteq8sD_7h1n65GgbniELGeny0-JCm9fHetcMUluHO964df18ljJMa2kJVe_4aD_qkNHriYcYNiICKbuQT7gsd
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 19 Jan 2024 21:35:51 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C32CC49A9E914818B67A826048446904&google_push=AXcoOmQzPtgHRUhteq8sD_7h1n65GgbniELGeny0-JCm9fHetcMUluHO964df18ljJMa2kJVe_4aD_qkNHriYcYNiICKbuQT7gsd
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 18 Jan 2024 21:35:51 GMT
sync
x.bidswitch.net/ Frame D0A1 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPpUjS8RIPpQrLYjkTeasts&google_cver=1&google_push=AXcoOmT0OWe_rRFVPlyZ0d3eRMU_FYyR8261NvjbHq0JaVMStyjf1pUoTuLh5QuuIm36VQG3TvlXsibzJ7lEdL8-y8eeNPk4SK14
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 21:35:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame D0A1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEM2Mn8vwbHpwJxRvmIB7m-U&google_cver=1&google_push=AXcoOmSDsZ0Jb0GPtGlEpcfzPNHKQckBVlmyNOU73QWbKqHmreECX_hsqz3B5RQSgQxxAlKQq879bMNc_yLhaVxuHCbCjnv...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSDsZ0Jb0GPtGlEpcfzPNHKQckBVlmyNOU73QWbKqHmreECX_hsqz3B5RQSgQxxAlKQq879bMNc_yLhaVxuHCbCjnvZifU&google_hm=eS1LQmhoVU9SRTJwRmVXYzR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSDsZ0Jb0GPtGlEpcfzPNHKQckBVlmyNOU73QWbKqHmreECX_hsqz3B5RQSgQxxAlKQq879bMNc_yLhaVxuHCbCjnvZifU&google_hm=eS1LQmhoVU9SRTJwRmVXYzRzRklYSXZUMzFMaGptcU9ka35B
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 19 Jan 2024 21:35:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSDsZ0Jb0GPtGlEpcfzPNHKQckBVlmyNOU73QWbKqHmreECX_hsqz3B5RQSgQxxAlKQq879bMNc_yLhaVxuHCbCjnvZifU&google_hm=eS1LQmhoVU9SRTJwRmVXYzRzRklYSXZUMzFMaGptcU9ka35B
content-length
0
dds
rtb.openx.net/sync/ Frame D0A1 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEKTCrE_ynW8Jra0MKG1gCPk&google_cver=1&google_push=AXcoOmR0HK3kk1tuvlyESY5GENuJwkMppLN2D6IecutyHDDxuzxqBU1PR5F0cQStNWPUMPj1qq5F-CBL2oAQz_A6hrxcqhngumN-
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
sync
ssbsync.smartadserver.com/api/ Frame D0A1 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJTUNk-mThDLZ2ip5ffuE2o&google_cver=1&google_push=AXcoOmRF6NeDuujsBxktYbykLnRi7MkwTqCKbKnTtnROltIxxGcyV6_zHPyvIONw-NLrUjGDV3YKqXtq4obYTZpYDs6mQQLWeFHu
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.122 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
content-length
0
report
sync.teads.tv/um/ Frame D0A1
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEM70T5lsvQH1...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRTs2C45ro2T_mGOkab-IkymltZKIesjBn6Xl9a79YsIRtpG2yenc-uonuy4v3tUzk2q6pZ7Kj8XRbDXhQazKOM38H54bSoWA
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 19 Jan 2024 21:35:51 GMT
pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D0A1
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=f3bccc05-6f84-47eb-9952-585c9da6ef4f&google_cver=1&google_gid=CAESEMRBNRWfE7t3WSb1oPHn7nA&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=f3bccc05-6f84-47eb-9952-585c9da6ef4f&google_cver=1&google_gid=CAESEMRBNRWfE7t3WSb1oPHn7nA&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQd1l7w2-J_yECT16yHBqtYi_T2cKds_YoBQL5YG_HlZzHPi8Y1NiJYoGylcjP0bELu9tRrMsPdr5xeUyuxUr90Ex1y53PNCQ&gdpr=${GDPR}
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=f3bccc05-6f84-47eb-9952-585c9da6ef4f&google_cver=1&google_gid=CAESEMRBNRWfE7t3WSb1oPHn7nA&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQd1l7w2-J_yECT16yHBqtYi_T2cKds_YoBQL5YG_HlZzHPi8Y1NiJYoGylcjP0bELu9tRrMsPdr5xeUyuxUr90Ex1y53PNCQ&gdpr=${GDPR}
date
Fri, 19 Jan 2024 21:35:51 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame D0A1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JZxHV9yA7jYMUNPAqQDBEVA34X6Mjb2laEwvWVMHDawiiiZC93C0vj87ieNbs9KF5DXlFcLqI
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/10322374245016296065/ Frame 7E66 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c2afe310f81e0cc65e85d2ef9550b4cdae58b8ee6317eb39b163f0c289ae2ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
423081
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2375
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 00:04:30 GMT
expires
Tue, 14 Jan 2025 00:04:30 GMT
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E91F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3BRp20pJpzy29Rf8uAjKpcscZ5nlrbBmO-_AxQpvB3Z6pNqQExTSnVoYe_h2tw-NPJZDhFM4nf7jqDgSVGat36VQxd6FPj_NMC1vPx_0nNcfsBfKSabVZGPyxQ7cYoGkByYz2CkqhlcZn3fZGVf4NE-4VQjMqSQObIx3cfRqhuH3Qv6-OUt3nTgXxx7FnrAb4QUauUq1HhS7bADLrl6vpva3lmRFZRZVOEkTKRRZtiIIoG-iigxAl6OiaNoxBDUFPcz8aXwHkBpgtWEGbpVpYWk4nNRabGxTXIdqCZltAW0s8aWLjjIf8nsCTKLL5pn_WagpjJOJNqLFLMBqnRqhas7oJ1Mr9OnEfVudWNnFaBfO1Oz5XbrKXgtLTBuJLOZWiS5k18Ny3vuJK3ov1foq_TFbOJLcSenOxKIhjoRwOaRquWfZey2s0CKpDfrz-Iabetm2OviMR-KpQuHwxmRK1v-9Q83gCqgu9Tju8EsJ7IvZhjkas76XD4Y9Wdr80UBc67xkr2v7SCcPLUfm9XiFJJIz6XFy8e3Kmzi_sBh3Udk7pEMknKHv7_7yq0QEw8Q55g_rjXO-sOzDUdzVq3wglpPIzxRDS5S6i3iI_kfpXRhZU8ZY-4nbovbnYmPxq9AiCE4Vprj5_TO3W2mFpSWZqWkJefnlGjZfe4pHag5glcUd8RgwFrot5h4QKq3jfeRTFC9_1z3zTf2ZRhMaTlf9WC8akgW_vG1zgCIkmES_JRxBVsHQP7SEC9W2xMelPIW4uiQ5Vu1zi1hFroxiUdMEu6sP_V5kP01wmgYXFrMkipAVwvRC1SqfvTU-jezd74zk9XywNLVR9R_jWe5URDVqUBlyQRgBjESmW-mmegz_HCnivfp3v5dFLRbMDECT4wYzpevgTXab2W4MNztZSdVCvGAxQM26K5Oeh_iVI3MmdDtWpUeiB0SlrBfn96dwjmBuXMYuzCg3hF1ZTnypQ5nZkONBTTlUuNizhiwhEQwm9a1qy83RDIlQxPGPvCKyu5EXrRSd0gLuZnJz-QJiryJESd6UvLBSh2gw7uvQ9llgN4_D7iOJMd-8DS1KyTAsCceEgv72K_wbk_W5g9iAwHOrQpVo-Q1ysAAMlgeMO4xgT9dlLfPV4EiNM5Xr2RfJeopjkcYtDb24XEVpIaGS0kgODNRb5ukmYym6bV6oRRlEpp5KK6W1nLdjHVfu7-TZMT7XlhsXPkWhTNcI5Ny3u__iz3RpdsvQ_4FimjMv1jyPn9M6_vuMq3SKGtcU1805QgZpjN3OlnR8SniCRT1oVnpFugK67pj8nb_wJZGBXad-qzeJXyOHCcFOyE8VJytFdua0NaJtKy9KlCvvTdVqj-TlTaJlK0LyYfM5vzUcAqKGCvYS-JPqrOTe5ByEF&sai=AMfl-YRpftuxMhJe_KhNAkQgPKwGc0MIZTonX3epcNvYuT2cGhURVUa4V4rZPHlsy9F9fNwmmnui11OebGwKqsOORibvKFchUweGNAbvU6P7DEElEkPaTozMucZ49h-BzMZiDwjLTteUSGK0OxCI6f703co9JlcSIBTgOmAeaZKFVmziCVFnTaPV88OpPR1eFmqVXox9ESw5FM8ZncJJEhI_DvsRwyejgHQrGj-8V6fNlgfkTTaXacVtWCUNvXo9iMFDjTXn&sig=Cg0ArKJSzGIQ6Ga56GimEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=233&cbvp=1&cstd=231&cisv=r20240118.51774&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 19 Jan 2024 21:35:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ud&error=uid%2Fmuid%2Fduid%20not%20found&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=17&tvcfg=all&tid=aa811ae9-c8db-4881-a0db-ab77bd6f629c&pid=caee0ffe-279e-4742-afd5-80498fce2f2f&dtm=1705700151414&qnm=_matherq&visible=1&tabid=35c06796-7ac2-424d-adf9-1aec59f260ad&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x13194&tofa=1705700149&vid=1&lvidt=1705700149&duid=50d28e3c-3c15-429c-89c7-a96038e677a0&fp=3292556798&cid=ma63527&mrk=484602605&cx=eyJ1c2VyREIiOnsic2VnbWVudHMiOltdLCJtZXRlckRhdGEiOnsibWV0ZXJUaHJlc2hvbGQiOiIwIiwicmVzZXRNZXRlciI6IjAifSwicGFnZVZpZXdzIjoiMiIsInVzZXJEQkZldGNoIjoiMSIsImVyciI6InVpZC9tdWlkL2R1aWQgbm90IGZvdW5kIiwibmV4dFVwZGF0ZSI6IjE4MDAwMDAiLCJuZXh0VXBkYXRlVFMiOiIxNzA1NzAxOTUwOTI2In19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.1.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-1-107.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 19 Jan 2024 21:35:51 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
4.js
static.adsafeprotected.com/ Frame 77E9
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1874223/77019482/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=20839929287&bidurl=https://www.mlive.com/&i...
  • https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_NuuqZbaFOKCWx_AP966o0A0&cbFunctionName=goog_wrapCb_NuuqZbaFOKCWx_AP966o0A0&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_NuuqZbaFOKCWx_AP966o0A0&cbFunctionName=goog_wrapCb_NuuqZbaFOKCWx_AP966o0A0&true_pb=
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:3600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
chJzWGuhkrqyagXtH_ztVZhv7KoeCC.y
content-encoding
gzip
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
date
Thu, 18 Jan 2024 21:47:27 GMT
x-amz-cf-pop
FRA56-P5
age
85705
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 11 Jan 2024 21:47:25 GMT
server
AmazonS3
etag
W/"eb639ea9c60fa52fae8bd853911ab0a9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
BPip3ZK0_M8rFuzIl3xBCR5ZaVfT5ly-dbr71IZWLYKt2QeStrXC3w==

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
server
nginx
x-server-name
app17.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_NuuqZbaFOKCWx_AP966o0A0&cbFunctionName=goog_wrapCb_NuuqZbaFOKCWx_AP966o0A0&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 8D6F 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
10445201
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
OLfBJ6XpxNe6m9rYhul7NE6XMA3zBqe7yV4TeHMM8_6Hf0WP17e2uw==
style.css
s0.2mdn.net/sadbundle/10322374245016296065/css/ Frame 0693 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
507a74eb21e9a16396d226f31f5e25345a8208db821d9fc5798284c38bec5e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 14 Jan 2025 00:04:30 GMT
date
Mon, 15 Jan 2024 00:04:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423081
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2009
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 0693 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6122014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25267
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-62b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4MbcEmpkyJi8BXDEw%2B4ibwE1tLzXNTDHmVxtwux%2BDOMXjr31jYT%2FjR7FzLkzUhIShn%2Bx6fkst8KMMGhmh3aQkFOHuhutxWokGMI0Yv6nUZpIH2GX1EnNa7dktmD8fjLgjdcVpl9PsYzHbipk%2BmVDKX7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
848235bc8be865aa-FRA
expires
Wed, 08 Jan 2025 21:35:51 GMT
CustomEase.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 0693 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4285371
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3299
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-ce3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0VHUP1uaQuMf27VN393useJ2y3RLK%2FVusJbQQrDJKtG53EknFem84az5v48jaeOhKl8pY38CvExipVU6zlCKstVRNvXiNkxC4U2pL4W5DYx%2B%2BOHIT67wK1Kl%2BQLTfBubZ03vO6Dfb%2FGHtvaoyjj1IyE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
848235bc8be665aa-FRA
expires
Wed, 08 Jan 2025 21:35:51 GMT
dyson.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 0693 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/dyson.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 17:50:17 GMT
date
Wed, 17 Jan 2024 17:50:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186334
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1076
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
rtbIcon.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 0693 		2 KB
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/rtbIcon.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 02:29:07 GMT
date
Fri, 19 Jan 2024 02:29:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68804
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
771
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
dyson-v15s-submarine-stack.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 0693 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/dyson-v15s-submarine-stack.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76b6ed760de97f8a40e71c79ce9704e965bb287761bd81fb2fb021b8609c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:18:18 GMT
date
Wed, 17 Jan 2024 02:18:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242253
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2891
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
1-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 0693 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/1-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76af1be9c401ef3da16e31401b74f7cb0627154925d8c9fa308fba2e1413c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 14 Jan 2025 00:04:30 GMT
date
Mon, 15 Jan 2024 00:04:30 GMT
x-content-type-options
nosniff
age
423081
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26291
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
2-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 0693 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/2-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372360f6d3fa2133dfbf08ba93b3b55985785cb74106d75839618b7d273dd3c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 14 Jan 2025 00:04:30 GMT
date
Mon, 15 Jan 2024 00:04:30 GMT
x-content-type-options
nosniff
age
423081
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25258
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
3-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 0693 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/3-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca4c3ad9639830e6f8f8e29775549fc24fcab33b4eeec7ae77da27c5c9e6bc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:24:16 GMT
date
Wed, 17 Jan 2024 02:24:16 GMT
x-content-type-options
nosniff
age
241895
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20858
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gradient.png
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 0693 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/gradient.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b67702d4e78a4b6d5981a50298b0989dea48fc7d95b5e593dfafbe96cdbb309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 22:26:04 GMT
date
Tue, 16 Jan 2024 22:26:04 GMT
x-content-type-options
nosniff
age
256187
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4218
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
4-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 0693 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/4-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19dc5f765d51f715497f0eadd0dede8eaa5ee17447a22db60538f60ca7c0a01d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:17:37 GMT
date
Wed, 17 Jan 2024 02:17:37 GMT
x-content-type-options
nosniff
age
242294
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32615
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
overlay.png
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 0693 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a72990ce8413aceedbfbf2f1d7ca2231c726b29a4ab1ddbca32b45ad685b4e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:14:10 GMT
date
Wed, 17 Jan 2024 02:14:10 GMT
x-content-type-options
nosniff
age
242501
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14477
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
arrow.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 0693 		192 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 14 Jan 2025 00:04:30 GMT
date
Mon, 15 Jan 2024 00:04:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423081
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
161
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
script.js
s0.2mdn.net/sadbundle/10322374245016296065/script/ Frame 0693 		4 KB
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/script/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a55f386367cbcc30390435806075251b8ef4afb086409bc8e301558223398245
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:12:29 GMT
date
Wed, 17 Jan 2024 02:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242602
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
982
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
style.css
s0.2mdn.net/sadbundle/10322374245016296065/css/ Frame 7E66 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
507a74eb21e9a16396d226f31f5e25345a8208db821d9fc5798284c38bec5e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 14 Jan 2025 00:04:30 GMT
date
Mon, 15 Jan 2024 00:04:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423081
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2009
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 7E66 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6122014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25267
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-62b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMr7%2FsgLYvBLVfB72ZYlFYJsyfca5siyxLZqTV2Q%2BJJ5XxCSflKIORT4CokbkpJO8TgxbXcLk%2BV39Q8Zgit6Hy9SSHOplFXpQaTYHY46Ok%2F9zBt3Q7017Q3klgVhJqk69vy4uaVpZTdSb5Oa6%2BofRvYV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
848235bc8beb65aa-FRA
expires
Wed, 08 Jan 2025 21:35:51 GMT
CustomEase.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 7E66 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4285371
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3299
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-ce3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2rsytSSqJCopQ4E12qvtvqQsIbAmreLuDYq0JrIfz4Ps88nsR7uXRFp04cxWtlEg6oCmAdGb7WIFt0ALhDVRtKLK54ESQDsyhx4HZcYu%2FMYXHdO7Hp9xdsHGvAQuhjxbqtLPaDQJTyH%2FVNIBcWsmGPC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
848235bc8bed65aa-FRA
expires
Wed, 08 Jan 2025 21:35:51 GMT
dyson.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7E66 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/dyson.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 17:50:17 GMT
date
Wed, 17 Jan 2024 17:50:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186334
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1076
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
rtbIcon.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7E66 		2 KB
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/rtbIcon.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 02:29:07 GMT
date
Fri, 19 Jan 2024 02:29:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68804
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
771
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
dyson-v15s-submarine-stack.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7E66 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/dyson-v15s-submarine-stack.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76b6ed760de97f8a40e71c79ce9704e965bb287761bd81fb2fb021b8609c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:18:18 GMT
date
Wed, 17 Jan 2024 02:18:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242253
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2891
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
1-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7E66 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/1-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76af1be9c401ef3da16e31401b74f7cb0627154925d8c9fa308fba2e1413c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 14 Jan 2025 00:04:30 GMT
date
Mon, 15 Jan 2024 00:04:30 GMT
x-content-type-options
nosniff
age
423081
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26291
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
2-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7E66 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/2-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372360f6d3fa2133dfbf08ba93b3b55985785cb74106d75839618b7d273dd3c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 14 Jan 2025 00:04:30 GMT
date
Mon, 15 Jan 2024 00:04:30 GMT
x-content-type-options
nosniff
age
423081
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25258
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
3-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7E66 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/3-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca4c3ad9639830e6f8f8e29775549fc24fcab33b4eeec7ae77da27c5c9e6bc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:24:16 GMT
date
Wed, 17 Jan 2024 02:24:16 GMT
x-content-type-options
nosniff
age
241895
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20858
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gradient.png
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7E66 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/gradient.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b67702d4e78a4b6d5981a50298b0989dea48fc7d95b5e593dfafbe96cdbb309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 22:26:04 GMT
date
Tue, 16 Jan 2024 22:26:04 GMT
x-content-type-options
nosniff
age
256187
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4218
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
4-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7E66 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/4-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19dc5f765d51f715497f0eadd0dede8eaa5ee17447a22db60538f60ca7c0a01d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:17:37 GMT
date
Wed, 17 Jan 2024 02:17:37 GMT
x-content-type-options
nosniff
age
242295
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32615
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
overlay.png
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7E66 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a72990ce8413aceedbfbf2f1d7ca2231c726b29a4ab1ddbca32b45ad685b4e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:14:10 GMT
date
Wed, 17 Jan 2024 02:14:10 GMT
x-content-type-options
nosniff
age
242502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14477
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
arrow.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7E66 		192 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 14 Jan 2025 00:04:30 GMT
date
Mon, 15 Jan 2024 00:04:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423082
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
161
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
script.js
s0.2mdn.net/sadbundle/10322374245016296065/script/ Frame 7E66 		4 KB
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/script/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a55f386367cbcc30390435806075251b8ef4afb086409bc8e301558223398245
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:12:29 GMT
date
Wed, 17 Jan 2024 02:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242602
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
982
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
style.css
s0.2mdn.net/sadbundle/10322374245016296065/css/ Frame 7CA0 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
507a74eb21e9a16396d226f31f5e25345a8208db821d9fc5798284c38bec5e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 14 Jan 2025 00:04:30 GMT
date
Mon, 15 Jan 2024 00:04:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423081
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2009
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 7CA0 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6122014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25267
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-62b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y568zqp1u2CHfnuPU8hNYr1EObbHCj0d3pLhlyw%2BMhLOSxcnKFpLeCIw0uaqcQcylGUKkclNwiD9hstgQXKhyem3aildj1ACW27SXH%2B6E%2BdkMq2PTZKI1kTobnaRcD30tkJgYYOWsXEJrFISPZledOyN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
848235bc8bee65aa-FRA
expires
Wed, 08 Jan 2025 21:35:51 GMT
CustomEase.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 7CA0 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4285371
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3299
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-ce3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qstz2mIKdaBx72U%2FOou412Qs3ETAGvKA%2FdL%2BLJKdc0VcHinFKzLBEKuLNrqiYCOMXnr%2FR5Y22vwpr%2BUt3OapsbENk5SV3kqICMvfAnuGDCGqr916rT020LCsxHmy9Ct3flFyCRoq4powfHvw0ZJuaL3q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
848235bc8be965aa-FRA
expires
Wed, 08 Jan 2025 21:35:51 GMT
dyson.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7CA0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/dyson.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 17:50:17 GMT
date
Wed, 17 Jan 2024 17:50:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186334
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1076
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
rtbIcon.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7CA0 		2 KB
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/rtbIcon.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 18 Jan 2025 02:29:07 GMT
date
Fri, 19 Jan 2024 02:29:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68804
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
771
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
dyson-v15s-submarine-stack.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7CA0 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/dyson-v15s-submarine-stack.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76b6ed760de97f8a40e71c79ce9704e965bb287761bd81fb2fb021b8609c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:18:18 GMT
date
Wed, 17 Jan 2024 02:18:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242253
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2891
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
1-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7CA0 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/1-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bb76af1be9c401ef3da16e31401b74f7cb0627154925d8c9fa308fba2e1413c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 14 Jan 2025 00:04:30 GMT
date
Mon, 15 Jan 2024 00:04:30 GMT
x-content-type-options
nosniff
age
423081
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26291
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
2-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7CA0 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/2-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372360f6d3fa2133dfbf08ba93b3b55985785cb74106d75839618b7d273dd3c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 14 Jan 2025 00:04:30 GMT
date
Mon, 15 Jan 2024 00:04:30 GMT
x-content-type-options
nosniff
age
423081
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25258
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
3-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7CA0 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/3-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca4c3ad9639830e6f8f8e29775549fc24fcab33b4eeec7ae77da27c5c9e6bc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:24:16 GMT
date
Wed, 17 Jan 2024 02:24:16 GMT
x-content-type-options
nosniff
age
241895
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20858
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
gradient.png
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7CA0 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/gradient.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b67702d4e78a4b6d5981a50298b0989dea48fc7d95b5e593dfafbe96cdbb309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 22:26:04 GMT
date
Tue, 16 Jan 2024 22:26:04 GMT
x-content-type-options
nosniff
age
256188
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4218
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
4-min.jpg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7CA0 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/4-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19dc5f765d51f715497f0eadd0dede8eaa5ee17447a22db60538f60ca7c0a01d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:17:37 GMT
date
Wed, 17 Jan 2024 02:17:37 GMT
x-content-type-options
nosniff
age
242295
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32615
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
overlay.png
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7CA0 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a72990ce8413aceedbfbf2f1d7ca2231c726b29a4ab1ddbca32b45ad685b4e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:14:10 GMT
date
Wed, 17 Jan 2024 02:14:10 GMT
x-content-type-options
nosniff
age
242502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14477
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
arrow.svg
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7CA0 		192 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 14 Jan 2025 00:04:30 GMT
date
Mon, 15 Jan 2024 00:04:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423082
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
161
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
script.js
s0.2mdn.net/sadbundle/10322374245016296065/script/ Frame 7CA0 		4 KB
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/script/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a55f386367cbcc30390435806075251b8ef4afb086409bc8e301558223398245
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:12:29 GMT
date
Wed, 17 Jan 2024 02:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242602
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
982
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 9BA0 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
2425
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jan 2024 20:48:52 GMT
wn
prod-dash-10-0-92-29
server
cloudflare
etag
W/"26850-1705610932000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
848235bc288b30e8-FRA
expires
Fri, 19 Jan 2024 23:35:51 GMT
piano-frame.css
static.advance.net/static/common/css/ Frame 9BA0 		159 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.advance.net/static/common/css/piano-frame.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41b452299254437b9dbbda379b1dd0b3d143d898efa4f9c498fb77450be7e625

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 19 Jan 2024 21:35:51 GMT
x-shield-cache-expires
10
x-amz-request-id
71NZ3P4MSBV84Y7A
age
135
x-cache
HIT, HIT
x-host
static.advance.net
content-length
24510
x-served-by
cache-iad-kcgs7200076-IAD, cache-fra-etou8220047-FRA
last-modified
Fri, 19 Jan 2024 14:53:06 GMT
x-timer
S1705700152.802728,VS0,VE1
etag
"81c118a06d609c09588616534d657515"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 9BA0 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3216595
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzYHtsB1IOTaezUtRUR9FN1acRNNMsaz3chLUgBU9YXYsI7bKZCDHWE5g0S%2BoOP6xgkuXT3MZUpmo0HgdnjbXVlrP2l1H48xPJJsmpPUmMLU0OPfd%2FHXRigdNPPioqT2bgAP7kf1UZ5aeCIQVJ9LF3gJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
848235bcbc2165aa-FRA
expires
Wed, 08 Jan 2025 21:35:51 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 9BA0 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6115869
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isToBjpCDcmBUW%2BRB77zMCZ0Eud1FZVyU1Bdjk3%2F257ArKbtsqnTzSg36RMR7JDlzUVUvraCc6BgZNV2fkc0%2FDg8JDxKg5Xoc4ZdsD%2BCESuflfx%2BPaMVmKi355YENd1Pvpwhh4fU%2FrBPaUTAsFx5rYWh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
848235bc8bf065aa-FRA
expires
Wed, 08 Jan 2025 21:35:51 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 9BA0 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4298054
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwA7q7nUaTNPHq4TdOaZm05f685THERNh%2BDuGScAFGzKtDz0SWIME924YdTz5iEilkAqyXAQx4w5i7ZkkgEiM1ohmmY%2BhgfeIJpvuXuPJyndxHv4Xrpr8ue6N%2FEnsr%2BcUOgzJVqS5%2BH6gzUHJQn%2BVytj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
848235bc8bef65aa-FRA
expires
Wed, 08 Jan 2025 21:35:51 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 9BA0 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6036314
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvvZtjF%2B3%2FDxN2%2F2nhE9HveaTvoqElAkbTNdMI0ISXVT3OzMs6lxtQVx6fNQJ1sZOtW8%2FsOELBWQxPp9eKGNOtQIVUHdiu3Z6qQVfakWHPVDHATL6JVE59uE0w4dFuLUTu0NIU609r2yvzW4byzV8DUB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
848235bcbc2765aa-FRA
expires
Wed, 08 Jan 2025 21:35:51 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 9BA0 		825 B
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4291732
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FamGDwwZzFgLCcKlKCsr0JKyyFTyvwzDL%2F3NGncDjqt%2FA%2BdujI80WPfiUq9KfH%2BBZmv0D4tUWgGUtb1si9wz1OmfE%2BRzkEpZ2%2FYrCVsvRZ0zoh7y3c92VIxn2TOyjgOfhjrl9Od8BFgCiIb0gZ7Vm4i"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
848235bcbc2465aa-FRA
expires
Wed, 08 Jan 2025 21:35:51 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 9BA0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5855274
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3L%2B7WyivOQBDL0GH8ise8lKL%2B9ogUwEDfUORx%2FaGc7iebXIHpg%2B8owoQsyM2Gc9XH76G02ND3xpg6Yog4uXIvtR3z%2BvKk3nysClIHHrnHZ270cLb8KnHqlQEWk37Skh3gZ0zBj%2F8V4PikTDK%2B5rz2qiX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
848235bcbc2365aa-FRA
expires
Wed, 08 Jan 2025 21:35:51 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 9BA0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6295589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdrUQkUCj%2BTVd07z6r5GA54md8VyWYGmGqup6DS125%2F40OD2e0xl88u9rneybuONn%2BASJd7O5TNrt%2Fv5%2FReQ3u6jjwLWRS0HdkDPmMS%2BX%2Bz3MbYOxGCR5QbXhA%2Fyp78vRfHgvNIMXkiRO1wL9ijMEElj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
848235bcbc2265aa-FRA
expires
Wed, 08 Jan 2025 21:35:51 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 9BA0 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4478312
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VB1FKAsKCzppxMWc2kr3MbsWwbVjdYKFXBG5%2BAoUHodobx67JeQERP5mQv18gSFM38rbrx3GHKgYaDXIbDKiYdWfNrg22OyHXjEETAXese00d1%2FcpmSAKj7GA0o%2FJsgMvntJuvmlrV9gU38%2BDCg1miGC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
848235bcbc2a65aa-FRA
expires
Wed, 08 Jan 2025 21:35:51 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 9BA0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6285988
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZz97K2pI42Qgyu70ZD2DBxEKKoCoUOF3wveXo8XDP9CzxDXMintOCmyMA2J%2FczJv4DkU2aQt6xckbm5mawJFh9URyJNBBWEa8s657XoyVUtjAg2t9vEjuwlZbKGMKz6bwVbNR7Q6PbdYDFEmyttanw1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
848235bcbc2965aa-FRA
expires
Wed, 08 Jan 2025 21:35:51 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 9BA0 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
10563
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaoLf7%2Fgw%2F5mnfGGWVwpYmNOALRQJCiEuX%2Bxm2ZD7Ipy2axdzWoa35CZvhN3mzv3kP5hy9U%2FLEbwwtezksCf5JNdEzuaHFvbuwhunQDxOWEc1NYaqBCGZDmSIL0fvtIqVP7CpfmNOyaBpWTpKNvIv7dG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
848235bcbc2865aa-FRA
expires
Wed, 08 Jan 2025 21:35:51 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame 9BA0 		62 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=8Gu2Z8RCvZ&version=1691000262000&language=en_US
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b78bc5c07f038b149515d8a5cadf1533dd1cc438ee4a587fd2770c526304279a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mrn2j7sjS0l
pragma
wn
prod-dash-10-0-127-132
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
server-time
0.002
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
848235bc288c30e8-FRA
expires
Sat, 20 Jan 2024 16:35:51 EST
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame 9BA0 		67 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=16.91.1
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2b6a09251dfdb96bb8a73aeabee416131dfe2a4410bccfaa2f4d089a6642051
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
52833
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jan 2024 20:48:50 GMT
wn
prod-dash-10-0-128-7
server
cloudflare
etag
W/"68959-1705610930000"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
server-time
0.000
cache-control
public, max-age=86400
cf-ray
848235bc288d30e8-FRA
expires
Sat, 20 Jan 2024 21:35:51 GMT
H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 9BA0 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=16.91.1
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9a88d548488330c2fdc31dd655203aa0044b8d954b0e1665e09b58965e52bf7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:51 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
2418
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jan 2024 21:07:24 GMT
wn
prod-dash-10-0-128-7
server
cloudflare
optimized-by
_sam
vary
Accept-Encoding
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=602382
cf-ray
848235bc288f30e8-FRA
expires
Fri, 26 Jan 2024 20:55:33 GMT
close-icon-black.svg
static.advance.net/static/common/img/piano/ Frame 9BA0 		1 KB
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/piano/close-icon-black.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eef57151e6646e4f59ca6a1d749631ee2f89bf4d1b736fb4620b784cedbe0de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 19 Jan 2024 21:35:51 GMT
x-shield-cache-expires
10
x-amz-request-id
KPF0FT0HVBJE018C
age
3665
x-cache
HIT, HIT
x-host
static.advance.net
content-length
610
x-served-by
cache-iad-kjyo7100168-IAD, cache-fra-etou8220047-FRA
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1705700152.803709,VS0,VE1
etag
"35ec888ec074218ee36fea53d51653a8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
dt
dt.adsafeprotected.com/ Frame 77E9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=33110bad-c45a-f07f-9cc1-f43d58777aba&tv=%7Bc:1MKNQW,pingTime:-3,time:150,type:v,im:%7BpBlk:100%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:63%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:150,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:63,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B137~0%5D,as:%5B137~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1QA0uI+11%7C12%7C13%7C14%7C15*.1874223-77019482%7C151%7C152%7C1531%7C154%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C18%7C19%7C1a,idMap:15*,rmeas:1,rend:0,renddet:DIV,siq:65%7D&br=c
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 77E9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=33110bad-c45a-f07f-9cc1-f43d58777aba&tv=%7Bc:1MKNQY,pingTime:-6,time:152,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:152,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:63,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B138~0%5D,as:%5B138~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1QA0uI+11%7C12%7C13%7C14%7C15*.1874223-77019482%7C151%7C152%7C1531%7C154%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C18%7C19%7C1a,idMap:15*,rmeas:1,rend:0,renddet:DIV,siq:65%7D&tpiLookup=ao:www.mlive.com*&br=c
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 439F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 14:00:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
27347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jan 2025 14:00:04 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401160101&jk=3190671483869847&bg=!gYKlgs3NAAa8BdJLnAU7ADQBe5WfOKHTSImm14mXJ16z_bu1VDltRkidGZEe1ASYCuU-wiE2ZMtYGkDJecOe_6aBTyFdAgAAAK5SAAAAB2gBBwoAGnrKPjDUjIGxat80kypBA1N7UBKiMfPWwq3DmQLMUxYyzUt6d7AaPRIOgNWfTQDzvfmuiWtSgZGFwy-IqeHLuv6bP838t9JjqDAqJjwJxmJyoo4r--4WGV6ltCN1ijv2dAc9ZqTLnRlpCFGk3w5qYWbXrxxQ1Oy6ghL-fZbe004iofpfJy5Uukli5kxCH55GOO-uSy2tK1DS_GdJzeNa4TE8-rhbCRPxEhuKlCMHEds9lnx-djmuX4ra7IKJSsF31p2K6S2T-6Y8z0rq-whxilAR63Wyp_uBHNKsTqzNBPPHp11VfyoyD6hzeknP_aQgQyIkCCeZMAVyDfUwNf8IANnbE7Hocjx3Xsq9h3WMz3LAKa_uo16ww2lAQSm6swN_zUoMPAyyN2_0reoXbRwSon8eTPsMsvN3g88lzdctaXj-Ovhd6k-NGpnsaPO2jLxEDDemrHpsxcfpYN_vY2gLSnduwKlM8UWeQkPLuPtLO39Sa-vAPpt3BZsrwUiKLP5TapeZ7ZlkvGP1GCyb6PySeNvNtcBL3ABvZqVh2aHU3qh1_F3Hci7ALAXz9jEIT_d3jYQEEDIE3j143nTGOx5-jSBgSKvieBOpA2cqO6xLd-uN5WGB_9G22__iWkfp7sJ0xnIsElUgiwTf3FR_ikNptPBxi_qhXQCCHp6mugxwaBO9jXtII_r3BKgq9PmQ4ypvOJ8-rmFTnnDjdeiaOhFYq2eMqC2QO_nS96omeLjIMwNHq05WQK_ciYhjm3D6l9CZMAQqHv4ncM2UI7h0jYjJvUpcnS4sKa5V0_Tu-JeqB_SqNbe7VH_-0eZqa60kBnUX6TFB4v5hvncUDPE2_OcVQh59-kJtMXiLvPH1Uz3U9Hzx-xHEYXDPHWiAVzszC3McWdo1IaRKm0ovD8lgesdOtpfXRkpXeeRxbckPRJHu7cOgFXLe5Qu_UfVH6xCCegZbyAUVKIpotzsvVY_LqB-CRFaqCtq_PZ3b2sE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
4.js
static.adsafeprotected.com/ Frame EA04
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1874223/77019482/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=20843742424&bidurl=https://www.mlive.com/&i...
  • https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_N-uqZavmA9WojuwPj7WlwAE&cbFunctionName=goog_wrapCb_N-uqZavmA9WojuwPj7WlwAE&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_N-uqZavmA9WojuwPj7WlwAE&cbFunctionName=goog_wrapCb_N-uqZavmA9WojuwPj7WlwAE&true_pb=
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:3600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
chJzWGuhkrqyagXtH_ztVZhv7KoeCC.y
content-encoding
gzip
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
date
Thu, 18 Jan 2024 21:47:27 GMT
x-amz-cf-pop
FRA56-P5
age
85705
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 11 Jan 2024 21:47:25 GMT
server
AmazonS3
etag
W/"eb639ea9c60fa52fae8bd853911ab0a9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
9rxIDGLGFy4fzMDaRwFUIhq87TjAWRt_gxFt4iwW_oL_67Sbu0Jkig==

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
server
nginx
x-server-name
app05.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_N-uqZavmA9WojuwPj7WlwAE&cbFunctionName=goog_wrapCb_N-uqZavmA9WojuwPj7WlwAE&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame A1A9 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
10445201
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
pJhKEEqU2S7IkJycNLSDt6wrL_7ggg09kRy2s6TuwLiKXEzTwkM_NQ==
4.js
static.adsafeprotected.com/ Frame E91F
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1874223/77019482/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-2937494567949278&ias_chanId=1&ias_placementId=20833643169&bidurl=https://www.mlive.com/&i...
  • https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_N-uqZZzlA6erjuwPm4OuoAk&cbFunctionName=goog_wrapCb_N-uqZZzlA6erjuwPm4OuoAk&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_N-uqZZzlA6erjuwPm4OuoAk&cbFunctionName=goog_wrapCb_N-uqZZzlA6erjuwPm4OuoAk&true_pb=
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:3600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
chJzWGuhkrqyagXtH_ztVZhv7KoeCC.y
content-encoding
gzip
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
date
Thu, 18 Jan 2024 21:47:27 GMT
x-amz-cf-pop
FRA56-P5
age
85705
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 11 Jan 2024 21:47:25 GMT
server
AmazonS3
etag
W/"eb639ea9c60fa52fae8bd853911ab0a9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
-NgFr2coJGLDyrfyKb3DAQtkoREr6jL4X-1vOcXnNA93KAx2rQrQqQ==

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:51 GMT
server
nginx
x-server-name
app14.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_N-uqZZzlA6erjuwPm4OuoAk&cbFunctionName=goog_wrapCb_N-uqZZzlA6erjuwPm4OuoAk&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 6D57 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
10445201
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
MbTJO7BaDgb_9y8ijzNNJxnQXH79a9RGWocHUuqVnL-X38lZZ9lA3w==
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame C201 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 14:00:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
27347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jan 2025 14:00:04 GMT
dt
dt.adsafeprotected.com/ Frame 77E9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=33110bad-c45a-f07f-9cc1-f43d58777aba&tv=%7Bc:1MKNTw,pingTime:-2,time:310,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1073,beZ:1077,mfA:1082,cmA:1084,inA:1085,inZ:1091,prA:1091,prZ:1130,si:1138,poA:1140,bl:1174,poZ:1174,cmZ:1174,mfZ:1174,loA:1226,loZ:1229,ltA:1383,ltZ:1383%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:63%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:310,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:63,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B296~0%5D,as:%5B296~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1QA0uI+11%7C12%7C13%7C14%7C15*.1874223-77019482%7C151%7C152%7C1531%7C154%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C18%7C19%7C1a,idMap:15*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,siq:65,sinceFw:243,readyFired:true%7D&br=c
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame EA04 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=7a03b63b-3834-3415-db72-ecf614054dec&tv=%7Bc:1MKNTP,pingTime:-3,time:151,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:151,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B144~0%5D,as:%5B144~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1QA0xA+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C154%7C155%7C16*.1874223-77019482%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C18%7C19,idMap:16*,rmeas:1,rend:0,renddet:na,siq:23%7D&br=c
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame EA04 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=7a03b63b-3834-3415-db72-ecf614054dec&tv=%7Bc:1MKNTQ,pingTime:-6,time:152,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:153,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B146~0%5D,as:%5B146~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1QA0xA+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C154%7C155%7C16*.1874223-77019482%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C18%7C19,idMap:16*,rmeas:1,rend:0,renddet:na,siq:23%7D&tpiLookup=ao:www.mlive.com*&br=c
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame E91F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=3ba1e317-9d71-b45e-93fd-71d047da65b5&tv=%7Bc:1MKNU4,pingTime:-3,time:107,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:107,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B99~0%5D,as:%5B99~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1QA0xA+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C154%7C155%7C16.1874223-77019482%7C161%7C162%7C163%7C164%7C165%7C17*.1874223-77019482%7C171%7C172%7C173%7C174%7C18%7C19,idMap:17*,rmeas:1,rend:0,renddet:na,siq:27%7D&br=c
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame E91F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=3ba1e317-9d71-b45e-93fd-71d047da65b5&tv=%7Bc:1MKNU6,pingTime:-6,time:109,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:109,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B101~0%5D,as:%5B101~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1QA0xA+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C154%7C155%7C16.1874223-77019482%7C161%7C162%7C163%7C164%7C165%7C17*.1874223-77019482%7C171%7C172%7C173%7C174%7C18%7C19,idMap:17*,rmeas:1,rend:0,renddet:na,siq:27%7D&tpiLookup=ao:www.mlive.com*&br=c
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame EA04 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=7a03b63b-3834-3415-db72-ecf614054dec&tv=%7Bc:1MKNUM,pingTime:-2,time:210,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1245,beZ:1246,mfA:1249,cmA:1250,inA:1251,inZ:1254,prA:1255,prZ:1261,si:1267,poA:1268,poZ:1294,cmZ:1294,mfZ:1294,loA:1397,loZ:1400,ltA:1454,ltZ:1454%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:210,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B203~0%5D,as:%5B203~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1QA0uI+11%7C12%7C13%7C14%7C15.1874223-77019482%7C151%7C152%7C1531%7C154%7C155%7C16*.1874223-77019482%7C161%7C162%7C163%7C164%7C17.1874223-77019482%7C171%7C172%7C173%7C174%7C18%7C19,idMap:16*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:23,sinceFw:186,readyFired:true%7D&br=c
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame E91F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=3ba1e317-9d71-b45e-93fd-71d047da65b5&tv=%7Bc:1MKNV2,pingTime:-2,time:167,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1295,beZ:1297,mfA:1300,cmA:1301,inA:1302,inZ:1306,prA:1307,prZ:1315,si:1322,poA:1323,poZ:1348,cmZ:1348,mfZ:1348,loA:1404,loZ:1407,ltA:1462,ltZ:1462%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:168,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B160~0%5D,as:%5B160~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1QA0uI+11%7C12%7C13%7C14%7C15.1874223-77019482%7C151%7C152%7C1531%7C154%7C155%7C16.1874223-77019482%7C161%7C162%7C163%7C164%7C165%7C17*.1874223-77019482%7C171%7C172%7C173%7C174%7C18%7C19,idMap:17*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:27,sinceFw:139,readyFired:true%7D&br=c
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dysonfutura-book.woff
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 0693 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/dysonfutura-book.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 23:37:24 GMT
date
Tue, 16 Jan 2024 23:37:24 GMT
x-content-type-options
nosniff
age
251908
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7928
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
dysonfutura-book.woff
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7CA0 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/dysonfutura-book.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 23:37:24 GMT
date
Tue, 16 Jan 2024 23:37:24 GMT
x-content-type-options
nosniff
age
251908
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7928
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
dysonfutura-book.woff
s0.2mdn.net/sadbundle/10322374245016296065/assets/ Frame 7E66 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10322374245016296065/assets/dysonfutura-book.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10322374245016296065/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/10322374245016296065/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 23:37:24 GMT
date
Tue, 16 Jan 2024 23:37:24 GMT
x-content-type-options
nosniff
age
251908
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7928
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 11:15:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
view
googleads4.g.doubleclick.net/pcs/ Frame 77E9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNPUdZFlacfPbZDWI79T0rDG8OwZa4znAqFpN3mlqLyjnPAYyWizxpn_BrNnaV8auOuyJBLeaxc_pRlA3vQF0jfpxopBwRVQY_GZqKTkD1waetY-OHdoHjrEo_T0CValQAOogv5BRm8Wd1p23lHMt6jIVV3cMKOZanOy7MVL0UymSNiArbUDOKHollGsPsOqt6WtiJzzy4oFGBBHzJTY7g652Mj31eKTvjaKujMB2sM39AfwStomKGG5tIMNu56WgZfc_-GLPR96W_aut_4ShxfQ2uhMKmISZE5RJOv9uoVF2KvvaG6RQtSMKJo1rLHLw4_2H1_3ex0CBENj4qHbW5JTNgreDl8GbSEEsmgCI4VRZK1ZRywwUWFK0IRa70Os3dMNNviZo4v8-lpFxkwBr7Vjz2AHUrrog9iYWL2kXWttWEMMasE-5-Mqxz_Z0JB4Y9qGs1Ldb97G3YKeCXj5wyhzrKhSHF7BgoaKKHQ8tQuI0HE3mypDQBur0czi_Q0ZfenjaOgjI90kUS0oAzxBd09AiLtS4dzKFHdbiH00Vmmw3hKsFWA6VFvY5NYGAAvl11YtuIVYv-nm2RePreC3m9rZABq7b0nY1eGK-E_jNX2UmFqN2CPBt6wv59qczh1GaDe_3P-xG8WwSxYQBJ1xVV0hsHhk9Nc036b2RYA26LY7p4VqEiy6kUSrRm_aUSZSO84-JlUiwk9BCewzn-oDQ4DK7y9COKCLEKFdYlO4c4HxvAYoXOodjpXyyYdRoHKEfhMVGJZ3aA-Hpk_Hf5FbauRiLvwwCYRHO9Jv0a_Oe3sjlHkJilzefP9QkV5CIJJKN0fx1t4JHp9Q4kjUzfbIE16JTXamIbwIvVmqSlYUuyqn9dUeVKBvb1jGfRqq1jVpeCOBTyQat2Z9Ild0UR8lcF0NCqLWzZ7dr_bCD3Zqso37-GDmZKOLU9H4IPCRtG5oiSCZajpM17Zxvxi6WBVvDLdhkbl5tDaSID4Yj4U5dVnUt4Qe1cZcnhhHb3vajMI2IOSg_9HDdgrpPIL4t9btWCOPXWG9m0oBMUa5QkCqSlv6F829RB5x0Xx6f5pH2tQpqsJ27WfO6QZrY62PIiHFwRRvy5RurBPu4ShpNcO7VAeFkTZ6fwZg88785QiVsWaLRy_kfAl39m-BQBfSvW1BhujhsQYoHHFBXoVaGDPA-X-4UznQ2FyD_QQLEzvQy0mwDnp5ubFQc3UwiFXfe5ghul2lPb_BTpqyFkTJUZzlgCmeT6JPaT_5DRWIKjaSdISar84Q1F2AtrSiTV9miqjcw66lG8xdrQN2GZDVuWtj7sjUjJFKHQG-V1liUfzZ4_0NQLRxM0S6-En70U6wmKYitRLZL5u5_AbSV5LeA3BEeTXxzN7QmYZz4&sai=AMfl-YS8qPbFlPB-J1LkUo671aHxpiQiMWAd2zHgKDLn69adMWRDA_pXEGc0i0yiAL8d4ZXuB5tsr9u1SPJ-TGjoRxDvtQK3367IvxmYEdRI2sRFCTQ0xFMBLgKa1RGl6sNu3inmoHV-p7JH_ghjNA95aSOKt2YeC2z90e_WWKivCfra-f_4FqFbW72wIm1b6KkVUS60vrhcYntg5pzw1v88kutO1BxB94samcQ2Rq5vSUkx5gKoP988gbIhkpdIuc3wjcKy&sig=Cg0ArKJSzCZD3yMKYUqZEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1020&vt=11&dtpt=685&dett=3&cstd=331&cisv=r20240118.33147&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame EA04 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuz5zsSuDBLl-UEddC12dfDCEoeDJIw8M6EDaDaqyTboM9IWP66kRbl2YWyEm1v5pnFZespKXACKgh_WiLwxxczT0BgYM8FvCLx07D9httO_2aE5NIJw2Y-bqrqnJv_fIVbVC-bBxuQp9HyCxeMOeRKLx4u1w0F8f26zErmSFYrNYsOoq-6jZibQquZXikPke1uiNWhigZ4GL1JMmSlMUavVXKZdJPhLvYFe-olWsh7QuSSuE6MrWe5PQ6yhuvOVce-407oXatfmAlVE0zCFGwcr7baEmeV8FSEzWfyFDXyMF8WTa2xpQ2l0noMH562zRUPSc_PAQWyyMNf8qf_Vr50YZ_IfVH4d2ORABXZXSaE0ToJLxbCugQURS2X8VXAO1JnJ9MNyb4TFDRAkptNVH7WVKQ0Oiz-XC9tlI7wao8E9wEZSsuOXoXtEy4XVGbtB3iE2ibiRcMPndvAqbgsH_vpD07e933pd1luY4pfkQ9D4TOr6CwJZDjiB6Qqem4zEYkivkzsEsf-bmMYHd81qz2pn0XLSNBszh_xB-ZcbCITdhpYWcfQRcQILzGaE0EBkPqxc7f91fuDaSJsLf9IHe9SNug-S-uiSWyB7eLJHNzcfLwjBemi7zGjTy_1Ki_imUz5jsctS5Dd2iIcagSWq9vOXYN_lEQAbhs3JH0lQycgVIh2MFlPHFeXzO-Q-Lw_6Y1Md2yY8Csx06C-oKx0wnnO_yUEsjoV0CNkCezoRItpMyOzw8nH6MBA8X2kTAfee_gOAlwYLJ4mkk5olqLS1LugJQSYUab13HauSSiawwKVznw4Y4i_C0PJTd8RltCz8TWvnBFhd2XyTg4uYmUbEqi1Bc-0rI61L-RgQUGG30_99wp-fdvmPzZpCjqVTZgyvqFEqs6GrIBdWL7GlOWoLPjxGrNKLJu40rYyiHTgauRJG6yo6Q1S8O5OYsXUwDYGcdfQyvs0gQLcibr8Rl9Xi-E5hcxUUbQPvtXnHvR_XXNMf4raO_yXYKjb7TAyooMdNIV-scr_zV8cdWkhdMzGViW-9A9b6gw6inZ6ZrEWTVhex-l2rBklXq4yW2M3ah5MhPYFtFhjcGRjbaZefWkVfEAjfhcwYuxzdjuJHk1Jsxr2osOWvMW2W7VUlaX3dXb7mf7kjd7FrEq9Y0QdegLqhdEwTZkUfpV_OmvRqMVJeVxssWBrsfVI8gxfUxqvmLleIZYGJ4-vjpewzWuzt9rbYkai4nmcddrKzz8xPsKzI3RCP3YijMArWqVtJtB-GvO90bVTGTmrVl1CZWAtB70dEYKtquGPMt0AFP7xA9ACGUg6X5lqVB4HzjZ2iK6zaTekik94Lopo7XugcY7GlA9gS4aFgEZ-6c1hxaX-l-b1ulU6DR5cKCrgpo3xErfe&sai=AMfl-YTHqMZ0WQHevPJWwEm_dihgc8dDezofpFRl2hr5gk9qDiWqvo2XQ_LAaN5JX9GbJHZp8o7XLQeudp6RkiKmvUvcSCqM_3Gmn0O49eiBKr7y8E-bYatOIkxuqD7qzveTM_7K3ml8W75sMQ8CsnHJ7wsbSGZybxT10kQhI0l6Yx_YceSw-bGkA16kV4a5N4C1njYd4HJq_Boc8tEutr8ov97ynN5ekqb4phCBK0hI04kbjzPqNkFAEgxsFG9ylgr7IBfU&sig=Cg0ArKJSzLxDlciyl7COEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=900&vt=11&dtpt=670&dett=3&cstd=228&cisv=r20240118.66559&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E91F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3BRp20pJpzy29Rf8uAjKpcscZ5nlrbBmO-_AxQpvB3Z6pNqQExTSnVoYe_h2tw-NPJZDhFM4nf7jqDgSVGat36VQxd6FPj_NMC1vPx_0nNcfsBfKSabVZGPyxQ7cYoGkByYz2CkqhlcZn3fZGVf4NE-4VQjMqSQObIx3cfRqhuH3Qv6-OUt3nTgXxx7FnrAb4QUauUq1HhS7bADLrl6vpva3lmRFZRZVOEkTKRRZtiIIoG-iigxAl6OiaNoxBDUFPcz8aXwHkBpgtWEGbpVpYWk4nNRabGxTXIdqCZltAW0s8aWLjjIf8nsCTKLL5pn_WagpjJOJNqLFLMBqnRqhas7oJ1Mr9OnEfVudWNnFaBfO1Oz5XbrKXgtLTBuJLOZWiS5k18Ny3vuJK3ov1foq_TFbOJLcSenOxKIhjoRwOaRquWfZey2s0CKpDfrz-Iabetm2OviMR-KpQuHwxmRK1v-9Q83gCqgu9Tju8EsJ7IvZhjkas76XD4Y9Wdr80UBc67xkr2v7SCcPLUfm9XiFJJIz6XFy8e3Kmzi_sBh3Udk7pEMknKHv7_7yq0QEw8Q55g_rjXO-sOzDUdzVq3wglpPIzxRDS5S6i3iI_kfpXRhZU8ZY-4nbovbnYmPxq9AiCE4Vprj5_TO3W2mFpSWZqWkJefnlGjZfe4pHag5glcUd8RgwFrot5h4QKq3jfeRTFC9_1z3zTf2ZRhMaTlf9WC8akgW_vG1zgCIkmES_JRxBVsHQP7SEC9W2xMelPIW4uiQ5Vu1zi1hFroxiUdMEu6sP_V5kP01wmgYXFrMkipAVwvRC1SqfvTU-jezd74zk9XywNLVR9R_jWe5URDVqUBlyQRgBjESmW-mmegz_HCnivfp3v5dFLRbMDECT4wYzpevgTXab2W4MNztZSdVCvGAxQM26K5Oeh_iVI3MmdDtWpUeiB0SlrBfn96dwjmBuXMYuzCg3hF1ZTnypQ5nZkONBTTlUuNizhiwhEQwm9a1qy83RDIlQxPGPvCKyu5EXrRSd0gLuZnJz-QJiryJESd6UvLBSh2gw7uvQ9llgN4_D7iOJMd-8DS1KyTAsCceEgv72K_wbk_W5g9iAwHOrQpVo-Q1ysAAMlgeMO4xgT9dlLfPV4EiNM5Xr2RfJeopjkcYtDb24XEVpIaGS0kgODNRb5ukmYym6bV6oRRlEpp5KK6W1nLdjHVfu7-TZMT7XlhsXPkWhTNcI5Ny3u__iz3RpdsvQ_4FimjMv1jyPn9M6_vuMq3SKGtcU1805QgZpjN3OlnR8SniCRT1oVnpFugK67pj8nb_wJZGBXad-qzeJXyOHCcFOyE8VJytFdua0NaJtKy9KlCvvTdVqj-TlTaJlK0LyYfM5vzUcAqKGCvYS-JPqrOTe5ByEF&sai=AMfl-YRpftuxMhJe_KhNAkQgPKwGc0MIZTonX3epcNvYuT2cGhURVUa4V4rZPHlsy9F9fNwmmnui11OebGwKqsOORibvKFchUweGNAbvU6P7DEElEkPaTozMucZ49h-BzMZiDwjLTteUSGK0OxCI6f703co9JlcSIBTgOmAeaZKFVmziCVFnTaPV88OpPR1eFmqVXox9ESw5FM8ZncJJEhI_DvsRwyejgHQrGj-8V6fNlgfkTTaXacVtWCUNvXo9iMFDjTXn&sig=Cg0ArKJSzGIQ6Ga56GimEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=887&vt=11&dtpt=654&dett=3&cstd=231&cisv=r20240118.51774&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
piano-frame.js
static.advance.net/static/common/js/ Frame 9BA0 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.advance.net/static/common/js/piano-frame.js
Requested by
Host: www.mlive.com
URL: https://www.mlive.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4918f51b2e5fe8e382052c64d1f082d4e7e52e4aa04b06805b41253a41fb7531

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 19 Jan 2024 21:35:52 GMT
x-shield-cache-expires
10
x-amz-request-id
Y7RHWQCRS9094V3Q
age
78
x-cache
HIT, HIT
x-host
static.advance.net
content-length
3628
x-served-by
cache-iad-kcgs7200148-IAD, cache-fra-etou8220047-FRA
last-modified
Wed, 06 Dec 2023 17:04:02 GMT
x-timer
S1705700152.178337,VS0,VE1
etag
"37bff6897042341f8c8fdd86cb8983a5"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
logo-mlive.svg
static.advance.net/static/common/img/paywall/lmg/ Frame 9BA0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.advance.net/static/common/img/paywall/lmg/logo-mlive.svg
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=8Gu2Z8RCvZ&templateId=OTC17X32BJCI&templateVariantId=OTVYQELJLLVQO&offerId=fakeOfferId&experienceId=EXKEU7YX3ZAL&iframeId=offer_0181b3622a7038624668-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.mlive.com&customVariables=%7B%22pagetype%22%3A%22homepage%22%2C%22origin%22%3A%22https%3A%2F%2Fwww.mlive.com%22%2C%22%22%3A1%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_cl%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_sy%5C%22%22%3A%22true%22%2C%22dcr_anonymous%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_ma%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_loyal%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_hss_sub_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_nj%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_low%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable_lc_med%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_mi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_or%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_addressable%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_si%5C%22%22%3A%22true%22%2C%22dcr_walltest%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_anonymous_hi%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_sub_risk%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_personicx_prospects%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_pn%5C%22%22%3A%22true%22%2C%22dcr_anonymous_low%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_hi%5C%22%22%3A%22true%22%2C%22dcr_anonymous_mi%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_lv%5C%22%22%3A%22true%22%2C%22dcr_early_eng%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_all%5C%22%22%3A%22true%22%2C%22Visitors%20not%20in%20segment%20%5C%22dcr_qp_al%5C%22%22%3A%22true%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
date
Fri, 19 Jan 2024 21:35:52 GMT
x-shield-cache-expires
10
x-amz-request-id
SATAT09Y2KXP70FE
age
2060
x-cache
HIT, HIT
x-host
static.advance.net
content-length
879
x-served-by
cache-iad-kcgs7200092-IAD, cache-fra-etou8220047-FRA
last-modified
Mon, 27 Jan 2020 14:39:52 GMT
x-timer
S1705700152.179162,VS0,VE88
etag
"eddae84ef46240dace31d24e6e3f4dae"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
115
check.analytics.rlcdn.com/check/ 		25 B
386 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/115
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-66.fra50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 19 Jan 2024 21:35:52 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amzn-trace-id
Root=1-65aaeb38-1e87b2f85d13df40026de535
x-amzn-requestid
308ad67a-e24f-4a91-a655-6ae68debfc27
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
Rzmw2E_xDoEEXFA=
content-length
25
x-amz-cf-id
Qw7OwnxzxjX7ZnW7PPpLpbEZ6oW1rNi5860-GXBomR7Ji1u9xEDpOw==
activeview
pagead2.googlesyndication.com/pcs/ Frame 77E9 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5D81VxQxFHfRRdmiT5cAf5ScF75mNUgN_gzeh4-lY3XsUkavnhDynqEVpBk-L-EN8TG1DZG9CDxtSjAayuRLf1lh5ejpOUM0oKfH9M9RzSxXhCbuHkPdrC0qenUfxprPFVzgAJSnCoLmO8NgdBS_A1vCe&sai=AMfl-YRXEgiapZnbQ_6Lyj43VEBXG9gY56JPbM0JykEwMXcIjqT5UDPm7tmjTQQHhplyvy5kqlPI3TizKLJ5GWfagw6ePnAWAOHrldp4pXTdmo32jv8pp6G_fYD5ayk&sig=Cg0ArKJSzL6hBEUrDYq1EAE&cid=CAQSOwAvHhf_6SoPc4UWnwSQrGFe4fnWscxRPGy7DksfJwGZGxPiEqPykY8kanUzf7jX2qyr0TRjZKr2d9VZGAE&id=lidar2&mcvt=1021&p=165,1135,415,1435&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1117919376&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705700150462&rpt=700&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 77E9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=33110bad-c45a-f07f-9cc1-f43d58777aba&tv=%7Bc:1MKO0R,pingTime:-10,time:765,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705700152301%7C%7Ccd40bbe183d64aaa4b93a7d86ce0dcf3%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C9017016dfafea283f471baa35a1ef5f4%7C%7Cf5e702a79b7b94ee57153facc751e2b7%7C%7Cf47db9aff970ce8bcbeb005933975ded%7C%7Cf9340f52a2fa637ff01510bb520c9d42%7C%7C702f899f948055e9aada83fcfcaa53e6%7C%7C1663701684,im:%7BpWait:73%7D,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D%7D
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6486 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B2L2_NuuqZbaFOKCWx_AP966o0A0AAAAAOAHgBAI&bg=!NzSlNHvNAAa8BdJLnAU7ADQBe5WfOG64sBlww14Skq4JPX5Aj4DOVeAlsM8AgWxFYqw1QXDj2MgA-g1Kav7Rf3nmdzizAgAAAu5SAAAABWgBB5kDB3autm04D8a4-1mQZh57pc5kI-veo1erFiULUldQZ1BSZMLBkUNK_JYpd1wj4zqzPu9661eWlhFEijb9OXtQet2ALLWTXzEIqgbdpikobUXu4-P34PChIAdWK3o1pHnzrGtFu6I5lmZKmp_cOA94UtJfNThOETed_e7ATWA0fL3rINcNDBSAWZD3DMY_Msi3b9R3reu5UhqWkBg9KNRAzX62YcT0ZkHxIndr2yKAcVxCmL1WFRu6iwrjvud1uRh-LVKwv9Fy2gMVFNSzjtlgX9qFNc3C0J_DXv_p6vnO8WcGfFGCAOkPW6b2xUXBUb7nJF0iyoNjLywTIrvTHfAGhj65I416yU0298zt0qwGACGpveK1e02GQtpD7uev5LNCrDCsqKrrhe3fCmx3MFTb8saQ1AioFLu5kXopTFJRinhiIQptTGl9sDcR8z-Duqdu2oLrf3v_MjI-nbIMswuSiPLDZY2PilG9nqBsKmYlS6Y83iK8KxoPBik6IQNCZ2jRPZ2HpLfmDeSbiq0q8YADLoHeGlzN49-8tlrkVXUHGVAquHE8VtloTJxZq1RdulgiTFqLONwrRVCB9cnHtCR7a8ZbXyhMqmMvtoehUqvtKhU_X425XF6VUnkHntYCA0UtrzBqH_krgTDqe_m9CcF-qjPuB645QZueU9YRyn0zBMpcf3lfvIhwMFK8ocKTMyj_HT7YHPKawH0dTBCcs6-7_7CvpjxJtxUf28uYGJxa3hDtUmjSlCok27F9IV9pCikpQh-PqwdoV_9Fvi3vIn4LsqT4sPVhg1b77vrvjnb8doGmpVI53Ci-jIiAofsl6qLeNLT2B4ibR_TfU9lde36PBfoUVzesetCc1WGo35Eljzg7Et42YFw6Fl5152z3-frJBBpjdlaGj7P93_WTtyIqHLci-MMjFOEdxysS5nDBJFM9ExRSi1oOr-afxOsuSW_9zjpK6NFSbkAQJaSMNEw7k_ufsXg3jjbbPIALAe3toPSHKtqv1XU2J-xtrPubH_57FiedYuB3vYw
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E91F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0UAtGlorXXskDqu4TgTfDkU6Jj_PkxLEAMzaMxOuLxhCtOhJWSuH3vsa8saZ7bO5QxBdk_3Xj6_IqoiQzcXQR4is-uPIuLE_umNiOkImMsvgF_CI2LC4A1yFHFG_qxVpYIfmud-kPNxvnkLgGBHHegaj8&sai=AMfl-YTFpI_BScLBxJtFDj0zb7SMyXK-cHhFKXdrL_ZeYVhccXbqpZoKjhIuHC5qMqPCH8PcRTQ-fDpfcFtJznRg6WNowfO3UBtXQv9t41wQshirIaEqjTmrlYfbXTI&sig=Cg0ArKJSzFIZiCAWIf-SEAE&cid=CAQSOwAvHhf_6SoPc4UWnwSQrGFe4fnWscxRPGy7DksfJwGZGxPiEqPykY8kanUzf7jX2qyr0TRjZKr2d9VZGAE&id=lidar2&mcvt=1046&p=905,1135,1155,1435&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3501067380&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705700150478&rpt=815&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EA04 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpjxlxQynM0lt6KeuiF5LdSGrxrbTrnn0lHbujcuEOkMQCkVbB_UQjLS7ZonSJ5cDxSZYNHmW4YjMmgihamDnEto4YSONGkTFH7_u4-QWtzVr5-s8ZlGTwwpIK8oypXziCwg77bi0mRl0yPOJyFL2KCGhM&sai=AMfl-YT8pHv_NbnpTxKX9H3iKiHoPgAlFC8t2bp3bijQfNt0PGtgPCwE85mm5Uo6RGIESixyJg7PPj1FsSWWasiZ0JBWPrUCBHGilb7ffR1jibL-NTCbuVwVBPh5VGY&sig=Cg0ArKJSzE3bPe_FQ6MEEAE&cid=CAQSOwAvHhf_6SoPc4UWnwSQrGFe4fnWscxRPGy7DksfJwGZGxPiEqPykY8kanUzf7jX2qyr0TRjZKr2d9VZGAE&id=lidar2&mcvt=1050&p=937,165,1187,465&mtos=1050,1050,1050,1050,1050&tos=1050,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1117919391&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705700150469&rpt=788&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logAutoMicroConversion
api-v3.tinypass.com/api/v3/conversion/ 		49 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-v3.tinypass.com/api/v3/conversion/logAutoMicroConversion?page_title=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&url=https%3A%2F%2Fwww.mlive.com%2F&page_view_id=lrl5tu9w62uaa1hi&referrer=&content_author=&tags=null&content_type=website&tracking_id=%7Bkpdx%7DAAABAG3t2yLw8QoKOEd1Mlo4UkN2WhIQbHJsNXR1OXc2MnVhYTFoaRoMRVhLRVU3WVgzWkFMIiUxODA1Y3M4MGE0LTAwMDAzMzkza3I3cHJlZmkxaHBpM2lvZHRnKhpzaG93VGVtcGxhdGUxT0RTTEFHWlg3V1g3MTABOgxPVEMxN1gzMkJKQ0lCDU9UVllRRUxKTExWUU9SS3YtMjAyNC0wMS0xOS0yMi0zNS00OS0xMzgtbkFudFRZTzk2NHk1MlhHOS1hMTM0YzQ5ZDg3M2FhNTBmZWNkZjk3YTUzMmYyOWNjNFoUMmEwMTo0YTA6MTMzODo5Mjo6MTFiA2R3Y2i3-bCtBnAQeAQ&browser_id=lrl5tu9w2exa9xj0&event_type=EXTERNAL_EVENT&event_group_id=config&custom_params=%7B%22config%22%3A%22%7B%5C%22type%5C%22%3A%5C%22bottomfixed%5C%22%2C%5C%22version%5C%22%3A%5C%22cta%5C%22%2C%5C%22placement%5C%22%3A%5C%22bottom-fixed%5C%22%2C%5C%22newsletterId%5C%22%3A%5C%22%5C%22%2C%5C%22closable%5C%22%3A%5C%22true%5C%22%2C%5C%22scrollLock%5C%22%3A%5C%22true%5C%22%7D%22%7D&cookie_consents=null&previous_user_segments=null&callback=jsonp4336
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddab815dc87048f28c297dc94d5e855ba7cae2af900d31c8da41e187a8df636d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
848235c0bead30e8-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
Msn2j7snZBA
expires
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1095691862&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mlive.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=nonblocking&ea=bottomfixed_shown&el=var%3A%22OTVYQELJLLVQO%22%7Cexp%3A%22EXKEU7YX3ZAL%22%7Cver%3A%22cta%22%7Cmet%3A%22Support%20Meter%22%7Ctot%3A%221%22%7Cmax%3A%227%22%7Cterm%3A%22%22&ev=0&_u=aDDAAEABAAQCACgFKAC~&jid=&gjid=&cid=259527336.1705700149&tid=UA-16643585-16&_gid=1134932906.1705700150&gtm=45He41h0n81TLXFLCRv78133989&cd1=undefined&cd2=1---&cd3=undefined&cd6=undefined&cd11=undefined&cd16=undefined&cd18=undefined&cd19=undefined&cd20=false&cd21=undefined&cd23=undefined&cd28=undefined&cd29=undefined&cd30=homepage&cd31=undefined&cd33=undefined&cd34=1&cd35=undefined&cd36=undefined&cd37=undefined&cd46=homepage-beta&cd47=desktop&cd50=GA%20-%20event%20call&cd52=undefined&cd54=Home%20Page&cd55=undefined&cd56=undefined&cd57=undefined&cd58=undefined&cd60=undefined&cd62=undefined&cd63=undefined&cd64=undefined&cd65=undefined&cd66=undefined&cd67=undefined&cd68=undefined&cd69=undefined&cd70=undefined&cd71=undefined&cd72=undefined&cd73=undefined&cd74=undefined&cd87=sub-group-b&cd99=undefined&cd102=undefined&cd103=undefined&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd61=259527336.1705700149&cd98=meterName%3A%20%22Support%20Meter%22%7C%7CtotalViews%3A%201%7C%7CmaxViews%3A%207&z=1980531963
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 01:10:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
73547
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&metername=Support%20Meter&metered=1%7C7&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=17&tvcfg=all&tid=01af1ea6-c8fc-416c-9395-7147116203e3&pid=caee0ffe-279e-4742-afd5-80498fce2f2f&dtm=1705700152469&qnm=_matherq&visible=1&tabid=35c06796-7ac2-424d-adf9-1aec59f260ad&url=https%3A%2F%2Fwww.mlive.com%2F&vp=1600x1200&ds=1600x1200&tofa=1705700149&vid=1&lvidt=1705700149&duid=50d28e3c-3c15-429c-89c7-a96038e677a0&fp=3292556798&cid=ma63527&mrk=484602605&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJjdXN0b21fZXZlbnQiLCJhY3Rpb24iOiJjb25maWciLCJkYXRhIjp7ImV4cGVyaWVuY2VBY3Rpb25JZCI6InNob3dUZW1wbGF0ZTFPRFNMQUdaWDdXWDcxIiwiY3VzdG9tRXZlbnROYW1lIjoiY29uZmlnIiwiY29udGFpbmVyU2VsZWN0b3IiOiIjYm90dG9tLWZpeGVkLW1vZGFsIiwiZXZlbnROYW1lIjoiY29uZmlnIiwicGFyYW1zIjp7ImNvbmZpZyI6IntcInR5cGVcIjpcImJvdHRvbWZpeGVkXCIsXCJ2ZXJzaW9uXCI6XCJjdGFcIixcInBsYWNlbWVudFwiOlwiYm90dG9tLWZpeGVkXCIsXCJuZXdzbGV0dGVySWRcIjpcIlwiLFwiY2xvc2FibGVcIjpcInRydWVcIixcInNjcm9sbExvY2tcIjpcInRydWVcIn0ifX0sInZlbmRvciI6InBpYW5vIiwidHlwZSI6InVua25vd24ifSwiaWRlbnRpdGllcyI6W3sidHlwZSI6ImdhIiwiaWQiOiIyNTk1MjczMzYiLCJyZWZUaW1lIjoiMTcwNTcwMDE1MjQ2OCJ9XX0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.1.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-1-107.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 19 Jan 2024 21:35:52 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
farnhamheadline-semi-bold.woff
fonts.advance.net/fonts/v1/farnham-headline-semi-bold/ Frame 9BA0 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/v1/farnham-headline-semi-bold/farnhamheadline-semi-bold.woff
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 19 Jan 2024 21:35:52 GMT
x-shield-cache-expires
10
x-amz-request-id
8BC132N70D5B0VFY
age
16215
x-cache
HIT, HIT
x-host
fonts.advance.net
content-length
37160
x-served-by
cache-iad-kiad7000038-IAD, cache-fra-etou8220077-FRA
last-modified
Wed, 19 Sep 2018 19:27:30 GMT
x-timer
S1705700153.623582,VS0,VE0
etag
"c9a8222fbabe6b700baacd21dd7a1f61"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
s-maxage-ignore=86400, no-store
Inter-Regular.woff2
fonts.advance.net/fonts/inter/ Frame 9BA0 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/inter/Inter-Regular.woff2
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 19 Jan 2024 21:35:52 GMT
x-shield-cache-expires
10
x-amz-request-id
BFTJBMVY6VG8SZEX
age
2208
x-cache
HIT, HIT
x-host
fonts.advance.net
content-length
98868
x-served-by
cache-iad-kjyo7100054-IAD, cache-fra-etou8220077-FRA
last-modified
Mon, 17 Jul 2023 14:21:52 GMT
x-timer
S1705700153.623674,VS0,VE1
etag
"dc131113894217b5031000575d9de002"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
Inter-SemiBold.woff2
fonts.advance.net/fonts/inter/ Frame 9BA0 		103 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.advance.net/fonts/inter/Inter-SemiBold.woff2
Requested by
Host: static.advance.net
URL: https://static.advance.net/static/common/css/piano-frame.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

Request headers

Referer
https://static.advance.net/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 19 Jan 2024 21:35:52 GMT
x-shield-cache-expires
10
x-amz-request-id
BFTY2FVC866NHJJ7
age
4802
x-cache
HIT, HIT
x-host
fonts.advance.net
content-length
105804
x-served-by
cache-iad-kcgs7200165-IAD, cache-fra-etou8220077-FRA
last-modified
Mon, 17 Jul 2023 14:21:52 GMT
x-timer
S1705700153.623615,VS0,VE1
etag
"007ad31a53f4ab3f58ee74f2308482ce"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
dt
dt.adsafeprotected.com/ Frame E91F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=3ba1e317-9d71-b45e-93fd-71d047da65b5&tv=%7Bc:1MKO3J,pingTime:-10,time:706,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705700152301%7C%7Ccd40bbe183d64aaa4b93a7d86ce0dcf3%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C9017016dfafea283f471baa35a1ef5f4%7C%7Cf5e702a79b7b94ee57153facc751e2b7%7C%7Cf47db9aff970ce8bcbeb005933975ded%7C%7Cf9340f52a2fa637ff01510bb520c9d42%7C%7C702f899f948055e9aada83fcfcaa53e6%7C%7C1663701684,im:%7Bpci:%7Btdr:309%7D%7D,sca:%7Bspg:33110bad-c45a-f07f-9cc1-f43d58777aba%7D,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D%7D
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame EA04 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=7a03b63b-3834-3415-db72-ecf614054dec&tv=%7Bc:1MKO47,time:789,type:e,im:%7Bpci:%7Btdr:368%7D%7D,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:789,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B782~0%5D,as:%5B782~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:430,fm:u1QA0uI+11%7C12%7C13%7C14%7C15.1874223-77019482%7C151%7C152%7C1531%7C154%7C155%7C16*.1874223-77019482%7C161%7C162%7C163%7C164%7C17.1874223-77019482%7C171%7C172%7C173%7C174%7C18%7C19,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:23,sis:363%7D&br=c
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 439F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BIKfaN-uqZavmA9WojuwPj7WlwAEAAAAAOAHgBAI&bg=!KCulK2TNAAa8BdJLnAU7ADQBe5WfODy5p5_4j9QOTg_bE8GfCdDcNSi3zVoznpa_SZB_pmKRFiAWQuZuymPaorRIbTUoAgAAAjZSAAAABGgBB5kDBm9ckyzoSXnavUNANowkT5MS8rBsSBBizwyxypdDltanatvvVw5Phh_X-uguWkw0G1WbCpKlZ9B9fWpgtUL7jsvYNaFTUX4N_z6_8LHdhvtYzmU-q1wh8JOwYq4jPkBDdYUjsUHTo46F-EyKLq2oVt026jarFnnH4jXa0hAIqPRfrTvsTXggXaJ6rWtBMSBhQTcdd4xIq8jz_pqfDMTtgA95dU8hZqDTFoh9oXxPLU2QS6Bc138R8zmkp1of_7CqGY-YRESSk4dXmzavBKm6A8DA3DItOvZErxRwBRvxd0CTYlvwm_KpG4WHsi6qYzRR0-eHe6NQx1E9Wd_6BQlpVEQ1u0A3aa2Lypy3hGMyDYaBSlvjzxQZ7wKbvT7wfdmI-Il_3UoLl2n9fZpAhVKFJhlj8tcN_tolRJzWfsvIjhbOkyjeQkfUpNfO2iGtcffznvguXqR9Ea2YfyBNqrrTYqJA1EbIQULCcGKf1M9WX8OlHd1YpEoqcD4lVWnvXssFy89B2gFoNyoArywErIhVjp14KfxwzlpXxSpJKXfBFCm3jXxkjMx4vkAFPHtiTioa5OexoNkNgnhnPi3rX4GohviRJ7WyqOIapFfJfIxDxkqaDeXko-l6H2xa-D-DgzSo-7Qzcdmvr90TSTEts2mVpghXu6G9u1Pw5B4QC459Idd9Z3i04dnYWZJF-DT2xPryLiXjRNeEk6omTIZ_LAMS1Ea5HCAw_AjYKwg2E39vzRuvMjbKvgQlstdlFk39PkVZwfJO9R8WGfH4w9Q10yJWxEXuwcw6T8hEPOVOQJ3r79R576VfiK7oravcEjhO-aL9FrH5BDYT0Tgz_5ZMuBdf61l-bqnlCDys1tWH_0m5EMH7WkWmve2_9d0p71NrjhEquMkO7kzbwm0bBPE29jMpnKvkDev-62KxKH_XY69rAxi04PJAfuzaBM16EmxkyUckROaEqlquU3Hq7N1IZ7YFvXca86QW4ZUbbIrETAQ6nlu39QoQqRn-ZGUra_bckjSwY51J0aVDkA
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C201 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BwH-6N-uqZZzlA6erjuwPm4OuoAkAAAAAOAHgBAI&bg=!LyylLGPNAAa8BdJLnAU7ADQBe5WfOMKRjVeUIozUcrtl5MNIqK7k9r8YZy4XkeirVuSte4AuoRL3oOrdhnU_G1YF6BRxAgAAAftSAAAABWgBB5kDCylCT71m83XAAEUYJEQIBnLyJL9KXsGStIU87HLcv7sf_S5u8HWkkgLop6binV1ec0dG0_7pR2X0lORIdo8rNkaiFjRYAFXobdBl-fO4iz8SWHBSzRF6WUayMzWCRUAEJLA88C6ytTVn65ws1l30nApN1krwv5hvtJvJfmQ3XV0oqAlID7BFGFoiSpXqZaT2h22b1FO6Bt7EncqY0ZfcScXQSORO3p0dhTm88fMBpI8B3klaU2_zJspFJjLCM2orbVKDnreRIKWoKu2lrqR1OL3v9FESH802ypUVk2fH1HOiSsUoudGKizEeBjQPAHbbdQwaAbu0l1EBps9wwFevIJOiEryz_nuZFWhzttH2RnjL6ZhoNF0sSOl4K9GQBkMWHBk5LprDIelHJKPEpaIKfeyZGSqDMMIVP7GkrFd8s9-RIGzDxk_kbuVUexUaxwwnma1rwb-ZInq7V3pidJ2uYlFFlzrRTmiR58FgxDnWewKyFMMDwkbgDVRdjjr052t9SSycVAqmkzwkrOHcD9jsnVKiOlcKxNUlrSFspFybQ4Vf0Ifgx2R32Hh_QOHPWJOMUSm75YU_coqoZC8687y0_IhISO9PXTa64S2rq53IZIgAHiXuBrPlrxx_sDTEv6FJGD05RjZMhl4jDwp10F3NEYtUxUfQVqpZ3zjA9DfBouFTQYKTi3FqyDeASL4t4LThcFdGUpMl9vu9_DrQC2yNBC9xwR0YNNwFncBcYjWGT5UNVR9gHud6wTYjwNqoGAnMeRGmB8O3EU3k88e5U13lgcIZ0QvG9xQYTDDs8Eh2PfzIJ8mpa-LXMJ-r4NRvIuCGXygLCvDk5xZPcCYsLgmJ112yDl--q9mWsK8Wpv35xG2eFRcnVIPehZkUM-A_EFTx5w1lLZwv0qJOSUJLLzbSThNov7mDHvuHksR834Ge9yjcGx7JeBcpiKNPwyN5GU6LsuFtSs3GAQH95X8BwvdzLAnroONli7hJn73rYtekgSRVuToW3CfnJhv86OBYj9QXzAxD4hwK8yRuPAWa
Requested by
Host: 2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
URL: https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 77E9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=33110bad-c45a-f07f-9cc1-f43d58777aba&tv=%7Bc:1MKO5C,time:1060,type:e,im:%7BpLoad:996%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1060,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:63,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1046~0%5D,as:%5B1046~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:229,fm:u1QA0uI+11%7C12%7C13%7C14%7C15*.1874223-77019482%7C151%7C152%7C1531%7C154%7C16.1874223-77019482%7C161%7C162%7C163%7C164%7C17.1874223-77019482%7C171%7C172%7C173%7C174%7C18%7C19%7C1a,idMap:15*,rmeas:1,rend:0,renddet:svg.us,siq:65,sis:538%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 77E9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=33110bad-c45a-f07f-9cc1-f43d58777aba&tv=%7Bc:1MKO6h,time:1101,type:e,im:%7Bpci:%7Btdr:1012%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1101,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:63,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1087~0%5D,as:%5B1087~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:229,fm:u1QA0uI+11%7C12%7C13%7C14%7C15*.1874223-77019482%7C151%7C152%7C1531%7C154%7C16.1874223-77019482%7C161%7C162%7C163%7C164%7C17.1874223-77019482%7C171%7C172%7C173%7C174%7C18%7C19%7C1a,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:65,sis:538%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
server
nginx
x-server-name
dt26.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame EA04 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=7a03b63b-3834-3415-db72-ecf614054dec&tv=%7Bc:1MKO7M,pingTime:-10,time:1016,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705700152301%7C%7Ccd40bbe183d64aaa4b93a7d86ce0dcf3%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C9017016dfafea283f471baa35a1ef5f4%7C%7Cf5e702a79b7b94ee57153facc751e2b7%7C%7Cf47db9aff970ce8bcbeb005933975ded%7C%7Cf9340f52a2fa637ff01510bb520c9d42%7C%7C702f899f948055e9aada83fcfcaa53e6%7C%7C1663701684,sca:%7Bspg:33110bad-c45a-f07f-9cc1-f43d58777aba%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:52 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 77E9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5680060220746&version=m202309260101&ct=76&x=1&cor=6368955907148292000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E91F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7452545670572&version=m202309260101&ct=76&x=1&cor=17120359627771159000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA04 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8450894212482&version=m202309260101&ct=76&x=1&cor=11076463951323701000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 77E9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=33110bad-c45a-f07f-9cc1-f43d58777aba&tv=%7Bc:1MKOq0,pingTime:1,time:2324,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:63%7D,%7Bpiv:100,vs:i,r:,t:1323%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1323,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:63,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1309~0,0~100%5D,as:%5B1309~300.250%5D%7D%7D,%7Bsl:i,t:1323,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:200,fm:u1QA0uI+11%7C12%7C13%7C14%7C15*.1874223-77019482%7C151%7C152%7C1531%7C154%7C16.1874223-77019482%7C161%7C162%7C163%7C164%7C17.1874223-77019482%7C171%7C172%7C173%7C174%7C18%7C19%7C1a,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:65,sis:538%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:53 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 77E9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=33110bad-c45a-f07f-9cc1-f43d58777aba&tv=%7Bc:1MKOq0,pingTime:1,time:2324,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:63%7D,%7Bpiv:100,vs:i,r:,t:1323%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1323,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:63,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1309~0,0~100%5D,as:%5B1309~300.250%5D%7D%7D,%7Bsl:i,t:1323,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:200,fm:u1QA0uI+11%7C12%7C13%7C14%7C15*.1874223-77019482%7C151%7C152%7C1531%7C154%7C16.1874223-77019482%7C161%7C162%7C163%7C164%7C17.1874223-77019482%7C171%7C172%7C173%7C174%7C18%7C19%7C1a,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:65,sis:538%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:53 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame EA04 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=7a03b63b-3834-3415-db72-ecf614054dec&tv=%7Bc:1MKOr7,pingTime:1,time:2215,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:21%7D,%7Bpiv:100,vs:i,r:,t:1214%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1214,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1207~0,0~100%5D,as:%5B1207~300.250%5D%7D%7D,%7Bsl:i,t:1214,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:201,fm:u1QA0uI+11%7C12%7C13%7C14%7C15.1874223-77019482%7C151%7C152%7C1531%7C154%7C155%7C16*.1874223-77019482%7C161%7C162%7C163%7C164%7C17.1874223-77019482%7C171%7C172%7C173%7C174%7C18%7C19,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:23,sis:363%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:54 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame EA04 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=7a03b63b-3834-3415-db72-ecf614054dec&tv=%7Bc:1MKOr7,pingTime:1,time:2215,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:21%7D,%7Bpiv:100,vs:i,r:,t:1214%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1214,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1207~0,0~100%5D,as:%5B1207~300.250%5D%7D%7D,%7Bsl:i,t:1214,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:201,fm:u1QA0uI+11%7C12%7C13%7C14%7C15.1874223-77019482%7C151%7C152%7C1531%7C154%7C155%7C16*.1874223-77019482%7C161%7C162%7C163%7C164%7C17.1874223-77019482%7C171%7C172%7C173%7C174%7C18%7C19,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:23,sis:363%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:54 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame E91F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=3ba1e317-9d71-b45e-93fd-71d047da65b5&tv=%7Bc:1MKOrT,pingTime:1,time:2204,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:26%7D,%7Bpiv:100,vs:i,r:,t:1203%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1203,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1195~0,0~100%5D,as:%5B1195~300.250%5D%7D%7D,%7Bsl:i,t:1203,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:201,fm:u1QA0uI+11%7C12%7C13%7C14%7C15.1874223-77019482%7C151%7C152%7C1531%7C154%7C155%7C16.1874223-77019482%7C161%7C162%7C163%7C164%7C165%7C17*.1874223-77019482%7C171%7C172%7C173%7C174%7C18%7C19,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:27,sis:389%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:54 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame E91F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=3ba1e317-9d71-b45e-93fd-71d047da65b5&tv=%7Bc:1MKOrT,pingTime:1,time:2204,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:26%7D,%7Bpiv:100,vs:i,r:,t:1203%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1203,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1195~0,0~100%5D,as:%5B1195~300.250%5D%7D%7D,%7Bsl:i,t:1203,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:201,fm:u1QA0uI+11%7C12%7C13%7C14%7C15.1874223-77019482%7C151%7C152%7C1531%7C154%7C155%7C16.1874223-77019482%7C161%7C162%7C163%7C164%7C165%7C17*.1874223-77019482%7C171%7C172%7C173%7C174%7C18%7C19,idMap:17*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:27,sis:389%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:7554:8097:1e86:2b70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:54 GMT
server
nginx
x-server-name
dt26.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sdk-runtime-config.js
buy.tinypass.com/api/v3/anon/assets/ 		266 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=8Gu2Z8RCvZ
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ebf4fd08a62c629898ba6592d3f313f271a076d54312c3ba79aa09a086e18d7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:54 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mun2j7sCNmt
wn
prod-dash-10-0-128-7
last-modified
Fri, 19 Jan 2024 14:57:41 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.005
cache-control
public, max-age=14400
cf-ray
848235ccbac52be6-FRA
expires
Sat, 20 Jan 2024 01:35:54 GMT
checksync.php
contextual.media.net/ Frame 0BD4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU211111&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
08f10fbdbaf77a3c991197c623caf1ee175e4711b5b9188c30ee3aa42b67a5d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
8075
content-type
text/html; charset=UTF-8
date
Fri, 19 Jan 2024 21:35:55 GMT
expires
Sun, 21 Jan 2024 21:35:55 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 3CC0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
664
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
848235d13d106a74-TXL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 19 Jan 2024 21:35:55 GMT
expires
Sat, 20 Jan 2024 01:35:55 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0852 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Jan 2024 21:35:55 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4C73 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/10071.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.mlive.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=124730
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 19 Jan 2024 21:35:55 GMT
expires
Sun, 21 Jan 2024 08:14:45 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
match.adsrvr.org/track/ 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:55 GMT
server
Kestrel
content-length
70
content-type
image/gif
cm
trc.taboola.com/sg/prebidJS/1/ 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/prebidJS/1/cm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
34
date
Fri, 19 Jan 2024 21:35:55 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
32493
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-sof1510021-SOF
pragma
no-cache
server
nginx
x-timer
S1705700155.139441,VS0,VE34
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
usermatch
ssum-sec.casalemedia.com/ Frame A2D5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b5280819c49bf550dc1a1f18a73ec88d61aad71158750bcfe7ecec95a1523bd

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
848235d18c9b4534-TXL
content-encoding
br
content-type
text/html
date
Fri, 19 Jan 2024 21:35:55 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRhXkSHawfCPyjbHVrwmGrM%2BWxvqpIHmKfIsgD0b1XXTNVMMvHT1G1nJuMjZMYLBjhN8Zdgl0lC2T72VY6MZZkhPMJlTvAHciprzyWdyxxFjvZ1BJfFUpAdf0wa9nhnEInkyHZpSCMmHyw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 0852 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
15fa995712e39a5f45ccac6d7c1ebb7a5f8644e88ce7bcc657c36b64890390b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 21:35:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Jan 2024 16:51:07 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=69332
Connection
keep-alive
Content-Length
10965
Expires
Sat, 20 Jan 2024 16:51:27 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 4C73 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=71189188&p=159879&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159879
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:54 GMT
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame A2D5
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZarrNo1xK6sSCVO0lcCv5QAA%261161&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:55 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
240903
expires
Fri, 19 Jan 2024 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Fri, 19 Jan 2024 21:35:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
usermatchredir
ssum-sec.casalemedia.com/ Frame A2D5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZarrNo1xK6sSCVO0lcCv5QAABIkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENfPjUKncNGMhHjbYuI3PJc&google_cver=1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENfPjUKncNGMhHjbYuI3PJc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJZ8W2XSQziNmPQbiMXqo5kjzIji8%2Fp%2B6i0nF2jqfwZQy9JtQEbx19eu9VKXYq%2FOyW8WehVNV9RkXM3SGjAoB1XsasLAqEQ%2FviITLX21yjBOAJqv7xOjO%2F2%2BhBe0%2FSQdwMivxbCjWkvMLg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848235d25e1c4534-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENfPjUKncNGMhHjbYuI3PJc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A2D5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZarrNo1xK6sSCVO0lcCv5QAABIkAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZarrNo1xK6sSCVO0lcCv5QAABIkAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZarrNo1xK6sSCVO0lcCv5QAABIkAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 21:35:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CE72ZFFTXZP7FF9TBKR7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 21:35:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PNAW5YTDEK4MJ5AK5YQ5
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZarrNo1xK6sSCVO0lcCv5QAABIkAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A2D5 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:55 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame A2D5
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329529971518225
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329529971518225
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwNAAcFxuXrzmIcyT5METpyd4OZQ1iheAjOvEqr0y0UC6I8yzICkEgLS%2FUzg6NyQMmiAwy%2BsewFEXtZaq4uCdpIkUY8nChAN%2FzXkimQvjmS4FoIYmGGqi%2B5ygWGEDjOFppNpy69XYWxOEg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848235d3f8f64534-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329529971518225
Date
Fri, 19 Jan 2024 21:35:55 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ie
match.prod.bidr.io/cookie-sync/ Frame A2D5 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.118.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-118-115.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 19 Jan 2024 21:35:55 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame A2D5
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1705786555
43 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1705786555
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LW5tJoCqUiaZyY5DIpwUSKdtEhDlE0ZHFpDRj3P4WwybgNG43G%2FCdou%2F%2FmoCNcQz2M00LQJ9HkkRoYv%2FFukSx%2FGcgpDG%2FFFaKVuSyjMAcxqwRgZYQqK2rRvLVN9QptTR8sXzN4HD"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848235d39acc4480-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1705786555
pragma
no-cache
date
Fri, 19 Jan 2024 21:35:55 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame A2D5
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8946718288451835428
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8946718288451835428
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siom5vQ59BqUXbXYzl%2Bd%2FnPzXm7TZap2bcKBSVRyDRqObblX05DkkntHLqiMZHyF6%2Bvzw8KnII9hLeiAIkSlmIhjSIl6ZVBSDbLDsAccBuxuVg9sU0GnC62bSC0NRCLpaBZglBYhkFUWXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848235d24e0c4534-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:55 GMT
an-x-request-uuid
f21768fb-b9ad-4372-bc53-544c5bc1cf34
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8946718288451835428
x-proxy-origin
80.255.7.105; 80.255.7.105; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame A2D5 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZarrNo1xK6sSCVO0lcCv5QAA%261161
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.mlive.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 21:35:55 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
49952
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
848235d21f1c6a74-TXL
content-length
43
expires
Sat, 20 Jan 2024 21:35:55 GMT
khaos.json
token.rubiconproject.com/ Frame 0852 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&pxm=1&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=-&i=ADVANCEDDIGITAL_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLmEV2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-7OAlZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-nzvc02JHG%2BoudQ%3D%3D&sc=1&os=1-Bw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=13194&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=13194&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.mlive.com%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1705700148815&de=461336940950&rx=37715904049&cu=1705700148815&m=6533&ar=805b0ce1b97-clean&iw=e29cab5&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A697%3A697%3A3073%3A863&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5138&cd=0&ah=5138&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=mlive.com%3AMichigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather%3A__page__%3A-&gw=advanceddigitalheader640552616592&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=1150142445&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mlive.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Fri, 19 Jan 2024 21:35:55 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 19 Jan 2024 21:35:55 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG8B674XK4&gtm=45je41h0v875661087z878133989&_p=1705700147628&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYWJhMj&cid=259527336.1705700149&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dp=%2F&dl=https%3A%2F%2Fwww.mlive.com%2F&sid=1705700149&sct=1&seg=0&dt=Michigan%20Local%20News%2C%20Breaking%20News%2C%20Sports%20%26amp%3B%20Weather&_s=2&tfd=8376
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-GG8B674XK4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mlive.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 21:35:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mlive.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

548 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| sophi number| a object| sophiSegments function| admiral object| googletag object| BOOMR_mq string| BOOMR_API_key object| BOOMR string| environment object| adiData object| dataLayer object| Fusion object| react object| React function| setImmediate function| clearImmediate object| ReactDOM object| PropTypes object| StyledComponents object| OneTrustStub object| $OPHI_GN function| sophiTag object| Snowplow function| 4dm1r11545242527 object| adiTrackPromise object| adiTrack object| regeneratorRuntime function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| otCcpaOptOut function| dnsfeed object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| CDP object| apstag object| pbjs boolean| bcDFPCallbackCalled function| bcDFPCallback object| lotame_963 object| AdManager function| setAdiDataAffiliateMarket object| idl object| teads_analytics string| bcHostname object| pArray function| adiGetLotameValue number| times function| waitFor object| lotameSegments object| atsScript boolean| isOriginalIDL undefined| revgenDebug string| bcAffiliateProp string| logStyle function| handleProfileProperties function| debouncedHandleProfileProperties function| loadValuesFromBlueConic function| debounce function| storeIDLInfo function| setOriginalIDL function| retry function| retryGetProfileProps function| emitIDLInfo function| retryEmitIDLInfo function| setLiveRampsIDL function| waitForBcPageView function| waitForATS function| waitForAuth0 function| waitForWall function| waitForBC function| pathValue object| IDLExists object| isIDLReportingPending object| isProfileUpdatePending object| atsPromise object| profilePromise object| loginAuth0Promise object| emailWallPromise object| pianoScript function| adhesionInit object| Advance object| tp object| SWG function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression string| GoogleAnalyticsObject function| ga object| PARSELY object| ntv undefined| debug function| removeHash function| debugLog function| backfillNativo object| clientScript object| _comscore function| fbq function| _fbq string| meterContentType function| twq object| _linkedin_data_partner_ids boolean| _already_called_lintrk object| otStubData object| __otccpaooLocation function| lotameIsCompatible function| lt963_ba function| lt963_b undefined| lt963_c undefined| lt963_ca undefined| lt963_da function| lt963_ea object| lt963_e function| lt963_fa function| lt963_g function| lt963_ha object| lt963_ object| lt963_na object| lt963_oa object| lt963_Oa object| lt963_Ya object| lt963_Za object| lt963_7 function| lt963_aa function| lt963_a function| lt963_d function| lt963_f function| lt963_h function| lt963_ga function| lt963_ia function| lt963_i function| lt963_ja function| lt963_j function| lt963_k function| lt963_l function| lt963_m function| lt963_n function| lt963_la function| lt963_ka function| lt963_o function| lt963_p function| lt963_ma function| lt963_q function| lt963_r function| lt963_s function| lt963_t function| lt963_u function| lt963_sa function| lt963_pa function| lt963_qa function| lt963_w function| lt963_ra function| lt963_x function| lt963_y function| lt963_z function| lt963_A function| lt963_v function| lt963_B function| lt963_C function| lt963_ta function| lt963_D function| lt963_E function| lt963_ua function| lt963_F function| lt963_G function| lt963_va function| lt963_H function| lt963_I function| lt963_J function| lt963_wa function| lt963_L function| lt963_M function| lt963_K function| lt963_xa function| lt963_ya function| lt963_N function| lt963_za function| lt963_Aa function| lt963_Ba function| lt963_Ca function| lt963_Da function| lt963_Ea function| lt963_Fa function| lt963_Ja function| lt963_Ga function| lt963_Ha function| lt963_Ia function| lt963_Ka function| lt963_Ma function| lt963_La function| lt963_Na function| lt963_O function| lt963_Pa function| lt963_Qa function| lt963_Ra function| lt963_Sa function| lt963_Ta function| lt963_Ua function| lt963_Va function| lt963_Wa function| lt963_Xa function| lt963_P function| lt963__a function| lt963_0a function| lt963_1a function| lt963_Q function| lt963_R function| lt963_2a function| lt963_S function| lt963_T function| lt963_3a function| lt963_4a function| lt963_5a function| lt963_U function| lt963_V function| lt963_W function| lt963_X function| lt963_Y function| lt963_6a function| lt963_9a function| lt963_8a function| lt963_7a function| lt963_Z function| lt963__ function| lt963_0 function| lt963_1 function| lt963_4 function| lt963_ab function| lt963_cb function| lt963_bb function| lt963_eb function| lt963_db function| lt963_2 function| lt963_gb function| lt963_ib function| lt963_hb function| lt963_3 function| lt963_$a function| lt963_fb function| lt963_jb function| lt963_kb function| lt963_lb function| lt963_mb function| lt963_5 function| lt963_6 function| lt963_nb function| lt963_ob function| lt963_pb function| lt963_qb function| lt963_rb function| lt963_sb function| lt963_tb function| lt963_ub function| lt963_vb function| lt963_wb function| lt963_8 function| lt963_zb function| lt963_Ab function| lt963_yb function| lt963_xb function| lt963_Cb function| lt963_Bb function| lt963_Eb function| lt963_Db function| lt963_Fb function| lt963_Gb function| lt963_Hb function| lt963_Ib function| lt963_Jb function| lt963_Kb function| lt963_Mb function| lt963_Pb function| lt963_Ob function| lt963_Lb function| lt963_Sb function| lt963_Nb function| lt963_Qb function| lt963_Ub function| lt963_Tb function| lt963_Vb function| lt963_Rb function| lt963_Wb function| lt963_Xb function| lt963_Yb function| lt963_9 function| lt963_Zb function| lt963__b function| lt963_0b function| lt963_1b function| lt963_2b function| lt963_$ function| lt963_3b function| lt963_4b function| lt963_5b function| lt963_6b function| lt963_7b function| lt963_8b function| lt963_9b function| lt963_$b function| lt963_bc function| lt963_cc function| lt963_dc function| lt963_ac object| _aps boolean| apstagLOADED object| apscustom object| atsenvelopemodule object| fbcapimodule object| ats object| blueConicPreListeners function| BCClass object| blueConicClient object| ggeac object| google_js_reporting_queue object| SUBSCRIPTIONS undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| lotame_sync_16576 object| pbjsChunk object| _pbjsGlobals object| mnet object| liQ_instances object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadedadvanceddigitalheader640552616592 function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| COMSCORE object| ns_p object| twttr function| lintrk object| ORIBILI object| default_gsi object| _F_toggles object| google object| closure_lm_745614 object| __G_ID_CLIENT__ function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion function| ___tp object| _mather number| _zid object| _matherq object| tid undefined| google_measure_js_timing number| google_unique_id function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta undefined| nQuery number| ntvLoadStart object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| ID5 object| PublisherCommonId object| __id5_instances object| currentSegments object| segmentWhiteList object| filteredSegments object| filteredAudGov object| filteredAudIndividual object| filteredAudVoter object| filteredAudMVD object| filteredAudMayoral object| filteredAudMidterm2022 object| Optanon object| OneTrust function| gtag string| OnetrustActiveGroups string| OptanonActiveGroups object| bc_json1047 string| url string| ptitle object| gaData number| BOOMR_configt number| BOOMR_onload object| GoogleGcLKhOms function| $ function| RuleService object| _bcp function| BlueConicEngagement object| justDetectAdblock object| bcConnectionUtil function| md5 function| BlueConicDataLayerUtility string| _contentURL string| _title object| bcSegmentsArray number| bcchunkSize number| num string| chunkString object| bcGASegment string| bcGASegmentName undefined| dcrSegmentsMI object| bc_json1048 object| PianoESPConfig object| google_image_requests

102 Cookies

Domain/Path Name / Value
h312.mlive.com/DG/DEFAULT Name: BCSessionID
Value: 60100f93-6b55-4dd1-9539-3884fb04f673
advancelocal.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 60100f93-6b55-4dd1-9539-3884fb04f673
.liadm.com/j Name: lidid
Value: 75cd4417-bbc1-40d2-969e-4f4a06bd032f
i.liadm.com/s Name: _li_ss
Value: CggKBgjdARCBFw
www.mlive.com/ Name: arc-geo
Value: {"country":"DE","continent":"EU","regioncode":"BY","city":"NURNBERG","areacode":"","zipcode":"","timezone":"GMT+1","network":"","networktype":"","bandwidth":"1"}
.mlive.com/ Name: sophiTagses.073a
Value: *
.mlive.com/ Name: sophiTagid.073a
Value: 203ad968-db88-4c9e-a6c5-d816bf08373b.1705700148.1.1705700148.1705700148.33773ef5-add2-4138-982c-cf912f235030
.mlive.com/ Name: _sp_duid
Value: 203ad968-db88-4c9e-a6c5-d816bf08373b
.mlive.com/ Name: _gcl_au
Value: 1.1.1305246525.1705700148
.mlive.com/ Name: utag_vnum
Value: 1708292148591&vn=1
.mlive.com/ Name: utag_invisit
Value: true
.mlive.com/ Name: utag_dslv_s
Value: Less than 1 day
.mlive.com/ Name: lotame_domain_check
Value: mlive.com
www.mlive.com/ Name: last_visit_bc
Value: 1705700148761
.mlive.com/ Name: pbjs_sharedId
Value: 4010af52-53cc-4e59-ad52-f19525e7561d
.mlive.com/ Name: pbjs_sharedId_cst
Value: zix7LPQsHA%3D%3D
.mlive.com/ Name: _li_dcdm_c
Value: .mlive.com
.mlive.com/ Name: _lc2_fpi
Value: 94c49eadf2ac--01hmhtdhmq6dn94kj76bpprnet
.mlive.com/ Name: _lc2_fpi_meta
Value: %7B%22w%22%3A1705700148887%7D
www.mlive.com/ Name: _lr_retry_request
Value: true
www.mlive.com/ Name: _lr_env_src_ats
Value: false
www.mlive.com/ Name: _lr_geo_location_state
Value:
www.mlive.com/ Name: _lr_geo_location
Value: DE
.mlive.com/ Name: _ml_ses
Value: *
www.mlive.com/ Name: authsource_origin
Value: false
.liadm.com/ Name: lidid
Value: 75cd4417-bbc1-40d2-969e-4f4a06bd032f
.t.co/ Name: muc_ads
Value: ff05f44d-66b9-4fec-81af-859e55f53faa
.twitter.com/ Name: guest_id_marketing
Value: v1%3A170570014921442873
.twitter.com/ Name: guest_id_ads
Value: v1%3A170570014921442873
.twitter.com/ Name: personalization_id
Value: "v1_Q+OtXc790Jm2mkLSfZD8CQ=="
.twitter.com/ Name: guest_id
Value: v1%3A170570014921442873
.linkedin.com/ Name: li_sugr
Value: 3d0d2378-5436-414b-848e-2b6e84b037ea
.linkedin.com/ Name: bcookie
Value: "v=2&8d5223bc-bed4-41c5-851a-313994320fbd"
.linkedin.com/ Name: lidc
Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2698:u=1:x=1:i=1705700149:t=1705786549:v=2:sig=AQG1piY6pCcINRYfyLvqVH8iOcSLEMOg"
.mlive.com/ Name: __li_idex_cache2_InByZWJpZC8zNzIzP2R1aWQ9OTRjNDllYWRmMmFjLS0wMWhtaHRkaG1xNmRuOTRrajc2YnBwcm5ldCZyZXNvbHZlPW5vbklkJnJlc29sdmU9dWlkMiZyZXNvbHZlPWluZGV4JnJlc29sdmU9bWFnbml0ZSZyZXNvbHZlPW1lZGlhbmV0JnJlc29sdmU9Ymlkc3dpdGNoIg
Value: %7B%7D
.mlive.com/ Name: __li_idex_cache2_InByZWJpZC8zNzIzP2R1aWQ9OTRjNDllYWRmMmFjLS0wMWhtaHRkaG1xNmRuOTRrajc2YnBwcm5ldCZyZXNvbHZlPW5vbklkJnJlc29sdmU9dWlkMiZyZXNvbHZlPWluZGV4JnJlc29sdmU9bWFnbml0ZSZyZXNvbHZlPW1lZGlhbmV0JnJlc29sdmU9Ymlkc3dpdGNoIg_meta
Value: %7B%22w%22%3A1705700149477%2C%22e%22%3A1705703749000%7D
www.mlive.com/ Name: pbjs_li_nonid
Value: %7B%7D
www.mlive.com/ Name: pbjs_li_nonid_cst
Value: zix7LPQsHA%3D%3D
.mlive.com/ Name: __gads
Value: ID=4344c355bf922839:T=1705700149:RT=1705700149:S=ALNI_MbdYTEUC6QSsMJ_urNU7-bPZ-81yA
.mlive.com/ Name: __gpi
Value: UID=00000d4436268273:T=1705700149:RT=1705700149:S=ALNI_Mathn6x99GsgGjbeNgjyyuY_FibYg
www.mlive.com/ Name: usprivacy
Value: 1---
.mlive.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.mlive.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1705700149544%2C%22slts%22:0}
.mlive.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=a352f0313006b1aacf296123cc8f344e%22%2C%22session_count%22:1%2C%22last_session_ts%22:1705700149544}
.mlive.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.mlive.com/ Name: _ga
Value: GA1.2.259527336.1705700149
.mlive.com/ Name: _gid
Value: GA1.2.1134932906.1705700150
.mlive.com/ Name: _gat_UA-16643585-16
Value: 1
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDU3MDAxNDk7MjswMjF4uKlqttYIy8MsMMAGENKVr+XBBGt7UHu3rp5X5YlO/g==
.mlive.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Fri+Jan+19+2024+22%3A35%3A49+GMT%2B0100+(Central+European+Standard+Time)&version=202311.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=45d83cfc-7308-4ec6-8002-5ebc38daef16&interactionCount=0&landingPath=https%3A%2F%2Fwww.mlive.com%2F&groups=1912%3A0%2CC0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0
.mlive.com/ Name: _fbp
Value: fb.1.1705700149651.445716903
.postrelease.com/ Name: opt_out
Value: 1
www.mlive.com/ Name: ntvSession
Value: {"id":5014366,"placementID":773533,"lastInteraction":1705700149734,"sessionStart":1705700149734,"sessionEndDate":1705705200000,"experiment":""}
.mlive.com/ Name: _awl
Value: 2.1705700149.5-aa47e437d379c8780eb4497a06c7bfca-6763652d6575726f70652d7765737431-0
.doubleclick.net/ Name: IDE
Value: AHWqTUnOM3VsKRYb7LPNQnlbgc72dOLPm11LnbvUO_I5v1pBZLjCO62OE1MY7tmCz9I
.rubiconproject.com/ Name: khaos
Value: LRL5TUNX-1G-HNSX
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpOSZJW9F1jIANb0fGVcfL/XWaA1sYWTLHiXIXbtn90w/acydCCNsvjdMjVyH5gNUvWNsmdfkbiHcxuhZpbWKLtxl5Kj60wWhy+xUA9sgf/4eNEKcfJxgEB
.www.mlive.com/ Name: RT
Value: "z=1&dm=www.mlive.com&si=a61fac14-9e50-4f09-9508-53a9950a2ebf&ss=lrl5tsol&sl=1&tt=2dc&rl=1&ld=2df"
www.mlive.com/ Name: BCSessionID
Value: 60100f93-6b55-4dd1-9539-3884fb04f673
advancelocal.blueconic.net/ Name: AWSALBCORS
Value: thEJHPjGMVsJBovntS/rT+7/TMi8aEAqi/7ialaTFS4GdKgUUDgHtPuFZki5A2ZlHc0Tqo/v2XJwVwHhfyXIqmm2Eqj9TxBrMIXzRPJjhhlsuBrejjwSnsrFwb+t
.casalemedia.com/ Name: CMPS
Value: 5161
.mlive.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lrl5tu9w2exa9xj0%22%7D
.mlive.com/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
.casalemedia.com/ Name: CMID
Value: ZarrNo1xK6sSCVO0lcCv5QAA
.casalemedia.com/ Name: CMPRO
Value: 1161
h312.mlive.com/ Name: AWSALB
Value: ILVRg+9jqcbXhBDoGgVXGzZmZ4MlRPGkJDnCePYreqxgLlQlp/TnnsYwieW45qZiCPKzkqRH9UHy87/gS6hM7cUjmxNhLzQnmNT5xzHGB6PeqOWtU+VV7872Jjoq
h312.mlive.com/ Name: AWSALBCORS
Value: ILVRg+9jqcbXhBDoGgVXGzZmZ4MlRPGkJDnCePYreqxgLlQlp/TnnsYwieW45qZiCPKzkqRH9UHy87/gS6hM7cUjmxNhLzQnmNT5xzHGB6PeqOWtU+VV7872Jjoq
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Ilkh4T>)!]tbPl1M>e)ZlrFUfJ+tGXxpOU`?=)S*]eMZnjKhAdfY1ZVObxNacyu]7S]O3If)y3KL9D3I?+[2Ne'$
.adnxs.com/ Name: uuid2
Value: 8946718288451835428
.doubleclick.net/ Name: APC
Value: AfxxVi6w2bBZqKsUw37HFXaE3YgIy-_tgVSnPCoR5suCj68ZsqOsGA
.piano.io/ Name: __cf_bm
Value: lOdHhsZ60qfm3yUU98XXkauwzyel2PZqwgIF2amhndU-1705700151-1-AVRcZfijXoxqw4GaoufPnjcz0y2AZ0Gub2PnKmGy4OHcKJqRy+Jhg8LWp14wJoTFk9TSmVdP6IrG1aPqU62vqx0=
.mlive.com/ Name: __tbc
Value: %7Bkpex%7DD4n5phRN36Rvvx0M9G9iuWGxYZBR0CGZ7ycNPEpTc8OeHqX2PJilglda91ubTy3t
.mlive.com/ Name: __pat
Value: -18000000
.mlive.com/ Name: __pvi
Value: eyJpZCI6InYtMjAyNC0wMS0xOS0yMi0zNS00OS0xMzgtbkFudFRZTzk2NHk1MlhHOS1hMTM0YzQ5ZDg3M2FhNTBmZWNkZjk3YTUzMmYyOWNjNCIsImRvbWFpbiI6Ii5tbGl2ZS5jb20iLCJ0aW1lIjoxNzA1NzAwMTUxMzMxfQ%3D%3D
.mlive.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXQF8g
.mlive.com/ Name: xbc
Value: %7Bkpex%7DTYsd6JOtHFoU83GDtVFsQ8ezgJzTv0Ur5egnXmgKlOsetURRaBiSQq4SlYUuGBTqk8n0Biwd6_ncCcSnjsDQ5jPtrdampd2ZRp8bs0DCo2gUKyTgXbBWi_TNyZMpX2wUcS7B69sxX2E8qpWWJhJdu7PaT--_ItCc0ZTBEYHzk6Vie4_RXXzbGlu4B68bmtyikEozS9KdGbf0Z3qIX2G9LBozuvMKWKEVDB6J0FGVOvW8AshhMJg_8DXTIshMVyG-jFi7i2Y1A5Um4GC2qlFY5IQOaAdApoGiSEMr4SLIN1dMdflcwfhrN0ymFC3JDNRJJ6edKbSB5dNgbDG7jMW5fb1sLWhUIpBeZbngaKVBUWZxZ7e1Br5BMxV1ow4Di57FuYE3sWM0PyzVp5DT85NUhap4Fc2bwW9tLyllJ3HXIDvnv9qHtrcP7CGUQSqmspg-Tkj370KOC2GzjRvF32inDjMSFHzrzItv7dO3CjSDrr3ubPU2zrQM76dwklYlbwvOhxQBN4YwUn6fQaBPa5zYwBHAOCJBK-qz8jUq0DJnz5xNzhVqI4KEdMnmPa5NuqkfGUM1kFOX-OMA0BisA-pT7D7S65_Yn6zsQgl4Np7EfV4lrjZ_Z2pERNU4nI2clBpldjW6mi4AGi5UU-2OGZQ7mQTGGut1prmvlN_Q2rqXTcbc2AyQAUfUlLRNGgwKdEZGO4lOwhCePqABSgNTz_mAZBzi1LtiqsBvu1d3GBbSHb0Rdzm8FCoY7X3EupRIYX0Tlrt8W2Ny4evuEwDP4Zmd8DnPmQ--um3MasafIYNWSPAt86529V8-eNuj8GCaG0Hf04UcqtJFfde286OsrwfA0kNvbySCWjBcTWPkw46u2FL6G8Z8XjKaIoH3VlqyAHSMDuxCqOjAarPApGkEXAqEmB8UCKukouMl1TPyJx4UPZkcAEireVN-_mEV3xb3oMWfYna5i1uKtX6-WYWU2OUFOye_Z1a_dnvOdzds6XPjRtPkyzjjI1_zO-FEYVejl50iNJD6xIQF3s8dlNdS5XW9YT6dnqokX46t5uqUjkCR2qwD_zftK9c5PnfTxaQ5W9pd4jftV2MDxIQvnV3XBy6Cne4k8qDRKmiytzPao2vWvcziOuUtGNgBrnq7tsiAKV3lUYd7520Z8wGWz-nxb4aygNijyDdxtqwLwCNqx2rBe6MabtPrYS-Q_-SssxXJ3-ABUx7NLoIrtJkqfb9jIKvk9vM7il2-7CVNhREsjGocKYvB_5TStBef5AhlchcOLE7r97ZY9zyAufTNGWFLZCo0fjfJnzujTBlGYUmJ7XeZZEz1N00eJYLoM7K2LeXkCX0xWUD5BA9Jqd8IPBeY06msivD2onhRQG60Pm3XX5FpvRKBW0Asi7bMjrWElCY9IMNBpMTyyljUWH-gDZi_I9fpWA
.www.mlive.com/ Name: _pc_sup_support_acq-sup2
Value: 10
.w55c.net/ Name: wfivefivec
Value: tbfxMiNM1RqWwL5
.w55c.net/ Name: matchgoogle
Value: 5
.tinypass.com/ Name: LANG
Value: en_US
.simpli.fi/ Name: suid
Value: C32CC49A9E914818B67A826048446904
.csync.loopme.me/ Name: viewer_token
Value: f3bccc05-6f84-47eb-9952-585c9da6ef4f
.yahoo.com/ Name: A3
Value: d=AQABBDfrqmUCEIABIDqhEs5VzypWwK-5Oy8FEgEBAQE8rGW0ZQAAAAAA_eMAAA&S=AQAAAsm9jqZAXftheIYem1HYYYY
.adform.net/ Name: C
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZarrNwAPu7M8RABU
.adform.net/ Name: uid
Value: 5562191725551354917
.turn.com/ Name: uid
Value: 2747099155806626205
.tribalfusion.com/ Name: ANON_ID
Value: aKntuJxNeTgBeZdwQyxT77DwMMIZaTbgwNZdVCZcQiXTruWsFoWLW35BsMLEv3rNL2ZasLqKNNqVVZdZdPsX8WV3OcstDDN
.tinypass.com/ Name: LANG_CHANGED
Value: en_US
.lijit.com/ Name: ljt_reader
Value: IBPvsGZHcLoOibSVQ6yb4Fjg
.mlive.com/ Name: utag_vs
Value: 6
.mlive.com/ Name: utag_dslv
Value: 1705700152455
.mlive.com/ Name: _ga_GG8B674XK4
Value: GS1.1.1705700149.1.0.1705700152.0.0.0
www.mlive.com/ Name: offer_config
Value: %257B%2522type%2522%253A%2522bottomfixed%2522%252C%2522version%2522%253A%2522cta%2522%252C%2522placement%2522%253A%2522bottom-fixed%2522%252C%2522newsletterId%2522%253A%2522%2522%252C%2522closable%2522%253A%2522true%2522%252C%2522scrollLock%2522%253A%2522true%2522%257D
.mlive.com/ Name: _ml_id
Value: 50d28e3c-3c15-429c-89c7-a96038e677a0.1705700149.1.1705700152.1705700149
www.mlive.com/ Name: _lr_sampling_rate
Value: 100
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adnxs.com/ Name: XANDR_PANID
Value: K0Domd2SRnEsTtASVl2jeaASuKvGiElF636gQCXDEr2NizJeEvNhI4jB5heS0pXJkaueYoxEQFNXL5FEBndDByW07CKewFPyCiFe4Yq5-Rs.
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1srQ0NzQ1tDAyMhXiM9QNjgyNzEitigjITUwCAODFBCQlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1srQ0NzQ1tDAyMhXiM9QNjgyNzEitigjITUwCAODFBCQlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtobmBqbmBgaGpqYm4CAPJEQR0QAAAA
.amazon-adsystem.com/ Name: ad-id
Value: A5kfEp-zTEqcv76Uf5sas7U
.amazon-adsystem.com/ Name: ad-privacy
Value: 0

2 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=115
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://connect.facebook.net/signals/config/120978121945017?v=2.9.141&r=stable&domain=www.mlive.com(Line 137)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2760fa2da08423100697c73ab6038051.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
aax.amazon-adsystem.com
accounts.google.com
ad.turn.com
ads.pubmatic.com
ads.rubiconproject.com
advancelocal.blueconic.net
ampcid.google.com
ampcid.google.de
analytics.twitter.com
ap.lijit.com
api-v3.tinypass.com
api.rlcdn.com
app.matheranalytics.com
apps.sophi.io
at.teads.tv
ats-wrapper.privacymanager.io
bcp.crwdcntrl.net
buy.tinypass.com
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
c2.piano.io
casale-match.dotomi.com
cdn.cookielaw.org
cdn.id5-sync.com
cdn.indexww.com
cdn.parsely.com
cdn.sophi.io
cdn.tinypass.com
cdnjs.cloudflare.com
check.analytics.rlcdn.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
csync.loopme.me
d1z2jf7jlzjs58.cloudfront.net
direct.adsrvr.org
dis.criteo.com
display.bidder.taboola.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
ead.mlive.com
ecollector-us-east.sophi.io
eus.rubiconproject.com
exchange.postrelease.com
experience.tinypass.com
fastlane.rubiconproject.com
fonts.advance.net
fw.adsafeprotected.com
geo.privacymanager.io
geolocation.onetrust.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
h312.mlive.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idx.liadm.com
image6.pubmatic.com
jadserve.postrelease.com
js-sec.indexww.com
js.matheranalytics.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.360yield.com
match.adsrvr.org
match.prod.bidr.io
micro.rubiconproject.com
news.google.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.media.net
privacy.crwdcntrl.net
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
r.turn.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.go-mpulse.net
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
snap.licdn.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.advance.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
t.co
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
um.simpli.fi
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.mlive.com
x.bidswitch.net
z.moatads.com
zephyrlabyrinth.com
104.18.36.155
104.244.42.131
104.244.42.5
104.70.86.197
107.178.250.234
13.107.42.14
13.32.119.77
13.32.121.31
13.32.99.21
13.32.99.59
142.250.185.194
142.250.186.66
143.204.98.19
143.204.98.66
146.75.120.157
151.101.194.133
151.101.2.133
151.101.2.49
151.101.65.44
162.19.138.117
162.19.138.83
172.64.149.180
172.64.151.101
178.250.1.9
18.158.46.130
18.245.86.89
184.30.20.22
184.30.21.51
184.30.22.30
185.64.189.112
185.64.190.78
193.0.160.131
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
216.52.2.86
23.35.236.201
23.35.237.151
23.35.237.56
23.36.232.182
23.56.202.187
2600:1901:0:636d::1
2600:1f13:800:7782:7554:8097:1e86:2b70
2600:1f18:730:b150:6603:655:735c:e3cb
2600:9000:211e:de00:1b:5138:8a40:93a1
2600:9000:223f:3600:8:48e:53c0:93a1
2602:803:c003:200::61
2606:4700:10::6816:3456
2606:4700:4400::ac40:9b77
2606:4700::6811:190e
2606:4700::6811:c276
2606:4700::6812:18ad
2606:4700::6812:82ec
2606:4700::6812:907e
2606:4700::6812:b07e
2620:1ec:21::14
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9b
2a00:1450:4013:c08::54
2a02:26f0:3100:795::11a6
2a02:26f0:3500:12::1730:17b7
2a02:26f0:3500:16::215:1490
2a02:26f0:7100:594::11a6
2a02:fa8:8806:13::1370
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:600::300
2a05:d018:d29:3602:d06d:9b76:9dd0:76fb
34.120.133.55
34.120.63.153
34.193.251.250
34.252.210.232
35.158.240.95
35.186.255.72
35.204.158.49
35.214.149.91
35.214.180.228
35.227.252.103
35.244.193.51
35.71.130.31
37.157.5.84
37.252.172.123
44.209.215.67
52.202.180.1
52.211.118.115
52.214.121.166
52.222.208.154
52.222.236.105
52.222.250.70
52.223.40.198
52.223.6.21
52.46.128.147
52.5.250.100
54.155.18.159
54.208.1.107
54.235.102.18
54.73.193.1
54.75.58.229
54.85.156.25
65.9.61.60
65.9.66.97
69.173.144.165
81.17.55.122
84.53.165.218
99.86.4.30
000875f535d3c8342137670778185a66af35c904fd6d5e5f19fb57438eea12db
009b647f56f4608e97285885d950830fe9976284b8ba22be0c4e6685a762eb00
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01d8dfbe899ce45481cde63e6a59c11532a8323f9715e37dc69320c31bd76d13
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0709e11f34bb1e47193a170bc8baf94732a32a867443b29be840c550cc03981d
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
08f10fbdbaf77a3c991197c623caf1ee175e4711b5b9188c30ee3aa42b67a5d7
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9
0b034efa03c6fb4de3e3952eaf0958b18847e6c1e2e8fd647759c97105004f19
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1194491324f0e5b99036c8ae0ad83d12f0f21d841cc31eae81caf10c05d76b
0c2afe310f81e0cc65e85d2ef9550b4cdae58b8ee6317eb39b163f0c289ae2ff
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0ee3351cb91eab4f8b449f55a653152dfdf47a8b6a00b0af7a5bd0ce460d8b9b
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
15fa995712e39a5f45ccac6d7c1ebb7a5f8644e88ce7bcc657c36b64890390b1
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
19dc5f765d51f715497f0eadd0dede8eaa5ee17447a22db60538f60ca7c0a01d
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1c8707dba26f742f04d8a5da9ded33781ce61eb77721dd365b13ebe8421bace6
1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311
1ed9c399a7d7e4f99ca3f54a1f22371f570e7e45ef5804e9328671ca61ecbc80
1fcac5753e7ebb0db188d18f7a296cf711046d696ed3460b33ee5f0b8e9bc86c
206bc8642d99c7410b6e25e672cca8d13d8c70ac2821ee6fefe896eb35a7c3b7
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
22e73aa72fd7f4df68fab3940ac0961a7535ae8c50bf753125e658b388280113
236f4230c6e43270a4dbb4f51e16ac7f11145c4aff5b644d20e7d637c325b749
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
276ca8da7dd05a55c760ead2eec9d5c74629897d0b5b3e5190d4fc9bd38ea7fc
28445ab5a58bac3609ddba4d1200c1797a766b538fd6b0bdb0926fbe386f327c
28e4c8bed7db8dc1ea3309d40f4372b4c0c520ea91af6761a07aa2e78c8a5a3a
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
2a70c011ae2744e9d6486d31e25e621e6d7c5334224c69f04409012afba00c2b
2b67702d4e78a4b6d5981a50298b0989dea48fc7d95b5e593dfafbe96cdbb309
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2d89346a207a8fa660ac40fbebb4296574f469b31b4e1189288c84a8c662d1bd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
367c5dee2bb14e9b8ef56fdb85568b5bb676ee5bb60606d9016e08c45e1365d9
36ea8d266ccb57796d82e6eb05f11c634302a0bc3623c5e7fa7261a1a69e0d90
372360f6d3fa2133dfbf08ba93b3b55985785cb74106d75839618b7d273dd3c6
3784ad69e09edd41065834a5317ab3d1444a2a291bc3de864f28f1703686bc5d
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a062595999ba82169e1500e44952b19d82aa2f89c4531f1361aafa119a938b0
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3b840d8070796f53501ddcb715cecf4df01336619cdf30101a8398d6e46727a3
3f5684bf5aa4a6eb5c9015394c8739dff39377a73adf72c30ba511d0ab5b50f3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41b452299254437b9dbbda379b1dd0b3d143d898efa4f9c498fb77450be7e625
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44026785039df91c14b8c331292992e1fd71a23acdd5cb09c40d12d1c8e8aaac
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443d516c99b0a849070b0b85b9892a81f8fc66ea9ae688d00c71321be63fd2a0
44d1b9a191c08a9aad1680e6e927e197ee36821a4b37c90d839448ba918929be
45a10885433bd6967aa8f1cf13702cefc600adaae5801c65171279b3952622fa
464b98e4ec83bb60ad92bd76656277037d3548e44a7d1dcddec0c0a41ada20e6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4918f51b2e5fe8e382052c64d1f082d4e7e52e4aa04b06805b41253a41fb7531
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4af5f3a02356a5f17f2b43763cc0201d9eec1a2501e4588db0a9e2ef1b59d931
4b5280819c49bf550dc1a1f18a73ec88d61aad71158750bcfe7ecec95a1523bd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b70f0061a33cf144e6e879ca9c956fc852a85bf80cb0f75e756c132bd05980e
4d94829da82cf70bf1f6b832a3274300080bec941cfd506033101f1270b739db
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb67b42d6abea96d75df507d23f0421da85d5658322720fded36c94cce45d7b
4fb1d13154b4b396d3ce77eb8294a859bef473d7d991624d266b0247c419a9ef
507a74eb21e9a16396d226f31f5e25345a8208db821d9fc5798284c38bec5e1b
53ceb8e5cb1d9917fcc210cefee77cfcd54b38450de0abf63cf7d6ec40312e09
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
573d17471db486e8c1db97968103afd30442952396917f633312ab4b0fc2bcf3
5867821da5ee59d6b03869058a73a02ee909d0f9f93d7583a349caa7c1bb6bdf
589436035c6111e3167719fef25b71eb75cf32f41d797b340d452b988e31b273
5cd788d35fb4536ae8289236f218bf8f7ce383731c6c479da441a002a16d3ae2
5ce8647c88445649306948bab16764727ad0866a64fc66202b97b88176272628
5f26dfc3f5d603822dd5eb17c772720fd8d984f3fa596f757973dabe24ebda6e
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6d55944664ea05fc63a29cba6ef737c7a961f22e616cd2b7e9dc6139aa5fd
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bfe280c501d01dc9b39511ab8b8f9346efdf243c3db60a935f108c8e36b56d9
6d01a1013f2e1428beeb351111924257112a89e6150eac8fd84c00b7a84e69b8
6d4b7c36ba0ebaf52b79d7691ba09f2eb070a7c8b6fb2417e379356949e5a361
6ebf4fd08a62c629898ba6592d3f313f271a076d54312c3ba79aa09a086e18d7
702c805fec65a8cc8c6c40aed34123b021e5ed6107cc6dfdebc4b0fc2e229887
717549cd7e2ed50b0ce3c27e6208949de14ac4ff4ff27af91e6ca853dca48faa
72ce4d234e2b58210160531c2fe21f4c5c1efe5586a8b8d72182ece4e50caa3b
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77ad1d5e1aeedf805d08202b5efe04cdb8ba55a5094c82978cca57c58d7115da
7d32db5e7f8166ca472c3703592e17b044a0bfd5b49150c5c888a20164105b08
7ff100c907d85bc5b7503e7a88c0a7f256ed2561ee431ffc10fcd7cce517c321
80371c2afc0c8363e2e7cf7562727bc1a2eae8d88fad3a3f1e45c577bd76be50
80aef8ca7c0f2e0384b4862dc03f1f4222d61f4179a7031a2180530722db8142
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85fbfa04d4c2343ca39e74cccdc51a1a51bd078a1e22011132835a7d94351837
885c0828db5bbb09199e49b549f0d00187f4d0816a40b75715beb9c853fabd1b
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8bb76af1be9c401ef3da16e31401b74f7cb0627154925d8c9fa308fba2e1413c
8bb76b6ed760de97f8a40e71c79ce9704e965bb287761bd81fb2fb021b8609c5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8feed7982c3fcc4545d03a29e8dd8d81fc7fcda53aaa86fb0529dfc89df56fbe
900058dffaf216c9a853e2d7e4109bfa2a58994237b2d4e5793734e4c2ecb4ac
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
918ccb31b604ae16c7341c3efaa1361f185196f26fb8a6784032c74001266f8c
9206759d2752015a79bd682c704fab78e5e6b752956e184a11394f435eb7cb5b
93bbeaced30cd5a8ce8e75290feecd41d329c0c41de6c99d0708f0357d713e3f
9568cb9faf8b7d569901e9cc4c5389c7aee847ae237fd3bf1c4121187d931863
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
989e7134f8b722c049f5553bf85347c9052fe40f7c35915f7d18a348ed4de84b
98bc0753b3f7392176a4af252bfae9bcd1f2804b73dee374119899d8f52ae3d2
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a811246367093979c01fc9ea67e8db8c1b1e5abbd10fd669d6de163702c942b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ce2617230bcfe611a75ef8492984c534b4f81eaadb93299be5d48fadb354292
9d1faee09125bb65bc03a50d968c27903128989788d0ca97cc9a72004fbdf458
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9e3c7bdc4bfffb58a973062aabf808691f7603416290254b76161cab69952053
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a39cd6a9413784646378ab9490f6a80ea1c2eaf4870c1022f44e4e64380c7cda
a5409ed14e9dff7a05818b8dbedd143cf9dbfb9dafc9cb643c7c8b7b75ed94d7
a55f386367cbcc30390435806075251b8ef4afb086409bc8e301558223398245
a72990ce8413aceedbfbf2f1d7ca2231c726b29a4ab1ddbca32b45ad685b4e26
a946100ed12bd9fe3cfc7be235fe5a1722efd74b81de7b2b5888d4b76ed13dec
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
abb22177c1f36f82f451ba3b46fd96e4bc0f5b5ad510b15b4d5ec37fc1e9b7f8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad7eb3cec2ef6898f6fa6221ba2abe2bf62cee76ff62d4081832a4cf2ccce092
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aedbab3d401de0c838fd7454b765d9aea9eafa12e66c82290b9caae8fb8281f9
b09261a8172c5583df6dc9ccdee21913ed41bc0a8e105a03cb0d93a3e16dc9e0
b0f2be85a7f43099aad9cf77f4c0ce5f85669a36deea238fd10322f5c3188af4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b6a09251dfdb96bb8a73aeabee416131dfe2a4410bccfaa2f4d089a6642051
b396ae4c9dc4cec9c79931da5c8993ffb15d5d6ed98a14fc00bb4d159c7dd739
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
b5af004daafe813511ba3a5127eef79b185233fb1e297c3f53213c643a09c073
b6fed74b924cdb4b659d96fdba0bff7542bcf6cab9ab5ceb20756a11772a4bc6
b78bc5c07f038b149515d8a5cadf1533dd1cc438ee4a587fd2770c526304279a
b8118b879770d1974b54886ae9a822090ada9fe8d12d7fc67f7a8764ae269c81
b9afeb90db17ffa772a8bbc38f8ae37524ac4c0660dfc228f528cfe36a38d53d
bba5cf4bf97f335423ef8083a04d8810370b013c18a623e2aec413075ef82ddc
bc9e655a5f38f242850d48b077d08edc7085ff3e94440c1296d8d2db0043aacf
bdbeeef12f878163780f30d02b7d2743e9d70a432c4f063994c950bf74ff19fe
bf953a14fd997f3fa2c67f2895bac7f2dd57ea39188d6bd6ba54e2839550d300
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c51f270ac2b83a9abc02401a42c08f472e84b49a392dd18e29ac76cceb022593
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
ca05fcf13410d92a3c9ed10beed9be26221caa4887d93dea6b2dec33030bbb9e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca4c3ad9639830e6f8f8e29775549fc24fcab33b4eeec7ae77da27c5c9e6bc80
cab5dfcbef72f9520887ece2e13aecab9d0d134e87e5b242d5a8568c0e6866c1
caebfaf8db2c43b22f3c3a617aeba31d4d79fafd65e23b2331f4d99b9cac5d81
cd4831ce5e4604e3554bea94ceb387ef7d7bad029a81853464e741211a5e5f23
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
cf1983cc4f67382a213de3a21f7b0b7e765caab56b81ba58b70d18d069b67f35
cf3e430154bc1d8c1985f5d09f0d4d4598f27c9aa02c12755a16b193e3a41582
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0f7ce6332bb03bbcd16077e6af3c2d405c49e988d54c19849a8d126c3abf48d
d1d0d52c15fd5c4966cfef2fee1e3cd94369dea0c8982dab92a353c7a7118053
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d9971315b13517985dc3a7d67ebbc06ac6f5ff9bb8b8cfb25be29ded9b5062c2
d9a88d548488330c2fdc31dd655203aa0044b8d954b0e1665e09b58965e52bf7
da0024a1b4d03c578acc68ca41bfd096e011f3d2fa314b44f5c66c311304abf0
da61423d470b45048f857e630633899cfeb8818c58132d479fe0160f1f358aa6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddab815dc87048f28c297dc94d5e855ba7cae2af900d31c8da41e187a8df636d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e19f6076815240b2afedf8033b0a2ccf200d3851f11df779d05f3c533560504d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f4ed00e423237a4e09c3776a9f65599fdcaca98da414e20f292c076a6abce7
e426cf237514c32ac78c4bfff3f8fd85449197531958289734187e55700b5eef
e4ad3a7c4aa97b074c4d59a438bb5813ded8ad1d8bb8cf630abb4c6ee075d54e
e5205a0a79ee67d4dea6d6bf9e4672b7f30c67e6bd7ca6384f645197b4b9486d
e5696a4c04cb9236e69390a6a84619091cfe6ce887e5747c74f3214a69419484
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
e6b7fa504c979ce53dc80798978eff98214cbcb20b7db259990c0632b7abe248
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
e95291a130ec1ba08ed18cdc551e29439401a31daf0896307e72064d792da0c1
e9dca6b2e193b2ce787ee3057730cc93b60b029eb8b6956942c5c3caaf74b0db
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
eb3bf98cf3f5fb2a171fd8b82319b4a5706155049eb9be0747141baeb8ac4691
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee9d11c373870aee4391c291c71c32919add23f19e67b5da86421d8d067c60a8
eef57151e6646e4f59ca6a1d749631ee2f89bf4d1b736fb4620b784cedbe0de6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efffe0562bfcd5cb285e52b35a8f953a0b5318f364b4e9b67bfcddef83b45a82
f4ece8f2f5242967e98c6718f283e961576d68b4b7be96124eca22f554dcb275
faffc677dfc60c6527146ac91caaf6a0b82ef60169a1dc9b4c2e68060a433335
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804
fc1583be60e1827aedbb3924bddd37bf229ca6be36624463c807c7a32bfd08b9
fcef857804b8d1cf1fa3a19dc80b9b2d92f344332538b39585706b228534a3f4
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
fdd7dee6d9646659484627be1b021802c63b5aad59e54578fc78907d7656122f