liverrenew.com Open in urlscan Pro
159.223.173.220 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://track.liverrenew.com/3ae832ad-eaa4-40f4-ad2a-6b88a366b5be?adid=84344016&conversiontype=${CONVERSION_TYPE}&conversionp...
Effective URL:
https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESKTOP_Windows_Chrome_8...
Submission: On April 05 via manual (April 5th 2023, 6:32:42 pm UTC) from US — Scanned from DE

Summary HTTP 131 Redirects Behaviour Indicators

Summary

This website contacted 66 IPs in 10 countries across 53 domains to perform 131 HTTP transactions. The main IP is 159.223.173.220, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is liverrenew.com. The Cisco Umbrella rank of the primary domain is 341598.
TLS certificate: Issued by R3 on February 23rd 2023. Valid for: 3 months.

This is the only time liverrenew.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.193.209.105 18.193.209.105	16509 (AMAZON-02) (AMAZON-02)
4	159.223.173.220 159.223.173.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	34.202.20.171 34.202.20.171	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a04:4e42:8d::84 2a04:4e42:8d::84	54113 (FASTLY) (FASTLY)
3	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	108.138.34.168 108.138.34.168	16509 (AMAZON-02) (AMAZON-02)
1	34.107.199.247 34.107.199.247	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.16.20.19 104.16.20.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	23.36.163.228 23.36.163.228	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:223... 2600:9000:223c:a200:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	143.204.214.36 143.204.214.36	16509 (AMAZON-02) (AMAZON-02)
5	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
4 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	64.202.112.223 64.202.112.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:12::a	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2600:1f18:730... 2600:1f18:730:b110:5d71:6695:b3d2:3b15	14618 (AMAZON-AES) (AMAZON-AES)
1	34.230.229.216 34.230.229.216	14618 (AMAZON-AES) (AMAZON-AES)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:811::2016	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 2	35.157.76.89 35.157.76.89	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 2	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.127.20.54 3.127.20.54	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.155 185.86.138.155	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	37.157.5.141 37.157.5.141	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	52.18.161.223 52.18.161.223	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1 2	63.35.24.174 63.35.24.174	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.127.128.251 3.127.128.251	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4232:be02:f813:37d0:f59f	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	184.85.181.155 184.85.181.155	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.49.84.227 52.49.84.227	16509 (AMAZON-02) (AMAZON-02)
1	54.246.65.162 54.246.65.162	16509 (AMAZON-02) (AMAZON-02)
1	18.216.91.22 18.216.91.22	16509 (AMAZON-02) (AMAZON-02)
1	2620:100:a001... 2620:100:a001::16	() ()
131	66

1 18.193.209.105 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-209-105.eu-central-1.compute.amazonaws.com

track.liverrenew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.223.173.220 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: liverrenew.com

liverrenew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.202.20.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-20-171.compute-1.amazonaws.com

secure.liverrenew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube-nocookie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8d::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.34.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-34-168.muc50.r.cloudfront.net

d9i5ve8f04qxt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.199.247 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 247.199.107.34.bc.googleusercontent.com

www.ibph4trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.20.19 (None, )

ASN13335 (CLOUDFLARENET, US)

optassets.ontraport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.36.163.228 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-228.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:a200:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-36.fra53.r.cloudfront.net

d1pqvb2h9xgm7r.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:12::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr5---sn-4g5lzne6.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b110:5d71:6695:b3d2:3b15 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.230.229.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-229-216.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.76.89 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-76-89.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.132 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.116 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.20.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-20-54.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.141 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.161.223 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-161-223.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.24.174 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-24-174.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.128.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-128-251.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:be02:f813:37d0:f59f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.85.181.155 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a184-85-181-155.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.84.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-84-227.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.65.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-65-162.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.216.91.22 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-216-91-22.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::16 (None, )

ASN- ()

csm.va.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	youtube-nocookie.com www.youtube-nocookie.com — Cisco Umbrella Rank: 3741	893 KB
13	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3638 gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2381 sslwidget.criteo.com — Cisco Umbrella Rank: 1825 widget.us.criteo.com — Cisco Umbrella Rank: 18056 dis.criteo.com — Cisco Umbrella Rank: 718	62 KB
7	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 781	105 KB
7	liverrenew.com 1 redirects track.liverrenew.com liverrenew.com — Cisco Umbrella Rank: 341598 secure.liverrenew.com — Cisco Umbrella Rank: 654575	205 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4000 www.google.com — Cisco Umbrella Rank: 2	15 KB
6	gstatic.com fonts.gstatic.com	116 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 836	3 KB
5	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 100 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 228	4 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	333 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 jnn-pa.googleapis.com — Cisco Umbrella Rank: 237	32 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 230 secure.adnxs.com — Cisco Umbrella Rank: 429	4 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5216	733 B
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2602 tr.outbrain.com — Cisco Umbrella Rank: 2509 sync.outbrain.com — Cisco Umbrella Rank: 720	8 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	257 B
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 2894 rp.liadm.com — Cisco Umbrella Rank: 1648 rp4.liadm.com — Cisco Umbrella Rank: 6852	15 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	67 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 676	877 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 215	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1416	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 323	881 B
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1221 ups.analytics.yahoo.com — Cisco Umbrella Rank: 302	1 KB
2	googlevideo.com rr5---sn-4g5lzne6.googlevideo.com — Cisco Umbrella Rank: 62213
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 687	1 KB
2	t.co t.co — Cisco Umbrella Rank: 525	582 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 489	7 KB
2	cloudfront.net d9i5ve8f04qxt.cloudfront.net d1pqvb2h9xgm7r.cloudfront.net	20 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 670 csm.va.us.criteo.net	15 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 774	18 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	136 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 93	64 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1951	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 611	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2254	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4239	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 27532	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2368	406 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 733	582 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1310	882 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2776	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 437	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 935	236 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1297	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 387	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1982	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1246	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 604	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 533	363 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 616	802 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 107	87 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 219	2 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 701	15 KB
1	ontraport.com optassets.ontraport.com — Cisco Umbrella Rank: 98004	3 KB
1	ibph4trk.com www.ibph4trk.com — Cisco Umbrella Rank: 360674	19 KB
131	53

	Domain	Requested by
15	www.youtube-nocookie.com	liverrenew.com www.youtube-nocookie.com
7	analytics.tiktok.com	liverrenew.com analytics.tiktok.com
6	fonts.gstatic.com	fonts.googleapis.com www.youtube-nocookie.com
5	gum.criteo.com	4 redirects dynamic.criteo.com
5	ct.pinterest.com	s.pinimg.com liverrenew.com
5	www.googletagmanager.com	liverrenew.com www.googletagmanager.com
4	www.google.com	www.youtube-nocookie.com liverrenew.com
4	jnn-pa.googleapis.com	www.youtube-nocookie.com
4	www.google.de	liverrenew.com
4	liverrenew.com	liverrenew.com
3	www.facebook.com	liverrenew.com
3	dynamic.criteo.com	www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	rr5---sn-4g5lzne6.googlevideo.com	www.youtube-nocookie.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	tr.outbrain.com	amplify.outbrain.com liverrenew.com
2	analytics.twitter.com	liverrenew.com
2	t.co	liverrenew.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	s.yimg.com	liverrenew.com s.yimg.com
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	connect.facebook.net	liverrenew.com connect.facebook.net
2	www.youtube.com	liverrenew.com www.youtube.com
2	secure.liverrenew.com	liverrenew.com secure.liverrenew.com
1	csm.va.us.criteo.net
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	ups.analytics.yahoo.com
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	sp.analytics.yahoo.com	liverrenew.com
1	i.ytimg.com	www.youtube-nocookie.com
1	mug.criteo.com	liverrenew.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	d1pqvb2h9xgm7r.cloudfront.net	d9i5ve8f04qxt.cloudfront.net
1	yt3.ggpht.com	www.youtube-nocookie.com
1	b-code.liadm.com	www.googletagmanager.com
1	amplify.outbrain.com	liverrenew.com
1	static.ads-twitter.com	liverrenew.com
1	optassets.ontraport.com	www.googletagmanager.com
1	www.ibph4trk.com	www.googletagmanager.com
1	d9i5ve8f04qxt.cloudfront.net	www.googletagmanager.com
1	static.criteo.net	www.googletagmanager.com
1	fonts.googleapis.com	liverrenew.com
1	track.liverrenew.com	1 redirects
131	72

This site contains no links.

Subject Issuer	Validity	Valid
liverrenew.com R3	`2023-02-23` - `2023-05-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
secure.liverrenew.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-22` - `2023-07-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-13` - `2023-04-13`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
p8btrk.com Starfield Secure Certificate Authority - G2	`2023-02-24` - `2023-12-29`	10 months	crt.sh
*.ontraport.com Go Daddy Secure Certificate Authority - G2	`2022-10-31` - `2023-11-21`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-27` - `2023-04-19`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-03-28` - `2023-06-06`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-10` - `2023-06-11`	4 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
itm.ivitrack.com R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-02-11` - `2023-08-04`	6 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M02	`2023-02-10` - `2023-07-01`	5 months	crt.sh
*.va.us.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-19` - `2023-05-18`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&offid=nhmd_liver&offerurlid=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&trid=%7Btransaction_id%7D&affid=mediago&affsub=native
Frame ID: 0923315383F4F48C1ED02F5294D579D5
Requests: 75 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Frame ID: 0EA17AF1297B3552AB043A83DE320C80
Requests: 25 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=liverrenew.com&origin=onetag
Frame ID: FE42BA947A1DFF177CE7E236983B4652
Requests: 2 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: AC0989C7A9B1D8B69B7E57B916772E49
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-vuY0mGbj0AJQWmr0UVP69f6HNquwr43AQVMn9Q&expires=30
Frame ID: D008DD868BF5909636B52106A7D8E1C3
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Liver Renew

Page URL History Show full URLs

https://track.liverrenew.com/3ae832ad-eaa4-40f4-ad2a-6b88a366b5be?adid=84344016&conversiontype=${CONVERSI... HTTP 302
https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESK... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

131
Requests

91 %
HTTPS

36 %
IPv6

53
Domains

72
Subdomains

66
IPs

10
Countries

2253 kB
Transfer

6587 kB
Size

67
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://track.liverrenew.com/3ae832ad-eaa4-40f4-ad2a-6b88a366b5be?adid=84344016&conversiontype=${CONVERSION_TYPE}&conversionprice=${CONVERSION_PRICE}&publisher=www.msn.com&campaignid=1660045&accountname=${ACCOUNT_NAME}&trackingid=82ccae35b84d2eb2017533ced0ff31b6&a0v5la7bquf89=1afc36a8416c5f414259c0c7ccce8104&uy3ubftvh0u6o8=82ccae35b84d2eb2017533ced0ff31b6&cusduxj27i=1660045&xnfrr0ncac=23390&zsmoi87pih9=trace.mediago.io&lzzgnpz8d=f52bc446ae01c552424a0d345affe441 HTTP 302
https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&offid=nhmd_liver&offerurlid=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&trid=%7Btransaction_id%7D&affid=mediago&affsub=native Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77

https://rp.liadm.com/j?dtstmp=1680719556861&aid=a-08ta&se=e30&duid=c85daacc0676--01gx9b2c2mxa08emab9y4ry6m5&tna=v2.7.1&pu=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&wpn=lc-bundle&c=PHRpdGxlPkxpdmVyIFJlbmV3PC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj48aDEgY2xhc3M9InZpZGVvLWhlYWRsaW5lIj40IFdhcm5pbmcgU2lnbnMgT2YgRGFtYWdlZCBMaXZlciAoIzIgSXMgU2NhcnkpPC9oMT4 HTTP 302
https://rp4.liadm.com/j?dtstmp=1680719556861&aid=a-08ta&se=e30&duid=c85daacc0676--01gx9b2c2mxa08emab9y4ry6m5&tna=v2.7.1&pu=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&wpn=lc-bundle&c=PHRpdGxlPkxpdmVyIFJlbmV3PC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj48aDEgY2xhc3M9InZpZGVvLWhlYWRsaW5lIj40IFdhcm5pbmcgU2lnbnMgT2YgRGFtYWdlZCBMaXZlciAoIzIgSXMgU2NhcnkpPC9oMT4&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjEy&n3pc=true

Request Chain 79

https://gum.criteo.com/sid/json?origin=onetag&domain=liverrenew.com&sn=ChromeSyncframe&so=0&topUrl=liverrenew.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=anf14XxQeVdzZkZQUGZmeVlybWZIczBnNW54MXY5YWtKdFpNR0hGMjV3bWRsVkx6TERtdU92dUdJT0g3TXgyNnE5VWlVWWx6emVSL0dqdHpPdHBnSXhjSitsay9NS1d1RFU5UFJMWGdQRHlLRi9hcnZGWEtKbUxGZVFpY1dacm0xR3VZaFlJWVFtbU40cXpLMnBUbE9YMDV2Wk12OFZJQU16VzVRV2o2WVlSUm1CRXBuNS9pTmk5MWc5cXNFeU80YVN5WFIxQVRVVzdPNnczM1c5R0ZKZGZ6LzNqMys5dThpWTNxNWtHV2tJUFFiRXlDbUZJZGpidFNBUzJYcStjMkF1UldjUkloS2hTOUR5bkhXbW1zL1NFaTJ4Zz09fA&cppv=2

Request Chain 97

https://sslwidget.criteo.com/event?a=%5B101678%2C102655%5D&v=5.14.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=myNMNF9pUzZReUYlMkJCT2pRSE9NV2o0ZlRkUHlOSWZRQ0l4UnA3b2xPQUJBZDB2NUZDMEJyRzVBQml1MmlVeFZIaERxWTlHSEVoUnlHeGxYYjZGdjdLQ3dqJTJGNWxVTFpzU1E4Y3o2U0NiVm9WdHBabGh2VTloU0Y2V3RCeHh2a0xvYWw2JTJGWEhQNTF1WFM0c1pZaG0wY21vcEpCanclM0QlM0Q&tld=liverrenew.com&dy=1&fu=https%253A%252F%252Fliverrenew.com%252Fmgo%253Futm_source%253Dmediago%2526utm_medium%253Dnative%2526utm_campaign%253Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%2526offid%253Dnhmd_liver%2526offerurlid%253Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%2526trid%253D%25257Btransaction_id%25257D%2526affid%253Dmediago%2526affsub%253Dnative&dtycbr=85112 HTTP 302
https://widget.us.criteo.com/event?a=%5B101678%2C102655%5D&v=5.14.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=myNMNF9pUzZReUYlMkJCT2pRSE9NV2o0ZlRkUHlOSWZRQ0l4UnA3b2xPQUJBZDB2NUZDMEJyRzVBQml1MmlVeFZIaERxWTlHSEVoUnlHeGxYYjZGdjdLQ3dqJTJGNWxVTFpzU1E4Y3o2U0NiVm9WdHBabGh2VTloU0Y2V3RCeHh2a0xvYWw2JTJGWEhQNTF1WFM0c1pZaG0wY21vcEpCanclM0QlM0Q&tld=liverrenew.com&dy=1&fu=https%253A%252F%252Fliverrenew.com%252Fmgo%253Futm_source%253Dmediago%2526utm_medium%253Dnative%2526utm_campaign%253Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%2526offid%253Dnhmd_liver%2526offerurlid%253Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%2526trid%253D%25257Btransaction_id%25257D%2526affid%253Dmediago%2526affsub%253Dnative&dtycbr=85112

Request Chain 101

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-vuY0mGbj0AJQWmr0UVP69f6HNquwr43AQVMn9Q&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-vuY0mGbj0AJQWmr0UVP69f6HNquwr43AQVMn9Q&expires=30

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-0sDsimbj0AJQWmr0UVP69f6HNqupS_ptkUXDeA&google_cm&google_hm=ay0wc0RzaW1iajBBSlFXbXIwVVZQNjlmNkhOcXVwU19wdGtVWERlQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-0sDsimbj0AJQWmr0UVP69f6HNqupS_ptkUXDeA&google_gid=CAESEBieGIUAL1ub4wSm4MXwEcI&google_cver=1&google_ula=913071,0

Request Chain 103

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=521828475515835085

Request Chain 104

https://secure.adnxs.com/setuid?entity=52&code=k-K0ya92bj0AJQWmr0UVP69f6HNqvP8xK_KVGUbg HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-K0ya92bj0AJQWmr0UVP69f6HNqvP8xK_KVGUbg

Request Chain 114

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-92fKYmbj0AJQWmr0UVP69f6HNqua6Cv01qfeQw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-92fKYmbj0AJQWmr0UVP69f6HNqua6Cv01qfeQw&C=1

Request Chain 115

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=nKIvDIyGtm7dzV7jdYZlDB_8qYdT7k0b HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=nKIvDIyGtm7dzV7jdYZlDB_8qYdT7k0b

Request Chain 117

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-O9h9TWbj0AJQWmr0UVP69f6HNqvygK1AqeQyLw HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-O9h9TWbj0AJQWmr0UVP69f6HNqvygK1AqeQyLw

Request Chain 126

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=8tRbX4Mt92d_yp2ykrwKakvvX5ZvHvqw

Request Chain 127

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=6x_OV6tujv-v-dUYzbPt1_i4aVRXoMb5

131 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request mgo Show response
liverrenew.com/
Redirect Chain

https://track.liverrenew.com/3ae832ad-eaa4-40f4-ad2a-6b88a366b5be?adid=84344016&conversiontype=${CONVERSION_TYPE}&conversionprice=${CONVERSION_PRICE}&publisher=www.msn.com&campaignid=1660045&accoun...
https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&offid=nhmd_liver&offerurlid=liver_renew_4_vsl_DESKTOP_Wind...

47 KB
13 KB

528ms
209ms

Document
text/html

159.223.173.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&offid=nhmd_liver&offerurlid=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&trid=%7Btransaction_id%7D&affid=mediago&affsub=native
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.223.173.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: liverrenew.com
Software: nginx / Express
Resource Hash: 6271a02a25b4d4bd998ca93b2737d9131036396c245e6c4eda60bff3e5c269c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 05 Apr 2023 18:32:34 GMT
ETag: W/"bc5a-IPGBXSnBBoQY0rpIMmZ0Ls12Ov4"
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: Express

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Wed, 05 Apr 2023 18:32:33 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&offid=nhmd_liver&offerurlid=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&trid=%7Btransaction_id%7D&affid=mediago&affsub=native
pragma: no-cache
server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
1 KB 89ms
34ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap

Requested by

Host: liverrenew.com
URL: https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&offid=nhmd_liver&offerurlid=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&trid=%7Btransaction_id%7D&affid=mediago&affsub=native

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

22c5ae77609948f4c6fc9d43b69afd96edc5b096d3ef87d243efb6276a353eed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 18:32:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 18:32:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Apr 2023 18:32:34 GMT

GET
H/1.1 200
OK play-test-img-d.gif
liverrenew.com/img/video/ 143 KB
144 KB 109ms
108ms Image
image/gif 159.223.173.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liverrenew.com/img/video/play-test-img-d.gif
Requested by: Host: liverrenew.com
URL: https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&offid=nhmd_liver&offerurlid=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&trid=%7Btransaction_id%7D&affid=mediago&affsub=native
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.223.173.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: liverrenew.com
Software: nginx / Express
Resource Hash: cf9e988cb574bd8fdb905b353ec7331970e214334b8f0683c09dfb209296defc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&offid=nhmd_liver&offerurlid=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&trid=%7Btransaction_id%7D&affid=mediago&affsub=native
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 18:32:34 GMT
Last-Modified: Tue, 07 Feb 2023 09:02:19 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"23d6d-1862b1c97eb"
Content-Type: image/gif
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 146797

GET
H2 200 UCAffiliateNetworkPixel Show response
secure.liverrenew.com/cgi-bin/ 2 KB
1 KB 2033ms
123ms Script
text/javascript 34.202.20.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.liverrenew.com/cgi-bin/UCAffiliateNetworkPixel

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.20.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-20-171.compute-1.amazonaws.com

Software

Apache /

Resource Hash

db63d124467740f4ae55902869f01051cbe2417fcf978ee04f6b8c633bfbe984

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/javascript; charset=utf-8
content-length: 743

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 274 KB
89 KB 1744ms
39ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T58C6B7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c5dca0e645fc2b36aecf7684b32330a813a919681b99d1b273d71661934d840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91137
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Apr 2023 18:32:36 GMT

GET
H2 200 sTPz9VUgXAE Show response
www.youtube-nocookie.com/embed/ Frame 0EA1 71 KB
30 KB 1769ms
67ms Document
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e17af20bd06407511dfb8f7509fa0a3c8fbe781a69d7113404c754c589ecb762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://liverrenew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 18:32:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 1751ms
49ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d12edf79a333c20b2ffdc2abfa2168c88d6105e2073cce1bee3b962191ea38f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 05 Apr 2023 18:32:36 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 1720ms
22ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://liverrenew.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 115285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:11 GMT

GET
H2 200 kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 26 KB
27 KB 1878ms
181ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://liverrenew.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:47:49 GMT
x-content-type-options: nosniff
age: 114287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27120
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:42:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:47:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 1865ms
168ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://liverrenew.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 115292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:04 GMT

GET
H2 200 kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 27 KB
27 KB 1813ms
116ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://liverrenew.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 12:02:42 GMT
x-content-type-options: nosniff
age: 109794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27976
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 12:02:42 GMT

GET
H/1.1 200
OK dr-dorodny-d.png
liverrenew.com/img/featured-on/dorodny/ 41 KB
41 KB 1893ms
107ms Image
image/png 159.223.173.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liverrenew.com/img/featured-on/dorodny/dr-dorodny-d.png
Requested by: Host: liverrenew.com
URL: https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&offid=nhmd_liver&offerurlid=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&trid=%7Btransaction_id%7D&affid=mediago&affsub=native
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.223.173.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: liverrenew.com
Software: nginx / Express
Resource Hash: a6978512927b6304900b11bfa2ff226ad7b9e5267aa72b25483fb9f5ca6fb9a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&offid=nhmd_liver&offerurlid=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&trid=%7Btransaction_id%7D&affid=mediago&affsub=native
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 18:32:36 GMT
Last-Modified: Thu, 27 Oct 2022 14:00:47 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"a491-18419bed319"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42129

GET
H/1.1 200
OK featured-logo-d.svg
liverrenew.com/img/featured-on/dorodny/ 8 KB
4 KB 1969ms
107ms Image
image/svg+xml 159.223.173.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liverrenew.com/img/featured-on/dorodny/featured-logo-d.svg
Requested by: Host: liverrenew.com
URL: https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&offid=nhmd_liver&offerurlid=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&trid=%7Btransaction_id%7D&affid=mediago&affsub=native
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.223.173.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: liverrenew.com
Software: nginx / Express
Resource Hash: 3bb5fdf2030456fac4167dd69ab5137a70fd2bbf29931859454ead1057cb0a71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&offid=nhmd_liver&offerurlid=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&trid=%7Btransaction_id%7D&affid=mediago&affsub=native
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 18:32:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Oct 2022 14:00:47 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"1e33-18419bed31d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Connection: keep-alive

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/7da8dd3e/www-widgetapi.vflset/ 184 KB
62 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7da8dd3e/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9d5d388649117caf4229e65edbf884be9f45e78259fb042e60ad1c112612b9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 17:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2187
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63230
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 00:15:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 04 Apr 2024 17:56:09 GMT

GET
H3 200 www-player.css
www.youtube-nocookie.com/s/player/7da8dd3e/ Frame 0EA1 400 KB
51 KB 23ms
22ms Stylesheet
text/css 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/7da8dd3e/www-player.css

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acf68dcce2368d3652430adeb6409f6027d23bbd6cdf47c3c797bb33fa6fe729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:44:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 182898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52109
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 00:15:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 02 Apr 2024 15:44:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0EA1 15 KB
15 KB 72ms
71ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:05 GMT
x-content-type-options: nosniff
age: 115291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0EA1 15 KB
15 KB 76ms
75ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:02 GMT
x-content-type-options: nosniff
age: 115294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:02 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube-nocookie.com/s/player/7da8dd3e/www-embed-player.vflset/ Frame 0EA1 348 KB
108 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/7da8dd3e/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0a9ea0d24fcadbb338ce27ca4cf6af3c78fded0c118c0e522449d829ba4ffd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:44:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 182898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110581
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 00:15:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 02 Apr 2024 15:44:18 GMT

GET
H3 200 base.js Show response
www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/ Frame 0EA1 2 MB
615 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34e5f1246cf9a43fbedb34a6706ee6e2b7b7cda818adce620ca3fdeb04ef86a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:44:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 182898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 629368
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 00:15:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 02 Apr 2024 15:44:18 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube-nocookie.com/s/player/7da8dd3e/fetch-polyfill.vflset/ Frame 0EA1 9 KB
3 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/7da8dd3e/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:44:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 182898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 00:15:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 02 Apr 2024 15:44:18 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 121 KB
47 KB 83ms
34ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-MGMVVSG

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58C6B7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1fc8ce922af5ba279ca0ed6c0b50a7e595d3d064dd78ab9fe732d5a393c2b7bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47711
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 18:32:36 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 69ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Apr 2023 18:32:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ZtHLPuG7hIbvTC/SRm1GEWFSEcaHJe5xmphunrMB9xGEclmfkfJMdN9QBHssZSEHBwePAm0WaQuH+l3/yggEuw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
752 B 95ms
27ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58C6B7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2dfa655a4dbae3f8bb3335d14a977a99a2afe4b148bfff2b2be230f9a6db94d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: br
x-cdn: fastly
etag: "6fe18a21f263bd65310c79df7a66e9b2"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 484

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 44 KB
15 KB 154ms
52ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=101678

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58C6B7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7b83264d2fc09c9b4603fbdfbb7be4eb589b2aae451fa49fa5207250be54c6f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 44 KB
15 KB 141ms
65ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58C6B7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d03b2a573e13c69a70a4efb22ca78f769ff96692861433bc7fd967e3907f4bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Mar 2023 15:05:20 GMT
server: nginx
etag: W/"640752b0-ae53"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 06 Apr 2023 18:32:36 GMT

GET
H2 200 collect-g.js Show response
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ 101 KB
20 KB 133ms
31ms Script
application/x-javascript 108.138.34.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.liverrenew.com
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58C6B7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.34.168 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-34-168.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6acaafd2a133d399889a3be508cd33b8f1d85b88dd1c49a71b772d6bf45c88e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 01:27:01 GMT
content-encoding: gzip
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 147936
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 19674
last-modified: Mon, 20 Mar 2023 16:13:16 GMT
server: AmazonS3
etag: "7760760b7bc314cff1c1bf7958832731"
content-type: application/x-javascript; charset=UTF-8
cache-control: max-age=604800,s-maxage=604800
accept-ranges: bytes
x-amz-cf-id: JxkPpCyALIm--eiEi4776FH-B1ShH2vyhIQvkVtqaFRgCUNCt14ndg==

GET
H2 200 everflow.js Show response
www.ibph4trk.com/scripts/sdk/ 60 KB
19 KB 374ms
127ms Script
text/javascript 34.107.199.247
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ibph4trk.com/scripts/sdk/everflow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58C6B7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.199.247 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 247.199.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e904cfff4529436dbaf7b090e6a1444be7eaa92edbb39db85634bf3fd88fd427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-Ch-Ua-Platform-Version
server: nginx
vary: Origin
content-type: text/javascript
cache-control: max-age=14400
x-eflow-request-id: 741d619d-c100-4f6f-8bdd-63cdeebe6267
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 tracking.js Show response
optassets.ontraport.com/ 8 KB
3 KB 136ms
35ms Script
application/javascript 104.16.20.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://optassets.ontraport.com/tracking.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58C6B7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.20.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 631b53cee14f8501d01fe646031ad98faaf9e5e0b3581109ab05bfe74864acc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 291
cf-polished: origSize=11877
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release: 0
x-op-ca: 10.2.80.206
cf-bgj: minify
last-modified: Wed, 05 Apr 2023 16:22:51 GMT
server: cloudflare
etag: W/"642da05b-2e65"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=28800
access-control-allow-credentials: true
x-op-class: optassets
cf-ray: 7b33dfeb3e443a4a-FRA
expires: Thu, 06 Apr 2023 02:32:36 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 230ms
127ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CF31TNRC77U6J4TVF330&lib=ttq
Requested by: Host: liverrenew.com
URL: https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&offid=nhmd_liver&offerurlid=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&trid=%7Btransaction_id%7D&affid=mediago&affsub=native
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a3eabdf2055a936d7ab127fc434e248b50299aa39c743b4c6c8f1b5d9ff799c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-akamai-request-id: 44f1e94f.33b6e16
date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 100,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=6, inner; dur=3
content-length: 1151
pragma: no-cache
server: nginx
x-tt-logid: 20230405183236E21515F6CE355EE11C43
x-cache-remote: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.104.8
x-tt-trace-host: 01bd308f099a64fbde4400b9f941e63193e1f52df318465e36b5940cff58b5d1415c88bccf6c3e8216c5f279c44b7d8ac5788e6f600c0ad0cb7dabe74a331166e83761f279aae0dd5a2d122cde2c49c3c23d2f537622fbd4f92dffb4dfeedb2317e1e223c2753e8c4ad5041d6f6c4cd2c1
expires: Wed, 05 Apr 2023 18:32:36 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 69ms
21ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: liverrenew.com
URL: https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&offid=nhmd_liver&offerurlid=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&trid=%7Btransaction_id%7D&affid=mediago&affsub=native
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230120-FRA

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 143ms
136ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CF9BFDRC77U0H42CN77G&lib=ttq
Requested by: Host: liverrenew.com
URL: https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&offid=nhmd_liver&offerurlid=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&trid=%7Btransaction_id%7D&affid=mediago&affsub=native
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 706de65bef6b820ce7d6e9390a4915a8fd1dd6af796a9710a557a77f227a5b54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-akamai-request-id: 5f2967c.33b6e1e
date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 108,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=12, inner; dur=5
content-length: 1364
pragma: no-cache
server: nginx
x-tt-logid: 2023040518323676170D70A9EAE4DAF7EC
x-cache-remote: TCP_MISS from a23-221-225-29.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.221.225.29
x-tt-trace-host: 01bd308f099a64fbde4400b9f941e63193e1f52df318465e36b5940cff58b5d141c67ffbf2ee381b188d33458b993fde2a828a0a814aa131c527858ad695dd9b9b9ca5e74f5831d951da1d475f111b2a4992da86ba828dbe98692b6b9afa3db05c7b0566d7915985093c9c48202da54bae
expires: Wed, 05 Apr 2023 18:32:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 183 KB
66 KB 57ms
52ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11030269056

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58C6B7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e1d540bfd44cdca28c5176d74c0817f377cd2da90b92de69d515fab4551200d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67244
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Apr 2023 18:32:36 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 44 KB
15 KB 75ms
74ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=102655

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58C6B7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b96b74eec533d689e968457cd784306cd0d79f2a995556c23e965bfb6c5b5add

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 22 KB
7 KB 89ms
21ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: liverrenew.com
URL: https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&offid=nhmd_liver&offerurlid=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&trid=%7Btransaction_id%7D&affid=mediago&affsub=native
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5a62982f68f482f811e87d3bdeb4785ddf70e787def294f21e0a5748a27179d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 18:32:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Apr 2023 09:41:56 GMT
Server: AkamaiNetStorage
ETag: "838e9c2ec6e148b2af141d9d77d0f660:1680601866.61769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6771
Expires: Wed, 05 Apr 2023 18:52:36 GMT

GET
H2 200 a-08ta.min.js Show response
b-code.liadm.com/ 42 KB
14 KB 110ms
44ms Script
application/javascript 2600:9000:223c:a200:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-08ta.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58C6B7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:a200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5a7ce15b15b6c837ea19e4b2ed6cfd5420ebcb0a29b7b28b68e7800f715e9628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 05:32:56 GMT
content-encoding: gzip
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 46779
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: ZXNAETw5P3BSuMKBP8tnS9VMH1JdayoksaIKKAtvZ1DgoS-oEdJttQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 43ms
40ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-12763245

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58C6B7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a793c31aba82c375da87fae6c1e5badabdd9e565730e1b33e8ed9d4ef7cef91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45055
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Apr 2023 18:32:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
51 KB 37ms
34ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11110460071

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58C6B7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f22002204cd3b334da0a771159a366f87bc0f9b695e5e5fb94fa686d446fc79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51699
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Apr 2023 18:32:36 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 44 KB
15 KB 60ms
59ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=103402

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58C6B7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3f65a94df3d2cf2b1f3dd1c9b8c498b27317f8084c5e4ca8be7bbf851f445135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 128ms
37ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:29 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: REHE2BS6NWNV35BY
age: 8
x-amz-server-side-encryption: AES256
x-amz-id-2: ZhoZFzQjjvhmYs6gE9SbVWIRqFIpaYjiJYGkVW4kTwz2rF/IbPhVB+3RkNcpjwnORgT5+L0pEbOqnplNjJE8kg==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 250 KB
83 KB 65ms
63ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SSVM2TL5G6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58C6B7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a495a8945d9a2dd89e53b6a7bd69893450a3818d61ef1dd27328297bde60f37b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85290
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Apr 2023 18:32:36 GMT

GET
H2 200 1181125052062198 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 257ms
250ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1181125052062198?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

921cff6794dea22503e937f5f06d77e10fae37f4cdab53930f5fb32047aa8714

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Apr 2023 18:32:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: SnczoFQWof7Va2V/ZR7prbv5+9pHK6x8aEshSz9ezLh01S5mzhfOu6D+C1IfCaf4dv6uR5a6iA31/6adiH8FBw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.da2a1c8f.js Show response
s.pinimg.com/ct/lib/ 57 KB
17 KB 25ms
24ms Script
application/javascript 2a04:4e42:8d::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.da2a1c8f.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 99821e61fa5a34c0b5b4b5473ef3dd30c7d7aebc28dc12a44d726d710d77a3b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: br
x-cdn: fastly
etag: "b3fc8cf847afb7d5cf4f05e5407d05a3"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 17556

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 81ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-SSVM2TL5G6&gtm=45je3430&_p=1299470796&_gaz=1&cid=368216876.1680719556&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1680719556&sct=1&seg=0&dl=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&dt=Liver%20Renew&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSVM2TL5G6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://liverrenew.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 91ms
30ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SSVM2TL5G6&cid=368216876.1680719556&gtm=45je3430&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSVM2TL5G6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://liverrenew.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 111ms
62ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SSVM2TL5G6&cid=368216876.1680719556&gtm=45je3430&aip=1&z=50114228

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 88ms
30ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube-nocookie.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 05 Apr 2023 18:32:36 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0EA1 66 KB
31 KB 38ms
37ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e2dc59c57fff98b0cb33ba46226538187607d61e31b0f2c56e1375f31a9f3a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube-nocookie.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31289
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube-nocookie.com/youtubei/v1/ Frame 0EA1 69 KB
24 KB 101ms
101ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d70d591a92a87f776cf6b3fab9caba1ef6c459493a85d3752ab8e14c20f8c0f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230402.00.00
X-Goog-Visitor-Id: CgtqcFZiZ25UM1lZOCjE_bahBg%3D%3D

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24079
x-xss-protection: 0
expires: Wed, 05 Apr 2023 18:32:36 GMT

GET
H2 200 E2xtljRepN-eFPlyfWIcviFlpiWi6Q6bMRPMqXz0nbk.js Show response
www.google.com/js/th/ Frame 0EA1 36 KB
15 KB 75ms
24ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/E2xtljRepN-eFPlyfWIcviFlpiWi6Q6bMRPMqXz0nbk.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

136c6d96345ea4df9e14f9727d621cbe2165a625a2e90e9b3113cca97cf49db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 14:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14410
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 14:42:05 GMT

GET
H3 200 embed.js Show response
www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/ Frame 0EA1 28 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24eba4e69ec96e5469f4755839103249c85a593fa865c6445b2966c14ad9c6bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 15:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 182896
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8854
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 00:15:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 02 Apr 2024 15:44:20 GMT

GET
DATA 200
OK truncated
/ Frame 0EA1 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ySYBR63K9PhBL7xOeIYwGJ0ngZhNnbUIM_11E_JJmky952a6NuNGCR7p8kls7JaCnOWuUu_3=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 0EA1 1 KB
2 KB 72ms
17ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ySYBR63K9PhBL7xOeIYwGJ0ngZhNnbUIM_11E_JJmky952a6NuNGCR7p8kls7JaCnOWuUu_3=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

afb61b4d8b8a523933254b7c2bbd4a09908880d83b317f7fbb81139b1aa60d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 17:50:35 GMT
x-content-type-options: nosniff
age: 2521
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1470
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 06 Apr 2023 17:50:35 GMT

GET
H2 200 id Show response
d1pqvb2h9xgm7r.cloudfront.net/v1/ 29 B
370 B 401ms
328ms XHR
text/plain 143.204.214.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1pqvb2h9xgm7r.cloudfront.net/v1/id?channel=secure.liverrenew.com
Requested by: Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=LHP&channel=secure.liverrenew.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-36.fra53.r.cloudfront.net
Software: /
Resource Hash: 8bf8a4c82c8764fe1159ba8c7af64df29d38afb3239f016a98251375fcedb941

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: date, x-api-id
alt-svc: h3=":443"; ma=86400
content-length: 29
apigw-requestid: C6q-0h_VoAMEVeg=
x-amz-cf-id: nVN1OJZXWhCmviKNuaDQmomwYecSCcJSFoF-yxjViCpYlr3qM3zg_Q==

GET
H2 200 / Show response
ct.pinterest.com/user/ 533 B
850 B 145ms
49ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613081572899&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1680719556593&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.da2a1c8f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

c3e03877a0e094eaa2279b9fe873c2bbc11487c396a1fb87106c49d562b01b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.986656b8.1680719556.95443a1
x-envoy-upstream-service-time: 2
content-length: 372
x-pinterest-rid: 1100576375814680
pin-unauth: dWlkPU1XUTFaamc0TlRndE5qTXhaUzAwWW1FekxUaGtPRFV0TUdFM01EbGpOems1T1daaA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://liverrenew.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 533 B
854 B 146ms
52ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613081572899&cb=1680719556594&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.da2a1c8f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

c3e03877a0e094eaa2279b9fe873c2bbc11487c396a1fb87106c49d562b01b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.986656b8.1680719556.95443a5
x-envoy-upstream-service-time: 4
content-length: 372
x-pinterest-rid: 1127454654625157
pin-unauth: dWlkPU5qZzVNRGhqTUdRdFl6YzROQzAwTkdJd0xXSTJZemd0TVdJelpqQmpPREpqWWpBMA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://liverrenew.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
204 B 188ms
130ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=15c1fa6e-6c78-4377-b100-97ae24fe20c0&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cf30d2c9-49a5-464e-9bc8-abbd86e4dcb8&tw_document_href=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&tw_iframe_status=0&txn_id=odjvw&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 109
date: Wed, 05 Apr 2023 18:32:36 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 3d989cf61a370f61
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: d6e1ef5624288d47d29ffbb4be86dce139ef5af7781f66a018b5ad99e4ad8b63
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
568 B 187ms
130ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=15c1fa6e-6c78-4377-b100-97ae24fe20c0&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cf30d2c9-49a5-464e-9bc8-abbd86e4dcb8&tw_document_href=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&tw_iframe_status=0&txn_id=odjvw&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 106
date: Wed, 05 Apr 2023 18:32:36 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: eced81cdbbf6467a
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7eb23a54f658f95b6e48f14188d861c5b8a9280b678cfe52ef82869178ec3c7a
content-length: 43

GET
H2 200 adsct
t.co/1/i/ 43 B
378 B 187ms
129ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=4&event=%7B%22value%22%3Anull%2C%22currency%22%3Anull%2C%22conversion_id%22%3Anull%7D&event_id=83dd5f5b-f50b-4e4e-ac18-02ec6e61e248&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cf30d2c9-49a5-464e-9bc8-abbd86e4dcb8&tw_document_href=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&tw_iframe_status=0&txn_id=tw-odjvw-odv09&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 108
date: Wed, 05 Apr 2023 18:32:36 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: de6ea1d3167e4f37
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: d6e1ef5624288d47d29ffbb4be86dce139ef5af7781f66a018b5ad99e4ad8b63
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
728 B 180ms
124ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=4&event=%7B%22value%22%3Anull%2C%22currency%22%3Anull%2C%22conversion_id%22%3Anull%7D&event_id=83dd5f5b-f50b-4e4e-ac18-02ec6e61e248&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cf30d2c9-49a5-464e-9bc8-abbd86e4dcb8&tw_document_href=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&tw_iframe_status=0&txn_id=tw-odjvw-odv09&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 104
date: Wed, 05 Apr 2023 18:32:35 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 8a9553bb6aaf4f49
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7eb23a54f658f95b6e48f14188d861c5b8a9280b678cfe52ef82869178ec3c7a
content-length: 43

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame FE42 15 KB
6 KB 138ms
48ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=liverrenew.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=101678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://liverrenew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 18:32:35 GMT
server: Kestrel
server-processing-duration-in-ticks: 531737
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 103ms
51ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613081572899&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22da2a1c8f%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1680719556637

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:36 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.986656b8.1680719556.95443a6
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 4998759425322114
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 443ms
110ms Script
application/javascript 64.202.112.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=007905fc1ab9827424db090ed9bc76fe13
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 18:32:37 GMT
X-TraceId: ec9012873d59affcb0b340a51c7ea450
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 447ms
103ms Image
image/gif 64.202.112.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=010015027900201678&referrer=&cht=gtm&marketerId=007905fc1ab9827424db090ed9bc76fe13&name=PAGE_VIEW&dl=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: liverrenew.com
URL: https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&offid=nhmd_liver&offerurlid=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&trid=%7Btransaction_id%7D&affid=mediago&affsub=native
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/mgo?utm_source=mediago&utm_medium=native&utm_campaign=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&offid=nhmd_liver&offerurlid=liver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com&trid=%7Btransaction_id%7D&affid=mediago&affsub=native
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 18:32:37 GMT
Cache-Control: no-cache
X-TraceId: 8e9fef4c24626cabfdef1e92ee47a464
Content-Length: 53
Content-Type: image/gif;

GET
H2 200 main.MTU1Nzk2ZDUwMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 253 KB
68 KB 24ms
23ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CF31TNRC77U6J4TVF330&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2656fcceecf5a4caac1c6eb8d31d84543ddbaa976428628ca348e8a594937059

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-akamai-request-id: 33b6fe0
date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230328150653AEF1BAC02A872B54267E
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 011159db9113464276dadd39a0f97d10352f2e30842f26322c0d8f98a8d418deaced672945a041cdf122a8e43c44d47b26b57465b80517f02294143b3cc824622cf400a430c5b9bfb5082d7e2ce39260737a5657f74ed2c629871b7c5949cf1eab
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=11
content-length: 68682

GET
H2 200 10195287.json Show response
s.yimg.com/wi/config/ 2 B
450 B 104ms
36ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10195287.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:23:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: H9SRVMCKXQV06S15
age: 555
content-length: 2
x-amz-id-2: f1pzy9+8SbnMvByEaVnTMwPIfcXTsvmvz5lEhePlYzGz2fv7r5/VOW59pDea2TOJTEwYJ0oGMBQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11030269056/ 3 KB
2 KB 97ms
43ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11030269056/?random=1680719556669&cv=11&fst=1680719556669&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&hn=www.googleadservices.com&frm=0&tiba=Liver%20Renew&auid=424609693.1680719556&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11030269056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39b2f22e0d75734c5b731c7289b80fbd7caea1693222ac502d105001374a62a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11110460071/ 3 KB
1 KB 188ms
170ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11110460071/?random=1680719556709&cv=11&fst=1680719556709&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&hn=www.googleadservices.com&frm=0&tiba=Liver%20Renew&auid=424609693.1680719556&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11110460071

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13516e256df804053de95fbbd0be7b929ae915304465dda0a784003bcca6eb14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0EA1 90 B
133 B 33ms
33ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

052fffd0e28dfc51133260f5894034b2428ef7dd06302437fef65c65bc0890e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube-nocookie.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 29ms
29ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube-nocookie.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 05 Apr 2023 18:32:36 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 embedded_player Show response
www.youtube-nocookie.com/youtubei/v1/ Frame 0EA1 30 KB
18 KB 79ms
78ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/embedded_player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d36c3daa856aab7c6aaccbc71cbb13e5c3e57b723dadf750595fbb88bf6da79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230402.00.00
X-Goog-Visitor-Id: CgtqcFZiZ25UM1lZOCjE_bahBg%3D%3D

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18441
x-xss-protection: 0
expires: Wed, 05 Apr 2023 18:32:36 GMT

POST
H3 204 qoe Show response
www.youtube-nocookie.com/api/stats/ Frame 0EA1 0
17 B 32ms
31ms XHR
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/api/stats/qoe?fmt=243&afmt=251&cpn=caa-ks_0EKOJ_omM&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219381%2C24255163%2C24405914%2C24415864%2C24439361%2C24450367%2C24451437%2C24462372%2C24468691%2C24474983%2C24482081%2C24499792%2C24511089%2C24516157%2C24531268%2C39323074&cl=521319471&seq=1&docid=sTPz9VUgXAE&ei=xL4tZLPlIsOux_APta2zyAg&event=streamingstats&plid=AAX4mwQjUZvJahrI&referrer=https%3A%2F%2Fwww.youtube-nocookie.com%2Fembed%2FsTPz9VUgXAE%3Fenablejsapi%3D1%26playsinline%3D1%26rel%3D0%26controls%3D0%26showinfo%3D0%26autoplay%3D1%26modestbranding%3D1%26iv_load_policy%3D3&cbr=Chrome&cbrver=111.0.5563.146&c=WEB_EMBEDDED_PLAYER&cver=1.20230402.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.038:B,0.290:B,0.290:B&cmt=0.038:0.000,0.290:0.000&afs=0.289:251::i&vfs=0.290:243:244::r&view=0.290:926:521&bwe=0.290:130000&bat=0.290:1:1&vis=0.290:0&bh=0.290:0.000

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-YouTube-Client-Version: 1.20230402.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtqcFZiZ25UM1lZOCjE_bahBg%3D%3D
X-YouTube-Ad-Signals: dt=1680719556430&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C926%2C521&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:36 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback
rr5---sn-4g5lzne6.googlevideo.com/ Frame 0EA1 0
0 98ms
24ms Fetch
video/webm 2a00:1450:4001:12::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5lzne6.googlevideo.com/videoplayback?expire=1680741156&ei=xL4tZLPlIsOux_APta2zyAg&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A12&id=o-AJS49Y0cNb00sstvKrh8dpvFRP9pZPMQwvNBQ12I-RYk&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=S2&mm=31%2C26&mn=sn-4g5lzne6%2Csn-h0jelne6&ms=au%2Conr&mv=m&mvi=5&pl=29&initcwndbps=315000&spc=99c5CS_sIYUfqdDMAb0bqpeQZ0wcd8_TcZxQmDaqGQ&vprv=1&mime=video%2Fwebm&ns=mSt-ar4ph1OpUphnbd3PTY0M&gir=yes&clen=32924353&dur=1760.325&lmt=1680024797525725&mt=1680719139&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=z5jUgJvgG7Igkw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJX4IAl2blFT7x0B8RTBXkPgNg2L1DswxP6N5sNtShD4AiEA470yG082bLs8PBEw_8pg0Qw4F5LJQ9qnHjFSWFYiUh0%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPDwwvKbzLNEIhJSdpKP0uOZjNt2X58OPmvhVVwMj7kvAiB8NuLElIXu1feVHN0AxIslnWY_I794PHldmpTRtX90rw%3D%3D&alr=yes&cpn=caa-ks_0EKOJ_omM&cver=1.20230402.00.00&range=0-126961&rn=1&rbuf=0&pot=IigNdw1xaVqzs04QeQZuMVceV0U4IkBGYS1CNGcyUhVsH08QKERJUj4z

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:12::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 18:32:36 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 126962
Last-Modified: Tue, 28 Mar 2023 17:33:17 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
Expires: Wed, 05 Apr 2023 18:32:36 GMT

POST
H/1.1 200
OK videoplayback
rr5---sn-4g5lzne6.googlevideo.com/ Frame 0EA1 0
0 96ms
23ms Fetch
audio/webm 2a00:1450:4001:12::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5lzne6.googlevideo.com/videoplayback?expire=1680741156&ei=xL4tZLPlIsOux_APta2zyAg&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A12&id=o-AJS49Y0cNb00sstvKrh8dpvFRP9pZPMQwvNBQ12I-RYk&itag=251&source=youtube&requiressl=yes&mh=S2&mm=31%2C26&mn=sn-4g5lzne6%2Csn-h0jelne6&ms=au%2Conr&mv=m&mvi=5&pl=29&initcwndbps=315000&spc=99c5CS_sIYUfqdDMAb0bqpeQZ0wcd8_TcZxQmDaqGQ&vprv=1&mime=audio%2Fwebm&ns=mSt-ar4ph1OpUphnbd3PTY0M&gir=yes&clen=23777336&dur=1760.361&lmt=1680023569190053&mt=1680719139&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=z5jUgJvgG7Igkw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgGVUkak9gGvL00-CuzPPUM8sAmWjd1DzrTKUUWxJdGVUCIQDra6zg-DZUjLriV8RStGjaTVuIoTtWlI9PDj3UoTlBOQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPDwwvKbzLNEIhJSdpKP0uOZjNt2X58OPmvhVVwMj7kvAiB8NuLElIXu1feVHN0AxIslnWY_I794PHldmpTRtX90rw%3D%3D&alr=yes&cpn=caa-ks_0EKOJ_omM&cver=1.20230402.00.00&range=0-68860&rn=2&rbuf=0&pot=Iii1I7Ul0Q4L5_ZEwVLWZe9K7xGAdvgS2Xn6YN9m6kHUS_dEkBDxBoZn

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:12::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 18:32:36 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 68861
Last-Modified: Tue, 28 Mar 2023 17:12:49 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
Expires: Wed, 05 Apr 2023 18:32:36 GMT

GET
H3 200 captions.js Show response
www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/ Frame 0EA1 69 KB
25 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c63894a4c4682a23762d195857b59d9d1bd07488315add75b434c5070e4ed11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:04:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26026
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 00:15:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 02 Apr 2024 16:04:22 GMT

GET
H3 200 endscreen.js Show response
www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/ Frame 0EA1 33 KB
9 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fbffabe6588e4b293121f9a33688a6f884eecd244859624d526bde4e5a7f8f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 16:01:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 181863
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8992
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 00:15:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 02 Apr 2024 16:01:33 GMT

POST
H3 200 next Show response
www.youtube-nocookie.com/youtubei/v1/ Frame 0EA1 6 KB
2 KB 216ms
215ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

4d78443424f9158ba243d7fcfd0fb905e1e873e68867fbfc32808cec3a8cc0ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230402.00.00
X-Goog-Visitor-Id: CgtqcFZiZ25UM1lZOCjE_bahBg%3D%3D

Response headers

date: Wed, 05 Apr 2023 18:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1902
x-xss-protection: 0
expires: Wed, 05 Apr 2023 18:32:37 GMT

GET
H2 200 UCAffiliateNetworkPixel
secure.liverrenew.com/cgi-bin/ 0
372 B 126ms
126ms Stylesheet
text/plain 34.202.20.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.liverrenew.com/cgi-bin/UCAffiliateNetworkPixel?t=0.9664958168303694&r=&u=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative
Requested by: Host: secure.liverrenew.com
URL: https://secure.liverrenew.com/cgi-bin/UCAffiliateNetworkPixel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.20.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-20-171.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:36 GMT
content-length: 0
server: Apache

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 69ms
23ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1181125052062198&ev=PageView&dl=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&rl=&if=false&ts=1680719556853&sw=1600&sh=1200&v=2.9.100&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1680719556852.693366099&it=1680719556341&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Apr 2023 18:32:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1680719556861&aid=a-08ta&se=e30&duid=c85daacc0676--01gx9b2c2mxa08emab9y4ry6m5&tna=v2.7.1&pu=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dna...
https://rp4.liadm.com/j?dtstmp=1680719556861&aid=a-08ta&se=e30&duid=c85daacc0676--01gx9b2c2mxa08emab9y4ry6m5&tna=v2.7.1&pu=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dn...

13 B
552 B

399ms
111ms

XHR
application/json

34.230.229.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1680719556861&aid=a-08ta&se=e30&duid=c85daacc0676--01gx9b2c2mxa08emab9y4ry6m5&tna=v2.7.1&pu=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&wpn=lc-bundle&c=PHRpdGxlPkxpdmVyIFJlbmV3PC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj48aDEgY2xhc3M9InZpZGVvLWhlYWRsaW5lIj40IFdhcm5pbmcgU2lnbnMgT2YgRGFtYWdlZCBMaXZlciAoIzIgSXMgU2NhcnkpPC9oMT4&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjEy&n3pc=true

Protocol

Server

34.230.229.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-230-229-216.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:37 GMT
x-pixel-event-id: 6f84938f-c5e3-4108-b55b-27a22c8b4813
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 1f3bfe993779be96
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Wed, 05 Apr 2023 18:32:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1680719556861&aid=a-08ta&se=e30&duid=c85daacc0676--01gx9b2c2mxa08emab9y4ry6m5&tna=v2.7.1&pu=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&wpn=lc-bundle&c=PHRpdGxlPkxpdmVyIFJlbmV3PC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iIj48aDEgY2xhc3M9InZpZGVvLWhlYWRsaW5lIj40IFdhcm5pbmcgU2lnbnMgT2YgRGFtYWdlZCBMaXZlciAoIzIgSXMgU2NhcnkpPC9oMT4&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjEy&n3pc=true
access-control-allow-origin: https://liverrenew.com
request-time: 0
access-control-allow-credentials: true
trace-id: 453f4651e44bfd3c
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
579 B 61ms
60ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613081572899&cb=1680719556866&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%2C%22pin_unauth%22%3A%22dWlkPU1XUTFaamc0TlRndE5qTXhaUzAwWW1FekxUaGtPRFV0TUdFM01EbGpOems1T1daaA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22da2a1c8f%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:36 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.986656b8.1680719556.9544639
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
content-length: 35
x-pinterest-rid: 1728592559228724
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame FE42
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=liverrenew.com&sn=ChromeSyncframe&so=0&topUrl=liverrenew.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=anf14XxQeVdzZkZQUGZmeVlybWZIczBnNW54MXY5YWtKdFpNR0hGMjV3bWRsVkx6TERtdU92dUdJT0g3TXgyNnE5VWlVWWx6emVSL0dqdHpPdHBnSXhjSitsay9NS1d1RFU5UFJMWGdQRHlLRi9hcnZGWEtKbUxGZVFpY1...

422 B
649 B

214ms
28ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=anf14XxQeVdzZkZQUGZmeVlybWZIczBnNW54MXY5YWtKdFpNR0hGMjV3bWRsVkx6TERtdU92dUdJT0g3TXgyNnE5VWlVWWx6emVSL0dqdHpPdHBnSXhjSitsay9NS1d1RFU5UFJMWGdQRHlLRi9hcnZGWEtKbUxGZVFpY1dacm0xR3VZaFlJWVFtbU40cXpLMnBUbE9YMDV2Wk12OFZJQU16VzVRV2o2WVlSUm1CRXBuNS9pTmk5MWc5cXNFeU80YVN5WFIxQVRVVzdPNnczM1c5R0ZKZGZ6LzNqMys5dThpWTNxNWtHV2tJUFFiRXlDbUZJZGpidFNBUzJYcStjMkF1UldjUkloS2hTOUR5bkhXbW1zL1NFaTJ4Zz09fA&cppv=2

Requested by

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

26a83be7fd614465aeea66e4b832223eb80e5668342a3c8f39055576e917b432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:37 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2243266
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=anf14XxQeVdzZkZQUGZmeVlybWZIczBnNW54MXY5YWtKdFpNR0hGMjV3bWRsVkx6TERtdU92dUdJT0g3TXgyNnE5VWlVWWx6emVSL0dqdHpPdHBnSXhjSitsay9NS1d1RFU5UFJMWGdQRHlLRi9hcnZGWEtKbUxGZVFpY1dacm0xR3VZaFlJWVFtbU40cXpLMnBUbE9YMDV2Wk12OFZJQU16VzVRV2o2WVlSUm1CRXBuNS9pTmk5MWc5cXNFeU80YVN5WFIxQVRVVzdPNnczM1c5R0ZKZGZ6LzNqMys5dThpWTNxNWtHV2tJUFFiRXlDbUZJZGpidFNBUzJYcStjMkF1UldjUkloS2hTOUR5bkhXbW1zL1NFaTJ4Zz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 312988
content-length: 0
expires: 0

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/sTPz9VUgXAE/ Frame 0EA1 87 KB
87 KB 77ms
23ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/sTPz9VUgXAE/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgUihBMA8=&rs=AOn4CLDGQXt0-G5p6Q3pOv0yJs5aiWHvCA

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c72c06d4438bb1c9952563fffcd4d30df36b4b3b8187a01b0e0ea9bcb5bf0bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 16:48:56 GMT
x-content-type-options: nosniff
age: 6220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88769
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 05 Apr 2023 18:48:56 GMT

GET
H3 204 generate_204
www.youtube-nocookie.com/ Frame 0EA1 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube-nocookie.com/generate_204?LYA_Tw
Requested by: Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 174ms
71ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2005%20Apr%202023%2018%3A32%3A37%20GMT&n=0&b=Liver%20Renew&.yp=10195287&f=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Wed, 05 Apr 2023 18:32:37 GMT

GET
H2 200 identify_08840.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 23ms
23ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_08840.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-akamai-request-id: 33b71c1
date: Wed, 05 Apr 2023 18:32:37 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202303281506495E29C2487B9AD5A2D00B
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 018a6390255bd0a08117a175a6f461aa8d51d5d7f9fab8015f227a45d63e3a4205a50fcece6558f7fd33ca3e8ead6e2b68c36bd2ced584974258ae2d01b014a9b224195bc3e8a70a83b033ef70fb7998b0e0d8c6d95bb392b4acb5bd1964f1b042
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30865

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
694 B 180ms
179ms Ping
text/plain 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://liverrenew.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 44f1e0a9.33b7225
date: Wed, 05 Apr 2023 18:32:37 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 146,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=107, origin; dur=46, inner; dur=32
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023040518323717E64F54E64A1BD115CC
x-cache-remote: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 46,23.220.104.8
x-tt-trace-host: 01bd308f099a64fbde4400b9f941e63193e1f52df318465e36b5940cff58b5d1415c88bccf6c3e8216c5f279c44b7d8ac57f6aeac71d4e787ba7595cd6b76a0a3c6d7ed8c3e4f3f5f5a22c6fdee7dabb1ac215d1ac8b25707dfc494d1c5c5c0fabfd16db2bddd12fed692c4701c6d6c0d2
expires: Wed, 05 Apr 2023 18:32:37 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
697 B 171ms
169ms Ping
text/plain 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://liverrenew.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: b9fb791d.33b7226
date: Wed, 05 Apr 2023 18:32:37 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 122,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=110, origin; dur=23, inner; dur=20
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202304051832376EA734C773B87F3EF01D
x-cache-remote: TCP_MISS from a23-220-104-11.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 23,23.220.104.11
x-tt-trace-host: 01bd308f099a64fbde4400b9f941e63193e1f52df318465e36b5940cff58b5d141877c4ddacbdda3b710048860452497a08143f1897dbacd2c31f2d59c3c7a4ff29b8bf6eac3ddd1163d883f8972a506f601edf43138268755f3932718694f1276b16b82db83abaf362cf7c307a713c590
expires: Wed, 05 Apr 2023 18:32:37 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
694 B 192ms
191ms Ping
text/plain 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://liverrenew.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2ee7237.33b7227
date: Wed, 05 Apr 2023 18:32:37 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 153,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=69, inner; dur=22
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230405183237F65B2BFFB94B1246868F
x-cache-remote: TCP_MISS from a23-221-225-21.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 69,23.221.225.21
x-tt-trace-host: 01bd308f099a64fbde4400b9f941e63193e1f52df318465e36b5940cff58b5d141577b894df34adb41552b043a862e90bd5941cbd9b785f02a641790a706fe4fb129a09c0b5eeb7cc4e9d92fed7d201b0f329e159ca54ad3e8f9ec507a84ef4679b88ef38f6126ce5e8207b3490cef5d05
expires: Wed, 05 Apr 2023 18:32:37 GMT

POST
H3 204 qoe Show response
www.youtube-nocookie.com/api/stats/ Frame 0EA1 0
17 B 30ms
29ms XHR
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/api/stats/qoe?fmt=243&afmt=251&cpn=caa-ks_0EKOJ_omM&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219381%2C24255163%2C24405914%2C24415864%2C24439361%2C24450367%2C24451437%2C24462372%2C24468691%2C24474983%2C24482081%2C24499792%2C24511089%2C24516157%2C24531268%2C39323074&cl=521319471&seq=2&docid=sTPz9VUgXAE&ei=xL4tZLPlIsOux_APta2zyAg&event=streamingstats&plid=AAX4mwQjUZvJahrI&referrer=https%3A%2F%2Fwww.youtube-nocookie.com%2Fembed%2FsTPz9VUgXAE%3Fenablejsapi%3D1%26playsinline%3D1%26rel%3D0%26controls%3D0%26showinfo%3D0%26autoplay%3D1%26modestbranding%3D1%26iv_load_policy%3D3&cbr=Chrome&cbrver=111.0.5563.146&c=WEB_EMBEDDED_PLAYER&cver=1.20230402.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cmt=0.305:0.000,0.568:0.000,0.569:0.000&vps=0.305:N,0.568:SU,0.569:SU&ctmp=dompaused:t.307;r.promise;m.NotAllowedError&bat=0.569:1:1&bh=0.569:0.000

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-YouTube-Client-Version: 1.20230402.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtqcFZiZ25UM1lZOCjE_bahBg%3D%3D
X-YouTube-Ad-Signals: dt=1680719556430&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C926%2C521&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:37 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11030269056/ 42 B
340 B 38ms
37ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11030269056/?random=1680719556669&cv=11&fst=1680717600000&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&frm=0&tiba=Liver%20Renew&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3302562721&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11030269056/ 42 B
154 B 34ms
33ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11030269056/?random=1680719556669&cv=11&fst=1680717600000&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&frm=0&tiba=Liver%20Renew&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3302562721&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11110460071/ 42 B
108 B 35ms
34ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11110460071/?random=1680719556709&cv=11&fst=1680717600000&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&frm=0&tiba=Liver%20Renew&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2411669960&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11110460071/ 42 B
108 B 33ms
33ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11110460071/?random=1680719556709&cv=11&fst=1680717600000&bg=ffffff&guid=ON&async=1&gtm=45be3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&frm=0&tiba=Liver%20Renew&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2411669960&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame AC09 565 B
591 B 52ms
52ms Document
text/html 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.da2a1c8f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://liverrenew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.986656b8.1680719557.9544b46
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 18:32:37 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1526545937528619

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T58C6B7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 18:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1645
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 05 Apr 2023 20:05:12 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 23ms
22ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1181125052062198&ev=ViewContent&dl=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&rl=&if=false&ts=1680719557230&sw=1600&sh=1200&v=2.9.100&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1680719556852.693366099&it=1680719556341&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Apr 2023 18:32:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
181 B 27ms
27ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1299470796&t=pageview&_s=1&dl=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&ul=en-us&de=UTF-8&dt=Liver%20Renew&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABRAAAACAAI~&jid=1685749388&gjid=208036239&cid=368216876.1680719556&tid=UA-233107079-1&_gid=568767107.1680719557&_r=1&_slc=1&gtm=45He3430n81T58C6B7&z=2033770899

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://liverrenew.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://liverrenew.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 29ms
28ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-233107079-1&cid=368216876.1680719556&jid=1685749388&gjid=208036239&_gid=568767107.1680719557&_u=YCDACEAARAAAACAAI~&z=533168111

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://liverrenew.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 05 Apr 2023 18:32:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://liverrenew.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=%5B101678%2C102655%5D&v=5.14.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=myNMNF9pUzZReUYlMkJCT2pRSE9NV2o0ZlRkUHlOSWZRQ0l4U...
https://widget.us.criteo.com/event?a=%5B101678%2C102655%5D&v=5.14.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=myNMNF9pUzZReUYlMkJCT2pRSE9NV2o0ZlRkUHlOSWZRQ0l4U...

21 KB
7 KB

357ms
140ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=%5B101678%2C102655%5D&v=5.14.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=myNMNF9pUzZReUYlMkJCT2pRSE9NV2o0ZlRkUHlOSWZRQ0l4UnA3b2xPQUJBZDB2NUZDMEJyRzVBQml1MmlVeFZIaERxWTlHSEVoUnlHeGxYYjZGdjdLQ3dqJTJGNWxVTFpzU1E4Y3o2U0NiVm9WdHBabGh2VTloU0Y2V3RCeHh2a0xvYWw2JTJGWEhQNTF1WFM0c1pZaG0wY21vcEpCanclM0QlM0Q&tld=liverrenew.com&dy=1&fu=https%253A%252F%252Fliverrenew.com%252Fmgo%253Futm_source%253Dmediago%2526utm_medium%253Dnative%2526utm_campaign%253Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%2526offid%253Dnhmd_liver%2526offerurlid%253Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%2526trid%253D%25257Btransaction_id%25257D%2526affid%253Dmediago%2526affsub%253Dnative&dtycbr=85112

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

316e5409efd165920e75f50fb19507346bc59ec33f635d5829caf90bea1285be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 29610277
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.us.criteo.com/event?a=%5B101678%2C102655%5D&v=5.14.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=myNMNF9pUzZReUYlMkJCT2pRSE9NV2o0ZlRkUHlOSWZRQ0l4UnA3b2xPQUJBZDB2NUZDMEJyRzVBQml1MmlVeFZIaERxWTlHSEVoUnlHeGxYYjZGdjdLQ3dqJTJGNWxVTFpzU1E4Y3o2U0NiVm9WdHBabGh2VTloU0Y2V3RCeHh2a0xvYWw2JTJGWEhQNTF1WFM0c1pZaG0wY21vcEpCanclM0QlM0Q&tld=liverrenew.com&dy=1&fu=https%253A%252F%252Fliverrenew.com%252Fmgo%253Futm_source%253Dmediago%2526utm_medium%253Dnative%2526utm_campaign%253Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%2526offid%253Dnhmd_liver%2526offerurlid%253Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%2526trid%253D%25257Btransaction_id%25257D%2526affid%253Dmediago%2526affsub%253Dnative&dtycbr=85112
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 9924022
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 64ms
63ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-233107079-1&cid=368216876.1680719556&jid=1685749388&_u=YCDACEAARAAAACAAI~&z=1434294669

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 64ms
64ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-233107079-1&cid=368216876.1680719556&jid=1685749388&_u=YCDACEAARAAAACAAI~&z=1434294669

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 23ms
23ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1181125052062198&ev=Microdata&dl=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&rl=&if=false&ts=1680719557356&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Liver%20Renew%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22%22%2C%22og%3Akeywords%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1680719556852.693366099&it=1680719556341&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Apr 2023 18:32:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame D008
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-vuY0mGbj0AJQWmr0UVP69f6HNquwr43AQVMn9Q&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-vuY0mGbj0AJQWmr0UVP69f6HNquwr43AQVMn9Q&expires=30

43 B
346 B

41ms
22ms

Image
image/gif

35.157.76.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-vuY0mGbj0AJQWmr0UVP69f6HNquwr43AQVMn9Q&expires=30
Protocol: H2
Server: 35.157.76.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-76-89.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-vuY0mGbj0AJQWmr0UVP69f6HNquwr43AQVMn9Q&expires=30
date: Wed, 05 Apr 2023 18:32:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame D008
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-0sDsimbj0AJQWmr0UVP69f6HNqupS_ptkUXDeA&google_cm&google_hm=ay0wc0RzaW1iajBBSlFXbXIwVVZQNjlmNkhOcXVwU19wd...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-0sDsimbj0AJQWmr0UVP69f6HNqupS_ptkUXDeA&google_gid=CAESEBieGIUAL1ub4wSm4MXwEcI&google_cver=1&google_ula=913071,0

43 B
369 B

31ms
29ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-0sDsimbj0AJQWmr0UVP69f6HNqupS_ptkUXDeA&google_gid=CAESEBieGIUAL1ub4wSm4MXwEcI&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 707060
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-0sDsimbj0AJQWmr0UVP69f6HNqupS_ptkUXDeA&google_gid=CAESEBieGIUAL1ub4wSm4MXwEcI&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame D008
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=521828475515835085

43 B
370 B

28ms
28ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=521828475515835085

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1128969
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 05 Apr 2023 18:32:37 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2641b2b1-7bc8-4325-bc2e-fecbc1093477
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=521828475515835085
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame D008
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-K0ya92bj0AJQWmr0UVP69f6HNqvP8xK_KVGUbg
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-K0ya92bj0AJQWmr0UVP69f6HNqvP8xK_KVGUbg

43 B
1 KB

31ms
29ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-K0ya92bj0AJQWmr0UVP69f6HNqvP8xK_KVGUbg

Protocol

HTTP/1.1

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Apr 2023 18:32:37 GMT
AN-X-Request-Uuid: 43122ecb-ce36-4c98-bbec-360adad517ea
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 Apr 2023 18:32:37 GMT
AN-X-Request-Uuid: 9d6ef89c-ed39-4857-a8b8-cc06bacfe01b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-K0ya92bj0AJQWmr0UVP69f6HNqvP8xK_KVGUbg
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame D008 61 B
802 B 153ms
79ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-vvOFDGbj0AJQWmr0UVP69f6HNqvdCv25IuopnA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 18:32:37 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Wed, 05 Apr 2023 18:32:37 GMT

GET
H2 204 v1
match.sharethrough.com/sync/ Frame D008 0
363 B 103ms
29ms Image
text/plain 3.127.20.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-C427UWbj0AJQWmr0UVP69f6HNqvGiEg5y4xnDA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.20.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-20-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:37 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame D008 43 B
163 B 128ms
32ms Image
image/gif 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-r5u6zWbj0AJQWmr0UVP69f6HNqvNXmdYREpWAw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:37 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame D008 0
99 B 537ms
35ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-SkAaT2bj0AJQWmr0UVP69f6HNqtIu9xo9S4oag
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 29184

GET
H2 200 um
criteo-sync.teads.tv/ Frame D008 23 B
172 B 140ms
52ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-yxGeiWbj0AJQWmr0UVP69f6HNqt8ZDTg17IJfw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Wed, 05 Apr 2023 18:32:37 GMT
pragma: no-cache
date: Wed, 05 Apr 2023 18:32:37 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame D008 37 B
140 B 117ms
23ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-aY2dW2bj0AJQWmr0UVP69f6HNqvHcxavRXTc8Q&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame D008 0
399 B 163ms
23ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-uXo68Wbj0AJQWmr0UVP69f6HNqtvmVahLuZTFw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:38 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame D008 43 B
163 B 112ms
33ms Image
image/gif 37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-0KhqA2bj0AJQWmr0UVP69f6HNqukO1Wq6RcHSQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:38 GMT
last-modified: Fri, 18 Nov 2022 16:49:04 GMT
server: nginx
accept-ranges: bytes
etag: "6377b780-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame D008 49 B
236 B 199ms
84ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-K2SEJWbj0AJQWmr0UVP69f6HNqv1oRHo-GQtHQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:37 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 52
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame D008
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-92fKYmbj0AJQWmr0UVP69f6HNqua6Cv01qfeQw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-92fKYmbj0AJQWmr0UVP69f6HNqua6Cv01qfeQw&C=1

43 B
766 B

27ms
26ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-92fKYmbj0AJQWmr0UVP69f6HNqua6Cv01qfeQw&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Apr 2023 18:32:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 05 Apr 2023 18:32:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-92fKYmbj0AJQWmr0UVP69f6HNqua6Cv01qfeQw&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame D008
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=nKIvDIyGtm7dzV7jdYZlDB_8qYdT7k0b
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=nKIvDIyGtm7dzV7jdYZlDB_8qYdT7k0b

42 B
942 B

56ms
56ms

Image
image/gif

52.18.161.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=nKIvDIyGtm7dzV7jdYZlDB_8qYdT7k0b

Protocol

HTTP/1.1

Server

52.18.161.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-161-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v046-08c4fb115.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 4mtGBJa2SUg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v046-0f8f2f033.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 1gHay/1yQW4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=nKIvDIyGtm7dzV7jdYZlDB_8qYdT7k0b
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame D008 43 B
1 KB 120ms
28ms Image
image/gif 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-lh1lBmbj0AJQWmr0UVP69f6HNqtsWeyRRksoHQ

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 05 Apr 2023 18:32:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame D008
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-O9h9TWbj0AJQWmr0UVP69f6HNqvygK1AqeQyLw
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-O9h9TWbj0AJQWmr0UVP69f6HNqvygK1AqeQyLw

43 B
447 B

47ms
47ms

Image
image/gif

63.35.24.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-O9h9TWbj0AJQWmr0UVP69f6HNqvygK1AqeQyLw
Protocol: H2
Server: 63.35.24.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-24-174.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 05 Apr 2023 18:32:38 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-O9h9TWbj0AJQWmr0UVP69f6HNqvygK1AqeQyLw
access-control-allow-origin: *
date: Wed, 05 Apr 2023 18:32:38 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame D008 42 B
274 B 117ms
36ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-unEyUmbj0AJQWmr0UVP69f6HNqtl0nyjRWQP3A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:38 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame D008 0
882 B 99ms
23ms Image
text/html 3.127.128.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-h7P5-mbj0AJQWmr0UVP69f6HNquleHPoJsFGPA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.128.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-128-251.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:38 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame D008 0
145 B 414ms
105ms Image
text/plain 64.202.112.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-AnSy32bj0AJQWmr0UVP69f6HNqsjuPlp6SKlVQ&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 18:32:38 GMT
Cache-Control: no-cache
X-TraceId: 816e44771942e52f6f0cbe8461fd8ee2
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame D008 42 B
582 B 99ms
28ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-lDze9Wbj0AJQWmr0UVP69f6HNquDNx3NfGhpSQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 05 Apr 2023 18:32:37 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame D008 43 B
406 B 709ms
472ms Image
image/gif 2600:1f18:612b:4232:be02:f813:37d0:f59f
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-e5pgmGbj0AJQWmr0UVP69f6HNqvWwR0X0HT_OQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:be02:f813:37d0:f59f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 05 Apr 2023 18:32:38 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame D008 43 B
153 B 139ms
47ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-07dgBWbj0AJQWmr0UVP69f6HNqtlb3kD1mxv3A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 05 Apr 2023 18:32:38 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame D008 0
400 B 152ms
64ms Image
text/plain 184.85.181.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-h4cnyWbj0AJQWmr0UVP69f6HNquBG0nGWgmGZw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.85.181.155 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-85-181-155.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Apr 2023 18:32:38 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Tue, 04 Apr 2023 18:32:38 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame D008 0
38 B 194ms
45ms Image
text/plain 52.49.84.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-nomaxmbj0AJQWmr0UVP69f6HNquhMJbbWyz7og&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.84.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-84-227.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 18:32:38 GMT
content-length: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame D008
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=8tRbX4Mt92d_yp2ykrwKakvvX5ZvHvqw

0
338 B

178ms
59ms

Image
text/plain

54.246.65.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=8tRbX4Mt92d_yp2ykrwKakvvX5ZvHvqw
Protocol: H2
Server: 54.246.65.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-65-162.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by: beacon-n007-dub-prod.krxd.net
date: Wed, 05 Apr 2023 18:32:38 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1680719558
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=8tRbX4Mt92d_yp2ykrwKakvvX5ZvHvqw
date: Wed, 05 Apr 2023 18:32:37 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 992928
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame D008
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=6x_OV6tujv-v-dUYzbPt1_i4aVRXoMb5

35 B
268 B

430ms
122ms

Image
image/gif

18.216.91.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=6x_OV6tujv-v-dUYzbPt1_i4aVRXoMb5
Protocol: H2
Server: 18.216.91.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-216-91-22.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:38 GMT
x-bt-requestid: 3e444530-d3e0-11ed-84b5-0000ac1700e6
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=6x_OV6tujv-v-dUYzbPt1_i4aVRXoMb5
date: Wed, 05 Apr 2023 18:32:37 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 3386831
content-length: 0

POST
H3 200 log_event Show response
www.youtube-nocookie.com/youtubei/v1/ Frame 0EA1 28 B
54 B 45ms
42ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/7da8dd3e/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
X-Goog-Request-Time: 1680719559144
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/sTPz9VUgXAE?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-YouTube-Client-Version: 1.20230402.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtqcFZiZ25UM1lZOCjE_bahBg%3D%3D
X-YouTube-Ad-Signals: dt=1680719556430&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C926%2C521&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 05 Apr 2023 18:32:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Wed, 05 Apr 2023 18:32:39 GMT

GET
H2 200 tpe
csm.va.us.criteo.net/1.0/ 43 B
203 B 385ms
123ms Image
image/gif 2620:100:a001::16

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://csm.va.us.criteo.net/1.0/tpe?cpp=b1jmAXxNbEhVWnZibTJZWFlWZ0YzcVU5b000L3pSMHZ4T3RSRnVJNmUrNTBtT1cwalRIZ3VTZGlMWnZjR2tKdE1kRlV6MURSajVCWlFmK2RFcUY0ZFlxNmVodz09fA&cppv=2&p=%7B%22cp%22%3A%5B%7B%22c%22%3Afalse%2C%22ct%22%3A%22static%22%2C%22dlt%22%3A2%2C%22rdt%22%3A0%2C%22rpt%22%3A1%2C%22rqt%22%3A65%2C%22sct%22%3A39%2C%22tct%22%3A71%7D%2C%7B%22c%22%3Afalse%2C%22ct%22%3A%22widget%22%2C%22dlt%22%3A6%2C%22rdt%22%3A112%2C%22rpt%22%3A1%2C%22rqt%22%3A140%2C%22sct%22%3A107%2C%22tct%22%3A210%7D%5D%2C%22mtp%22%3A%7B%22cqt%22%3A0%2C%22it%22%3A5%7D%7D&dtycbr=73155

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 30ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-SSVM2TL5G6&gtm=45je3430&_p=1299470796&cid=368216876.1680719556&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=2&sid=1680719556&sct=1&seg=0&dl=https%3A%2F%2Fliverrenew.com%2Fmgo%3Futm_source%3Dmediago%26utm_medium%3Dnative%26utm_campaign%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26offid%3Dnhmd_liver%26offerurlid%3Dliver_renew_4_vsl_DESKTOP_Windows_Chrome_84344016_www.msn.com%26trid%3D%257Btransaction_id%257D%26affid%3Dmediago%26affsub%3Dnative&dt=Liver%20Renew&en=scroll&epn.percent_scrolled=90&_et=10
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSVM2TL5G6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://liverrenew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:32:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://liverrenew.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

67 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.track.liverrenew.com/	1970-01-20 10:53:25	Name: 3ae832ad-eaa4-40f4-ad2a-6b88a366b5be-v4 Value: LVbUCpNSGqL7-iZattX88cFTTouunvFjCtfAleTvpSM
.track.liverrenew.com/	1970-01-20 19:37:35	Name: cc-v4 Value: %2BjGqk2vb9hNCiTf6O%2FIZf7PKefiNP3cUBq%2FQiI0Lc4Ulske3kJ1XphSe%2FOaWP2LL0hv4aG8FKu5ln%2F3ox9u0KSoeyHex%2FtX2XxBgFS%2Flpb9LYODmR4hWKtkFu9O%2F%2F9R59Lx5t9gDdtnDbGFUbBvHBQ%3D%3D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 25vQ58N5mbo
.youtube.com/	1970-01-20 15:11:11	Name: VISITOR_INFO1_LIVE Value: a-uxc2vLpQs
.liverrenew.com/	1970-01-20 13:01:35	Name: _gcl_au Value: 1.1.424609693.1680719556
.liverrenew.com/	1970-01-20 20:27:59	Name: _ga_SSVM2TL5G6 Value: GS1.1.1680719556.1.0.1680719556.60.0.0
.tiktok.com/	1970-01-20 20:13:35	Name: _ttp Value: 2O1EC1KQsFIODzDmTeEq29Jkw4B
.liverrenew.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .liverrenew.com
.liverrenew.com/	1970-01-20 20:27:59	Name: _lc2_fpi Value: c85daacc0676--01gx9b2c2mxa08emab9y4ry6m5
.criteo.com/	1970-01-20 20:13:35	Name: uid Value: ce1a6c04-fe03-4b00-98d3-d06382118d21
.twitter.com/	1970-01-20 20:27:59	Name: guest_id_marketing Value: v1%3A168071955672190056
.twitter.com/	1970-01-20 20:27:59	Name: guest_id_ads Value: v1%3A168071955672190056
.twitter.com/	1970-01-20 20:27:59	Name: personalization_id Value: "v1_DePnPCt3weNvLH4c2Dbttg=="
.twitter.com/	1970-01-20 20:27:59	Name: guest_id Value: v1%3A168071955672190056
.t.co/	1970-01-20 20:27:59	Name: muc_ads Value: 9c5ec6be-2ecf-4dd3-8c4e-b9a0c789fb60
.liverrenew.com/	1970-01-20 19:37:35	Name: _pin_unauth Value: dWlkPU1XUTFaamc0TlRndE5qTXhaUzAwWW1FekxUaGtPRFV0TUdFM01EbGpOems1T1daaA
.liverrenew.com/	1970-01-20 13:01:35	Name: _fbp Value: fb.1.1680719556852.693366099
.ct.pinterest.com/	1970-01-20 19:37:35	Name: _pinterest_ct_ua Value: "TWc9PSZVT1IzSXlyVlhoT2xLVlJoYXhSZGMwN1FidEFBRkxpWnliR3BKdXNRcW5NVWgvMGt2RVNQUjRrd0RFbS9vQ2lIaFo5VTNQeHNXdXI5RU5MWmtmSm1raGhyZHJKWnJyUWs2dUhyVGVPd09Xdz0mV0h1dWxLb2hsRFRQemNBZ3lrd1gvQTJXWjBRPQ=="
secure.liverrenew.com/	1970-01-20 11:02:04	Name: AWSALB Value: l0Xs6RvAxFjTtbVXNoiQU5/kq2m6YwiMC6/Zp53OLTeY08yDZS/i/AY/TY94maWVS8cLVew2qqNaz0djICr9MwRVm4Ygtt7V01ssHdr3RksIhBZCoNcquohuZOSp
secure.liverrenew.com/	1970-01-20 11:02:04	Name: AWSALBCORS Value: l0Xs6RvAxFjTtbVXNoiQU5/kq2m6YwiMC6/Zp53OLTeY08yDZS/i/AY/TY94maWVS8cLVew2qqNaz0djICr9MwRVm4Ygtt7V01ssHdr3RksIhBZCoNcquohuZOSp
.liverrenew.com/	1970-01-20 20:13:35	Name: _tt_enable_cookie Value: 1
.liverrenew.com/	1970-01-20 20:13:35	Name: _ttp Value: rmQNumBavEog7rwneGXRk50yy2a
.liverrenew.com/	1970-01-20 19:37:35	Name: ucacid Value: 806175699.468563
.yahoo.com/	1970-01-20 19:37:57	Name: A3 Value: d=AQABBMW-LWQCEFO81ckCjyoQliFB3FTWxIcFEgEBAQEQL2Q3ZAAAAAAA_eMAAA&S=AQAAAu2zUy1NAzXaR-WWp0X_UyY
liverrenew.com/	1970-01-20 10:51:59	Name: outbrain_cid_fetch Value: true
.liadm.com/	1970-01-20 20:27:59	Name: lidid Value: 68fd93c1-6b03-424f-884e-0007a7dbb0cf
.liverrenew.com/	1970-01-20 20:27:59	Name: _ga Value: GA1.2.368216876.1680719556
.liverrenew.com/	1970-01-20 10:53:25	Name: _gid Value: GA1.2.568767107.1680719557
.liverrenew.com/	1970-01-20 10:51:59	Name: _gat_UA-233107079-1 Value: 1
.liverrenew.com/	1970-01-20 20:21:23	Name: cto_bundle Value: myNMNF9pUzZReUYlMkJCT2pRSE9NV2o0ZlRkUHlOSWZRQ0l4UnA3b2xPQUJBZDB2NUZDMEJyRzVBQml1MmlVeFZIaERxWTlHSEVoUnlHeGxYYjZGdjdLQ3dqJTJGNWxVTFpzU1E4Y3o2U0NiVm9WdHBabGh2VTloU0Y2V3RCeHh2a0xvYWw2JTJGWEhQNTF1WFM0c1pZaG0wY21vcEpCanclM0QlM0Q
liverrenew.com/	1969-12-31 23:59:59	Name: /mgo:watchVideoTime:sTPz9VUgXAE Value: 0
match.sharethrough.com/	1970-01-20 11:02:04	Name: AWSALBCORS Value: nndyhXBCKuJVMjKl4hrbUo+9RzRxvCvAJLOcMTkdMtlkxYs3aoFBn6ygYyR4Lq4YlB4XPStMBEGDSqQUSPb/HESN12dEXxiqwZnD/YgW10Uz69EZnSiH0hinsGw2
.doubleclick.net/	1970-01-20 20:13:35	Name: IDE Value: AHWqTUlV90UcYVhS95ctfXIa--Pw09ES69aF_E91aV_GMH2H42EhAp_akjSdEfXx25M
.media.net/	1970-01-20 19:37:35	Name: visitor-id Value: 3237211578280851000V10
.media.net/	1970-01-20 11:35:11	Name: data-c-ts Value: 1680719557
.media.net/	1970-01-20 11:35:11	Name: data-c Value: k-vvOFDGbj0AJQWmr0UVP69f6HNqvdCv25IuopnA~~3
.adnxs.com/	1970-01-20 13:01:35	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2Hc$vxBSN!@wnfH1YdP.dEXlSkivi>rq!5Tf$g?pW7w.BDa=e*4>fFF)2(VA?K>EnBvE0owXyY2tcMS`^<R4%nugO%v4VB%nqF=+Z.ql
.adnxs.com/	1970-01-20 13:01:35	Name: uuid2 Value: 4845068430132482619
.bidswitch.net/	1970-01-20 19:37:35	Name: tuuid Value: 724b8530-7cfb-4474-b8f3-6a44525c6bd5
.bidswitch.net/	1970-01-20 19:37:35	Name: c Value: 1680719558
.bidswitch.net/	1970-01-20 19:37:35	Name: tuuid_lu Value: 1680719558
.analytics.yahoo.com/	1970-01-20 19:37:35	Name: IDSYNC Value: 18zh~2ax6
.id5-sync.com/	1970-01-20 10:51:59	Name: cf Value:
.id5-sync.com/	1970-01-20 10:51:59	Name: cip Value:
.id5-sync.com/	1970-01-20 10:51:59	Name: cnac Value:
.id5-sync.com/	1970-01-20 10:51:59	Name: car Value:
.id5-sync.com/	1970-01-20 10:51:59	Name: gdpr Value:
.id5-sync.com/	1970-01-20 10:51:59	Name: callback Value:
exchange.mediavine.com/	1970-01-20 11:12:09	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%223dc26b00-d3e0-11ed-bca6-c34e53b055a5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:12:09	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%223dc26b00-d3e0-11ed-bca6-c34e53b055a5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:12:09	Name: am_tokens Value: %7B%22mv_uuid%22%3A%223dc26b00-d3e0-11ed-bca6-c34e53b055a5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:12:09	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%223dc26b00-d3e0-11ed-bca6-c34e53b055a5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 11:12:09	Name: criteo Value: %7B%22id%22%3A%22k-h7P5-mbj0AJQWmr0UVP69f6HNquleHPoJsFGPA%22%2C%22version%22%3A%22criteo%22%7D
.360yield.com/	1970-01-20 13:01:35	Name: tuuid Value: 99a4f271-3d7a-4358-ab48-e6ce8383cf67
.360yield.com/	1970-01-20 13:01:35	Name: tuuid_lu Value: 1680719558
.pubmatic.com/	1970-01-20 11:35:11	Name: KRTBCOOKIE_97 Value: 3385-uid:k-lDze9Wbj0AJQWmr0UVP69f6HNquDNx3NfGhpSQ&KRTB&23144-uid:k-lDze9Wbj0AJQWmr0UVP69f6HNquDNx3NfGhpSQ&KRTB&23286-uid:k-lDze9Wbj0AJQWmr0UVP69f6HNquDNx3NfGhpSQ&KRTB&23287-uid:k-lDze9Wbj0AJQWmr0UVP69f6HNquDNx3NfGhpSQ
.pubmatic.com/	1970-01-20 11:35:11	Name: PugT Value: 1680719557
.demdex.net/	1970-01-20 15:11:11	Name: demdex Value: 10706012204999158723260745815226507034
.360yield.com/	1970-01-20 13:01:35	Name: um Value: !38,UPnLr9lXTdZdRPc0s10EJjV32OIyQHcQviVHWbGdopbw3wcsfgqBcYh15VtwGAQor8nWnwWu,1688495558
.360yield.com/	1970-01-20 13:01:35	Name: umeh Value: !38,0,1742927558,-1
.dpm.demdex.net/	1970-01-20 15:11:11	Name: dpm Value: 10706012204999158723260745815226507034
.casalemedia.com/	1970-01-20 19:37:35	Name: CMID Value: ZC2.xg94nTGNyB6ZG1LalQAA
.casalemedia.com/	1970-01-20 13:01:35	Name: CMPS Value: 3276
.casalemedia.com/	1970-01-20 13:01:35	Name: CMPRO Value: 3276
.krxd.net/	1970-01-20 15:11:11	Name: _kuid_ Value: Pek8v1GV
.tremorhub.com/	1970-01-20 19:37:56	Name: tvid Value: ee3869c71f634018a781ac6fc9ba8d17
.tremorhub.com/	1970-01-20 11:35:11	Name: tv_UICR Value: k-e5pgmGbj0AJQWmr0UVP69f6HNqvWwR0X0HT_OQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
amplify.outbrain.com
analytics.tiktok.com
analytics.twitter.com
b-code.liadm.com
beacon.krxd.net
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
csm.va.us.criteo.net
ct.pinterest.com
d1pqvb2h9xgm7r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.ytimg.com
ib.adnxs.com
id5-sync.com
jnn-pa.googleapis.com
liverrenew.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
optassets.ontraport.com
r.casalemedia.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
rr5---sn-4g5lzne6.googlevideo.com
rtb-csync.smartadserver.com
s.pinimg.com
s.thebrighttag.com
s.yimg.com
secure.adnxs.com
secure.liverrenew.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.ads-twitter.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
t.co
tr.outbrain.com
track.liverrenew.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.ibph4trk.com
www.youtube-nocookie.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
104.16.20.19
104.244.42.133
104.244.42.67
104.75.88.209
108.138.34.168
13.248.245.213
141.226.228.48
142.250.185.130
143.204.214.36
146.75.116.157
159.223.173.220
162.19.138.83
178.250.1.11
178.250.1.9
18.193.209.105
18.216.91.22
184.30.20.22
184.85.181.155
185.255.84.152
185.64.189.110
185.80.39.216
185.86.138.155
185.89.211.116
185.89.211.132
2001:4860:4802:32::36
212.82.100.181
23.35.237.56
23.35.237.86
23.36.163.228
2600:1f18:612b:4232:be02:f813:37d0:f59f
2600:1f18:730:b110:5d71:6695:b3d2:3b15
2600:9000:223c:a200:8:8845:1500:93a1
2620:100:a001::16
2a00:1288:80:807::2
2a00:1450:4001:12::a
2a00:1450:4001:801::2003
2a00:1450:4001:802::200e
2a00:1450:4001:808::200a
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2008
2a00:1450:4001:811::2016
2a00:1450:4001:827::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9d
2a02:2638:3::c
2a02:2638:3::e
2a02:2638:d::2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:8d::84
3.127.128.251
3.127.20.54
3.71.149.231
34.107.199.247
34.117.157.22
34.202.20.171
34.230.229.216
35.157.76.89
37.157.5.141
52.18.161.223
52.49.84.227
54.246.65.162
63.35.24.174
64.202.112.223
74.119.119.150
85.215.5.31
052fffd0e28dfc51133260f5894034b2428ef7dd06302437fef65c65bc0890e0
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
13516e256df804053de95fbbd0be7b929ae915304465dda0a784003bcca6eb14
136c6d96345ea4df9e14f9727d621cbe2165a625a2e90e9b3113cca97cf49db9
1c5dca0e645fc2b36aecf7684b32330a813a919681b99d1b273d71661934d840
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e2dc59c57fff98b0cb33ba46226538187607d61e31b0f2c56e1375f31a9f3a6
1fbffabe6588e4b293121f9a33688a6f884eecd244859624d526bde4e5a7f8f2
1fc8ce922af5ba279ca0ed6c0b50a7e595d3d064dd78ab9fe732d5a393c2b7bb
22c5ae77609948f4c6fc9d43b69afd96edc5b096d3ef87d243efb6276a353eed
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
24eba4e69ec96e5469f4755839103249c85a593fa865c6445b2966c14ad9c6bd
2656fcceecf5a4caac1c6eb8d31d84543ddbaa976428628ca348e8a594937059
26a83be7fd614465aeea66e4b832223eb80e5668342a3c8f39055576e917b432
2dfa655a4dbae3f8bb3335d14a977a99a2afe4b148bfff2b2be230f9a6db94d6
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
316e5409efd165920e75f50fb19507346bc59ec33f635d5829caf90bea1285be
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34e5f1246cf9a43fbedb34a6706ee6e2b7b7cda818adce620ca3fdeb04ef86a5
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39b2f22e0d75734c5b731c7289b80fbd7caea1693222ac502d105001374a62a8
3bb5fdf2030456fac4167dd69ab5137a70fd2bbf29931859454ead1057cb0a71
3e1d540bfd44cdca28c5176d74c0817f377cd2da90b92de69d515fab4551200d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f65a94df3d2cf2b1f3dd1c9b8c498b27317f8084c5e4ca8be7bbf851f445135
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d78443424f9158ba243d7fcfd0fb905e1e873e68867fbfc32808cec3a8cc0ee
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a62982f68f482f811e87d3bdeb4785ddf70e787def294f21e0a5748a27179d5
5a7ce15b15b6c837ea19e4b2ed6cfd5420ebcb0a29b7b28b68e7800f715e9628
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c63894a4c4682a23762d195857b59d9d1bd07488315add75b434c5070e4ed11
6271a02a25b4d4bd998ca93b2737d9131036396c245e6c4eda60bff3e5c269c1
631b53cee14f8501d01fe646031ad98faaf9e5e0b3581109ab05bfe74864acc0
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
706de65bef6b820ce7d6e9390a4915a8fd1dd6af796a9710a557a77f227a5b54
7b83264d2fc09c9b4603fbdfbb7be4eb589b2aae451fa49fa5207250be54c6f6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a793c31aba82c375da87fae6c1e5badabdd9e565730e1b33e8ed9d4ef7cef91
8bf8a4c82c8764fe1159ba8c7af64df29d38afb3239f016a98251375fcedb941
921cff6794dea22503e937f5f06d77e10fae37f4cdab53930f5fb32047aa8714
99821e61fa5a34c0b5b4b5473ef3dd30c7d7aebc28dc12a44d726d710d77a3b7
9f22002204cd3b334da0a771159a366f87bc0f9b695e5e5fb94fa686d446fc79
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3eabdf2055a936d7ab127fc434e248b50299aa39c743b4c6c8f1b5d9ff799c9
a495a8945d9a2dd89e53b6a7bd69893450a3818d61ef1dd27328297bde60f37b
a6978512927b6304900b11bfa2ff226ad7b9e5267aa72b25483fb9f5ca6fb9a5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf68dcce2368d3652430adeb6409f6027d23bbd6cdf47c3c797bb33fa6fe729
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afb61b4d8b8a523933254b7c2bbd4a09908880d83b317f7fbb81139b1aa60d6b
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6acaafd2a133d399889a3be508cd33b8f1d85b88dd1c49a71b772d6bf45c88e
b96b74eec533d689e968457cd784306cd0d79f2a995556c23e965bfb6c5b5add
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c3e03877a0e094eaa2279b9fe873c2bbc11487c396a1fb87106c49d562b01b3c
c72c06d4438bb1c9952563fffcd4d30df36b4b3b8187a01b0e0ea9bcb5bf0bde
c9d5d388649117caf4229e65edbf884be9f45e78259fb042e60ad1c112612b9c
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cf9e988cb574bd8fdb905b353ec7331970e214334b8f0683c09dfb209296defc
d03b2a573e13c69a70a4efb22ca78f769ff96692861433bc7fd967e3907f4bca
d12edf79a333c20b2ffdc2abfa2168c88d6105e2073cce1bee3b962191ea38f8
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d36c3daa856aab7c6aaccbc71cbb13e5c3e57b723dadf750595fbb88bf6da79e
d70d591a92a87f776cf6b3fab9caba1ef6c459493a85d3752ab8e14c20f8c0f8
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db63d124467740f4ae55902869f01051cbe2417fcf978ee04f6b8c633bfbe984
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
e17af20bd06407511dfb8f7509fa0a3c8fbe781a69d7113404c754c589ecb762
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e904cfff4529436dbaf7b090e6a1444be7eaa92edbb39db85634bf3fd88fd427
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f0a9ea0d24fcadbb338ce27ca4cf6af3c78fded0c118c0e522449d829ba4ffd5
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

liverrenew.com Open in urlscan Pro 159.223.173.220 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

131 Requests

91 %HTTPS

36 %IPv6

53 Domains

72 Subdomains

66 IPs

10 Countries

2253 kBTransfer

6587 kBSize

67 Cookies

0 Outgoing links

Page URL History

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

liverrenew.com Open in urlscan Pro
159.223.173.220 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

91 %
HTTPS

36 %
IPv6

53
Domains

72
Subdomains

66
IPs

10
Countries

2253 kB
Transfer

6587 kB
Size

67
Cookies

131 HTTP transactions
1 data transactions