events.xliveglobal.com Open in urlscan Pro
2606:4700:3036::6815:2282 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://qtx.omeclk.com/portal/wts/ugmcmQ6c8h|baEf9bB3wehADv8gay8pmn73jGp98a
Effective URL:
https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
Submission: On September 20 via api (September 20th 2022, 12:17:03 pm UTC) from US — Scanned from DE

Summary HTTP 78 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 19 domains to perform 78 HTTP transactions. The main IP is 2606:4700:3036::6815:2282, located in United States and belongs to CLOUDFLARENET, US. The main domain is events.xliveglobal.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 16th 2022. Valid for: a year.

This is the only time events.xliveglobal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	205.162.42.171 205.162.42.171	53866 (QTS-AS) (QTS-AS)
20	2606:4700:303... 2606:4700:3036::6815:2282	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.201.104.135 35.201.104.135	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
9	104.16.94.165 104.16.94.165	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	204.180.130.159 204.180.130.159	53866 (QTS-AS) (QTS-AS)
1	18.66.15.12 18.66.15.12	16509 (AMAZON-02) (AMAZON-02)
2	34.111.234.236 34.111.234.236	15169 (GOOGLE) (GOOGLE)
1	3.224.223.163 3.224.223.163	14618 (AMAZON-AES) (AMAZON-AES)
2 3	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
3	75.101.178.162 75.101.178.162	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3	204.180.130.165 204.180.130.165	() ()
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
3	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
78	26

1 205.162.42.171 (United States) 1 redirects

ASN53866 (QTS-AS, US)
PTR: omeclk.com

qtx.omeclk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:3036::6815:2282 (United States)

ASN13335 (CLOUDFLARENET, US)

events.xliveglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.104.135 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 135.104.201.35.bc.googleusercontent.com

vi.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.16.94.165 (None, )

ASN13335 (CLOUDFLARENET, US)

qtxasset.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.180.130.159 (Rolling Meadows, United States)

ASN53866 (QTS-AS, US)
PTR: my.omedastaging.com

olytics.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-12.vie50.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.224.223.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-223-163.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.27 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 75.101.178.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-178-162.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.180.130.165 (None, )

ASN- ()

oqs.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	xliveglobal.com events.xliveglobal.com	387 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	217 KB
9	qtxasset.com qtxasset.com — Cisco Umbrella Rank: 54822	1 MB
6	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	162 KB
5	omeda.com olytics.omeda.com — Cisco Umbrella Rank: 22747 oqs.omeda.com	76 KB
4	dpmsrv.com s.dpmsrv.com — Cisco Umbrella Rank: 22471 a.dpmsrv.com — Cisco Umbrella Rank: 19489	16 KB
4	ml314.com vi.ml314.com — Cisco Umbrella Rank: 27777 ml314.com — Cisco Umbrella Rank: 1652 in.ml314.com — Cisco Umbrella Rank: 8146	33 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 228	3 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 215	621 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 326	14 KB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 331	98 B
1	gstatic.com fonts.gstatic.com	38 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 9081	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 857	647 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	46 KB
1	omeclk.com 1 redirects qtx.omeclk.com — Cisco Umbrella Rank: 79754	369 B
78	19

	Domain	Requested by
20	events.xliveglobal.com	events.xliveglobal.com
9	qtxasset.com	events.xliveglobal.com
7	pagead2.googlesyndication.com	events.xliveglobal.com pagead2.googlesyndication.com olytics.omeda.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	oqs.omeda.com	olytics.omeda.com
3	a.dpmsrv.com	events.xliveglobal.com s.dpmsrv.com
3	ib.adnxs.com	2 redirects events.xliveglobal.com
3	securepubads.g.doubleclick.net	events.xliveglobal.com securepubads.g.doubleclick.net
2	ml314.com	events.xliveglobal.com ml314.com
2	olytics.omeda.com	events.xliveglobal.com www.googletagmanager.com olytics.omeda.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	olytics.omeda.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	events.xliveglobal.com
1	idsync.rlcdn.com	events.xliveglobal.com
1	cm.g.doubleclick.net	1 redirects
1	fonts.gstatic.com	events.xliveglobal.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	in.ml314.com	ml314.com
1	s.dpmsrv.com	events.xliveglobal.com
1	www.googletagmanager.com	events.xliveglobal.com
1	vi.ml314.com	events.xliveglobal.com
1	qtx.omeclk.com	1 redirects
78	27

This site contains links to these domains. Also see Links.

Domain
www.xliveglobal.com
www.livedesignonline.com
www.ldishow.com
livedesigninternationalldi2022.sched.com
www.digitalsignageexperience.com
livedesigninternational2021.sched.com
s3.amazonaws.com
xliveglobal.questexinfo.com
questex.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-16` - `2023-02-16`	a year	crt.sh
vi.ml314.com GTS CA 1D4	`2022-08-29` - `2022-11-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.omeda.com SSL.com RSA SSL subCA	`2022-06-24` - `2023-06-24`	a year	crt.sh
*.dpmsrv.com Amazon	`2022-04-17` - `2023-05-16`	a year	crt.sh
ml314.com GTS CA 1D4	`2022-08-20` - `2022-11-18`	3 months	crt.sh
*.ml314.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
Frame ID: 8FB8E31BFEE38F75EB719FBAC6F4FD28
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/zrt_lookup.html
Frame ID: 12B8F69B94DEABBBD509C6EC749B8C0C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1234567890123456&output=html&adk=1812271804&adf=3025194257&lmt=1663676215&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fevents.xliveglobal.com%2F%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3DLDI-Promo-Promotions%26oly_enc_id%3D5112C2506389F7Y&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663676216851&bpp=3&bdt=249&idt=201&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3876217552805&frm=20&pv=2&ga_vid=2142639280.1663676217&ga_sid=1663676217&ga_hid=422934926&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069509%2C31069178%2C31067826&oid=2&pvsid=4437597598543185&tmod=377209658&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=227
Frame ID: 3B81C6C3F26D600EEA08CF554BBD4B02
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EC2A4F9E4C82E6C91BF6638D5ECD1580
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CA514BDABB6C39BAB9641A5582915E91
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | Xlive Global Events

Page URL History Show full URLs

https://qtx.omeclk.com/portal/wts/ugmcmQ6c8h%7CbaEf9bB3wehADv8gay8pmn73jGp98a HTTP 302
https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

78
Requests

87 %
HTTPS

48 %
IPv6

19
Domains

27
Subdomains

26
IPs

3
Countries

2070 kB
Transfer

3996 kB
Size

18
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.xliveglobal.com/
Title: XLIVE

Search URL Search Domain Scan URL

URL: https://www.livedesignonline.com/
Title: Live Design

Search URL Search Domain Scan URL

URL: https://www.ldishow.com/
Title: LDI Show

Search URL Search Domain Scan URL

URL: https://livedesigninternationalldi2022.sched.com/overview/type/XLIVE%40LDI
Title: SCHEDULE

Search URL Search Domain Scan URL

URL: https://www.ldishow.com/ldishowcom/hotel-travel-offers
Title: HOTEL & TRAVEL

Search URL Search Domain Scan URL

URL: https://www.ldishow.com/ldishowcom/press-0
Title: PRESS

Search URL Search Domain Scan URL

URL: https://www.digitalsignageexperience.com/
Title: DIGITAL SIGNAGE EXPERIENCE

Search URL Search Domain Scan URL

URL: https://www.ldishow.com/ldishowcom/registration-options
Title: REGISTER

Search URL Search Domain Scan URL

URL: https://livedesigninternationalldi2022.sched.com/overview/type/XLIVE%40IDI
Title: View XLIVExLDI Schedule

Search URL Search Domain Scan URL

URL: https://livedesigninternational2021.sched.com/event/khGw
Title: LEARN MORE

Search URL Search Domain Scan URL

URL: https://livedesigninternational2021.sched.com/event/jvYk
Title: LEARN MORE

Search URL Search Domain Scan URL

URL: https://livedesigninternational2021.sched.com/event/khGR
Title: LEARN MORE

Search URL Search Domain Scan URL

URL: https://s3.amazonaws.com/publicmarketing.qtxasset.com/LDI+Show/LDI+Sales+Kits/XLIVE+x+LDI_Production+Companies+Sponsorship+Sales+Kit+2022.pdf
Title: Download Sales Kit

Search URL Search Domain Scan URL

URL: https://www.xliveglobal.com/xliveglobalcom/xlive-advertise
Title: Advertise

Search URL Search Domain Scan URL

URL: https://xliveglobal.questexinfo.com/loading.do?omedasite=XLIVE_full
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://questex.com/

Search URL Search Domain Scan URL

URL: https://questex.com/terms-and-conditions/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://questex.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://qtx.omeclk.com/portal/wts/ugmcmQ6c8h%7CbaEf9bB3wehADv8gay8pmn73jGp98a HTTP 302
https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D913%26pixelIndex%3D0%26r%3D642303%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fevents.xliveglobal.com%252F%253Futm_source%253Demail%2526utm_medium%253Demail%2526utm_campaign%253DLDI-Promo-Promotions%2526oly_enc_id%253D5112C2506389F7Y HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D913%2526pixelIndex%253D0%2526r%253D642303%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fevents.xliveglobal.com%25252F%25253Futm_source%25253Demail%252526utm_medium%25253Demail%252526utm_campaign%25253DLDI-Promo-Promotions%252526oly_enc_id%25253D5112C2506389F7Y HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=2366291593333207948&zn=&sn=&q=xImp&v=1.x&cl=913&pixelIndex=0&r=642303&tzOffset=0&url=https%3A%2F%2Fevents.xliveglobal.com%2F%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3DLDI-Promo-Promotions%26oly_enc_id%3D5112C2506389F7Y

Request Chain 47

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=2366291593333207948&pixelIndex=0 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=2366291593333207948&pixelIndex=0&google_gid=CAESEA7mukcz69SSlcb4u6KO2w0&google_cver=1

78 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
events.xliveglobal.com/
Redirect Chain

https://qtx.omeclk.com/portal/wts/ugmcmQ6c8h%7CbaEf9bB3wehADv8gay8pmn73jGp98a
https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

311 KB
59 KB

1321ms
1287ms

Document
text/html

2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2e09394c27fc88726e81239db00a3a7cfd8e23fa37606460521914d81925215

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://sample.dragonforms.com https://*.questexinfo.com http://resources.questex.com https://resources.questex.com
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000, public
cf-cache-status: DYNAMIC
cf-ray: 74da7eb98c509243-FRA
content-encoding: br
content-language: en
content-security-policy: frame-ancestors 'self' https://sample.dragonforms.com https://*.questexinfo.com http://resources.questex.com https://resources.questex.com
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:16:56 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Tue, 20 Sep 2022 12:16:55 GMT
link: <https://events.xliveglobal.com/>; rel="canonical", <https://events.xliveglobal.com/>; rel="shortlink"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbPb1Ce2c%2FxEhWPlAonuzBe%2FfPjYNTfxOhzyeatqH4KcKdd86qCA5UfxGSmmgRHFp8PKWvvNjq2DQ9Co7KRjX%2Bh2eGKuotiBXu6MkpH3Eb4BNGLUN4Uyq5Y4a0zixYfdmiirKMwHYyehOPAe8PHDlH0q5v5v"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Cookie,Accept-Encoding
via: varnish
x-ah-environment: prod
x-cache: MISS
x-content-type-options: nosniff
x-drupal-cache: MISS
x-drupal-dynamic-cache: UNCACHEABLE
x-generator: Drupal 9 (https://www.drupal.org)
x-request-id: v-1e0d833c-38de-11ed-af6d-4754495ae96d
x-ua-compatible: IE=edge

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Tue, 20 Sep 2022 12:16:54 GMT
Keep-Alive: timeout=5
Location: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 get Show response
vi.ml314.com/ 285 B
402 B 80ms
39ms Script
application/javascript 35.201.104.135
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://vi.ml314.com/get?eid=66459&tk=NlORAP1pyT9TolCqYpofYXOR4do2bEnp0CI3bC62f2fFHw3d

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.104.135 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

135.104.201.35.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

bfa02e28ea4b740a66d8765f1f4d0ef416c1fe19c4d2d937622f656a4a3b8cb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
via: 1.1 google
server: Google Frontend
date: Tue, 20 Sep 2022 12:16:56 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: private,max-age=86400
content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 61ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

919955e889d271f73387b4455d37667a6a730e800dcdbd1461412810bbc5a6c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27726
x-xss-protection: 0
server: sffe
etag: "1339 / 375 of 1000 / last-modified: 1663672177"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 20 Sep 2022 12:16:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
57 KB 102ms
65ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1234567890123456

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ec995a36461c810a9145bf1e97a54ac5540cac1b87a2c86d07d85cc6ef60335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://events.xliveglobal.com/
Origin: https://events.xliveglobal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58055
x-xss-protection: 0
server: cafe
etag: 12120184978268851621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 12:16:56 GMT

GET
H2 200 pubads_impl_2022091401.js Show response
securepubads.g.doubleclick.net/gpt/ 376 KB
128 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f7bdb9c79c5498f8a5ed7229bf62d3ab6d11dca4698bfdd0f6249f624da13c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131297
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 08:37:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Sep 2023 12:10:56 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 79 B
102 B 75ms
47ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=events.xliveglobal.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e413d5d193d708801a6b9c76e8b48db758d0378360f409bc4a4d4063d4e1561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Sep 2022 12:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77
x-xss-protection: 0
expires: Tue, 20 Sep 2022 12:16:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
46 KB 75ms
29ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MD79DJ6

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

69182c4c92822b19bcf0126e5d6f8d8060a3ab289e56642fb49d84bdb293eadf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46674
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Sep 2022 12:16:56 GMT

GET
H2 200 XLive21%20Logo.svg
qtxasset.com/quartz/qcloud4/ 873 B
975 B 148ms
116ms Image
image/svg+xml 104.16.94.165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qtxasset.com/quartz/qcloud4/XLive21%20Logo.svg
Requested by: Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.94.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3087be7a8c6e721fb7d27b8a5dc3d4cdefb7b70aaf42c89a143ffbd356a15d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:56 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: WX1G65BR2ZCER78Q
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-version-id: KMm0nrKJuGEPJeGMBS6d9n.d.LEEJEFR
x-amz-id-2: SwOaFKsYOqNNoS2BkXL56IHFz+uQbb09GuLYHWERHlRDNMbtKk+G4Hd8AAK3OVRWTsQTaVpOYY8=
last-modified: Thu, 04 Nov 2021 21:34:45 GMT
server: cloudflare
etag: W/"c21a531a49dd8d753d47948035bf6799"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 74da7ec328549152-FRA
expires: Wed, 20 Sep 2023 12:16:56 GMT

GET
H3 200 bars-regular.svg
events.xliveglobal.com/themes/custom/quartz_barrio/images/icons/ 602 B
940 B 411ms
400ms Image
image/svg+xml 2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://events.xliveglobal.com/themes/custom/quartz_barrio/images/icons/bars-regular.svg

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19227206dcb0452526fb83a3d90146664cbd2ae14956a3e8b320b811bf4a497b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
x-cache-hits: 3
x-ah-environment: prod
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: v-61ea9406-38bf-11ed-8a52-4b76a655a8b7
last-modified: Fri, 01 Jul 2022 10:46:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOyuaa008RGzzUBrKW4aV7H1yWTM1VX1H42QHZWra3YFhZ4g7qdQ5fBohBUtykaZ0OJcHr46Dh%2ByqisothsieZVaZZx0ZU9fzKM9QF31E5zvFS6POJNsuVTy5BJOaj2tGQy0zB7G%2B6TnQsiw0LwyOlLhLm17"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 74da7ec31d9f9170-FRA
expires: Tue, 04 Oct 2022 08:36:55 GMT

GET
H3 200 xmark-solid.svg
events.xliveglobal.com/themes/custom/quartz_barrio/images/icons/ 618 B
964 B 426ms
415ms Image
image/svg+xml 2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://events.xliveglobal.com/themes/custom/quartz_barrio/images/icons/xmark-solid.svg

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d007a16fea412648315d74a76b8878080bd98ce66a0272ace8c3043a9c4002e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
x-cache-hits: 2
x-ah-environment: prod
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: v-621d8a46-38bf-11ed-8534-d77d4437db1c
last-modified: Fri, 01 Jul 2022 10:46:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3PC81PES%2B12PydsQoT7POuvcuUPxX3v7wQTXnyc2MfhPRGKpQJkV4YUNS2MWskdivSw0WpLvkwZ2VrkemjzlkguiJkM5gWUpBzOiz5YgSv3fZZSEayCcgH6Qd3HTmpteg7Q%2BnuGblY48FFY2pCtEOuHWDVH"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 74da7ec31da29170-FRA
expires: Tue, 04 Oct 2022 08:36:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 346 KB
122 KB 100ms
72ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1234567890123456&plah=events.xliveglobal.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1234567890123456

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d9acd0e6fc9cc8bd498b7e08115268c4425431e34e38cc0c5dd4dbd371826c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124742
x-xss-protection: 0
server: cafe
etag: 13374632765379798668
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 12:16:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/ Frame 12B8 10 KB
5 KB 59ms
13ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1234567890123456

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://events.xliveglobal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:07:22 GMT
etag: 9671129459699598864
expires: Tue, 04 Oct 2022 12:07:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Picture4%20%282%29.jpg
qtxasset.com/quartz/qcloud4/styles/450x337_4_3_/s3/media/image/ 24 KB
24 KB 128ms
128ms Image
image/webp 104.16.94.165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qtxasset.com/quartz/qcloud4/styles/450x337_4_3_/s3/media/image/Picture4%20%282%29.jpg?VersionId=1ZqQ3ntnzOz9J4PDoiw4z9bYe9._p_Vf&itok=WMxA07Qw
Requested by: Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.94.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3a91af9b6c563c340a3aaa797fe29aedaa902d5d8e5e56e3dda1805297ec0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:56 GMT
cf-cache-status: HIT
x-amz-request-id: X4Q7MJZ2M3BKHFCR
cf-polished: qual=85, origFmt=jpeg, origSize=26887
cf-ray: 74da7ec348979152-FRA
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="Picture4%20%282%29.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24552
x-amz-id-2: 0CD4z0hTVBsUoQux/rJZrBiM5lHPeNexiU2dkjYJA9HaC8nfbAA7cnWu4pg4yalj+X9R/eYjqWA=
last-modified: Mon, 29 Nov 2021 01:03:32 GMT
server: cloudflare
etag: "612e3a0ed6dd486a33fcbdb1be74f26b"
vary: Accept
x-amz-version-id: 1ZqQ3ntnzOz9J4PDoiw4z9bYe9._p_Vf
expires: Wed, 20 Sep 2023 12:16:56 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 Screenshot%20%28197%29%20%281%29.png
qtxasset.com/quartz/qcloud4/styles/530x530_1_/s3/media/image/ 263 KB
264 KB 130ms
130ms Image
image/webp 104.16.94.165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qtxasset.com/quartz/qcloud4/styles/530x530_1_/s3/media/image/Screenshot%20%28197%29%20%281%29.png?VersionId=vDuejPCIE7D.1HLi3_xHSxP9UF.8AEOt&itok=CG0U0sxj
Requested by: Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.94.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f08c1e160e1b958bbd2e14c3f5009a258e7f96f8c92867d65bb01afae7a16f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:56 GMT
cf-cache-status: HIT
x-amz-request-id: 1GH3XPM3KE2P6SH8
cf-polished: origFmt=png, origSize=456125
cf-ray: 74da7ec3489b9152-FRA
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="Screenshot%20%28197%29%20%281%29.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 269364
x-amz-id-2: jvQEpc4Kt290DmHeSymW7C3Yh1crEqS2lSsD+DYiZ8f5waT0qe0UKnP4nT0Wb15zGQCHDFwAKJ0=
last-modified: Mon, 29 Nov 2021 00:50:49 GMT
server: cloudflare
etag: "ac26c9d3d3d779c3edb633c6d58f96ee"
vary: Accept
x-amz-version-id: vDuejPCIE7D.1HLi3_xHSxP9UF.8AEOt
expires: Wed, 20 Sep 2023 12:16:56 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 Screenshot%20%28198%29%20%281%29.png
qtxasset.com/quartz/qcloud4/styles/530x530_1_/s3/media/image/ 262 KB
263 KB 115ms
115ms Image
image/webp 104.16.94.165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qtxasset.com/quartz/qcloud4/styles/530x530_1_/s3/media/image/Screenshot%20%28198%29%20%281%29.png?VersionId=ZqQGeWTIoOjkCcvWJtI01hO369sIDwVZ&itok=nCIh4FE8
Requested by: Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.94.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc51971687a1c69842605139d111724dc8c433a0ace1c4daaa597be2b65f610d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:56 GMT
cf-cache-status: HIT
x-amz-request-id: R983YA7ZVFQ0QEJD
cf-polished: origFmt=png, origSize=392705
cf-ray: 74da7ec3489e9152-FRA
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="Screenshot%20%28198%29%20%281%29.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 268638
x-amz-id-2: t5RHFN6O1Tyim2+syJjwINYuejd4dFzPDdCCmuqX1SHXZIxXoDmAZ7sg0a3snJIwy9lH3LG7BZo=
last-modified: Mon, 29 Nov 2021 00:50:49 GMT
server: cloudflare
etag: "9490b9edca9db359f50b591576859845"
vary: Accept
x-amz-version-id: ZqQGeWTIoOjkCcvWJtI01hO369sIDwVZ
expires: Wed, 20 Sep 2023 12:16:56 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 Screenshot%20%28199%29%20%281%29.png
qtxasset.com/quartz/qcloud4/styles/530x530_1_/s3/media/image/ 307 KB
308 KB 128ms
128ms Image
image/webp 104.16.94.165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qtxasset.com/quartz/qcloud4/styles/530x530_1_/s3/media/image/Screenshot%20%28199%29%20%281%29.png?VersionId=YPfP.Z6uyNx5DyarruKHvE.KyH1nhE0H&itok=jwPACFpY
Requested by: Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.94.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bab543a7d2877232caa906e69c738770564a80f102f513e8db4faa84096a67a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:56 GMT
cf-cache-status: HIT
x-amz-request-id: WX1NJ6D64NJ723FW
cf-polished: origFmt=png, origSize=537197
cf-ray: 74da7ec3489f9152-FRA
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="Screenshot%20%28199%29%20%281%29.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 314572
x-amz-id-2: uYgllWDc8lxQkP7vAsE5Mynqjae/T+kE4FBBa4dl8C1+awT2/HHoijOHYogv9IuGw+u7HPhszbg=
last-modified: Mon, 29 Nov 2021 00:50:49 GMT
server: cloudflare
etag: "41d778cd32e8e5bd9350d5a1b0590523"
vary: Accept
x-amz-version-id: YPfP.Z6uyNx5DyarruKHvE.KyH1nhE0H
expires: Wed, 20 Sep 2023 12:16:56 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 Picture5%20%282%29.jpg
qtxasset.com/quartz/qcloud4/styles/450x337_4_3_/s3/media/image/ 27 KB
28 KB 134ms
133ms Image
image/jpeg 104.16.94.165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qtxasset.com/quartz/qcloud4/styles/450x337_4_3_/s3/media/image/Picture5%20%282%29.jpg?VersionId=iJNB4T3MDtSgw9.fmlf1E_rBCXt7LOwO&itok=9lghQdV4
Requested by: Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.94.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b427f440e3619f549cc587f5aa685fdfbbb6f7056823ec73125bfdae5ee0fe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:56 GMT
last-modified: Mon, 29 Nov 2021 01:12:04 GMT
cf-cache-status: HIT
x-amz-request-id: X4Q9KQKKGKAFPKV0
cf-polished: origSize=29156, status=webp_bigger
cf-ray: 74da7ec368c79152-FRA
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28023
x-amz-id-2: HmXZZ3Xi8LDvKNt5rXcfjE0krnYbvLR/6It7TeQ5qf8vU33hqhTyrRWA9X6X0mnDLfnmTXXDmi0=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "fb820dfa5cf1dadf1e7db680f702beb2"
vary: Accept-Encoding
x-amz-version-id: iJNB4T3MDtSgw9.fmlf1E_rBCXt7LOwO
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Sep 2023 12:16:56 GMT

GET
H2 200 Picture8%20%282%29.jpg
qtxasset.com/quartz/qcloud4/styles/450x337_4_3_/s3/media/image/ 44 KB
44 KB 122ms
121ms Image
image/jpeg 104.16.94.165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qtxasset.com/quartz/qcloud4/styles/450x337_4_3_/s3/media/image/Picture8%20%282%29.jpg?VersionId=eQFl4j0FjCs0.XdD4IERRFyv7FrUybxS&itok=gpApIjb6
Requested by: Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.94.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dee68767b2b7875719ca294037ccb53a83e3644b17da2a2b4937bb2e35c4673

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:56 GMT
last-modified: Mon, 29 Nov 2021 01:17:24 GMT
cf-cache-status: HIT
x-amz-request-id: X4QAYX3FZX2447Q1
cf-polished: origSize=47711, status=webp_bigger
cf-ray: 74da7ec368cd9152-FRA
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44719
x-amz-id-2: bAiDUTkG2cmV0QGhJuwUDxbjPpkSkJ96oyy5Fq3NXEio3b3+QUqcZqY6I/xWF2oMnuka6lxMM0s=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "25634848b48bcc7113e2801e221523e4"
vary: Accept-Encoding
x-amz-version-id: eQFl4j0FjCs0.XdD4IERRFyv7FrUybxS
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Sep 2023 12:16:56 GMT

GET
H3 200 email-decode.min.js Show response
events.xliveglobal.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
9ms Script
application/javascript 2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.xliveglobal.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Sep 2022 13:38:19 GMT
server: cloudflare
etag: W/"63232acb-4d7"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyKpSMt5l%2F0dzHlxvPDnbgJUif6QuwrM%2BXRkxwUvy%2F0r%2FqF%2BfBMb8VZdsQ2ALI86IaHhuOfMzB4oqTWGd51JbTmxaGnfmk7Z%2FgBp8YFbhPsRtkvEl7QCy55eAPGqqiyE0ltK2rtAYBX4Ou5XpVd9%2FbQV9tx%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74da7ec36e1c9170-FRA
vary: Accept-Encoding
expires: Thu, 22 Sep 2022 12:16:56 GMT

GET
H3 200 omedaseg.js Show response
events.xliveglobal.com/modules/custom/quartz_ads/js/ 1 KB
1 KB 389ms
389ms Script
application/javascript 2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.xliveglobal.com/modules/custom/quartz_ads/js/omedaseg.js?v=1

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bcb416b4fc661477c68b1952be25d1a31148f05377710688cd8edc8807ae4c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
x-cache-hits: 2
x-ah-environment: prod
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: v-e306ca2e-38cd-11ed-861e-abb0ff35ab4f
last-modified: Mon, 12 Sep 2022 21:39:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4e0QKE3E9WWlVk7yVnG684hdvkvkwppZyxLv2ERZTVgFurQg4QSd%2BmY5%2FrJbOuFZAM3W28TpLADoXyQe%2FU%2BF7qn71acadOBt2DbFj3pesnYP3QPD1Irfjkz%2Fe2Ld8mzr7o5VrR5X%2BnQ%2F5Btkuc6RTMJBWXG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 74da7ec36e239170-FRA
expires: Tue, 04 Oct 2022 10:20:44 GMT

GET
H3 200 js_i0oWPa5S5-wxZd8dgW6jnkvTe3udE0vtYw-kwieJg3g.js Show response
events.xliveglobal.com/sites/qcloud4/files/js/ 6 KB
2 KB 390ms
387ms Script
text/javascript 2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.xliveglobal.com/sites/qcloud4/files/js/js_i0oWPa5S5-wxZd8dgW6jnkvTe3udE0vtYw-kwieJg3g.js

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b4a163dae52e7ec3165df1d816ea39e4bd37b7b9d134bed630fa4c227898378

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
x-cache-hits: 3
x-ah-environment: prod
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: v-61e7aebc-38bf-11ed-9282-87937ba20eba
last-modified: Thu, 15 Sep 2022 21:46:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwApbtqAAaWU5XNQexGdXETViInQ2fC6XUA%2BXf6wui5jLL9m5pOnAgBdh2fK8awAm2NsWMR%2FcRyOu4Zd%2FJzWweAmpArnDDKsp1USX1yLpX9wZR8Pp62FTaVl7OExqN5AnruSVzWrdq9OsgStGE5h60UbNbRK"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1209600
cf-ray: 74da7ec36e2c9170-FRA
expires: Tue, 04 Oct 2022 08:36:55 GMT

GET
H3 200 runtime.js Show response
events.xliveglobal.com/modules/custom/quartz_apifirst/compiled/ 2 KB
1 KB 406ms
403ms Script
application/javascript 2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.xliveglobal.com/modules/custom/quartz_apifirst/compiled/runtime.js?v=c486ab52a4115578

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daf4fe1515892c71cdd95f5c6eb3a9cc0aa4ad0a93247c9a6e971bf6f169f53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
x-cache-hits: 3
x-ah-environment: prod
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: v-621ccea8-38bf-11ed-903c-e7bf623ba3cc
last-modified: Fri, 01 Jul 2022 11:04:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vreZ75ToRV73RL4Bv6E%2FWqQAuXMd6Oj0G%2FJe0d9deoBMt%2B0fIUQWGO%2BO1UMM4acm4BovvmSE8AyTsLCUe39WH17DmSnrxSEsrbi89bAwxE3M8ejgL%2FTYmxC%2FOZMABmmcAbmAmASXgpb2JKLitPHf9O02M0wa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 74da7ec36e2d9170-FRA
expires: Tue, 04 Oct 2022 08:36:55 GMT

GET
H3 200 vendor-runtime-core.esm-bundler.js Show response
events.xliveglobal.com/modules/custom/quartz_apifirst/compiled/ 66 KB
25 KB 525ms
523ms Script
application/javascript 2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.xliveglobal.com/modules/custom/quartz_apifirst/compiled/vendor-runtime-core.esm-bundler.js?v=c486ab52a4115578

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

368120b5ba7f0b093ade048d6070f8fcc5017984ae63d3b655609ff9e918724d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
x-cache-hits: 3
x-ah-environment: prod
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: v-621bf73a-38bf-11ed-aff7-7f0b230c9d08
last-modified: Fri, 22 Jul 2022 04:22:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FrLKz7g4K1mddQuC%2BHRVBhkgN%2BS4vIiMdwH2Eowua0kbDCM2pMAijxcjpcEJLY%2Bkf0sVJEbXANj6TAWZZr2CjWpgdpFN9GjoKekA5ANkHhbVrASqWZ7XgiA5YdJ4EH5ziboXLhem4uIx5QInrlqmM6YkS5F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 74da7ec36e2e9170-FRA
expires: Tue, 04 Oct 2022 08:36:55 GMT

GET
H3 200 vendor-compiler-core.esm-bundler.js Show response
events.xliveglobal.com/modules/custom/quartz_apifirst/compiled/ 53 KB
20 KB 407ms
405ms Script
application/javascript 2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.xliveglobal.com/modules/custom/quartz_apifirst/compiled/vendor-compiler-core.esm-bundler.js?v=c486ab52a4115578

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c776ade65423ef8f2324dc40b27eb0b162aa88b72a5d05d9404996ff3618d30

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
x-cache-hits: 3
x-ah-environment: prod
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: v-621e6eca-38bf-11ed-b765-2b454af1b2ce
last-modified: Fri, 22 Jul 2022 04:23:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzfjuKuGdjOimXqfzM73OsvxExFNV0AD0Zb6GVXSx%2Bn1fkqv5%2Bdf%2Bq%2FqzAKPPVDq9YqF4fC1Tub%2Be9ePhyhSnVkAN0wpKrIorYiKlWUk1fB27rTWfqqEdUiBosP3lA8OA7SycK%2FyQd%2BlWnKe670TfMmXI3Kt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 74da7ec36e329170-FRA
expires: Tue, 04 Oct 2022 08:36:55 GMT

GET
H3 200 vendor-runtime-dom.esm-bundler.js Show response
events.xliveglobal.com/modules/custom/quartz_apifirst/compiled/ 29 KB
11 KB 411ms
409ms Script
application/javascript 2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.xliveglobal.com/modules/custom/quartz_apifirst/compiled/vendor-runtime-dom.esm-bundler.js?v=c486ab52a4115578

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e721448de4149c59b99e49159d0b8be3557227c4f317c688d02ab5eafe5ce580

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
x-cache-hits: 3
x-ah-environment: prod
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: v-621e3950-38bf-11ed-a11b-53d96e4c027a
last-modified: Fri, 22 Jul 2022 04:22:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dp6oxo7foiSf31dRjb1KWCI%2FwZITuvVT6qoyiWmKn6Q95G6KpfQDKEKbChCMqUWnPSdJbe40HkwglluYi%2F4q2MQ6k0vltqlGOmUab7jU9vaU3bekGitByiS5OD4Hou3jWNqQWI0AFr3ukLdoktffBkFQmNe9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 74da7ec36e359170-FRA
expires: Tue, 04 Oct 2022 08:36:55 GMT

GET
H3 200 nodepage-5ebdb320.js Show response
events.xliveglobal.com/modules/custom/quartz_apifirst/compiled/ 77 KB
15 KB 392ms
390ms Script
application/javascript 2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.xliveglobal.com/modules/custom/quartz_apifirst/compiled/nodepage-5ebdb320.js?v=b61098aa373ea80fc7a2

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11b0a018ceac7ad2fa845a3510363d3d7cc28547cb0bc4fbe37c8bd624ee7e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
x-cache-hits: 3
x-ah-environment: prod
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: v-621f8fbc-38bf-11ed-aaee-dbddadba5a92
last-modified: Thu, 08 Sep 2022 22:55:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sj84nhQyquJIx73z5cFV8zHlnWcnb5LSzFaY2GGWJsVGFfrUXfwhk7qodVyiNGfcCylLO3CUf6ShYp04C690Pxg04lOgAnjl2oVLo5Fplb0EdsBSr9c2F%2FgOY8DTVKhBNHe3D%2BQWsaznYVU8VIS8mduYj1YJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 74da7ec36e369170-FRA
expires: Tue, 04 Oct 2022 08:36:55 GMT

GET
H3 200 nodepage-80f4f91d.js Show response
events.xliveglobal.com/modules/custom/quartz_apifirst/compiled/ 82 KB
16 KB 404ms
402ms Script
application/javascript 2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.xliveglobal.com/modules/custom/quartz_apifirst/compiled/nodepage-80f4f91d.js?v=b61098aa373ea80fc7a2

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3df584421a69a70ab6fc4c15b36865af2141d93d71aeae9ae5d6024dd5e6b33

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
x-cache-hits: 3
x-ah-environment: prod
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: v-621dda8c-38bf-11ed-b069-a733ea6a7121
last-modified: Thu, 08 Sep 2022 22:55:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ytngs1ALzUiAeGXeqpFvj75EQbybcQu%2FdOJc6ZJEZQn7KxROMPKePmaURdFDgOzkXkpTTSxOfW1%2BJY5aSN0F%2BehqpPL0oSPgo5sbZ7%2BBNsRj0ClmO1KXS0z1oGWBiRfYh0vE9WIwLy3UfrB4uheksa5kyby3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 74da7ec36e379170-FRA
expires: Tue, 04 Oct 2022 08:36:55 GMT

GET
H3 200 nodepage-8b39a80f.js Show response
events.xliveglobal.com/modules/custom/quartz_apifirst/compiled/ 44 KB
10 KB 399ms
397ms Script
application/javascript 2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.xliveglobal.com/modules/custom/quartz_apifirst/compiled/nodepage-8b39a80f.js?v=b61098aa373ea80fc7a2

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa8802ced3db0de12feaa22e81b6d6eb98209d2a0ac8cb9f23ea6329bf9abdea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
x-cache-hits: 2
x-ah-environment: prod
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: v-621b3ade-38bf-11ed-bb75-ebfec7722482
last-modified: Thu, 08 Sep 2022 22:55:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olvVWzOozw8BqcgvgwEihNQTOqLqqzWR8hksfH6RxqjzSfKunsv%2BhqcEehApt%2By1kg8Nh4PC3N0P0NqcSWvx2pucsg6PwsqFvz8kV%2F4cfqsMwb175BDUIQ0zOjD4gYrl21OBbkpCS0qoj859As0ug3axN2a9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 74da7ec36e399170-FRA
expires: Tue, 04 Oct 2022 08:36:55 GMT

GET
H3 200 nodepage-cdd60c62.js Show response
events.xliveglobal.com/modules/custom/quartz_apifirst/compiled/ 69 KB
24 KB 499ms
497ms Script
application/javascript 2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.xliveglobal.com/modules/custom/quartz_apifirst/compiled/nodepage-cdd60c62.js?v=b61098aa373ea80fc7a2

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c61a29f75477ea84e1954d52e93aedb93ac5e83e08cc56449995e0ce4d76d44f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
x-cache-hits: 2
x-ah-environment: prod
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: v-621b190a-38bf-11ed-ac7f-232209e870ab
last-modified: Thu, 08 Sep 2022 22:55:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmPtRExQBU%2BmDqlXNY8xertCenCDkbNsQOHxinu3EBarFlZBGAkE551K4T1CQSk4tGed1UhtOxLlUDmlUTEaKCqZb6%2BLRWcXX8g%2Fn5vZ1tCgD9o1as4hkWSFR8Z1QOkvCOxe%2Bo%2BEf8Llh8ylEnvC%2BiFKCyR4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 74da7ec36e3b9170-FRA
expires: Tue, 04 Oct 2022 08:36:55 GMT

GET
H3 200 nodepage-d1084bb9.js Show response
events.xliveglobal.com/modules/custom/quartz_apifirst/compiled/ 51 KB
13 KB 405ms
404ms Script
application/javascript 2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.xliveglobal.com/modules/custom/quartz_apifirst/compiled/nodepage-d1084bb9.js?v=b61098aa373ea80fc7a2

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63141d06a03c804ea2261622d51cf9fd5bc92a15c65cdd52bca0d49e327f6c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
x-cache-hits: 3
x-ah-environment: prod
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: v-621ee8d2-38bf-11ed-a48a-0ff383b0dae7
last-modified: Thu, 08 Sep 2022 22:55:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QO6cfkM%2Fgy3GYrL7CY4wmmbsJgYdckuL1tTYuQK9FnjmPuJII6qoabNj5KKcZHmgyNbKg%2FY1N9bZVmXuMPvd07pFxF%2B1BsE2601H6kBODwqItHTjVLFJ5CZc49AGPU6RkcqTowO6u%2BEbqGNPq%2FQf5sUYa55D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 74da7ec36e3d9170-FRA
expires: Tue, 04 Oct 2022 08:36:55 GMT

GET
H3 200 js_cUFPdtZHd8JSfGcpLxJiEmsNWIAr4kTCabw7QTWH5Wo.js Show response
events.xliveglobal.com/sites/qcloud4/files/js/ 3 KB
1 KB 412ms
411ms Script
text/javascript 2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.xliveglobal.com/sites/qcloud4/files/js/js_cUFPdtZHd8JSfGcpLxJiEmsNWIAr4kTCabw7QTWH5Wo.js

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71414f76d64777c2527c67292f1262126b0d58802be244c269bc3b413587e56a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
x-cache-hits: 3
x-ah-environment: prod
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: v-61e56f3a-38bf-11ed-bf28-83d0eb0902f6
last-modified: Thu, 15 Sep 2022 21:47:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9114aizCUtzPX4z9WOp9cIdBhbH0LT270u9RsDyUdm%2FogmqEi0VStvlGsAb57dBRoFzrNOj%2FtODF7ItwuugFsZv%2BfdFo2Kf0VncZ12DMcrkvpYKATRx1GxobOlqOkrSCw2pdalEVssLNKTHGfNu4e8iB7nl"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1209600
cf-ray: 74da7ec36e3f9170-FRA
expires: Tue, 04 Oct 2022 08:36:55 GMT

GET
H3 200 css_yIa_ItLGwRMc4-2Xbo5cMrGlgOc_pa6wpEEyk1jmwek.css
events.xliveglobal.com/sites/qcloud4/files/css/ 176 KB
34 KB 518ms
517ms Stylesheet
text/css 2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.xliveglobal.com/sites/qcloud4/files/css/css_yIa_ItLGwRMc4-2Xbo5cMrGlgOc_pa6wpEEyk1jmwek.css

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c886bf22d2c6c1131ce3ed976e8e5c32b1a580e73fa5aeb0a441329358e6c1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
x-cache-hits: 3
x-ah-environment: prod
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: v-61e42b84-38bf-11ed-b9e8-87c07723fdba
last-modified: Thu, 18 Aug 2022 21:46:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZozNKwRnC5RTkUa7umwGZyQSh3eYpAVz4qQqocHkf%2BpfEUkcaLmMS6wfduFRPsd%2Bu4j8Ffx9pR11RZH8yobgoYTjkFpca7Z5zy5Oh4mPyx6%2BHgtwVtoCUW%2BV%2FT5GfhQ0gXLFmwshdM41RQJGYV%2FuzTAO%2FXfg"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 74da7ec36e429170-FRA
expires: Tue, 04 Oct 2022 08:36:55 GMT

GET
H3 200 css_c6GxX9zo7kYZQ5KUWLi3IEp3LiboIJ4PzPjO3E5Ecz0.css
events.xliveglobal.com/sites/qcloud4/files/css/ 139 KB
15 KB 397ms
396ms Stylesheet
text/css 2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.xliveglobal.com/sites/qcloud4/files/css/css_c6GxX9zo7kYZQ5KUWLi3IEp3LiboIJ4PzPjO3E5Ecz0.css

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73a1b15fdce8ee461943929458b8b7204a772e26e8209e0fccf8cedc4e44733d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
x-cache-hits: 3
x-ah-environment: prod
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: v-61e545c8-38bf-11ed-8c02-d3c8737f4ce7
last-modified: Thu, 08 Sep 2022 23:02:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6Y0k6REe6LXJI1ZSJRVWt41lZnDQfJK7oKxVU%2B6RjJKYHaj3%2FhEoDYCIz%2Bbd3TP3JVfwVsmgQ190QbTKUWCfUhfkK0SQAjZTgNdO77IvHpO4Sz6pDyLvsFcqZH2mbbYU6SWSO%2FEwesldb7eFJnWfKlB6KPN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 74da7ec36e439170-FRA
expires: Tue, 04 Oct 2022 08:36:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 59ms
13ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MD79DJ6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4496
date: Tue, 20 Sep 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 20 Sep 2022 13:02:00 GMT

GET
H/1.1 200 olytics.min.js Show response
olytics.omeda.com/olytics/js/v3/p/ 267 KB
73 KB 2802ms
668ms Script
application/javascript 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 Rolling Meadows, United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

59aa4a2e8bd5605bfec48b4f02b0a7ca522c2cd2a137dff4c5c4933d737287a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 12:16:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 04 Aug 2022 14:47:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: W/"273536-1659624456000"
vary: accept-encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=21600
Accept-Ranges: bytes
Keep-Alive: timeout=5
Expires: Tue, 20 Sep 2022 18:16:59 GMT

GET
H/1.1 200 olytics.css
olytics.omeda.com/olytics/css/v3/p/ 28 KB
3 KB 1894ms
130ms Stylesheet
text/css 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/css/v3/p/olytics.css

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MD79DJ6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 Rolling Meadows, United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 12:16:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 27 Aug 2021 04:05:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: W/"28820-1630037128000"
vary: accept-encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=21600
Accept-Ranges: bytes
Keep-Alive: timeout=5
Expires: Tue, 20 Sep 2022 18:16:58 GMT

GET
H/1.1 200
OK dpm_fa5b7e293127b3837c39f7fbd05598f32c8ce1c9.min.js Show response
s.dpmsrv.com/ 59 KB
13 KB 87ms
21ms Script
application/x-javascript 18.66.15.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_fa5b7e293127b3837c39f7fbd05598f32c8ce1c9.min.js
Requested by: Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-12.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0374c07683d5c0765471a05a918deae2af78052c2044aede95a2b87da845c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 22:44:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Sep 2022 17:00:17 GMT
Server: AmazonS3
Age: 48789
ETag: "b003adf4a96f2d093c9fed32261117c2"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 62f2a061e41be90ceddd231b5157117c.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: VIE50-P1
Accept-Ranges: bytes
Content-Length: 12863
X-Amz-Cf-Id: bs2u_BN-6c3Vhy-zcNWo2mEkRYNMmgAAoASJOk7P4ufSV0jAHc76Fw==

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
32 KB 54ms
17ms Script
application/javascript 34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?2082022
Requested by: Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 11:51:23 GMT
age: 1533
x-guploader-uploadid: ADPycdsPwW_W21_iaPWuJfc0ACJ2wJFbwiKrnGS3hqk3SemKwfur_d4_DprqMAdcCKZRwl-3fEVOitnJjxcJLc9DJTC3o5R6_wT7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32025
last-modified: Tue, 09 Aug 2022 21:49:07 GMT
server: UploadServer
cache-control: public,max-age=3600
etag: "fe36d3317b1b052708eb2260e253aa63"
x-goog-hash: crc32c=BjH7bw==, md5=/jbTMXsbBScI6yJg4lOqYw==
x-goog-generation: 1660081747697868
cache-id: AMS-5232d789
x-cache-hit: hit
x-goog-stored-content-length: 32025
accept-ranges: bytes
content-type: application/javascript

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 49ms
20ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=422934926&t=pageview&_s=1&dl=https%3A%2F%2Fevents.xliveglobal.com%2F%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3DLDI-Promo-Promotions%26oly_enc_id%3D5112C2506389F7Y&ul=en-us&de=UTF-8&dt=Home%20%7C%20Xlive%20Global%20Events&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1210462952&gjid=233880506&cid=2142639280.1663676217&tid=UA-88661448-18&_gid=563487559.1663676217&_r=1&gtm=2wg9j0MD79DJ6&z=2083843557

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://events.xliveglobal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:16:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://events.xliveglobal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 utsync.ashx Show response
ml314.com/ 62 B
81 B 70ms
40ms Script
application/javascript 34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=66459&ct=js&pi=&fp=undefined&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fevents.xliveglobal.com%2F%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3DLDI-Promo-Promotions%26oly_enc_id%3D5112C2506389F7Y&pv=1663676217007_i3r7begee&bl=en-us&cb=3489872&return=&ht=&d=&dc=&si=1663676217007_i3r7begee&cid=&s=1600x1200&rp=&v=2.5.2.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2082022
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:16:56 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
482 B 458ms
157ms Script
application/javascript 3.224.223.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=2082022&v=2.5.2.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2082022
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.223.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-223-163.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 12:16:56 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Wed, 21 Sep 2022 12:16:57 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D913%26pixelIndex%3D0%26r%3D642303%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Feven...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D913%2526pixelIndex%253D0%2526r%25...
https://a.dpmsrv.com/dpmpxl/index.php?id=2366291593333207948&zn=&sn=&q=xImp&v=1.x&cl=913&pixelIndex=0&r=642303&tzOffset=0&url=https%3A%2F%2Fevents.xliveglobal.com%2F%3Futm_source%3Demail%26utm_medi...

253 B
1003 B

389ms
94ms

Script
text/javascript

75.101.178.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=2366291593333207948&zn=&sn=&q=xImp&v=1.x&cl=913&pixelIndex=0&r=642303&tzOffset=0&url=https%3A%2F%2Fevents.xliveglobal.com%2F%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3DLDI-Promo-Promotions%26oly_enc_id%3D5112C2506389F7Y
Requested by: Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
Protocol: HTTP/1.1
Server: 75.101.178.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-178-162.compute-1.amazonaws.com
Software: /
Resource Hash: 4df36640dcf2a76c1415624674930cdf2b61cb96e8a7f517da168353eb7df19a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 224
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:16:57 GMT
X-Proxy-Origin: 178.162.209.135; 178.162.209.135; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5e0660bd-8add-4030-a391-fda29208c637
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=2366291593333207948&zn=&sn=&q=xImp&v=1.x&cl=913&pixelIndex=0&r=642303&tzOffset=0&url=https%3A%2F%2Fevents.xliveglobal.com%2F%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3DLDI-Promo-Promotions%26oly_enc_id%3D5112C2506389F7Y
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
647 B 57ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=events.xliveglobal.com&callback=_gfp_s_&client=ca-pub-1234567890123456

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1234567890123456&plah=events.xliveglobal.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52473fbe983cbe8e7534d70a1dafa21a0e5e2ac30eed25fb959fcfe69bbb7099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 89ms
24ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=events.xliveglobal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Sep 2022 12:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 74ms
24ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=events.xliveglobal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Sep 2022 12:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3B81 603 B
68 B 78ms
49ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1234567890123456&output=html&adk=1812271804&adf=3025194257&lmt=1663676215&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fevents.xliveglobal.com%2F%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3DLDI-Promo-Promotions%26oly_enc_id%3D5112C2506389F7Y&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663676216851&bpp=3&bdt=249&idt=201&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3876217552805&frm=20&pv=2&ga_vid=2142639280.1663676217&ga_sid=1663676217&ga_hid=422934926&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069509%2C31069178%2C31067826&oid=2&pvsid=4437597598543185&tmod=377209658&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=227

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://events.xliveglobal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:16:57 GMT
expires: Tue, 20 Sep 2022 12:16:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qFdH35WCmI96Ajtm81GlU9vgwBcI.woff2
fonts.gstatic.com/s/overpass/v7/ 38 KB
38 KB 243ms
15ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v7/qFdH35WCmI96Ajtm81GlU9vgwBcI.woff2

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/sites/qcloud4/files/css/css_c6GxX9zo7kYZQ5KUWLi3IEp3LiboIJ4PzPjO3E5Ecz0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26767f0b7032e460e8500deff8d9077a9f8fdc3f43fceb30d3a6ec067c5e8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://events.xliveglobal.com/
Origin: https://events.xliveglobal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:20:55 GMT
x-content-type-options: nosniff
age: 586562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38504
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:13:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 13 Sep 2023 17:20:55 GMT

GET
H3 200 0cfdcc29-592b-459a-9833-48df14c3d751 Show response
events.xliveglobal.com/jsonapi/block_content/hero_text_card/ 7 KB
2 KB 387ms
387ms XHR
application/json 2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.xliveglobal.com/jsonapi/block_content/hero_text_card/0cfdcc29-592b-459a-9833-48df14c3d751?include=field_background_image,field_background_image.field_media_image,field_focal_image,field_sponsored_logo,field_sponsored_logo_2,field_sponsored_logo_3&fields[media--image]=field_media_image&fields[file--file]=uri,filemime,filename

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/modules/custom/quartz_apifirst/compiled/nodepage-cdd60c62.js?v=b61098aa373ea80fc7a2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90b0088bd3abeb833da86048dd4197e43a466706d7ce209ebae06120cbb50c3c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://sample.dragonforms.com https://*.questexinfo.com http://resources.questex.com https://resources.questex.com
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 123422
x-cache: HIT
content-type: application/json
x-drupal-dynamic-cache: HIT
x-ah-environment: prod
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: v-c1e3aa20-37be-11ed-9bfb-6bdbdcce21f2
x-ua-compatible: IE=edge
last-modified: Mon, 19 Sep 2022 01:59:55 GMT
server: cloudflare
etag: W/"1663552795"
vary: Cookie,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cqm6kDffshjgku%2BXK4KmxBp3FLEqhEoZCHsxAS9z%2F95nWKNcEPAuGSMYivMZ4taVj07xBIdv3JsgMtrpF9ayrMUIdrETW1%2BXBnqpGoNGvg95LyynPyOVptDILJgsIhZaFBvOWncSFR8dBReQqZRWOejTZjCe"}],"group":"cf-nel","max_age":604800}
content-language: en
x-generator: Drupal 9 (https://www.drupal.org)
expires: Sun, 19 Nov 1978 05:00:00 GMT
cache-control: max-age=31536000, public
permissions-policy: interest-cohort=()
content-security-policy: frame-ancestors 'self' https://sample.dragonforms.com https://*.questexinfo.com http://resources.questex.com https://resources.questex.com
cf-ray: 74da7ec77e429170-FRA
x-drupal-cache: MISS
x-cache-hits: 76

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=2366291593333207948&pixelIndex=0
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=2366291593333207948&pixelIndex=0&google_gid=CAESEA7mukcz69SSlcb4u6KO2w0&google_cver=1

0
598 B

94ms
94ms

Script
text/javascript

75.101.178.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=2366291593333207948&pixelIndex=0&google_gid=CAESEA7mukcz69SSlcb4u6KO2w0&google_cver=1
Requested by: Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
Protocol: HTTP/1.1
Server: 75.101.178.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-178-162.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:16:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=2366291593333207948&pixelIndex=0&google_gid=CAESEA7mukcz69SSlcb4u6KO2w0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 348
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
98 B 133ms
20ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=2366291593333207948
Requested by: Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 XLV21_Websiteheader_FE_0.png
qtxasset.com/quartz/qcloud4/media/image/ 125 KB
125 KB 150ms
135ms Image
image/webp 104.16.94.165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qtxasset.com/quartz/qcloud4/media/image/XLV21_Websiteheader_FE_0.png?VersionId=iU_Pncv0LCH6oRAlJlluNOimPaCw8rVO
Requested by: Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.94.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7678c740b075d58f6de3cd79c08051ebe612752e75ba7ae355fdf634cd054a31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:58 GMT
cf-cache-status: HIT
x-amz-request-id: 6VH562T7KG1KKB83
cf-polished: qual=85, origFmt=jpeg, origSize=975655
cf-ray: 74da7ec9fb5c5c02-FRA
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="XLV21_Websiteheader_FE_0.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 127968
x-amz-id-2: PE6g4hPGesnPEALSjhCe1KoyLN7vXUPu52xjh8/Pp1zlAdruTKwDnhlDKUHS5CWMAQ9G30bX3ns=
last-modified: Mon, 29 Nov 2021 00:33:18 GMT
server: cloudflare
etag: "65ed035e0153ae78c8fab40851fdcce1"
vary: Accept
x-amz-version-id: iU_Pncv0LCH6oRAlJlluNOimPaCw8rVO
expires: Wed, 20 Sep 2023 12:16:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H3 200 fa-solid-900.woff2
events.xliveglobal.com/libraries/fontawesome/webfonts/ 134 KB
134 KB 610ms
610ms Font
text/plain 2606:4700:3036::6815:2282
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.xliveglobal.com/libraries/fontawesome/webfonts/fa-solid-900.woff2

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/sites/qcloud4/files/css/css_yIa_ItLGwRMc4-2Xbo5cMrGlgOc_pa6wpEEyk1jmwek.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2282 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa87d17ddaa5c7f3bc99debd919894681e2f1852f018ea99a28c77df59064dcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://events.xliveglobal.com/sites/qcloud4/files/css/css_yIa_ItLGwRMc4-2Xbo5cMrGlgOc_pa6wpEEyk1jmwek.css
Origin: https://events.xliveglobal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:16:58 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
x-cache-hits: 2
x-ah-environment: prod
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 136824
x-request-id: v-8d94635e-38c2-11ed-b8c4-87eff69d05b1
last-modified: Fri, 01 Jul 2022 10:29:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4l1ytqthVSQou3k9Taynu8MT3hSCsQz6qUt8X0hbSpbPLgSOhzaTcchUNS98gh0H3BBe%2BKU8rILgv6Bnn%2BcMmaM63p%2F9N6jjbKmkrmojulqUvA4pnPdBRcD52VUk8xyMMFYKFVEBTA%2Ft3xsNx%2FvtPqJTgsgU"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 74da7ec9ead89170-FRA
expires: Tue, 04 Oct 2022 08:59:36 GMT

GET
H3 404 null
qtxasset.com/cdn-cgi/image/w=550,h=550,f=auto,fit=crop,g=0.5x0.5/ 0
0 32ms
30ms Image
text/plain 104.16.94.165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qtxasset.com/cdn-cgi/image/w=550,h=550,f=auto,fit=crop,g=0.5x0.5/null
Requested by: Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.94.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H/1.1 200
OK index.php Show response
a.dpmsrv.com/dpmpxl/ 5 B
1 KB 95ms
94ms Script
text/javascript 75.101.178.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?zn=&sn=&q=xSeg&v=1.x&ep%5Bids%5D=29315642%2C29315652%2C29028703%2C16013439&cl=913&pixelIndex=0&r=346498&tzOffset=0&url=https%3A%2F%2Fevents.xliveglobal.com%2F%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3DLDI-Promo-Promotions%26oly_enc_id%3D5112C2506389F7Y&id=2366291593333207948
Requested by: Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_fa5b7e293127b3837c39f7fbd05598f32c8ce1c9.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.178.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-178-162.compute-1.amazonaws.com
Software: /
Resource Hash: fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 31
Expires: 0

GET
H/1.1 200
OK seg
ib.adnxs.com/ 43 B
1 KB 14ms
14ms Image
image/gif 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/seg?member=827&add=29315642,29315652,29028703,16013439

Requested by

Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:16:59 GMT
X-Proxy-Origin: 178.162.209.135; 178.162.209.135; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4b9e171a-df83-4d70-ae28-a3c8a549629f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H/1.1 200 olytics
oqs.omeda.com/oqs/rest/ Frame 0
0 1158ms
137ms Preflight
text/plain 204.180.130.165

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.165 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://events.xliveglobal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Tue, 20 Sep 2022 12:17:02 GMT
Keep-Alive: timeout=5
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200 olytics
oqs.omeda.com/oqs/rest/ Frame 0
0 1296ms
141ms Preflight
text/plain 204.180.130.165

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.165 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://events.xliveglobal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Tue, 20 Sep 2022 12:17:02 GMT
Keep-Alive: timeout=5
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

POST
H/1.1 200 olytics Show response
oqs.omeda.com/oqs/rest/ 15 B
354 B 285ms
142ms XHR
application/json 204.180.130.165

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.165 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

ee2bd946a7a0e25dd3f7606bf975cfaa824c7eb902568f5e711f361be35196ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://events.xliveglobal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 20 Sep 2022 12:17:02 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

HEAD
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 97ms
69ms Fetch
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58036
x-xss-protection: 0
server: cafe
etag: 15354894906298468693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 12:17:01 GMT

POST olytics
oqs.omeda.com/oqs/rest/ 0
0

GET 3ea8c2b7-a182-4973-a14c-b9c643ac238a
olytics.omeda.com/olytics/segments/o/5d6cdb41c83d4fb0a6a384e42aa46df6/c/5112C2506389F7Y/a/ 0
0

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 36ms
8ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: events.xliveglobal.com
URL: https://events.xliveglobal.com/?utm_source=email&utm_medium=email&utm_campaign=LDI-Promo-Promotions&oly_enc_id=5112C2506389F7Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: KBVH2PMAKMG74HWE
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: c40g0/PEOypibNZhpK4f4SlPZCSnAXuxKGtJ+LI/kKMS0hiuLcfL6ykVCP/ylzTky574I1FuVPM=
x-served-by: cache-fra19141-FRA
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1663676222.824027,VS0,VE0
date: Tue, 20 Sep 2022 12:17:01 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 13102

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 78ms
63ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220915&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5de520852ca35997d9d9a32a7cbd7615c0f8a913f96a4a62a213cdade70d81b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Sep 2022 12:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11093
x-xss-protection: 0

GET
H/1.1 200
OK 44925d6b58 Show response
bam.nr-data.net/1/ 49 B
621 B 178ms
154ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/44925d6b58?a=390221574&v=1216.487a282&to=NFBaMhZVDRIHABUPCg0aeQUQXQwPSScTExUCWWQIC1AGPSUMDxIXDFlUAxZoLQ4CBjcPABR2VwgQRgwNCgYTS1sVXF0R&rst=7385&ck=1&ref=https://events.xliveglobal.com/&ap=875&be=2314&fe=7325&dc=2970&perf=%7B%22timing%22:%7B%22of%22:1663676214493,%22n%22:0,%22f%22:786,%22dn%22:786,%22dne%22:800,%22c%22:800,%22s%22:806,%22ce%22:820,%22rq%22:820,%22rp%22:2107,%22rpe%22:2298,%22dl%22:2109,%22di%22:2969,%22ds%22:2969,%22de%22:2970,%22dc%22:7323,%22l%22:7323,%22le%22:7327%7D,%22navigation%22:%7B%7D%7D&fp=2336&fcp=2336&at=GBdZRF5PHhw%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 12:17:02 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 74da7ee2cddfbb9e-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 80ms
41ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Sep 2022 12:17:01 GMT

HEAD
H2 200 gpt.js
www.googletagservices.com/tag/js/ 0
0 56ms
22ms Fetch
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1339 / 870 of 1000 / last-modified: 1663672285"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 20 Sep 2022 12:17:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EC2A 13 KB
5 KB 48ms
15ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://events.xliveglobal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 94
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:15:28 GMT
expires: Wed, 20 Sep 2023 12:15:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CA51 783 B
1 KB 63ms
26ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3bfb8a99f4dc57259f9c1274237ee67ceaf0a18ad8d0bd0003f1040bd27c1fef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LiOihgf9qwKvufg3r7RonQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://events.xliveglobal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-LiOihgf9qwKvufg3r7RonQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:17:02 GMT
expires: Tue, 20 Sep 2022 12:17:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 vTbTmvuxvaqY-350E8gd8IPWCIWzlft0eSoVzuBTYYo.js Show response
pagead2.googlesyndication.com/bg/ Frame EC2A 36 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vTbTmvuxvaqY-350E8gd8IPWCIWzlft0eSoVzuBTYYo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd36d39afbb1bdaa98fb7e7413c81df083d60885b395fb74792a15cee053618a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 17:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16036
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Sep 2023 17:50:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CA51 0
0 48ms
46ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220915&jk=4437597598543185&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EC2A 0
10 B 14ms
14ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PLB1iA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:17:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS p
olytics.omeda.com/olytics/segments/ Frame 0
0

OPTIONS /
olytics.omeda.com/olytics/segments/form/check/ Frame 0
0

OPTIONS cswitch
olytics.omeda.com/olytics/segments/ Frame 0
0

POST p
olytics.omeda.com/olytics/segments/ 0
0

POST /
olytics.omeda.com/olytics/segments/form/check/ 0
0

POST cswitch
olytics.omeda.com/olytics/segments/ 0
0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
54ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220915&jk=4437597598543185&bg=!NTalNnLNAAZqQh0mSkI7ACkAdvg8Wi4tBOWO1UoI3r0nGYExBDkC3c-7cLZBtE1h6juB1uYHEf-E5gIAAAHMUgAAAANoAQeZAqeOrWlbF3Mro4pAk7Iskm67fFO8lcTYKi_ZUBNjJ-Iy_1nJbrgWRXqj4XgiJDTuqZ3FVthSTVvLOkd22bNLNNQSb7lyJCvwYfbf_cAdAY--SJGWCvp9Wh_lJag0XzC5B0rb4JrApKCekZyxwYGx9Pv8tHXmY780XrIzTh1HFcK6kjCZfpgw3N0tqqvVmx9PsJHzddLwYAG71qX-TUYQ0eL8HR-T4YI1nBzrJD6gNT5vW2oth5cerVcH70gRSWGh42O3fUE3LWjz3_C2_QldhTypLpG6E_uprdCBJCl40xM7GuvVhY80G0JM4vTaI1UP2nIMu32cEUH6fue_10eL4uNEqYRmgvLNpVsWzDlmJUDE5UhiAvw7tDrD3XIDqtjLxq4c7fQY9zF5kxFdO904jtNvcCD7YcOO3RpXA2K5_-9bGXs__8KTbBtfyYYyES4hE4mjo4_K3t2tS9Are7qzq691yk9fqIOOwczDiwtXlM_1-UEmT8d-rXrC6bW1iCxFvn6w691PEIBNAdk7T1JbB8Xf1iik9HWeqZzJj_YYPRACkIf2on2Z_2JiLYQqTr5R2jw9Iz_Xze_xQqnaqZCLsiJGE1QcpBVMeFpBKHV-StaZIXga7HHqU4EJXSUopATO6T4Q87UEPZrNaGasserfvAIOfT70C7Hihp6ezdTKJx4FAIfVkWW6AotT87uO4MDpEuXecnZGmbil1wQyWh5r0fHJVGwBpGj8ciGGPMVXXtngelPf_i7LMyFqhzEW0rA6i7c7eEe8WOFnpML72XOAJHFdYDOQ7LRxUg2MqytKLM4o5I-LtYtWM3xzj_zD_ZpsUmsnI0qPu2mpDLYKuRq9tfllFrIpHcu2Mtntc1CILqZX5MiPnLG7xOA4K_JdOCoqljxO734uGqKE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.xliveglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: oqs.omeda.com
URL: https://oqs.omeda.com/oqs/rest/olytics

Domain: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/segments/o/5d6cdb41c83d4fb0a6a384e42aa46df6/c/5112C2506389F7Y/a/3ea8c2b7-a182-4973-a14c-b9c643ac238a

Domain: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/segments/p

Domain: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/segments/form/check/

Domain: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/segments/cswitch

Domain: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/segments/p

Domain: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/segments/form/check/

Domain: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/segments/cswitch

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.events.xliveglobal.com/	1970-01-20 15:43:56	Name: _ga Value: GA1.3.2142639280.1663676217
.events.xliveglobal.com/	1970-01-20 06:09:22	Name: _gid Value: GA1.3.563487559.1663676217
.events.xliveglobal.com/	1970-01-20 06:07:56	Name: _gat_UA-88661448-18 Value: 1
events.xliveglobal.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.adnxs.com/	1970-01-20 08:17:32	Name: uuid2 Value: 2366291593333207948
.xliveglobal.com/	1970-01-20 15:29:32	Name: __gads Value: ID=d9360473e556c0b6-222e775b27ce00e1:T=1663676217:RT=1663676217:S=ALNI_MZjx8zoJDwC9owafvcsSYGyqVN8Wg
.dpmsrv.com/	1970-01-20 15:43:56	Name: dpm_pxl Value: 738da85813e5c84b474fd45ef2667e1dcc7fdbd4
.dpmsrv.com/	1970-01-20 15:43:56	Name: dpm_pxl_aid Value: 2366291593333207948
events.xliveglobal.com/	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
.doubleclick.net/	1970-01-20 15:29:32	Name: IDE Value: AHWqTUlODXgbuTpydDz65gySd7rkP4JKm3epOFlcujVjJjOkA5YaYhFEh9wkQFEeGB0
.adnxs.com/	1970-01-20 08:17:32	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2Iljhj5$X!]tbP6j2F-XstGt!@Dta$vBtX
.dpmsrv.com/	1970-01-20 15:43:56	Name: xdpm_segsid_913 Value: 16013439%2C29315652%2C29315642%2C29028703
.dpmsrv.com/	1970-01-20 15:43:56	Name: xdpm_segs_913 Value:
.xliveglobal.com/	1970-01-20 14:53:32	Name: oly_enc_id Value: 5112C2506389F7Y
.xliveglobal.com/	1970-01-20 14:53:32	Name: oly_anon_id Value: 3ea8c2b7-a182-4973-a14c-b9c643ac238a
.xliveglobal.com/	1970-01-20 14:53:32	Name: oly_fire_id Value: 7455F7912134A6G
events.xliveglobal.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 5.003
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: e2e2330bd2b0cf26

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://idsync.rlcdn.com/423396.gif?partner_uid=2366291593333207948 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://qtxasset.com/cdn-cgi/image/w=550,h=550,f=auto,fit=crop,g=0.5x0.5/null Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://sample.dragonforms.com https://*.questexinfo.com http://resources.questex.com https://resources.questex.com
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dpmsrv.com
adservice.google.com
adservice.google.de
bam.nr-data.net
cm.g.doubleclick.net
events.xliveglobal.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
in.ml314.com
js-agent.newrelic.com
ml314.com
olytics.omeda.com
oqs.omeda.com
pagead2.googlesyndication.com
partner.googleadservices.com
qtx.omeclk.com
qtxasset.com
s.dpmsrv.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
vi.ml314.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
olytics.omeda.com
oqs.omeda.com
104.16.94.165
142.250.186.34
151.101.2.137
162.247.241.14
18.66.15.12
204.180.130.159
204.180.130.165
205.162.42.171
2606:4700:3036::6815:2282
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:4001:801::2004
2a00:1450:4001:802::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:831::2003
3.224.223.163
34.111.234.236
35.201.104.135
35.244.174.68
37.252.173.27
75.101.178.162
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0dee68767b2b7875719ca294037ccb53a83e3644b17da2a2b4937bb2e35c4673
0ec995a36461c810a9145bf1e97a54ac5540cac1b87a2c86d07d85cc6ef60335
11b0a018ceac7ad2fa845a3510363d3d7cc28547cb0bc4fbe37c8bd624ee7e5a
19227206dcb0452526fb83a3d90146664cbd2ae14956a3e8b320b811bf4a497b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26767f0b7032e460e8500deff8d9077a9f8fdc3f43fceb30d3a6ec067c5e8382
27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396
2bab543a7d2877232caa906e69c738770564a80f102f513e8db4faa84096a67a
2e413d5d193d708801a6b9c76e8b48db758d0378360f409bc4a4d4063d4e1561
368120b5ba7f0b093ade048d6070f8fcc5017984ae63d3b655609ff9e918724d
3b427f440e3619f549cc587f5aa685fdfbbb6f7056823ec73125bfdae5ee0fe5
3bfb8a99f4dc57259f9c1274237ee67ceaf0a18ad8d0bd0003f1040bd27c1fef
3c776ade65423ef8f2324dc40b27eb0b162aa88b72a5d05d9404996ff3618d30
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d9acd0e6fc9cc8bd498b7e08115268c4425431e34e38cc0c5dd4dbd371826c6
4df36640dcf2a76c1415624674930cdf2b61cb96e8a7f517da168353eb7df19a
52473fbe983cbe8e7534d70a1dafa21a0e5e2ac30eed25fb959fcfe69bbb7099
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59aa4a2e8bd5605bfec48b4f02b0a7ca522c2cd2a137dff4c5c4933d737287a2
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5bcb416b4fc661477c68b1952be25d1a31148f05377710688cd8edc8807ae4c4
5de520852ca35997d9d9a32a7cbd7615c0f8a913f96a4a62a213cdade70d81b5
5f0374c07683d5c0765471a05a918deae2af78052c2044aede95a2b87da845c6
5f08c1e160e1b958bbd2e14c3f5009a258e7f96f8c92867d65bb01afae7a16f4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63141d06a03c804ea2261622d51cf9fd5bc92a15c65cdd52bca0d49e327f6c08
69182c4c92822b19bcf0126e5d6f8d8060a3ab289e56642fb49d84bdb293eadf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
71414f76d64777c2527c67292f1262126b0d58802be244c269bc3b413587e56a
73a1b15fdce8ee461943929458b8b7204a772e26e8209e0fccf8cedc4e44733d
7678c740b075d58f6de3cd79c08051ebe612752e75ba7ae355fdf634cd054a31
78057ff881c7ceb369c163fee7ab0d93ae4754f3a7503d5dbfd4a0b80e203a79
8b4a163dae52e7ec3165df1d816ea39e4bd37b7b9d134bed630fa4c227898378
8f7bdb9c79c5498f8a5ed7229bf62d3ab6d11dca4698bfdd0f6249f624da13c1
90b0088bd3abeb833da86048dd4197e43a466706d7ce209ebae06120cbb50c3c
919955e889d271f73387b4455d37667a6a730e800dcdbd1461412810bbc5a6c6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3df584421a69a70ab6fc4c15b36865af2141d93d71aeae9ae5d6024dd5e6b33
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa87d17ddaa5c7f3bc99debd919894681e2f1852f018ea99a28c77df59064dcd
ab3a91af9b6c563c340a3aaa797fe29aedaa902d5d8e5e56e3dda1805297ec0f
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
bc51971687a1c69842605139d111724dc8c433a0ace1c4daaa597be2b65f610d
bd36d39afbb1bdaa98fb7e7413c81df083d60885b395fb74792a15cee053618a
bfa02e28ea4b740a66d8765f1f4d0ef416c1fe19c4d2d937622f656a4a3b8cb6
c61a29f75477ea84e1954d52e93aedb93ac5e83e08cc56449995e0ce4d76d44f
c886bf22d2c6c1131ce3ed976e8e5c32b1a580e73fa5aeb0a441329358e6c1e9
d007a16fea412648315d74a76b8878080bd98ce66a0272ace8c3043a9c4002e7
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d3087be7a8c6e721fb7d27b8a5dc3d4cdefb7b70aaf42c89a143ffbd356a15d4
daf4fe1515892c71cdd95f5c6eb3a9cc0aa4ad0a93247c9a6e971bf6f169f53e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e721448de4149c59b99e49159d0b8be3557227c4f317c688d02ab5eafe5ce580
ee2bd946a7a0e25dd3f7606bf975cfaa824c7eb902568f5e711f361be35196ee
f2e09394c27fc88726e81239db00a3a7cfd8e23fa37606460521914d81925215
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fa8802ced3db0de12feaa22e81b6d6eb98209d2a0ac8cb9f23ea6329bf9abdea
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

events.xliveglobal.com Open in urlscan Pro 2606:4700:3036::6815:2282 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

78 Requests

87 %HTTPS

48 %IPv6

19 Domains

27 Subdomains

26 IPs

3 Countries

2070 kBTransfer

3996 kBSize

18 Cookies

18 Outgoing links

Page URL History

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

events.xliveglobal.com Open in urlscan Pro
2606:4700:3036::6815:2282 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

87 %
HTTPS

48 %
IPv6

19
Domains

27
Subdomains

26
IPs

3
Countries

2070 kB
Transfer

3996 kB
Size

18
Cookies

78 HTTP transactions
0 data transactions