carinleonlive.com Open in urlscan Pro
34.69.217.213 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://carinleonlive.com/
Effective URL:
https://carinleonlive.com/
Submission: On May 05 via manual (May 5th 2023, 3:40:05 am UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 19 domains to perform 49 HTTP transactions. The main IP is 34.69.217.213, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is carinleonlive.com.
TLS certificate: Issued by R3 on May 4th 2023. Valid for: 3 months.

This is the only time carinleonlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	34.69.217.213 34.69.217.213	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	52.239.228.100 52.239.228.100	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:2251:ce00:c:b19:dd40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:224... 2600:9000:2240:b000:11:65f0:c080:93a1	16509 (AMAZON-02) (AMAZON-02)
3	99.86.4.76 99.86.4.76	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	104.22.5.172 104.22.5.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2.16.186.242 2.16.186.242	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:223... 2600:9000:223c:c400:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:730... 2600:1f18:730:b130:f139:5754:c04e:532b	14618 (AMAZON-AES) (AMAZON-AES)
1	52.70.144.66 52.70.144.66	14618 (AMAZON-AES) (AMAZON-AES)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:5400:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	44.239.216.46 44.239.216.46	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
1	52.41.90.223 52.41.90.223	16509 (AMAZON-02) (AMAZON-02)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 6	54.164.114.182 54.164.114.182	14618 (AMAZON-AES) (AMAZON-AES)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 4	18.196.170.44 18.196.170.44	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:ed:... 2600:1f18:ed:550f:2f2d:1f04:c7f4:fb03	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.51.135.19 52.51.135.19	16509 (AMAZON-02) (AMAZON-02)
1 2	104.111.217.14 104.111.217.14	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1 1	64.74.236.255 64.74.236.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
49	22

2 34.69.217.213 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.217.69.34.bc.googleusercontent.com

carinleonlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.239.228.100 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aegwebprod.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2251:ce00:c:b19:dd40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.tunespeak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2240:b000:11:65f0:c080:93a1 (United States)

ASN16509 (AMAZON-02, US)

tracking.aegpresents.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-76.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.5.172 (None, )

ASN13335 (CLOUDFLARENET, US)

api.tunespeak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.186.242 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-242.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:c400:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:f139:5754:c04e:532b (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.144.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-144-66.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:5400:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.239.216.46 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-216-46.us-west-2.compute.amazonaws.com

b.aegpresents.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.41.90.223 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-90-223.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.164.114.182 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-114-182.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.196.170.44 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-170-44.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550f:2f2d:1f04:c7f4:fb03 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.135.19 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-135-19.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.14 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-14.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.74.236.255 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	liadm.com 3 redirects b-code.liadm.com — Cisco Umbrella Rank: 2607 rp.liadm.com — Cisco Umbrella Rank: 2168 rp4.liadm.com — Cisco Umbrella Rank: 9074 i.liadm.com — Cisco Umbrella Rank: 563 i6.liadm.com — Cisco Umbrella Rank: 2197	22 KB
8	windows.net aegwebprod.blob.core.windows.net — Cisco Umbrella Rank: 180584	1 MB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1062 q.stripe.com — Cisco Umbrella Rank: 5929 m.stripe.com — Cisco Umbrella Rank: 1038	118 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 299	1 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 702	102 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	41 KB
4	aegpresents.com tracking.aegpresents.com — Cisco Umbrella Rank: 53670 b.aegpresents.com — Cisco Umbrella Rank: 50075	79 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1372 insight.adsrvr.org — Cisco Umbrella Rank: 527 match.adsrvr.org — Cisco Umbrella Rank: 304	3 KB
3	tunespeak.com cdn.tunespeak.com api.tunespeak.com — Cisco Umbrella Rank: 424394	1 MB
2	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 1249	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 198	2 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1128	16 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	186 KB
2	carinleonlive.com 1 redirects carinleonlive.com	28 KB
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 543	291 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 658	372 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 690	512 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 479	677 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 74	348 B
49	19

	Domain	Requested by
8	aegwebprod.blob.core.windows.net	carinleonlive.com aegwebprod.blob.core.windows.net
6	i.liadm.com	2 redirects b-code.liadm.com i.liadm.com
4	x.bidswitch.net	4 redirects
4	analytics.tiktok.com	carinleonlive.com analytics.tiktok.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com cdn.tunespeak.com
3	q.stripe.com	carinleonlive.com
3	js.stripe.com	cdn.tunespeak.com js.stripe.com
2	x.dlx.addthis.com	1 redirects i.liadm.com
2	dpm.demdex.net	2 redirects
2	b.aegpresents.com	tracking.aegpresents.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	b-code.liadm.com	www.googletagmanager.com b-code.liadm.com
2	tracking.aegpresents.com	carinleonlive.com
2	cdn.tunespeak.com	carinleonlive.com cdn.tunespeak.com
2	www.googletagmanager.com	carinleonlive.com tracking.aegpresents.com
2	carinleonlive.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	trc.taboola.com	i.liadm.com
1	i6.liadm.com	i.liadm.com
1	cms.quantserve.com	1 redirects
1	match.adsrvr.org	i.liadm.com
1	sync.mathtag.com	1 redirects
1	insight.adsrvr.org	js.adsrvr.org
1	m.stripe.com	m.stripe.network
1	stats.g.doubleclick.net	www.google-analytics.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	js.adsrvr.org	www.googletagmanager.com
1	api.tunespeak.com	cdn.tunespeak.com
49	29

This site contains links to these domains. Also see Links.

Domain
www.tunespeak.com
www.facebook.com
www.instagram.com
twitter.com
www.aegpresents.com
www.aegworldwide.com
privacyportal.onetrust.com

Subject Issuer	Validity	Valid
northerninvasion.com R3	`2023-05-04` - `2023-08-02`	3 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2023-03-20` - `2024-03-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.tunespeak.com Amazon RSA 2048 M02	`2023-04-03` - `2024-04-30`	a year	crt.sh
tracking.aegpresents.com Amazon RSA 2048 M02	`2023-04-25` - `2024-05-23`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-04-20` - `2023-08-05`	4 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-30`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://carinleonlive.com/
Frame ID: 2B3EF836B7D3812ABD6E6807FAFE134E
Requests: 31 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: C21BA9E8693E253C78F946F4A889C8C0
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 1E5C121373C81C1815B33435600B16AC
Requests: 4 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3rqwsjg&ref=https%3A%2F%2Fcarinleonlive.com%2F&upid=55rk4fk&upv=1.1.0&td1=undefined&td2=undefined&td3=undefined&td4=undefined&td5=undefined&td6=undefined&td7=carinleonlive.com&td8=undefined&td9=undefined
Frame ID: D15165C8BE7B855B307AAEFB1748C46C
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=dec59404fe79--01gzmzxfnq9kj69rc99r2r63y8&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 9469524F175E0ABB024F6763C1E1885F
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Carin LeónFacebookInstagramRedditTwitterTumblrSpotifyEmailTriangleYoutubeSnapchatMagnifyGlobeTikTokSoundcloudSearchClose

Page URL History Show full URLs

http://carinleonlive.com/ HTTP 301
https://carinleonlive.com/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

49
Requests

88 %
HTTPS

39 %
IPv6

19
Domains

29
Subdomains

22
IPs

6
Countries

3032 kB
Transfer

4364 kB
Size

33
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tunespeak.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/carinleonoficial/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/carinleonoficial/

Search URL Search Domain Scan URL

URL: https://twitter.com/carinleonofi

Search URL Search Domain Scan URL

URL: https://www.aegpresents.com/terms
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.aegworldwide.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://privacyportal.onetrust.com/webform/c7968fb5-dd42-4c76-8f79-3e5198bd1303/7de12396-94a5-474f-872b-fa530ab42b5c
Title: Your Privacy Choices

Search URL Search Domain Scan URL

URL: https://www.aegpresents.com/accessibility
Title: Accessibility

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://carinleonlive.com/ HTTP 301
https://carinleonlive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://rp.liadm.com/j?dtstmp=1683257999192&aid=a-08c7&se=e30&duid=dec59404fe79--01gzmzxfnq9kj69rc99r2r63y8&tna=v2.7.1&pu=https%3A%2F%2Fcarinleonlive.com%2F&wpn=lc-bundle&c=PHRpdGxlPkNhcmluIExlb8yBbjwvdGl0bGU-PHRpdGxlPkZhY2Vib29rPC90aXRsZT48dGl0bGU-SW5zdGFncmFtPC90aXRsZT48dGl0bGU-UmVkZGl0PC90aXRsZT48dGl0bGU-VHdpdHRlcjwvdGl0bGU-PHRpdGxlPlR1bWJscjwvdGl0bGU-PHRpdGxlPlNwb3RpZnk8L3RpdGxlPjx0aXRsZT5FbWFpbDwvdGl0bGU-PHRpdGxlPlRyaWFuZ2xlPC90aXRsZT48dGl0bGU-WW91dHViZTwvdGl0bGU-PHRpdGxlPlNuYXBjaGF0PC90aXRsZT48dGl0bGU-TWFnbmlmeTwvdGl0bGU-PHRpdGxlPkdsb2JlPC90aXRsZT48dGl0bGU-VGlrVG9rPC90aXRsZT48dGl0bGU-U291bmRjbG91ZDwvdGl0bGU-PHRpdGxlPlNlYXJjaDwvdGl0bGU-PHRpdGxlPkNsb3NlPC90aXRsZT4 HTTP 302
https://rp4.liadm.com/j?dtstmp=1683257999192&aid=a-08c7&se=e30&duid=dec59404fe79--01gzmzxfnq9kj69rc99r2r63y8&tna=v2.7.1&pu=https%3A%2F%2Fcarinleonlive.com%2F&wpn=lc-bundle&c=PHRpdGxlPkNhcmluIExlb8yBbjwvdGl0bGU-PHRpdGxlPkZhY2Vib29rPC90aXRsZT48dGl0bGU-SW5zdGFncmFtPC90aXRsZT48dGl0bGU-UmVkZGl0PC90aXRsZT48dGl0bGU-VHdpdHRlcjwvdGl0bGU-PHRpdGxlPlR1bWJscjwvdGl0bGU-PHRpdGxlPlNwb3RpZnk8L3RpdGxlPjx0aXRsZT5FbWFpbDwvdGl0bGU-PHRpdGxlPlRyaWFuZ2xlPC90aXRsZT48dGl0bGU-WW91dHViZTwvdGl0bGU-PHRpdGxlPlNuYXBjaGF0PC90aXRsZT48dGl0bGU-TWFnbmlmeTwvdGl0bGU-PHRpdGxlPkdsb2JlPC90aXRsZT48dGl0bGU-VGlrVG9rPC90aXRsZT48dGl0bGU-U291bmRjbG91ZDwvdGl0bGU-PHRpdGxlPlNlYXJjaDwvdGl0bGU-PHRpdGxlPkNsb3NlPC90aXRsZT4&i6=MmEwMzoxYjIwOjY6ZjAxMTo6NWU%3D&n3pc=true

Request Chain 41

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https://i.liadm.com/s/e/a-08c7/0/5b89562276db4bc68f0162dc17deda96?muid%3D%5BMM_UUID%5D&94b69bf4-c07b-4a5f-a635-2730c336bc09 HTTP 302
https://i.liadm.com/s/e/a-08c7/0/5b89562276db4bc68f0162dc17deda96?muid=c4086454-7a90-4300-be64-694466b1bfe1

Request Chain 43

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=94b69bf4-c07b-4a5f-a635-2730c336bc09&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=94b69bf4-c07b-4a5f-a635-2730c336bc09&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D HTTP 302
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=88340741-c16d-4383-8eb7-89949424f8ef HTTP 303
https://x.bidswitch.net/sync?ssp=liveintent&user_id=94b69bf4-c07b-4a5f-a635-2730c336bc09 HTTP 302
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=liveintent&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=liveintent&&user_id=_uSx-v-xvf7l6eCr-rSp_63l4vnl6bT6_bElVo3L HTTP 302
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=88340741-c16d-4383-8eb7-89949424f8ef HTTP 303
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=88340741-c16d-4383-8eb7-89949424f8ef

Request Chain 44

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=94b69bf4-c07b-4a5f-a635-2730c336bc09&redir=https://i.liadm.com/s/e/a-08c7/0/5b89562276db4bc68f0162dc17deda96?muid%3D$%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=94b69bf4-c07b-4a5f-a635-2730c336bc09&redir=https://i.liadm.com/s/e/a-08c7/0/5b89562276db4bc68f0162dc17deda96 HTTP 302
https://i.liadm.com/s/e/a-08c7/0/5b89562276db4bc68f0162dc17deda96

Request Chain 45

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=94b69bf4-c07b-4a5f-a635-2730c336bc09 HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=94b69bf4-c07b-4a5f-a635-2730c336bc09&rd=Y

Request Chain 47

https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
carinleonlive.com/
Redirect Chain

http://carinleonlive.com/
https://carinleonlive.com/

27 KB
27 KB

463ms
227ms

Document
text/html

34.69.217.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://carinleonlive.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 34.69.217.213 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 213.217.69.34.bc.googleusercontent.com
Software: nginx/1.16.1 / PHP/7.3.22
Resource Hash: 8ec2194d3c5ea7c2becc8ecd52617529e1aaa647d7663c63f50ecd49eb0a4c3f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 May 2023 03:39:57 GMT
Server: nginx/1.16.1
Transfer-Encoding: chunked
X-Powered-By: PHP/7.3.22

Redirect headers

Connection: keep-alive
Content-Length: 169
Content-Type: text/html
Date: Fri, 05 May 2023 03:39:57 GMT
Location: https://carinleonlive.com/
Server: nginx/1.16.1

GET
H/1.1 200
OK flickity.min.css
aegwebprod.blob.core.windows.net/content/assets/ 2 KB
2 KB 666ms
162ms Stylesheet
text/css 52.239.228.100
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aegwebprod.blob.core.windows.net/content/assets/flickity.min.css
Requested by: Host: carinleonlive.com
URL: https://carinleonlive.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8eef2ef6cf882d5e2e9167cb7c8b0ebbeb75b28a698835488733d149326fab4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 May 2023 03:39:57 GMT
Last-Modified: Wed, 15 Mar 2023 22:28:31 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 7U6e1YcODUvyUyzj7crxfQ==
ETag: 0x8DB25A49B1C7D2B
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: 7ca2692c-501e-0043-5f03-7ff9f6000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 1797

GET
H/1.1 200
OK flickity-fade.css
aegwebprod.blob.core.windows.net/content/assets/ 211 B
828 B 669ms
163ms Stylesheet
text/css 52.239.228.100
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aegwebprod.blob.core.windows.net/content/assets/flickity-fade.css
Requested by: Host: carinleonlive.com
URL: https://carinleonlive.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2a98d71e9acd8e999a4b7d9dc4140340203230b12f2f06cf24e1ed38e8fa8cca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 May 2023 03:39:57 GMT
Last-Modified: Wed, 15 Mar 2023 22:38:26 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: sEOhhOgXJTHmo2bDTGF+fw==
ETag: 0x8DB25A5FE40493E
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: d19adbde-201e-0004-5003-7f92ad000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 211

GET
H/1.1 200
OK fullscreen.css
aegwebprod.blob.core.windows.net/content/assets/ 1 KB
2 KB 670ms
163ms Stylesheet
text/css 52.239.228.100
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aegwebprod.blob.core.windows.net/content/assets/fullscreen.css
Requested by: Host: carinleonlive.com
URL: https://carinleonlive.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d4c1270f7869730d1490f7df3d4bf63e21b5baa51ebbc67c31001317d4e50dbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 May 2023 03:39:58 GMT
Last-Modified: Wed, 15 Mar 2023 22:35:18 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: g18u6ssdm/iYKC+VEcZlKw==
ETag: 0x8DB25A58DE6B7E3
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: b4b8bf3c-601e-0093-4403-7fc4a0000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 1135

GET
H/1.1 200
OK jquery.fancybox.min.css
aegwebprod.blob.core.windows.net/content/assets/ 12 KB
13 KB 671ms
163ms Stylesheet
text/css 52.239.228.100
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aegwebprod.blob.core.windows.net/content/assets/jquery.fancybox.min.css
Requested by: Host: carinleonlive.com
URL: https://carinleonlive.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 May 2023 03:39:58 GMT
Last-Modified: Wed, 15 Mar 2023 22:36:42 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: otQlhCkvZMWCfotnsbOHJg==
ETag: 0x8DB25A5BFC3E658
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: f5eaf89c-b01e-005b-3603-7f2691000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 12795

GET
H/1.1 200
OK style.css
aegwebprod.blob.core.windows.net/templates/template5/ 94 KB
94 KB 673ms
163ms Stylesheet
text/css 52.239.228.100
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aegwebprod.blob.core.windows.net/templates/template5/style.css
Requested by: Host: carinleonlive.com
URL: https://carinleonlive.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 294429f23aa2612eac0468439f3a5a500a9d6c8006c0de7a8b96c31fd7dc959c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 May 2023 03:39:58 GMT
Last-Modified: Fri, 10 Mar 2023 22:15:28 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: YGd4HkYWRXMTvLwsce4Mfg==
ETag: 0x8DB21B4F4C1A7E2
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: 5d4cf8fb-101e-0099-2703-7f6017000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 96005

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 151ms
59ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-139868153-32

Requested by

Host: carinleonlive.com
URL: https://carinleonlive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c50c805e76471e311e03e5164a9ea98f15d0b0e3c92db9482f380e38298ea8ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 03:39:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45870
x-xss-protection: 0
last-modified: Fri, 05 May 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 May 2023 03:39:57 GMT

GET
H/1.1 200
OK 6Nn2YbddclNvXWRAJf2IsH4suDVRCnYpLjU6n1G2.jpg
aegwebprod.blob.core.windows.net/content/content_images/405/ 276 KB
276 KB 165ms
165ms Image
image/jpeg 52.239.228.100
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aegwebprod.blob.core.windows.net/content/content_images/405/6Nn2YbddclNvXWRAJf2IsH4suDVRCnYpLjU6n1G2.jpg
Requested by: Host: carinleonlive.com
URL: https://carinleonlive.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 862a337f7a87cc3afe2720b25480be51a9c699790594ebea0d953c1bf334e90b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 May 2023 03:39:57 GMT
Last-Modified: Tue, 02 May 2023 00:15:48 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 7NdsZgWlLrR+dSO82815Bg==
ETag: 0x8DB4AA261C5CF4E
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: 7ca26967-501e-0043-1003-7ff9f6000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 282372

GET
H2 200 sdk.js Show response
cdn.tunespeak.com/v2/ 1 MB
1 MB 180ms
8ms Script
application/javascript 2600:9000:2251:ce00:c:b19:dd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tunespeak.com/v2/sdk.js
Requested by: Host: carinleonlive.com
URL: https://carinleonlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:ce00:c:b19:dd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 866083a4e2e615b4ce8bc4e22bebd4d602c9bc28297add9521d177efe6fe2b19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: 1U1vTVEB.8xcwsl9bJKMeGfzcHuHGoMI
date: Thu, 04 May 2023 04:23:55 GMT
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Tue, 11 Apr 2023 20:25:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 84131
x-amz-server-side-encryption: AES256
etag: "dd056f5d207e6507545f431fe8822b70"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8;
accept-ranges: bytes
content-length: 1181792
x-amz-cf-id: KnNtTaZ4MBT3queBErK1LCtqyzrTUgVaPHPqAtI9zIPoa4ZbCMWHHw==

GET
H/1.1 200
OK app.js Show response
aegwebprod.blob.core.windows.net/templates/template5/js/ 888 KB
888 KB 679ms
168ms Script
application/javascript 52.239.228.100
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aegwebprod.blob.core.windows.net/templates/template5/js/app.js
Requested by: Host: carinleonlive.com
URL: https://carinleonlive.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b07a3189298ec358e3dc87bd2a068a33e8dd0b469afaee0218dd7a5a308355fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 May 2023 03:39:57 GMT
Last-Modified: Tue, 18 Apr 2023 20:02:29 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Ltx+nueUsf9WCIYonAW49w==
ETag: 0x8DB4047D7269399
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-ms-request-id: d538a593-501e-000e-3b03-7f361a000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 909096

GET
H2 200 universalpixel.js Show response
tracking.aegpresents.com/universalpixel/ 353 B
729 B 65ms
9ms Script
application/javascript 2600:9000:2240:b000:11:65f0:c080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.aegpresents.com/universalpixel/universalpixel.js?t=1683331200000
Requested by: Host: carinleonlive.com
URL: https://carinleonlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:b000:11:65f0:c080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 860982f7df0344e1608e42a5279603244e7bb6c6c92f99a7d8442ff61a4637a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 03:31:50 GMT
x-amz-version-id: yzC2d5nyWhAWpaIfBFOzFwofkVYfpPI6
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
last-modified: Thu, 25 Oct 2018 06:36:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 489
etag: "43b149699f79e5268943f6db2d7e2edb"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 353
x-amz-cf-id: 55ogzIOaO0rGJgni3p9V-OqNLnCvHlGOq4Bj1fpTSthxHAyATukSeA==

GET
H2 200 3.sdk.js Show response
cdn.tunespeak.com/v2/ 140 B
556 B 8ms
8ms Script
application/javascript 2600:9000:2251:ce00:c:b19:dd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tunespeak.com/v2/3.sdk.js
Requested by: Host: cdn.tunespeak.com
URL: https://cdn.tunespeak.com/v2/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:ce00:c:b19:dd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 221bfb9e8dc4a30dd35057abdb3aa63e814c5fd292af0525a2bd6eeee8e7371a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: oeJSkCGEoCVPOiAiGXTpl5gvr1oGSlJ0
date: Thu, 04 May 2023 04:38:53 GMT
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
last-modified: Tue, 11 Apr 2023 20:25:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 82866
x-amz-server-side-encryption: AES256
etag: "72bd46739ea662ddfc5613f7f8a57419"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8;
accept-ranges: bytes
content-length: 140
x-amz-cf-id: PxC7sg5qkCixhHcvfhT6fwrMzyRlcabwRDYsVQBZEcbf-gWosnuUaA==

GET
H2 200 v3 Show response
js.stripe.com/ 469 KB
113 KB 55ms
9ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: cdn.tunespeak.com
URL: https://cdn.tunespeak.com/v2/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

4ab9f2ec27c76011aeca531706f704f94393cce444a45b6b983c2c6756a9d05b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 05 May 2023 03:39:39 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 21
x-cache: Hit from cloudfront
last-modified: Thu, 04 May 2023 20:30:31 GMT
server: Cloudfront
etag: W/"11302dac9f265399a5306fed2aacd192"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: gjOfpGuBOg-fyeR4uMLO9cB8kLJv048s_b-Bhp_H7Emq4B-0XNumzQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 115ms
35ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139868153-32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 05 May 2023 02:35:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 3854
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 05 May 2023 04:35:44 GMT

GET
H/1.1 200
OK privacyoptions29x14.png
aegwebprod.blob.core.windows.net/content/aegpresents/ 697 B
1 KB 164ms
164ms Image
image/png 52.239.228.100
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aegwebprod.blob.core.windows.net/content/aegpresents/privacyoptions29x14.png
Requested by: Host: aegwebprod.blob.core.windows.net
URL: https://aegwebprod.blob.core.windows.net/templates/template5/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.228.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f2f5996735ffed762a680d48858858502b52c2c32509a5c5f598c5d9f2fdcaea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aegwebprod.blob.core.windows.net/templates/template5/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 May 2023 03:39:58 GMT
Last-Modified: Tue, 24 Jan 2023 22:19:45 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: O+zAsAaWIlRKH/stqQ7r4w==
ETag: 0x8DAFE5919432A12
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: 5d4cf9fd-101e-0099-1603-7f6017000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 697

GET
H2 200 6449366ba2b27c0001e81868 Show response
api.tunespeak.com/tours/ 19 KB
3 KB 466ms
425ms XHR
application/json 104.22.5.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tunespeak.com/tours/6449366ba2b27c0001e81868

Requested by

Host: cdn.tunespeak.com
URL: https://cdn.tunespeak.com/v2/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.5.172 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

024d157920f57211f7dea5ba64006dd9b406cfcb1fd5d6181569a65bbd0cf23c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://carinleonlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 03:39:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 0c2630bf-e70a-4619-982a-812a03ed371c
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"024d157920f57211f7dea5ba64006dd9"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: X-Auth-Token
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin
cf-ray: 7c25f59c1dad366f-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 611 KB
141 KB 182ms
182ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW

Requested by

Host: tracking.aegpresents.com
URL: https://tracking.aegpresents.com/universalpixel/universalpixel.js?t=1683331200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

148a1328c7dad0dc39084bca8a7da5e873e299d0717942f57e823d1b7e3303bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 03:39:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144450
x-xss-protection: 0
last-modified: Fri, 05 May 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 May 2023 03:39:58 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 43ms
43ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1423228778&t=pageview&_s=1&dl=https%3A%2F%2Fcarinleonlive.com%2F&ul=en-us&de=UTF-8&dt=Carin%20Leo%CC%81n&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=609060533&gjid=1517133909&cid=1106715138.1683257999&tid=UA-139868153-32&_gid=544908116.1683257999&_r=1&gtm=457e3530&jsscut=1&z=569581778

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://carinleonlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 May 2023 03:39:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://carinleonlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 164ms
103ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2T72MSAJ6IAHR393GU0&lib=ttq
Requested by: Host: carinleonlive.com
URL: https://carinleonlive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1f7885014db48f58f50b1685752ddd86d9e8728ede1277fcb7540c521dd69d9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-akamai-request-id: 1cd13e5e.1e56c3e
date: Fri, 05 May 2023 03:39:59 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 93,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=6, inner; dur=4
content-length: 1498
pragma: no-cache
server: nginx
x-tt-logid: 202305050339596D5D92DA47BF6B0807D5
x-cache-remote: TCP_MISS from a23-220-104-210.deploy.akamaitechnologies.com (AkamaiGHost/11.0.4.1-48291020) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.104.210
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cbaf44a6df1446954aa64fccc35f0e54c1e2a83eda483550d8dea270b5135fcef8bb476eab1ea8f0d7f8a28beca84bdb3e9c9c84f501870454b3d71854da6a73cf779367d7284e1ba50455bf40bb50f339947cbdcc1402188f5640076191a607bc2
expires: Fri, 05 May 2023 03:39:59 GMT

GET
H2 200 a-08c7.min.js Show response
b-code.liadm.com/ 42 KB
14 KB 36ms
7ms Script
application/javascript 2600:9000:223c:c400:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-08c7.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c400:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: efc680c10aaada755dac6b0740b2052eb970f91e321e596d0b0324bb9e04d78e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 19:58:18 GMT
content-encoding: gzip
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 27701
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: OrCthdZROVD27eNTPK8QyHdVNEjU0oLQdOZOv5AgeEu36oUZU73oZQ==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 35ms
7ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 01:26:19 GMT
Content-Encoding: gzip
Via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 8021
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: rSZcXWws1QTRnU5egk2XNkGn4G-bk25UHIeEhOX9I2X0oVlxCzMuxg==

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
3 KB 7ms
7ms Script
application/javascript 2600:9000:223c:c400:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-08c7.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c400:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
content-encoding: gzip
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
date: Tue, 02 May 2023 19:40:02 GMT
last-modified: Tue, 10 May 2022 11:48:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1183448
x-amz-server-side-encryption: AES256
etag: W/"ae5e94de938b0387eda6df8f20da811a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=2592000
x-amz-cf-id: 5FCne70QavKJetJmc8nuKHaSFS7sk7boMFGshithxplOdBRa4mcqRA==

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1683257999192&aid=a-08c7&se=e30&duid=dec59404fe79--01gzmzxfnq9kj69rc99r2r63y8&tna=v2.7.1&pu=https%3A%2F%2Fcarinleonlive.com%2F&wpn=lc-bundle&c=PHRpdGxlPkNhcmluIExlb8yB...
https://rp4.liadm.com/j?dtstmp=1683257999192&aid=a-08c7&se=e30&duid=dec59404fe79--01gzmzxfnq9kj69rc99r2r63y8&tna=v2.7.1&pu=https%3A%2F%2Fcarinleonlive.com%2F&wpn=lc-bundle&c=PHRpdGxlPkNhcmluIExlb8y...

13 B
554 B

335ms
103ms

XHR
application/json

52.70.144.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1683257999192&aid=a-08c7&se=e30&duid=dec59404fe79--01gzmzxfnq9kj69rc99r2r63y8&tna=v2.7.1&pu=https%3A%2F%2Fcarinleonlive.com%2F&wpn=lc-bundle&c=PHRpdGxlPkNhcmluIExlb8yBbjwvdGl0bGU-PHRpdGxlPkZhY2Vib29rPC90aXRsZT48dGl0bGU-SW5zdGFncmFtPC90aXRsZT48dGl0bGU-UmVkZGl0PC90aXRsZT48dGl0bGU-VHdpdHRlcjwvdGl0bGU-PHRpdGxlPlR1bWJscjwvdGl0bGU-PHRpdGxlPlNwb3RpZnk8L3RpdGxlPjx0aXRsZT5FbWFpbDwvdGl0bGU-PHRpdGxlPlRyaWFuZ2xlPC90aXRsZT48dGl0bGU-WW91dHViZTwvdGl0bGU-PHRpdGxlPlNuYXBjaGF0PC90aXRsZT48dGl0bGU-TWFnbmlmeTwvdGl0bGU-PHRpdGxlPkdsb2JlPC90aXRsZT48dGl0bGU-VGlrVG9rPC90aXRsZT48dGl0bGU-U291bmRjbG91ZDwvdGl0bGU-PHRpdGxlPlNlYXJjaDwvdGl0bGU-PHRpdGxlPkNsb3NlPC90aXRsZT4&i6=MmEwMzoxYjIwOjY6ZjAxMTo6NWU%3D&n3pc=true

Protocol

Server

52.70.144.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-70-144-66.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 03:39:59 GMT
x-pixel-event-id: 52bd98a1-df5b-4a08-baf6-151863db7fba
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: a033586e73816840
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Fri, 05 May 2023 03:39:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1683257999192&aid=a-08c7&se=e30&duid=dec59404fe79--01gzmzxfnq9kj69rc99r2r63y8&tna=v2.7.1&pu=https%3A%2F%2Fcarinleonlive.com%2F&wpn=lc-bundle&c=PHRpdGxlPkNhcmluIExlb8yBbjwvdGl0bGU-PHRpdGxlPkZhY2Vib29rPC90aXRsZT48dGl0bGU-SW5zdGFncmFtPC90aXRsZT48dGl0bGU-UmVkZGl0PC90aXRsZT48dGl0bGU-VHdpdHRlcjwvdGl0bGU-PHRpdGxlPlR1bWJscjwvdGl0bGU-PHRpdGxlPlNwb3RpZnk8L3RpdGxlPjx0aXRsZT5FbWFpbDwvdGl0bGU-PHRpdGxlPlRyaWFuZ2xlPC90aXRsZT48dGl0bGU-WW91dHViZTwvdGl0bGU-PHRpdGxlPlNuYXBjaGF0PC90aXRsZT48dGl0bGU-TWFnbmlmeTwvdGl0bGU-PHRpdGxlPkdsb2JlPC90aXRsZT48dGl0bGU-VGlrVG9rPC90aXRsZT48dGl0bGU-U291bmRjbG91ZDwvdGl0bGU-PHRpdGxlPlNlYXJjaDwvdGl0bGU-PHRpdGxlPkNsb3NlPC90aXRsZT4&i6=MmEwMzoxYjIwOjY6ZjAxMTo6NWU%3D&n3pc=true
access-control-allow-origin: https://carinleonlive.com
request-time: 0
access-control-allow-credentials: true
trace-id: bec31ff7d036618a
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame C21B 200 B
1 KB 8ms
8ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://carinleonlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2099
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 05 May 2023 03:10:11 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Fri, 28 Apr 2023 20:08:01 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-id: OB0hSwLciFTmm4SN-7YmownudHvSF5n5TtBNQkHlF7IjAwbBDmiRNQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 main.MTYwYzA3NDgwMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 256 KB
69 KB 10ms
10ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTYwYzA3NDgwMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2T72MSAJ6IAHR393GU0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4cf6e848e33259be37270940325f323d4a3a9c4a324ee8e9653c200b02181726

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-akamai-request-id: 1e56c62
date: Fri, 05 May 2023 03:39:59 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202304251231106767EE8ADB7705AE5064
vary: Accept-Encoding
x-cache: TCP_HIT from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01368b7aabf9c53af81e4db91c1cf09fc10349484a041133bee638dd67c863106e1b29cb01dd85ff27fb560fb16ab90a9cfbd7ff4bc91797f5fb9eb72f64a6d4a33f3b6a5fd9573965c12c8d650776d6b1667c9d82f409790dce045b19240d1f22
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 69470

GET
H2 200 sp_2_16_3.js Show response
tracking.aegpresents.com/ 77 KB
78 KB 8ms
8ms Script
application/javascript 2600:9000:2240:b000:11:65f0:c080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.aegpresents.com/sp_2_16_3.js
Requested by: Host: carinleonlive.com
URL: https://carinleonlive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:b000:11:65f0:c080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf72c42dffb746770f2d19c47619718c400b840b8bf3218a60137bee7f9a16d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 03:00:51 GMT
x-amz-version-id: S0PSeETRZEGlDS2kDiQQw_ui5Gf9x1Hi
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
last-modified: Mon, 23 Nov 2020 19:35:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 2349
etag: "061218953601a45264b449ad25f296c7"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 78920
x-amz-cf-id: X3xfLIla6KgeRr_TZGBjsEfWL9TA1DeGr5j-w-hU0xxcT6wQnXf1cA==

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C21B 631 B
1 KB 9ms
8ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 05 May 2023 02:45:01 GMT
x-content-type-options: nosniff
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3305
x-cache: Hit from cloudfront
content-length: 631
last-modified: Tue, 25 Apr 2023 21:01:15 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: abl2RkmPS7CMqQEcYCFQVnPDJoPdrGwQN__9gNGTD4hG8AZjR8k8uw==

POST
H2 200 csp-report
q.stripe.com/ Frame C21B 0
718 B 540ms
174ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: carinleonlive.com
URL: https://carinleonlive.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 05 May 2023 03:39:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683257999689744
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1683257999689447
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C21B 0
717 B 539ms
176ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: carinleonlive.com
URL: https://carinleonlive.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 05 May 2023 03:39:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683257999689648
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1683257999689445
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 1E5C 930 B
2 KB 47ms
9ms Document
text/html 2600:9000:2057:5400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 43
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 05 May 2023 03:39:17 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
x-amz-cf-id: cK3nKfgKKR7ShFjgDzYhTPAer9DANcCy25l5jm891TcNF5EfPVZcwg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 identify_79a0c.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 10ms
10ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_79a0c.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTYwYzA3NDgwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-akamai-request-id: 1e56c69
date: Fri, 05 May 2023 03:39:59 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230425123111BCD943F56429CAAE4845
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01183cbf4155290505b148e30325d76de33ba1ef79e74081d570c4075792da25c5cc635f4589d5f7b250d1b126023f48207674d8641cb35228420ce8263db7e07be26a10a4f6f3faba76e1fffd07ea95cb25597a89522253486e735d2253a6a39a
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length: 31067

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
694 B 130ms
130ms Ping
text/plain 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTYwYzA3NDgwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://carinleonlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1d927dd1.1e56c71
date: Fri, 05 May 2023 03:39:59 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 117,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=29, inner; dur=27
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202305050339593C2983EF309395A89F13
x-cache-remote: TCP_MISS from a23-220-104-198.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 29,23.220.104.198
x-tt-trace-host: 0175e780687430e89cac6f6204f7c08cbaf44a6df1446954aa64fccc35f0e54c1e9ba5eb36da9b4955b5c7a198081bc1a697dc02b060df14979042e44b10f1ed659f25a7d697e1a905a90f5d427a32077d57ad1f6fa60ac9c022972bf7bcaf39f0a111878b7f0beb27b1fc42c887a6bbcd
expires: Fri, 05 May 2023 03:39:59 GMT

OPTIONS
H2 200 tp2
b.aegpresents.com/com.snowplowanalytics.snowplow/ Frame 0
0 567ms
176ms Preflight 44.239.216.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b.aegpresents.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.216.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-216-46.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://carinleonlive.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://carinleonlive.com
access-control-max-age: 600
content-length: 0
date: Fri, 05 May 2023 03:39:59 GMT
server: nginx

POST
H2 200 tp2 Show response
b.aegpresents.com/com.snowplowanalytics.snowplow/ 2 B
322 B 537ms
179ms XHR
text/plain 44.239.216.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b.aegpresents.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: tracking.aegpresents.com
URL: https://tracking.aegpresents.com/sp_2_16_3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.216.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-239-216-46.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://carinleonlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://carinleonlive.com
date: Fri, 05 May 2023 03:40:00 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 51 KB
20 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.tunespeak.com
URL: https://cdn.tunespeak.com/v2/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carinleonlive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 05 May 2023 02:35:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 3855
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 05 May 2023 04:35:44 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 42ms
42ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1423228778&t=event&_s=1&dl=https%3A%2F%2Fcarinleonlive.com%2F&ul=en-us&de=UTF-8&dt=Carin%20Leo%CC%81n&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Tssdk&ea=Load&el=Tour%3A6449366ba2b27c0001e81868&_u=aEDAAUABAAAAACAAI~&jid=1750156982&gjid=1800485130&cid=1106715138.1683257999&tid=UA-5543710-4&_gid=544908116.1683257999&_r=1&_slc=1&cd4=Tour%3A6449366ba2b27c0001e81868&z=48253600

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://carinleonlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 May 2023 03:39:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://carinleonlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 1E5C 0
491 B 449ms
175ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: carinleonlive.com
URL: https://carinleonlive.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 05 May 2023 03:39:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683257999689824
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1683257999689493
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 1E5C 86 KB
14 KB 11ms
10ms Script
text/javascript 2600:9000:2057:5400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 05 May 2023 03:35:09 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 291
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: G6RLfks7REQamM9G-zgytTNe3fmF1QbHliXh4xrnr7RZKYz-Yfe6Kw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-5543710-4&cid=1106715138.1683257999&jid=1750156982&gjid=1800485130&_gid=544908116.1683257999&_u=aEDAAUABAAAAACAAI~&z=707464274

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://carinleonlive.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 05 May 2023 03:39:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://carinleonlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 1E5C 156 B
671 B 557ms
188ms XHR
application/json 52.41.90.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.41.90.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-41-90-223.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

08a87bd7f9ad58f2b87382e2b3d5f70dea188ab2b7164cad5821eee53e7e5768

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 05 May 2023 03:39:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683257999872645
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1683257999872076
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame D151 0
183 B 103ms
32ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=3rqwsjg&ref=https%3A%2F%2Fcarinleonlive.com%2F&upid=55rk4fk&upv=1.1.0&td1=undefined&td2=undefined&td3=undefined&td4=undefined&td5=undefined&td6=undefined&td7=carinleonlive.com&td8=undefined&td9=undefined
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://carinleonlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Fri, 05 May 2023 03:39:59 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1 200
OK a-08c7 Show response
i.liadm.com/s/c/ Frame 9469 1 KB
1 KB 429ms
117ms Document
text/html 54.164.114.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=dec59404fe79--01gzmzxfnq9kj69rc99r2r63y8&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.114.182 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-114-182.compute-1.amazonaws.com

Software

Resource Hash

d858aad0f810a61fd64f5f166ccd1167c28d683443bb0e12162a13f761719bbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://carinleonlive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 644
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 May 2023 03:40:00 GMT
Request-Time: 18
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H/1.1

200
OK

5b89562276db4bc68f0162dc17deda96
i.liadm.com/s/e/a-08c7/0/ Frame 9469
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https://i.liadm.com/s/e/a-08c7/0/5b89562276db4bc68f0162dc17deda96?muid%3D%5BMM_UUID%5D&94b69bf4-c07b-4a5f-a635-2730c336bc09
https://i.liadm.com/s/e/a-08c7/0/5b89562276db4bc68f0162dc17deda96?muid=c4086454-7a90-4300-be64-694466b1bfe1

43 B
274 B

99ms
98ms

Image
image/gif

54.164.114.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-08c7/0/5b89562276db4bc68f0162dc17deda96?muid=c4086454-7a90-4300-be64-694466b1bfe1

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=dec59404fe79--01gzmzxfnq9kj69rc99r2r63y8&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Protocol

HTTP/1.1

Server

54.164.114.182 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-114-182.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 03:40:00 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Date: Fri, 05 May 2023 03:40:00 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x27 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://i.liadm.com/s/e/a-08c7/0/5b89562276db4bc68f0162dc17deda96?muid=c4086454-7a90-4300-be64-694466b1bfe1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 05 May 2023 03:39:59 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9469 70 B
264 B 39ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=dec59404fe79--01gzmzxfnq9kj69rc99r2r63y8&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 05 May 2023 03:40:00 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

52164
i6.liadm.com/s/ Frame 9469
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=94b69bf4-c07b-4a5f-a635-2730c336bc09&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=94b69bf4-c07b-4a5f-a635-2730c336bc09&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=88340741-c16d-4383-8eb7-89949424f8ef
https://x.bidswitch.net/sync?ssp=liveintent&user_id=94b69bf4-c07b-4a5f-a635-2730c336bc09
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=liveintent&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=liveintent&&user_id=_uSx-v-xvf7l6eCr-rSp_63l4vnl6bT6_bElVo3L
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=88340741-c16d-4383-8eb7-89949424f8ef
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=88340741-c16d-4383-8eb7-89949424f8ef

43 B
548 B

457ms
109ms

Image
image/gif

2600:1f18:ed:550f:2f2d:1f04:c7f4:fb03
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=88340741-c16d-4383-8eb7-89949424f8ef

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:ed:550f:2f2d:1f04:c7f4:fb03 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 03:40:01 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=88340741-c16d-4383-8eb7-89949424f8ef
Date: Fri, 05 May 2023 03:40:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H/1.1

200
OK

5b89562276db4bc68f0162dc17deda96
i.liadm.com/s/e/a-08c7/0/ Frame 9469
Redirect Chain

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=94b69bf4-c07b-4a5f-a635-2730c336bc09&redir=https://i.liadm.com/s/e/a-08c7/0/5b89562276db4bc68f0162dc17deda96?muid%3D$%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=94b69bf4-c07b-4a5f-a635-2730c336bc09&redir=https://i.liadm.com/s/e/a-08c7/0/5b89562276db4bc68f0162dc17deda96
https://i.liadm.com/s/e/a-08c7/0/5b89562276db4bc68f0162dc17deda96

43 B
274 B

210ms
103ms

Image
image/gif

54.164.114.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-08c7/0/5b89562276db4bc68f0162dc17deda96

Requested by

Protocol

HTTP/1.1

Server

54.164.114.182 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-114-182.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 03:40:00 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

DCS: dcs-prod-irl1-1-v048-097e77d5c.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: S4vqdKZkSIc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://i.liadm.com/s/e/a-08c7/0/5b89562276db4bc68f0162dc17deda96
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame 9469
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=94b69bf4-c07b-4a5f-a635-2730c336bc09
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=94b69bf4-c07b-4a5f-a635-2730c336bc09&rd=Y

43 B
603 B

170ms
169ms

Image
image/gif

104.111.217.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=94b69bf4-c07b-4a5f-a635-2730c336bc09&rd=Y

Requested by

Protocol

Server

104.111.217.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-217-14.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Fri, 05 May 2023 03:40:00 GMT
pragma: no-cache
date: Fri, 05 May 2023 03:40:00 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=94b69bf4-c07b-4a5f-a635-2730c336bc09&rd=Y
pragma: no-cache
date: Fri, 05 May 2023 03:40:00 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Fri, 05 May 2023 03:40:00 GMT

GET
H2 200 /
trc.taboola.com/sg/liveintent/1/cm/ Frame 9469 43 B
372 B 47ms
15ms Image
image/gif 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/liveintent/1/cm/
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=dec59404fe79--01gzmzxfnq9kj69rc99r2r63y8&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Fri, 05 May 2023 03:40:00 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230096-FRA
server: nginx
x-timer: S1683258000.354472,VS0,VE8
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

35004
i.liadm.com/s/ Frame 9469
Redirect Chain

https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

43 B
640 B

101ms
101ms

Image
image/gif

54.164.114.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=

Requested by

Protocol

HTTP/1.1

Server

54.164.114.182 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-114-182.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 03:40:00 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

Redirect headers

Location: //i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
Pragma: no-cache
Date: Fri, 05 May 2023 03:40:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 77
Content-Type: text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 12:17:30	Name: _li_ss Value: CkUKBQgKEP4UCgUIeRD-FAoFCAYQ_hQKBgiBARD-FAoFCAwQiBUKCQj_____BxCIFQoFCAsQ_hQKBgiLARD-FAoFCH4Q_hQ
i6.liadm.com/s	1970-01-20 12:17:30	Name: _li_ss Value: CgA
.carinleonlive.com/	1970-01-20 21:10:17	Name: _ga Value: GA1.2.1106715138.1683257999
.carinleonlive.com/	1970-01-20 11:35:44	Name: _gid Value: GA1.2.544908116.1683257999
.carinleonlive.com/	1970-01-20 11:34:18	Name: _gat_gtag_UA_139868153_32 Value: 1
.carinleonlive.com/	1970-01-20 13:43:53	Name: _gcl_au Value: 1.1.364495852.1683257999
.carinleonlive.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .carinleonlive.com
.carinleonlive.com/	1970-01-20 21:10:17	Name: _lc2_fpi Value: dec59404fe79--01gzmzxfnq9kj69rc99r2r63y8
.tiktok.com/	1970-01-20 20:55:53	Name: _ttp Value: 2PMDLL8v7D3HsMZFYjxo4nnvoeo
.carinleonlive.com/	1970-01-20 20:55:53	Name: _tt_enable_cookie Value: 1
.carinleonlive.com/	1970-01-20 20:55:53	Name: _ttp Value: TokP0y-C-TrzHeSWd_FCQFCXtDS
.carinleonlive.com/	1970-01-20 11:34:19	Name: _sp_ses.2eff Value: *
.carinleonlive.com/	1970-01-20 21:10:17	Name: _sp_id.2eff Value: ab3caf55-b075-45c0-89fd-f95964957b4a.1683257999.1.1683257999.1683257999.6c53f2e8-ed7a-40d8-8882-e7959c2645d6
.carinleonlive.com/	1970-01-20 11:34:18	Name: _gat Value: 1
.liadm.com/	1970-01-20 21:10:18	Name: lidid Value: 94b69bf4-c07b-4a5f-a635-2730c336bc09
carinleonlive.com/	1970-01-20 11:34:18	Name: _liChk Value: 0.4506619761856512
m.stripe.com/	1970-01-20 21:10:17	Name: m Value: f1703aff-99a9-445b-98f6-381e8ec7a649fe27c6
.carinleonlive.com/	1970-01-20 20:19:53	Name: __stripe_mid Value: 43eed14e-4691-4bad-9af6-ecf2fd0aa1a6548399
.carinleonlive.com/	1970-01-20 11:34:19	Name: __stripe_sid Value: dd7668b0-689c-4d7c-8237-3b7066e1f4359a27d6
.mathtag.com/	1970-01-20 21:00:13	Name: uuid Value: c4086454-7a90-4300-be64-694466b1bfe1
.bidswitch.net/	1970-01-20 20:19:54	Name: tuuid Value: 88340741-c16d-4383-8eb7-89949424f8ef
.bidswitch.net/	1970-01-20 20:19:54	Name: c Value: 1683258000
.bidswitch.net/	1970-01-20 20:19:54	Name: tuuid_lu Value: 1683258000
b.aegpresents.com/	1970-01-20 20:19:54	Name: _cf Value: ec298451-1a9d-4d26-b221-2bd8a160e67b
.demdex.net/	1970-01-20 15:53:30	Name: demdex Value: 33453806500320561193679446127515608653
.dpm.demdex.net/	1970-01-20 15:53:30	Name: dpm Value: 33453806500320561193679446127515608653
.addthis.com/	1970-01-20 21:04:32	Name: na_id Value: 2023050503400000048914668486
.addthis.com/	1970-01-20 21:04:32	Name: na_tc Value: Y
.addthis.com/	1970-01-20 21:04:32	Name: uid Value: 64547a90ca82a66f
.addthis.com/	1970-01-20 21:04:32	Name: ouid Value: 64547a900001a8cb4c11d3ede00bd0883c4a79af73d304ffce5c
.quantserve.com/	1970-01-20 13:43:54	Name: d Value: EDUBDQH1KP7KwQA
.quantserve.com/	1970-01-20 21:04:32	Name: mc Value: 64547a90-9de2d-1e5f7-9045a
.dlx.addthis.com/	1970-01-20 12:17:30	Name: na_sc_x Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aegwebprod.blob.core.windows.net
analytics.tiktok.com
api.tunespeak.com
b-code.liadm.com
b.aegpresents.com
b1sync.zemanta.com
carinleonlive.com
cdn.tunespeak.com
cms.quantserve.com
dpm.demdex.net
i.liadm.com
i6.liadm.com
insight.adsrvr.org
js.adsrvr.org
js.stripe.com
m.stripe.com
m.stripe.network
match.adsrvr.org
q.stripe.com
rp.liadm.com
rp4.liadm.com
stats.g.doubleclick.net
sync.mathtag.com
tracking.aegpresents.com
trc.taboola.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
x.dlx.addthis.com
104.111.217.14
104.22.5.172
108.138.15.119
18.196.170.44
185.29.134.248
2.16.186.242
2600:1f18:730:b130:f139:5754:c04e:532b
2600:1f18:ed:550f:2f2d:1f04:c7f4:fb03
2600:9000:2057:5400:19:7d10:bd80:93a1
2600:9000:223c:c400:8:8845:1500:93a1
2600:9000:2240:b000:11:65f0:c080:93a1
2600:9000:2251:ce00:c:b19:dd40:93a1
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:800::200e
2a00:1450:4001:828::2008
2a00:1450:400c:c09::9b
2a04:4e42::300
34.69.217.213
35.71.131.137
44.239.216.46
52.239.228.100
52.41.90.223
52.51.135.19
52.70.144.66
54.164.114.182
54.186.23.98
64.74.236.255
99.86.4.76
024d157920f57211f7dea5ba64006dd9b406cfcb1fd5d6181569a65bbd0cf23c
08a87bd7f9ad58f2b87382e2b3d5f70dea188ab2b7164cad5821eee53e7e5768
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
148a1328c7dad0dc39084bca8a7da5e873e299d0717942f57e823d1b7e3303bc
1f7885014db48f58f50b1685752ddd86d9e8728ede1277fcb7540c521dd69d9f
221bfb9e8dc4a30dd35057abdb3aa63e814c5fd292af0525a2bd6eeee8e7371a
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
294429f23aa2612eac0468439f3a5a500a9d6c8006c0de7a8b96c31fd7dc959c
2a98d71e9acd8e999a4b7d9dc4140340203230b12f2f06cf24e1ed38e8fa8cca
4ab9f2ec27c76011aeca531706f704f94393cce444a45b6b983c2c6756a9d05b
4cf6e848e33259be37270940325f323d4a3a9c4a324ee8e9653c200b02181726
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
860982f7df0344e1608e42a5279603244e7bb6c6c92f99a7d8442ff61a4637a3
862a337f7a87cc3afe2720b25480be51a9c699790594ebea0d953c1bf334e90b
866083a4e2e615b4ce8bc4e22bebd4d602c9bc28297add9521d177efe6fe2b19
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec2194d3c5ea7c2becc8ecd52617529e1aaa647d7663c63f50ecd49eb0a4c3f
8eef2ef6cf882d5e2e9167cb7c8b0ebbeb75b28a698835488733d149326fab4f
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b07a3189298ec358e3dc87bd2a068a33e8dd0b469afaee0218dd7a5a308355fc
bf72c42dffb746770f2d19c47619718c400b840b8bf3218a60137bee7f9a16d3
c50c805e76471e311e03e5164a9ea98f15d0b0e3c92db9482f380e38298ea8ae
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d4c1270f7869730d1490f7df3d4bf63e21b5baa51ebbc67c31001317d4e50dbb
d858aad0f810a61fd64f5f166ccd1167c28d683443bb0e12162a13f761719bbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
efc680c10aaada755dac6b0740b2052eb970f91e321e596d0b0324bb9e04d78e
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f2f5996735ffed762a680d48858858502b52c2c32509a5c5f598c5d9f2fdcaea
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

carinleonlive.com Open in urlscan Pro 34.69.217.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

88 %HTTPS

39 %IPv6

19 Domains

29 Subdomains

22 IPs

6 Countries

3032 kBTransfer

4364 kBSize

33 Cookies

8 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

carinleonlive.com Open in urlscan Pro
34.69.217.213 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

88 %
HTTPS

39 %
IPv6

19
Domains

29
Subdomains

22
IPs

6
Countries

3032 kB
Transfer

4364 kB
Size

33
Cookies

49 HTTP transactions
0 data transactions