Submitted URL: https://www.orsettogang.com/?utm_source=nftads&utm_medium=nftads&utm_campaign=nftads_orsetto_airdrop
Effective URL: https://livewell.com/finance/orsetto-gang-nft/
Submission: On February 25 via api from US — Scanned from NL

Summary

This website contacted 26 IPs in 3 countries across 20 domains to perform 108 HTTP transactions. The main IP is 18.245.31.54, located in United States and belongs to AMAZON-02, US. The main domain is livewell.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on September 15th 2023. Valid for: a year.
This is the only time livewell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
47 18.245.31.54 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 151.101.1.181 54113 (FASTLY)
7 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 35.158.167.124 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
1 3.71.149.231 16509 (AMAZON-02)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
108 26
Apex Domain
Subdomains
Transfer
47 livewell.com
livewell.com
5 MB
14 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 106
ebefb1dfc4f723380db0071730d124cd.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 161
303 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
190 KB
6 mediavine.com
scripts.mediavine.com — Cisco Umbrella Rank: 8751
exchange.mediavine.com — Cisco Umbrella Rank: 1459
keywords.mediavine.com — Cisco Umbrella Rank: 9804
95 KB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 226
176 KB
5 gstatic.com
fonts.gstatic.com
227 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 665
www.google.com — Cisco Umbrella Rank: 2
122 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
8 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 467
mug.criteo.com — Cisco Umbrella Rank: 3031
7 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2194
google-bidout-d.openx.net — Cisco Umbrella Rank: 2173
808 B
2 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 3938
ups.analytics.yahoo.com — Cisco Umbrella Rank: 425
9 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
148 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 306
57 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1831
8 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 686
13 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2288
1 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1176
6 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2124
253 B
1 orsettogang.com
www.orsettogang.com
470 B
0 amazon-adsystem.com Failed
z-na.amazon-adsystem.com Failed
108 20
Domain Requested by
47 livewell.com livewell.com
7 pagead2.googlesyndication.com livewell.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 cdnjs.cloudflare.com livewell.com
cdnjs.cloudflare.com
5 securepubads.g.doubleclick.net scripts.mediavine.com
securepubads.g.doubleclick.net
livewell.com
pagead2.googlesyndication.com
5 fonts.gstatic.com livewell.com
fonts.googleapis.com
4 scripts.mediavine.com livewell.com
scripts.mediavine.com
4 fonts.googleapis.com livewell.com
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects livewell.com
2 www.googletagmanager.com livewell.com
www.googletagmanager.com
2 cdn.jsdelivr.net livewell.com
cdn.jsdelivr.net
1 www.google.com tpc.googlesyndication.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com livewell.com
1 ups.analytics.yahoo.com connectid.analytics.yahoo.com
1 ebefb1dfc4f723380db0071730d124cd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 keywords.mediavine.com scripts.mediavine.com
1 exchange.mediavine.com scripts.mediavine.com
1 www.orsettogang.com 1 redirects
0 z-na.amazon-adsystem.com Failed livewell.com
108 29

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
pinterest.com
Subject Issuer Validity Valid
livewell.com
Amazon RSA 2048 M02
2023-09-15 -
2024-10-13
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
*.mediavine.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2
2023-07-01 -
2024-08-01
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02
2023-06-06 -
2024-07-04
a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-09-30
a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2024-02-20 -
2024-05-20
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-17 -
2024-05-17
3 months crt.sh
oa.openxcdn.net
GTS CA 1D4
2024-01-22 -
2024-04-22
3 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018
2024-01-09 -
2024-07-04
6 months crt.sh
*.google.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-08 -
2024-05-07
3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-12-26 -
2024-06-19
6 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
www.google.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh

This page contains 8 frames:

Primary Page: https://livewell.com/finance/orsetto-gang-nft/
Frame ID: 4F29044F9DC0BFF1C057927A5D30A421
Requests: 92 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_fy2021.html
Frame ID: 19B7C8C7F13825CF90E7F35B157A3D56
Requests: 1 HTTP requests in this frame

Frame: https://ebefb1dfc4f723380db0071730d124cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7DA7AE3ECD203CD365082525E3C97DE6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDgmXZGqEyRXmkDatMMexEzozzfj8GkG_5XsOiEIE4eR3-ckM2a5fIDAlJRRDXNs7uutQGDcUiqApHVAO0fQbM-7a5QBV6INIJ5RSeqcCYE3L2F0rHtkTudpFX-0-n_A3EzGIscHivmBgAqHfU9zyDlFx8PPicFng1opU1-HS700h3E8ilJwQ_zPxJxy_ygQKz_VoNomXOEz7Q6ZTLArbNrDDOhdc8AEVN-j8KWuq7PIOzPc_hyxraOZdqrZLzEpE4Esulw9agDkFbEzTjhM6zF6PkJu3J2gmV2kf54TuqwnRl23e56ejaB5UlBGZTOOFmn5f1Af8nC87aRarsPq8UzQ&sai=AMfl-YQiDA1T67EsA5SGO5y9WpkM9msjYhXARBFEtTFa_HXRPvhCVu9tCYjRtt4Jt4oOR5KvAQ_4lK2Njxi_vCnbSwsKbYue0TlKRJav9R1hDtAFgdrrnaO7mi4si3DDcdnLhmk4HnI39TLxRRT1JUWXOeci&sig=Cg0ArKJSzH5FTdW89llHEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 9734453D89F63A4A7F40B59B1B70267E
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=livewell.com
Frame ID: 43D0BD915333E0F92C1BD84833C730AB
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 289ABF886A87A7F2F8909B08C3396FF3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ABEA135AEB00E62F4D556A39C37F329C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A5D157438D1D88ADE010602032E13DD2
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Orsetto Gang Unleashed: Charting a New Course in the NFT Universe | LiveWell

Page URL History Show full URLs

  1. https://www.orsettogang.com/?utm_source=nftads&utm_medium=nftads&utm_campaign=nftads_orsetto_airdrop HTTP 301
    https://livewell.com/finance/orsetto-gang-nft/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js


Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

108
Requests

97 %
HTTPS

65 %
IPv6

20
Domains

29
Subdomains

26
IPs

3
Countries

6581 kB
Transfer

9420 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.orsettogang.com/?utm_source=nftads&utm_medium=nftads&utm_campaign=nftads_orsetto_airdrop HTTP 301
    https://livewell.com/finance/orsetto-gang-nft/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89
  • https://oajs.openx.net/esp?url=https%3A%2F%2Flivewell.com%2Ffinance%2Forsetto-gang-nft%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Flivewell.com%2Ffinance%2Forsetto-gang-nft%2F&rid=esp&cc=1
Request Chain 92
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=livewell.com&sn=ChromeSyncframe&so=0&topUrl=livewell.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=oRxwYHwwQUVVSEVrZGhPeVZHV2NjWU13OGl5dEpWTklQcEsvajd2UUJhR3lmNXlOTnByQWp1UzhkWXpTN0U3YVkwZVJBZFJWQlQrRVl4N0MwbUlSWXBLNkpRVWRLcE13TlFHeDBmU1dqdEtKTzJxWjZ5ZmFFVi96Rm1vdW9IeGRHVnAxckFuRk5lSUZNUkI1QlJoRERFeEVIY3VuNXNXdkdhcktlWjh2T3puZnl4QXBXNFVVOHRCelE2TzZtZHVDTUZ4ajJWMm9OVlRINTBsMm5ZMzdpSktSZ28rNWpHV0k1MS9rdjZZaE04Vmp6cW5qb05JSytna0VtcFRMbnlWQ1FCU0NSeXk1ZVRncTNvaktnSDZFZUtocm5jN24zRkJIcmc4TXMrYzlBSG9VUEJTRT18&cppv=2

108 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
livewell.com/finance/orsetto-gang-nft/
Redirect Chain
  • https://www.orsettogang.com/?utm_source=nftads&utm_medium=nftads&utm_campaign=nftads_orsetto_airdrop
  • https://livewell.com/finance/orsetto-gang-nft/
316 KB
57 KB
Document
General
Full URL
https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx / PHP/7.3.33
Resource Hash
21e2a2faedf44c85b43ba05569eb7338ce3d81311cddccced14875edebea2170

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
67157
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Feb 2024 20:58:18 GMT
expires
Sun, 25 Feb 2024 15:37:48 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-id
fL1cKhgOhotQNLdV1F6ZtHEUDz43q8eZImy91SkVunY8zRHb9j3SJg==
x-amz-cf-pop
FRA56-P8
x-cache
Hit from cloudfront
x-elasticpress-query
true
x-powered-by
PHP/7.3.33

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
85b1081facbd0e33-AMS
date
Sun, 25 Feb 2024 15:37:48 GMT
expires
Sun, 25 Feb 2024 16:37:48 GMT
location
https://livewell.com/finance/orsetto-gang-nft/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgR9gtQ4QqaKCs7Q8AnT0hqa%2Bcj5%2BCCdSo080vKtox9KDnGC3WUhcOSm6nNVawFFu3ewFOF9CpZgCaK5gXYqIBh5RO%2FBveChS1JSuLlfuFUNV4G8qWdYg6e%2BZSpTl707ABYnvav6iaX23LB7qHi3znSn"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
related-posts-block-styles.min.css
livewell.com/wp-content/plugins/elasticpress/dist/css/
222 B
535 B
Stylesheet
General
Full URL
https://livewell.com/wp-content/plugins/elasticpress/dist/css/related-posts-block-styles.min.css?ver=3.6.2
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Feb 2024 19:39:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Jul 2023 07:13:48 GMT
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"64c2192c-de"
age
158261
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
JXx6T9lpolZOboUvt9XwLjGKlTEHkPHkcMs7FcJ1sQ9fZgLB9F78ZQ==
bliss-loadmore.css
livewell.com/wp-content/plugins/infinite-scroll-and-ajax-load-more/public/css/
503 B
696 B
Stylesheet
General
Full URL
https://livewell.com/wp-content/plugins/infinite-scroll-and-ajax-load-more/public/css/bliss-loadmore.css?ver=1.0.0
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
55e9b8ba69d2deba32b245f1074db767231f3ff039c84fb7caf223c07b1420a9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Feb 2024 19:39:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Jul 2023 07:13:50 GMT
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"64c2192e-1f7"
age
158261
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
uq74A3L-GG5Wu4F9unqTRwERUOLHVldasvU-MuSr6p3KLKEnEmGGSw==
frontend.css
livewell.com/wp-content/plugins/yith-infinite-scrolling-premium/assets/css/
6 KB
1 KB
Stylesheet
General
Full URL
https://livewell.com/wp-content/plugins/yith-infinite-scrolling-premium/assets/css/frontend.css?ver=5.8.9
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
abbabcf31765e84389c69e4b2724c1a061068c5f2bd55d8bea6fb5dedb29eca1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Feb 2024 19:39:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Jul 2023 07:13:57 GMT
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"64c21935-1941"
age
158261
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
jx5MHU-3DWsjgDz5PCaVCiZmQ4koI7GvLvAeyXywhCGKWNt2zYeZgw==
css
fonts.googleapis.com/
854 B
405 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans:300,400,700,900&display=fallback
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
165ce2d5d95d9c763587cbff902a517f442bfdac00cec2c7e0dd0ff7c682df1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 25 Feb 2024 15:37:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 25 Feb 2024 15:37:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Feb 2024 15:37:48 GMT
css
fonts.googleapis.com/
5 KB
678 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700,900&display=fallback
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
53c37eaabc4b381c3416f69955890cc4a5f7f843e740cdc7af8bf435e2f49227
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 25 Feb 2024 15:37:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 25 Feb 2024 15:37:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Feb 2024 15:37:48 GMT
css
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald:400,500,700&display=fallback
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
246c5c320207b803af4f0de7b0f06d494251ea80774f26c87c96a2e77766ffc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 25 Feb 2024 15:37:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 25 Feb 2024 15:37:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Feb 2024 15:37:48 GMT
style.css
cdn.jsdelivr.net/npm/font-proxima-nova@1.0.1/
18 KB
2 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/font-proxima-nova@1.0.1/style.css
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f577621dfa0ad80439c819cdba29d9cc5928e4f35d9b6bbb3406aa2f3033811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7718175
x-jsd-version
1.0.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230118-FRA, cache-ams21044-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"4622-bx4AuGXxxb4ZZqRHDzHf0EN22PQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycqGlXc3mTC9YDMeJtJN%2BlAGESUaFeX4ncU5DUdgmxZY2xkwkpi%2Fv6iMB3dMZYBZtX1p9NKvR7PToGICmady%2FweTWmBKr4jP2ZT6foZA0wohOCUCNqRNDMLfkjE7o0GcvNFCjhesovZElSHsjmg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
85b10820bb6d5c3a-AMS
owl.carousel.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/
3 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2759678
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
845
last-modified
Mon, 04 May 2020 16:04:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf0-d17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LM8kUfEcBC7W3WZDLjzHvbj4%2FqXbp5JMbU1ewLjayMRyFrkoEwx3XiTEJC7C9gUXweExjs9x7b0zM%2FZ6MVPkQpyLJTuTt5gP3EXSre8XBqSb9ega95zaEQTn2Nms1zV074Eka1Yi4k7s%2B2MSpktuXUQJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85b10820bc696721-AMS
expires
Fri, 14 Feb 2025 15:37:48 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
232703
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10462
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmgOFDqWEVDNi2SmXUsSOZXhNh3eVv8Ome68L0RC5jzBm1E%2Fk1RB6em0pNMpoGC7uoYs4tCc4V4nqh0jruf6nAeC%2FWzXtGCR9xpvfH0py1x0cJJdwcOrqE4hgbsMvx2bnvu37ER8ENoygt4GjtEyOxru"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85b10820bc676721-AMS
expires
Fri, 14 Feb 2025 15:37:48 GMT
style.css
livewell.com/wp-content/themes/livewell/css/
199 KB
31 KB
Stylesheet
General
Full URL
https://livewell.com/wp-content/themes/livewell/css/style.css?ver=1.0.6
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
af15a1b1a53fb33fd074965d07748611e316c856786e445755c1cd46a836adff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Feb 2024 19:39:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Aug 2023 07:11:51 GMT
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"64e702b7-31c74"
age
158261
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
iiUjRS09dh2ghyeRW-960DmKZuyuu-MN00YdmpmqcY07PEOMPBTa5Q==
print.css
livewell.com/wp-content/themes/livewell/css/
3 KB
818 B
Stylesheet
General
Full URL
https://livewell.com/wp-content/themes/livewell/css/print.css?ver=1.0.2
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
64b24e9d0a34918a2399c67ccb91caf696db1c097073fc599dd39a1507e3b706

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Feb 2024 19:39:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Aug 2023 07:08:42 GMT
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"64e701fa-a05"
age
158261
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
tK1NdK3QYY2-0IgLTrc93JWmcv3LwkCtpETLz5lPKOhx5cbIZhwi6Q==
autosuggest-styles.min.css
livewell.com/wp-content/plugins/elasticpress/dist/css/
760 B
733 B
Stylesheet
General
Full URL
https://livewell.com/wp-content/plugins/elasticpress/dist/css/autosuggest-styles.min.css?ver=3.6.2
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
f7e0c5a222758d6c0549e3d9ed98e71b8e3f3c7a2d81141b1113f39a8110598d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Feb 2024 19:39:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Jul 2023 07:13:48 GMT
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"64c2192c-2f8"
age
158261
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
-ztAm86QcR9_CmL4-tjOc_6yM4Sor4pzOuC6ab5h1h7kIsufQDTWag==
styles.min.css
livewell.com/wp-content/plugins/aawp/public/assets/css/
83 KB
12 KB
Stylesheet
General
Full URL
https://livewell.com/wp-content/plugins/aawp/public/assets/css/styles.min.css?ver=3.10.1
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
86f9a8fd4891f2d40afbb02bca846fec699c8c67c919d125b95109c866fdcbf4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Feb 2024 19:39:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Jul 2023 07:13:42 GMT
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"64c21926-14b27"
age
158261
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
sFwgEeTqfLlF3PaQxEfqkJAgaHw55EcetlZKc7_11H3vUYSHJs0Egw==
gtm.js
www.googletagmanager.com/
190 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WM5PXBLK
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf517bc7c23231dd385a0779b0fa0a963673e4260c6e56f22aae16f0846dd6c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69836
x-xss-protection
0
last-modified
Sun, 25 Feb 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 25 Feb 2024 15:37:48 GMT
live-well.js
scripts.mediavine.com/tags/
159 KB
31 KB
Script
General
Full URL
https://scripts.mediavine.com/tags/live-well.js
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
dabd882863686bf3be830fcbcfd4984769350ae698c5ab3cf6c9ebaae0ce4f64
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
24
x-powered-by
Express
x-cache
MISS, HIT
content-length
31357
x-served-by
cache-iad-kjyo7100110-IAD, cache-ams21068-AMS
x-timer
S1708875469.942799,VS0,VE1
etag
W/"27a29-rTl/1PFSQDpGcfGT89HY+YR8t9U"
vary
gdpr=1, country=EU, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
accept-ranges
bytes
x-cache-hits
0, 1
livewell_large.png
livewell.com/wp-content/themes/livewell/images/
3 KB
4 KB
Image
General
Full URL
https://livewell.com/wp-content/themes/livewell/images/livewell_large.png
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
ba0b93dbb30c51ee474e19e2c66143c4dc376c295e206026fc0c464f9bdbaa4a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 19:39:55 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
158261
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
3458
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 16 Oct 2023 07:18:39 GMT
server
nginx
etag
"652ce3cf-d82"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
C5oemU5VEkDDJmlyv4pmMr4tlXABVFGZ15_gt5YsZWcwN-0oEqNIjA==
Orsetto-Gang-600x400.jpg
livewell.com/wp-content/uploads/2024/01/
30 KB
30 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2024/01/Orsetto-Gang-600x400.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
828b2c1ff9c711a9163db7830f38418d0729aee7f5025b43e03d5ad51a90f581

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 20:22:25 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
155711
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
30727
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 31 Jan 2024 03:46:15 GMT
server
nginx
etag
"65b9c287-7807"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
nK-uXwZOdax2U5BwJbiD6UqKApCQ8XqgB76fLgliG9S4F7FfzkNuKw==
Orsetto-Gang-300x200.jpg
livewell.com/wp-content/uploads/2024/01/
11 KB
12 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2024/01/Orsetto-Gang-300x200.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
9decf8ac9bebada0599aebabd8b4325c187df839674b7e662244bb4551fd62be

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:10 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
23
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
11686
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 31 Jan 2024 03:46:15 GMT
server
nginx
etag
"65b9c287-2da6"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
VJ8qhqlGpCx6UY5xTD1pvz3TVdXvTwxt-W8XgP_8tVLMmaKKj4Y67w==
rupixen-com-Q59HmzK38eQ-unsplash-min-600x400.jpeg
livewell.com/wp-content/uploads/2019/11/
22 KB
22 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2019/11/rupixen-com-Q59HmzK38eQ-unsplash-min-600x400.jpeg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
768a29d97437a522f7d927d80924095b77b04bd12e5a5bc26c4aa933abd5d0f9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 19:39:55 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
158261
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
22251
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 11 Sep 2023 06:09:01 GMT
server
nginx
etag
"64feaefd-56eb"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
8evto81VKwHn29nvHhYd9icee2Xp284yQ7ZDaDp4E424gkjxYxyqZw==
photo-1518183214770-9cffbec72538-600x400.jpeg
livewell.com/wp-content/uploads/2019/11/
36 KB
37 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2019/11/photo-1518183214770-9cffbec72538-600x400.jpeg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
7b4b04d1bd4a0d091e4b545bbc5784c14e86a212ee8bc43ec54a6faf873666af

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 19:39:55 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
158261
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
37166
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 11 Sep 2023 06:10:48 GMT
server
nginx
etag
"64feaf68-912e"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
dXUZGGCKZQAsAnDrnxOT404ce7nN9GjimCwHflkPg3Yqtfh48cD9sg==
Philadelphia-Fed-Survey-Definition.jpg
livewell.com/wp-content/uploads/2023/10/
268 KB
269 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/10/Philadelphia-Fed-Survey-Definition.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
06e517345f30c3bd146d4aac9a4c16e52ab88cc9902b1961fee0e544daf9176b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 13:49:12 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
6502
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
274355
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 10 Oct 2023 06:57:15 GMT
server
nginx
etag
"6524f5cb-42fb3"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
uGdTaQxQpK4cKD1fO_m1AM2JCNcW9tgLFFG4NWGTHTvNBZzwrhcwXQ==
how-to-earn-credit-card-points-fast-1697897946.jpg
livewell.com/wp-content/uploads/2023/10/
194 KB
195 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/10/how-to-earn-credit-card-points-fast-1697897946.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e73e1c1417fc2390d5b71d5f705d426c02b5357a0a212e5e9a25a693346fa275

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 02:14:54 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
134561
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
198720
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 21 Oct 2023 14:19:06 GMT
server
nginx
etag
"6533ddda-30840"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
a0SiUoe_EmT19MGYuBf4JvhuF8l5KBQGOSjtgDJeJgRbLnAmLh6srg==
why-do-mergers-and-acquisitions-take-long-1703085901.jpg
livewell.com/wp-content/uploads/2023/12/
130 KB
131 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/12/why-do-mergers-and-acquisitions-take-long-1703085901.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
b27c2a17319343c81f94509ad1fecf3a3113bf84403220c4997ebf6e2d5583c4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 20:06:13 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
70281
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
133191
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Dec 2023 15:25:01 GMT
server
nginx
etag
"6583074d-20847"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
eXi7zqOmaqk1PcRk-OwoRp59uKy5uuENBOcaarr9DyXjyF-bYQnZdA==
mergers-and-acquisitions-in-banking-and-finance-what-works-what-fails-and-why-1703093541.jpg
livewell.com/wp-content/uploads/2023/12/
124 KB
125 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/12/mergers-and-acquisitions-in-banking-and-finance-what-works-what-fails-and-why-1703093541.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
230c062e57370629565d539e7bc875c6a8d8f5c39e1ebf9274954d54f5845e07

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 20:06:13 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
70281
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
127367
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Dec 2023 17:32:21 GMT
server
nginx
etag
"65832525-1f187"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
8Si0ehXoLTfZWkGuffJ9keUrAsTY2FB-cf2pwP1eKuBtihcYxhFB6g==
what-are-insurance-agency-mergers-and-acquisitions-1703087274.jpg
livewell.com/wp-content/uploads/2023/12/
140 KB
140 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/12/what-are-insurance-agency-mergers-and-acquisitions-1703087274.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
fd121e64f62e16b941e3add4c49cdafd4e9c25473dff200b353863073149781d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 20:06:13 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
70281
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
143181
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Dec 2023 15:47:54 GMT
server
nginx
etag
"65830caa-22f4d"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
fuVyPCQQdcc5TSAvlB_ksIzkgMzqQKOvX_crCSseZeqBJyrU9cjiYg==
why-mergers-and-acquisitions-are-important-1703093263.jpg
livewell.com/wp-content/uploads/2023/12/
145 KB
145 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/12/why-mergers-and-acquisitions-are-important-1703093263.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
09c46ffacb2b034a7773e6c62f6abbbdccfbf25dfb6e78179b26b24fb0cdcfe3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 20:06:13 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
70281
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
148104
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Dec 2023 17:27:43 GMT
server
nginx
etag
"6583240f-24288"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
TbU4Mf3labe-5eL1lBzdk1PrasgoeFKG04RKsIUBhCy7ZKcWTqE17g==
why-do-mergers-and-acquisitions-occur-1703096424.jpg
livewell.com/wp-content/uploads/2023/12/
117 KB
118 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/12/why-do-mergers-and-acquisitions-occur-1703096424.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a69050e01ebed7e2ec5b47a8933196a94a3c79b402127819fc36783bdf8c4a61

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 19:42:09 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
71725
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
120269
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Dec 2023 18:20:24 GMT
server
nginx
etag
"65833068-1d5cd"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
nm0bzHYb_TdXROWvXqp2p0UAvcO_Aw_8dK0zPWMMDXyu7tlvTbR1fw==
onejs
z-na.amazon-adsystem.com/widgets/
0
0

Comparison-Universe-Definition.jpg
livewell.com/wp-content/uploads/2023/09/
265 KB
265 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/09/Comparison-Universe-Definition.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
f573bf5b2536fa701211054e30c72f44c76f38b1ad2236d4f4209980b90a1acf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 08:18:50 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
112725
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
271097
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Sep 2023 18:50:59 GMT
server
nginx
etag
"650b3f13-422f9"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
-qC9C3LKzKGsg7JY_69QfaepkcANRxZl0r9_uAzP6r5aDq_xwmGv1A==
Universal-Currency-Converter-Definition.jpg
livewell.com/wp-content/uploads/2023/10/
268 KB
268 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/10/Universal-Currency-Converter-Definition.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
37c7cc1f76410471198476b9704258d80c53f6ad9cb0d85584fae46b033ba157

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 20:13:04 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
156272
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
274209
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Oct 2023 10:32:01 GMT
server
nginx
etag
"652679a1-42f21"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
m-WP3gCRmeGmStOzjgvDIDXSLNF5x6dS1LcQ3ujM6pWQSqvBtpcJ0A==
Forex-Chart-Definition-Types-Uses-in-Trading.jpg
livewell.com/wp-content/uploads/2023/09/
266 KB
267 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/09/Forex-Chart-Definition-Types-Uses-in-Trading.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
c9302d261064558d1e38ee9b0d52fe4fc3825c6d34795b03a78a6e3e9f806ea6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 01:05:21 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
138735
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
272482
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Sep 2023 04:18:26 GMT
server
nginx
etag
"650bc412-42862"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
tgnO9nvXKKYa88uAXvnO-hYQfqsR2ODE3XCboWGJgPV3TWM5wUy4XA==
Manager-Universe-Benchmark-Definition.jpg
livewell.com/wp-content/uploads/2023/09/
274 KB
274 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/09/Manager-Universe-Benchmark-Definition.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
0aa754cb7fb279dabfeb7f1419f4dcb57223532300943e222385d6d7bfb3e26e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 21:30:42 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
151614
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
280279
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Sep 2023 16:08:31 GMT
server
nginx
etag
"650c6a7f-446d7"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
GtWP-bdiI_Aca0za63zxFEZl2V3K6Yj1mrVipmIMt34wZs49pGHAlQ==
The-University-of-New-South-Wales-Business-School-Definition.jpg
livewell.com/wp-content/uploads/2023/09/
268 KB
268 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/09/The-University-of-New-South-Wales-Business-School-Definition.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
37c7cc1f76410471198476b9704258d80c53f6ad9cb0d85584fae46b033ba157

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 20:04:57 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
156758
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
274209
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 22 Sep 2023 10:34:10 GMT
server
nginx
etag
"650d6da2-42f21"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
1unc7Th-WpwR9aeUyCMXO2wn8Va6aSPfaYoeKMzGYdUw9-kPrv7mhQ==
Canadian-Securities-Course-CSC-Definition-Subjects-Exams.jpg
livewell.com/wp-content/uploads/2023/10/
265 KB
265 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/10/Canadian-Securities-Course-CSC-Definition-Subjects-Exams.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
f573bf5b2536fa701211054e30c72f44c76f38b1ad2236d4f4209980b90a1acf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 13:13:40 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
8634
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
271097
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Oct 2023 09:05:15 GMT
server
nginx
etag
"6526654b-422f9"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
hDv7QXq0a_ClBC0Ljmkrb3LbrjKAAKse2c7jA_3uh98B2f5CqJamyQ==
Vertical-Line-Charting-Definition-and-Example.jpg
livewell.com/wp-content/uploads/2023/09/
266 KB
266 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/09/Vertical-Line-Charting-Definition-and-Example.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
5b1bc485368d998a7becfc0cd9d68b3c04177bbc92481790c71f7fcb85bb85df

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 01:57:08 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
135627
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
272086
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 22 Sep 2023 12:21:04 GMT
server
nginx
etag
"650d86b0-426d6"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
o8GOPrIjeeXmoeQ-a3m1dcmhiFT96UlSJLzX71fzN1JfYO83uCI0OQ==
Kagi-Chart-Definition-and-Strategies.jpg
livewell.com/wp-content/uploads/2023/09/
269 KB
269 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/09/Kagi-Chart-Definition-and-Strategies.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
8bb4e89bd9cc008194ae1c7a79c884073ead99061f2aeca5f84610e0b225cdbe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 20:53:34 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
67440
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
275069
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Sep 2023 12:41:58 GMT
server
nginx
etag
"650c3a16-4327d"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
Zb8RZzF4LcKQbrQPpzOTVmsdvXSswcMNyFYw2nKqO0jAeekY2fPUFQ==
New-Indications-Definition.jpg
livewell.com/wp-content/uploads/2023/09/
270 KB
270 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/09/New-Indications-Definition.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
fd03dca96f079c226adb2327d6a03668decb0a09473b21dae7b7fe673be51c80

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 15:36:47 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
86448
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
276174
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Sep 2023 19:20:30 GMT
server
nginx
etag
"650c977e-436ce"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
d8VqQyuNhm5Qx-99m7Ex6zh0U-nSO90vHQa8x8mbKaGMOXWwZ1d7hg==
how-to-read-stocks-charts-1702737864.jpg
livewell.com/wp-content/uploads/2023/12/
108 KB
109 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/12/how-to-read-stocks-charts-1702737864.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
dad714d9378d43a60d1aa9efbdb11563b8974e4e847364fb4c788b7b9666ab5f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 23:03:13 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
146062
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
110851
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 16 Dec 2023 14:44:24 GMT
server
nginx
etag
"657db7c8-1b103"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
ps-ACHbAXTFZrz9T8SJ1q7wJTmu5zzb9JF5yoMWfPqXjkf3EtVTW8w==
how-is-campaign-funding-regulated-in-state-elections-1700738764.jpg
livewell.com/wp-content/uploads/2023/11/
257 KB
258 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/11/how-is-campaign-funding-regulated-in-state-elections-1700738764.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
3921a16fc9be4d544b2279d4c9af0b68bd932d33167e3dc6afb28fe9ef90828d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 21:58:03 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
149973
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
263121
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Nov 2023 11:26:04 GMT
server
nginx
etag
"655f36cc-403d1"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
-QqZx5c2WRv3Osq-obD9l2SVxAXnV7LHyDZ5Zoenp26cOVd8-_b8gw==
in-forming-an-insurance-contract-when-does-acceptance-usually-occur-1699858857.jpg
livewell.com/wp-content/uploads/2023/11/
200 KB
201 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/11/in-forming-an-insurance-contract-when-does-acceptance-usually-occur-1699858857.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
cdf49e455654379110e0f70062f02d4368430b9830d6fffb2e295aeac561a139

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 19:41:02 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
158194
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
204917
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 13 Nov 2023 07:00:57 GMT
server
nginx
etag
"6551c9a9-32075"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
44GhhRrJCfx6crUxQzbtB-NP8yXywqdJNuyCcwq9QwzvuDytJhzxQQ==
Effective-Annual-Interest-Rate-Definition-Formula-and-Example.jpg
livewell.com/wp-content/uploads/2023/09/
267 KB
268 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/09/Effective-Annual-Interest-Rate-Definition-Formula-and-Example.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a1027a1e04dc47a0909de254d4fc39917401c4cd074b21f12a6a37455b8b4334

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 20:23:20 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
155655
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
273299
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Sep 2023 23:56:16 GMT
server
nginx
etag
"650b86a0-42b93"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
L2uu6SFGucrQmCB72cciS2YJyGYjnXIN_B_J5KQGYEe8iGv4nq_6VQ==
Consumer-Confidence-Index-CCI-Definition-and-What-It-Indicates.jpg
livewell.com/wp-content/uploads/2023/09/
265 KB
265 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/09/Consumer-Confidence-Index-CCI-Definition-and-What-It-Indicates.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
f573bf5b2536fa701211054e30c72f44c76f38b1ad2236d4f4209980b90a1acf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:10 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
23
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
271097
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Sep 2023 19:30:47 GMT
server
nginx
etag
"650b4867-422f9"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
0s3qqRN0GsgU9FMvwPtXQ_RQ-dXrEvHIiarxZWfe9pELoyvOF7f_Uw==
Bond-Buyer-20-Definition.jpg
livewell.com/wp-content/uploads/2023/09/
270 KB
271 KB
Image
General
Full URL
https://livewell.com/wp-content/uploads/2023/09/Bond-Buyer-20-Definition.jpg
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
babc997dce79297796615a8a8b73e766c9de8ae0a79dd6a8aa2b39d2264d3c43

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 20:42:44 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
154491
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
276464
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Sep 2023 13:24:27 GMT
server
nginx
etag
"650af28b-437f0"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
uz6X2N4wKXKkmk4XkWrGUiZ1603WbB3XxEgFA5tYGxZLpBNG84H7Mg==
owl.carousel.min.js
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/
43 KB
10 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
313388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10158
last-modified
Mon, 04 May 2020 16:04:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf0-ad36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbS8kK9Ih2gqg4bBYVKa7LywlvBGe3Y9aIcMN3ybsz65MwfsFO1ml37lNjXO8jUGTKYkhrUg9YNplMM1HtVMsIfDcg%2FdOoz1kNB9IXgcq77zMtDCeIPJy%2B36koMevbjZsrCqQNtZKLVkg9OKJCGQny5m"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85b10820bc6e6721-AMS
expires
Fri, 14 Feb 2025 15:37:48 GMT
jQuery.print.min.js
cdnjs.cloudflare.com/ajax/libs/jQuery.print/1.6.0/
3 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jQuery.print/1.6.0/jQuery.print.min.js
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3fc2e213facd2e139220937d154b650072ce4293a483b7e893954cd84019ffe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7564484
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1183
last-modified
Mon, 04 May 2020 16:11:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ebe-c4a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zl6dQqooUvcjLqV%2FcEGdWDGq3i5WWenzmWVrP2mBG4CH9iXHcbuFkBSsbmf%2BIiseLvX3q9yfySLc8vt8SM8Bq9hGFs6RY18CotnYu6g5%2ByTPMjZUAw8N%2FWbUSVlZvvJlSJ0ycHdMELzdKkPqkvyK213o"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85b10820bc6c6721-AMS
expires
Fri, 14 Feb 2025 15:37:48 GMT
category-pillar-pagination.js
livewell.com/wp-content/themes/livewell/js/
4 KB
1 KB
Script
General
Full URL
https://livewell.com/wp-content/themes/livewell/js/category-pillar-pagination.js
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
ebbac75c3d9bb6cb33da19ba1f7b1b7a4732cbd84744fca8e008b55ff7142e13

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Feb 2024 19:39:55 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Aug 2023 07:08:42 GMT
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"64e701fa-f16"
age
158261
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
gq4Gz9xp4MY65eIR0TRbFQ3Q5USJlVB10HBZuLFB2fxW_u5amPFZDg==
main.js
livewell.com/wp-content/themes/livewell/js/
29 KB
7 KB
Script
General
Full URL
https://livewell.com/wp-content/themes/livewell/js/main.js
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
225a0f73d490599c3c631b22658b5c92335631eacd2ce329509d6b01b38e1a09

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Feb 2024 19:39:55 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Oct 2023 04:26:58 GMT
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"65262412-73d5"
age
158261
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
pr4jgBHi61ZdmeVFi5OxHe1VrIbHBbmNDI0FddKGfBwXCnCYxvth5w==
jquery.min.js
livewell.com/wp-includes/js/jquery/
87 KB
36 KB
Script
General
Full URL
https://livewell.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Feb 2024 19:39:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Jul 2023 07:14:54 GMT
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"64c2196e-15db1"
age
158261
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
leTkl1LfMgLXBZlcjfYiBbZObfFZlKrhuspAHVKYDZ3qsGgrnC739g==
bliss-loadmore.js
livewell.com/wp-content/plugins/infinite-scroll-and-ajax-load-more/public/js/
1 KB
1011 B
Script
General
Full URL
https://livewell.com/wp-content/plugins/infinite-scroll-and-ajax-load-more/public/js/bliss-loadmore.js?ver=1.0.0
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
014fd58cad6665430b5bf90b9bcdf86272b087e8062a02ecdae19f44c2325b4c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Feb 2024 19:39:55 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Jul 2023 07:13:50 GMT
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"64c2192e-4a7"
age
158261
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
YgVjI65yaU3U_3C50So4wozBjdRROaJxZx13VGEzPAT_VAjKAjuKSw==
jquery.blockUI.min.js
livewell.com/wp-content/plugins/yith-infinite-scrolling-premium/assets/js/
9 KB
4 KB
Script
General
Full URL
https://livewell.com/wp-content/plugins/yith-infinite-scrolling-premium/assets/js/jquery.blockUI.min.js?ver=5.8.9
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
12f97139f9fe50f02ba4db749deb14c265b7f16c7ccbbc98b2d4cf7a13573f86

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Feb 2024 19:39:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Jul 2023 07:13:57 GMT
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"64c21935-2553"
age
158261
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
f7J84pnomWCR7GlUTmBKbq51AOCs_WDC-W0Wp2nL-XwXhD4MNb0z9Q==
yith.infinitescroll.min.js
livewell.com/wp-content/plugins/yith-infinite-scrolling-premium/assets/js/
4 KB
2 KB
Script
General
Full URL
https://livewell.com/wp-content/plugins/yith-infinite-scrolling-premium/assets/js/yith.infinitescroll.min.js?ver=1.1.9
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
6c544d17eb8650884004f007210af8681f171c21879ec75187dfb445d40d6ff6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Feb 2024 19:39:55 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Jul 2023 07:13:57 GMT
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"64c21935-ebb"
age
158261
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
wjwl8pZRNK48VcX3SZPg9jNQS79bjr47Yd4HI1movWzwMMEzse84Mg==
yith-infs.min.js
livewell.com/wp-content/plugins/yith-infinite-scrolling-premium/assets/js/
717 B
797 B
Script
General
Full URL
https://livewell.com/wp-content/plugins/yith-infinite-scrolling-premium/assets/js/yith-infs.min.js?ver=1.1.9
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
25ab1d2e7196cbe6dabe0a76717807d9dfc98f629515a4e4c35c3666421d91aa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Feb 2024 19:39:55 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Jul 2023 07:13:57 GMT
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"64c21935-2cd"
age
158261
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
mdlHxaHMCIeGnAXqpVuylbyHa_k923I4pzVV-nFu-adtpOPqWNkQvA==
blog-ajax.js
livewell.com/wp-content/themes/livewell/js/
4 KB
2 KB
Script
General
Full URL
https://livewell.com/wp-content/themes/livewell/js/blog-ajax.js?ver=1692860922
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
37f0c389442e24dc9ff92956b0f76ef6844091f0079a881f1d7ab18cf42b7019

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Feb 2024 19:39:55 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Aug 2023 07:08:42 GMT
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"64e701fa-100f"
age
158260
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
InIhjT-yTveXdLvtSCF-LavY98uPejo0UBPt0cXmMkX-Rgosic34CA==
cat-ajax.js
livewell.com/wp-content/themes/livewell/js/
4 KB
2 KB
Script
General
Full URL
https://livewell.com/wp-content/themes/livewell/js/cat-ajax.js?ver=5.8.9
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
cf657f8b2984c69d98770488d888abfc6fa5ac42b6d116e4f8f5c8a200d4f273

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Feb 2024 19:39:55 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Aug 2023 07:08:42 GMT
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"64e701fa-10a1"
age
158261
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
AbQ79EAMjybAeSqbPZTT9DYn1Oy2F38FgoAp2AYYtZecsHJB2csPYA==
autosuggest-script.min.js
livewell.com/wp-content/plugins/elasticpress/dist/js/
76 KB
31 KB
Script
General
Full URL
https://livewell.com/wp-content/plugins/elasticpress/dist/js/autosuggest-script.min.js?ver=3.6.2
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
9147b03e2448cc9781f6d36688cf9394b7b56ff8deaf7b9fd1d1202070e1731c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Feb 2024 19:39:55 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Jul 2023 07:13:49 GMT
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"64c2192d-12fd7"
age
158261
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
UPUvztZAQaQnv-KA2WTCqJ24oycareaUHlHK1FYNsEjV5LHs0Aj0iA==
scripts.min.js
livewell.com/wp-content/plugins/aawp/public/assets/js/
6 KB
3 KB
Script
General
Full URL
https://livewell.com/wp-content/plugins/aawp/public/assets/js/scripts.min.js?ver=3.10.1
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
8f35c432ef7803e28c0614de19f9947158be185d8e94f08906aa958090b31795

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Feb 2024 19:39:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Jul 2023 07:13:42 GMT
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"64c21926-16b9"
age
158261
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
IHirEa8KWtNTCnm7M9TORibggszH8ZArwZrvvm7uldhF8KEuHxqbLg==
lazyload-ads.js
livewell.com/wp-content/themes/livewell/js/
5 KB
2 KB
Script
General
Full URL
https://livewell.com/wp-content/themes/livewell/js/lazyload-ads.js?ver=1.0.0
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-54.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
7cb0fcd5fde7e75943b3b9ee2170d624758b6f9026b40fc61f438b7688aae59c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Feb 2024 19:39:55 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Aug 2023 07:08:42 GMT
server
nginx
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
etag
W/"64e701fa-1478"
age
158261
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
DfYAtDI9uHU7NBvmZB4i7Ic8wtycunuYoAiwj41ChuNiCLBdl1Ui-A==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
148 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5734292711266667
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92807a96adf208df8b4eafda815a22be4d34c4965e6e2531074fbf0fe3469ad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://livewell.com/finance/orsetto-gang-nft/
Origin
https://livewell.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51219
x-xss-protection
0
server
cafe
etag
12918703112249263430
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 25 Feb 2024 15:37:49 GMT
SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2
fonts.gstatic.com/s/droidsans/v12/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://livewell.com/
Origin
https://livewell.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 10:45:02 GMT
x-content-type-options
nosniff
age
449567
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11236
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 02:00:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Feb 2025 10:45:02 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/
76 KB
77 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://livewell.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:48 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
221707
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
78268
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-131bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxatUQVJ5xqoyI9%2Fo4%2FhG5TeFFOO6Bi1pDtKjDFziSjGaRW6TX6AYVc2yqbVQ5yncRk5Py0ySpTSOVfvjKnYYCdkMS5IzZ9dNUHm6kw3Wky1i7Cgo%2B8IHre%2F1Oiw%2BdmwVAZdsyNoZdV0o%2B4OzUmjQJD5"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85b108212f3c0a5d-AMS
expires
Fri, 14 Feb 2025 15:37:48 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://livewell.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:48 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1527650
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
76736
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-12bc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5r8Y3bMLHZE%2FXr0xUEoxqJgMo8v7BGgJ%2FCnqrPto%2BlrIyoKmSWQCC3PAD1NgYBFqLCEU4Ak2r3R6nwQUeU36YW5Py9e8WKLIxJrgWfH5nJ49HvhMbJmFK3pWVnw3DAjrgkCic5CCse9jy%2F%2BCrf7u2Qxz"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85b108211f330a5d-AMS
expires
Fri, 14 Feb 2025 15:37:48 GMT
ProximaNova-LightIt.woff
cdn.jsdelivr.net/npm/font-proxima-nova@1.0.1/fonts/
54 KB
55 KB
Font
General
Full URL
https://cdn.jsdelivr.net/npm/font-proxima-nova@1.0.1/fonts/ProximaNova-LightIt.woff
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/font-proxima-nova@1.0.1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dd6ba4379c6a5face7079b4906ce06e9bb1b9d31d005949faee94059ac078b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/font-proxima-nova@1.0.1/style.css
Origin
https://livewell.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7599977
x-jsd-version
1.0.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
55152
x-served-by
cache-fra-etou8220065-FRA, cache-ams21035-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"d770-5ytDyaIGZq9pUwT62ZUb75gAinU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQJY7dXe6qCKED2rHLiHIkhDL%2BvKJWLELg4Zi2YeS%2FYj3y%2FamA6FG4biC8CIojk3Z8VNXLoTgYfVlZ4JQRX%2BsbkGgnklX%2BzJMyULq4awTgneXSbt%2BaSaDDzwlTR%2BneKPgOLSsYRd8SjcLY9rglo%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85b108213d870e34-AMS
SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v18/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans:300,400,700,900&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://livewell.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 01:14:29 GMT
x-content-type-options
nosniff
age
397400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22376
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Feb 2025 01:14:29 GMT
SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v18/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans:300,400,700,900&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://livewell.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 07:40:39 GMT
x-content-type-options
nosniff
age
374230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21224
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:04:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Feb 2025 07:40:39 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
90 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/live-well.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55dd893400498ae043476da6607a655bedbd6ef1b66158a65f74ec787dc1757f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28940
x-xss-protection
0
server
cafe
etag
570 / 19778 / 31081366 / config-hash: 2958856145408218626
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 25 Feb 2024 15:37:49 GMT
countryLookup
scripts.mediavine.com/flooring/
77 B
187 B
XHR
General
Full URL
https://scripts.mediavine.com/flooring/countryLookup
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/live-well.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
0590b75f54abd444bf08d56464cdd74fa582d7b4c4ad654eef89713fb02564c7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-served-by
cache-ams21033-AMS
date
Sun, 25 Feb 2024 15:37:49 GMT
via
1.1 varnish
strict-transport-security
max-age=300
server
Varnish
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
77
retry-after
0
x-cache-hits
0
settings.json
scripts.mediavine.com/launcher/
8 KB
2 KB
XHR
General
Full URL
https://scripts.mediavine.com/launcher/settings.json?off=mediavine
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/live-well.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
420b9de35e72409ab9048afccd2a596fe065ab7f672692289806d625335b3b1c
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:49 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
145631
x-powered-by
Express
x-cache
HIT, HIT
content-length
1493
x-served-by
cache-iad-kjyo7100137-IAD, cache-ams21033-AMS
x-timer
S1708875469.030783,VS0,VE0
etag
W/"1ed3-Jrr8XB/4tyeV7ZiZ7DRe1Tt8HPU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
accept-ranges
bytes
x-cache-hits
50, 32213
wrapper.min.js
scripts.mediavine.com/tags/2.95.36-vidImpFix/
175 KB
57 KB
Script
General
Full URL
https://scripts.mediavine.com/tags/2.95.36-vidImpFix/wrapper.min.js?bust=1918904904
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/live-well.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 / Express
Resource Hash
6738d8c0c676706db8e822f2d200058db56d132c612ba81967b4a9946c3801c3
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:49 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
Z6MWNQH38GFGME0J
age
152434
x-powered-by
Express
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
x-amz-meta-surrogate-control
max-age=2592000, stale-if-error=86400, stale-while-revalidate=60
x-amz-meta-surrogate-key
web web/2.95.36-vidImpFix/wrapper.min.js
content-length
57213
x-amz-id-2
NXNr+NcCnUgjqFc8yXT81f4vshJ3Zi5R2xMXmZSbB0+X+L+oW0gcw8g3BcpFiU8dz58jQtPHj/Y=
x-served-by
cache-iad-kiad7000124-IAD, cache-ams21068-AMS
last-modified
Fri, 23 Feb 2024 20:47:14 GMT
server
AmazonS3
x-timer
S1708875469.058797,VS0,VE0
etag
"8b966587d5706a982170b7dd25c181c0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 5506
usersync.min.js
exchange.mediavine.com/
13 KB
5 KB
Script
General
Full URL
https://exchange.mediavine.com/usersync.min.js?s2sVersion=production
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/live-well.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.167.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-167-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c17b834d0c4ad3e7d09bbd0b5ad2e61f4bf4905f31769a5ed4a3184a6dc1a265

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:49 GMT
content-encoding
gzip
last-modified
Thu, 22 Feb 2024 16:20:35 GMT
etag
W/"334b-18dd19e677e"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
no-cache, private
access-control-allow-credentials
true
accept-ranges
bytes
web.keywords.js
keywords.mediavine.com/keyword/
227 B
290 B
Script
General
Full URL
https://keywords.mediavine.com/keyword/web.keywords.js?pageUrl=https://livewell.com/finance/orsetto-gang-nft/
Requested by
Host: scripts.mediavine.com
URL: https://scripts.mediavine.com/tags/live-well.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
3b43268232a58ec5ac83e519f47de92cd6cef366a46e9e4e6798bccf110fc719

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-served-by
cache-iad-kiad7000041-IAD, cache-ams21068-AMS
date
Sun, 25 Feb 2024 15:37:49 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
23
x-timer
S1708875469.058749,VS0,VE1
x-powered-by
Express
vary
Origin, Accept-Encoding
x-cache
MISS, HIT
content-type
text/html; charset=utf-8
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-length
104
x-cache-hits
0, 1
js
www.googletagmanager.com/gtag/
223 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EYTYKY54ER&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM5PXBLK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
15fcae57c22d45033c1563f607b9584bb1439b4f33c570c4dc0af278b88f72f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81393
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 25 Feb 2024 15:37:49 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/
408 KB
138 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5734292711266667&plah=livewell.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5734292711266667
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43a511d78f7f81d97dfa8e64cd0e90b89524847addd8fc33d9f90f1079fcdf9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141577
x-xss-protection
0
server
cafe
etag
9154931270055131866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 25 Feb 2024 15:37:49 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/ Frame 19B7
9 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5734292711266667
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://livewell.com/finance/orsetto-gang-nft/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
83800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Feb 2024 16:21:09 GMT
etag
3890843268177463596
expires
Sat, 09 Mar 2024 16:21:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402210101/
428 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402210101/pubads_impl.js?cb=31081366
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d027ad2dad4c2831725b8ad14fcdbc691c6f140ea48c348968846396b04d550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 11:01:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
16577
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138051
x-xss-protection
0
server
cafe
etag
16002454856663069837
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 24 Feb 2025 11:01:32 GMT
collect
region1.google-analytics.com/g/
0
253 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-EYTYKY54ER&gtm=45je42l0v9108607049z89166513353za200&_p=1708875468877&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=738305263.1708875469&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1708875469&sct=1&seg=0&dl=https%3A%2F%2Flivewell.com%2Ffinance%2Forsetto-gang-nft%2F&dt=Orsetto%20Gang%20Unleashed%3A%20Charting%20a%20New%20Course%20in%20the%20NFT%20Universe%20%7C%20LiveWell&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=583
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYTYKY54ER&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Feb 2024 15:37:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://livewell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ob.js
cdn-ima.33across.com/
17 KB
6 KB
Script
General
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402210101/pubads_impl.js?cb=31081366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1280517470c638e05a2b686b74a13681c23ae8594311fa9a0d12fd4e8c43dd1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:49 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 15 Feb 2024 19:54:16 GMT
server
cloudflare
age
242045
etag
W/"65ce6be8-42fc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
85b10824f81166d0-AMS
expires
Wed, 28 Feb 2024 15:37:49 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
1 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402210101/pubads_impl.js?cb=31081366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:49 GMT
via
1.1 google, 1.1 google
last-modified
Mon, 05 Feb 2024 22:07:56 GMT
server
Google Frontend
etag
cd19e0900da0cdbc6697310fd9330fb6
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
8adb7a106b44c213186fc100ed07ccf3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1195
publishertag.ids.js
static.criteo.net/js/ld/
41 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402210101/pubads_impl.js?cb=31081366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
309c794d20c6824c9c401713bc7ba07938e85509e557ddbc944f6fa17e7b7469
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 07 Feb 2024 07:37:39 GMT
server
nginx
etag
W/"65c33343-a585"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 26 Feb 2024 15:37:49 GMT
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402210101/pubads_impl.js?cb=31081366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:43:21 GMT
content-encoding
gzip
age
1007668
x-guploader-uploadid
ABPtcPqDJBgw5lbXx_MXLPrKDqlcjI1Yy7bJYR_K2I_ClZZvBsTMIeJkXtltHF8JmrZOMVfpfmeh2sl-6g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Wed, 12 Feb 2025 23:43:21 GMT
connectId-gpt.js
connectid.analytics.yahoo.com/
9 KB
9 KB
Script
General
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402210101/pubads_impl.js?cb=31081366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6c00:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 14:51:13 GMT
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
FRA56-P2
age
2797
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
7zLwBrh12AKiq97YTHQeAufjqp-Kuzm86UvokLcHCvYagGw4xQUAMA==
ads
securepubads.g.doubleclick.net/gampad/
58 KB
22 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2678596128269357&correlator=3641951186864204&eid=44809527%2C95323524%2C31081366&output=ldjh&gdfp_req=1&vrg=202402210101&ptt=17&impl=fif&iu_parts=1030006%3A21892875819%2Cverification&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1708875469457&lmt=1708875469&adxs=0&adys=11866&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Flivewell.com%2Ffinance%2Forsetto-gang-nft%2F&vis=1&psz=1600x12169&msz=1600x0&fws=0&ohw=0&ga_vid=738305263.1708875469&ga_sid=1708875469&ga_hid=520575634&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRiOpamH3jFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGI6lqYfeMUgAUgIIZBIXCghydGJob3VzZRiOpamH3jFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YjqWph94xSABSAghkEhQKBW9wZW54GI6lqYfeMUgAUgIIZA..&dlt=1708875468846&idt=586&adks=1880674988&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402210101/pubads_impl.js?cb=31081366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0270c0c1227fd479fae97bb93f577fddbd11b99d9476e4d07328141e47de5f0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22643
x-xss-protection
0
google-lineitem-id
5749348750
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138357733377
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://livewell.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ebefb1dfc4f723380db0071730d124cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7DA7
6 KB
3 KB
Document
General
Full URL
https://ebefb1dfc4f723380db0071730d124cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402210101/pubads_impl.js?cb=31081366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://livewell.com/finance/orsetto-gang-nft/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Feb 2024 15:37:49 GMT
expires
Mon, 24 Feb 2025 15:37:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-5734292711266667
fundingchoicesmessages.google.com/i/
182 KB
61 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-5734292711266667?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5734292711266667&plah=livewell.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bfdec2013b12254a3ffe56d23f91c1c031912d29713a6cae47571139aec9349e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-eYZKCA8pP2w-onmS3vuP9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-eYZKCA8pP2w-onmS3vuP9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsKoxSXF4KEhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBDHPJ_OmgLEi1lnsK4GYqf0GaxBQPw5cwbrbyD2qZ_BGgPEpivPs9oCsRAPx9m9b9exCbw492QTEwCVnkRU"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9734
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDgmXZGqEyRXmkDatMMexEzozzfj8GkG_5XsOiEIE4eR3-ckM2a5fIDAlJRRDXNs7uutQGDcUiqApHVAO0fQbM-7a5QBV6INIJ5RSeqcCYE3L2F0rHtkTudpFX-0-n_A3EzGIscHivmBgAqHfU9zyDlFx8PPicFng1opU1-HS700h3E8ilJwQ_zPxJxy_ygQKz_VoNomXOEz7Q6ZTLArbNrDDOhdc8AEVN-j8KWuq7PIOzPc_hyxraOZdqrZLzEpE4Esulw9agDkFbEzTjhM6zF6PkJu3J2gmV2kf54TuqwnRl23e56ejaB5UlBGZTOOFmn5f1Af8nC87aRarsPq8UzQ&sai=AMfl-YQiDA1T67EsA5SGO5y9WpkM9msjYhXARBFEtTFa_HXRPvhCVu9tCYjRtt4Jt4oOR5KvAQ_4lK2Njxi_vCnbSwsKbYue0TlKRJav9R1hDtAFgdrrnaO7mi4si3DDcdnLhmk4HnI39TLxRRT1JUWXOeci&sig=Cg0ArKJSzH5FTdW89llHEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 25 Feb 2024 15:37:49 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/ Frame 9734
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402210101/pubads_impl.js?cb=31081366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 10:08:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
19777
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8988
x-xss-protection
0
server
cafe
etag
12564770436581814922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 10:08:12 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/ Frame 9734
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240221/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402210101/pubads_impl.js?cb=31081366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 10:08:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
19777
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Mar 2024 10:08:12 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9734
204 KB
61 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402210101/pubads_impl.js?cb=31081366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 14:49:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
2901
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62895
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 25 Feb 2024 15:49:28 GMT
1492905321665597932
tpc.googlesyndication.com/simgad/ Frame 9734
83 B
461 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1492905321665597932
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402210101/pubads_impl.js?cb=31081366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b74830261e106630a797d84ff1ce0f627b6d4a9ef17fff285bf4fc6dababad2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires
Mon, 24 Feb 2025 03:14:00 GMT
date
Sun, 25 Feb 2024 03:14:00 GMT
x-content-type-options
nosniff
age
44629
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83
x-xss-protection
0
last-modified
Wed, 28 Jul 2021 14:14:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 9734
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a69aea433e06583acac5594b87daf2c9c9fbe2a445db2eed3e23b9fce017c735

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
image/png
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Flivewell.com%2Ffinance%2Forsetto-gang-nft%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Flivewell.com%2Ffinance%2Forsetto-gang-nft%2F&rid=esp&cc=1
85 B
196 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Flivewell.com%2Ffinance%2Forsetto-gang-nft%2F&rid=esp&cc=1
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
5757da8f9b68bf494d494400961ad81925077b35c17caae349c22d5650fd3d59

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:49 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-qDp+zbgAbE4aBEZUDSb0rPXAHkY"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://livewell.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sun, 25 Feb 2024 15:37:49 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://livewell.com
location
/esp?url=https%3A%2F%2Flivewell.com%2Ffinance%2Forsetto-gang-nft%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
syncframe
gum.criteo.com/ Frame 43D0
14 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=livewell.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://livewell.com/finance/orsetto-gang-nft/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 25 Feb 2024 15:37:48 GMT
server
Kestrel
server-processing-duration-in-ticks
320729
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
fed
ups.analytics.yahoo.com/ups/58813/
2 B
202 B
XHR
General
Full URL
https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Flivewell.com%2Ffinance%2Forsetto-gang-nft%2F
Requested by
Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:49 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://livewell.com
content-type
application/json
access-control-allow-credentials
true
sid
mug.criteo.com/ Frame 43D0
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=livewell.com&sn=ChromeSyncframe&so=0&topUrl=livewell.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=oRxwYHwwQUVVSEVrZGhPeVZHV2NjWU13OGl5dEpWTklQcEsvajd2UUJhR3lmNXlOTnByQWp1UzhkWXpTN0U3YVkwZVJBZFJWQlQrRVl4N0MwbUlSWXBLNkpRVWRLcE13TlFHeDBmU1dqdEtKTzJxWjZ5ZmFFVi96Rm1vdW...
428 B
655 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=oRxwYHwwQUVVSEVrZGhPeVZHV2NjWU13OGl5dEpWTklQcEsvajd2UUJhR3lmNXlOTnByQWp1UzhkWXpTN0U3YVkwZVJBZFJWQlQrRVl4N0MwbUlSWXBLNkpRVWRLcE13TlFHeDBmU1dqdEtKTzJxWjZ5ZmFFVi96Rm1vdW9IeGRHVnAxckFuRk5lSUZNUkI1QlJoRERFeEVIY3VuNXNXdkdhcktlWjh2T3puZnl4QXBXNFVVOHRCelE2TzZtZHVDTUZ4ajJWMm9OVlRINTBsMm5ZMzdpSktSZ28rNWpHV0k1MS9rdjZZaE04Vmp6cW5qb05JSytna0VtcFRMbnlWQ1FCU0NSeXk1ZVRncTNvaktnSDZFZUtocm5jN24zRkJIcmc4TXMrYzlBSG9VUEJTRT18&cppv=2
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
11ade773dae659174bf95194e543840cd650efa6147126464d362198510a014f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Feb 2024 15:37:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2260461
expires
0

Redirect headers

pragma
no-cache
date
Sun, 25 Feb 2024 15:37:48 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=oRxwYHwwQUVVSEVrZGhPeVZHV2NjWU13OGl5dEpWTklQcEsvajd2UUJhR3lmNXlOTnByQWp1UzhkWXpTN0U3YVkwZVJBZFJWQlQrRVl4N0MwbUlSWXBLNkpRVWRLcE13TlFHeDBmU1dqdEtKTzJxWjZ5ZmFFVi96Rm1vdW9IeGRHVnAxckFuRk5lSUZNUkI1QlJoRERFeEVIY3VuNXNXdkdhcktlWjh2T3puZnl4QXBXNFVVOHRCelE2TzZtZHVDTUZ4ajJWMm9OVlRINTBsMm5ZMzdpSktSZ28rNWpHV0k1MS9rdjZZaE04Vmp6cW5qb05JSytna0VtcFRMbnlWQ1FCU0NSeXk1ZVRncTNvaktnSDZFZUtocm5jN24zRkJIcmc4TXMrYzlBSG9VUEJTRT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
268484
content-length
0
expires
0
AGSKWxXOybUGHWlqiKB-CLKSkA4uQyVXQ5H8vybzU-EXSzeduWAxNb_o2hil8R4SQf51yhjVr_JsxFHwUlyWhLnDDycaAmacgyfqZyrOuvh5H81wt6rGWqdXQQ1RM42ddTm_qbvpJaBphw==
fundingchoicesmessages.google.com/f/
391 KB
60 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXOybUGHWlqiKB-CLKSkA4uQyVXQ5H8vybzU-EXSzeduWAxNb_o2hil8R4SQf51yhjVr_JsxFHwUlyWhLnDDycaAmacgyfqZyrOuvh5H81wt6rGWqdXQQ1RM42ddTm_qbvpJaBphw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4ODc1NDY5LDcyMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9saXZld2VsbC5jb20vZmluYW5jZS9vcnNldHRvLWdhbmctbmZ0LyIsbnVsbCxbWzgsIjZUR0xJVEhmVzZjIl0sWzksIm5sIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.6TGLITHfW6c.es5.O/am=wA/d=1/rs=AJlcJMx_7SBia_meprjJ0MY6Le_YpBmfzw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
752b88a80fb1b4a0e16222f275e6c5eb04c17a242789b511273c27cb90e86e35
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b5uFHDmJWNHXIfHBKsX-Wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-b5uFHDmJWNHXIfHBKsX-Wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4K0hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTz9SWTBBBrAPE7yVdM34B4h48HC9-66awqQKy7fjprKBDHPJ_OmgLEi1lnsK4GYqf0GaxBQPw5cwbrbyD2qZ_BGgPEpivPs9oCsRAPx9m9b9exCTTcfjiJGQCVXEPa"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9734
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssd4N-Jzm-q9UV4sqWulBgvysUQ_-grD6cC8qwRMy7BIbuvC9Uhnxl_REXvwvAmHh8T2J2yskpfu3SAoVcSaMweJatqLqdfPZIGtK0_C_nTvBL6_xnZsnykrTOOcwsyhAroxGkW0k0rd0IJpKy34KbwZ5qfmk425rwSUHqoHv_d1JYRlLeR5Sb1sguviRgjabslKT3VCixOm-fN8x1c777dnp0r_i0eEU9mfpU8gosuZwfX_xHt_o2I43exFEV1VCOOEasiW-LbhRxDqwnPFq1_GgX_XArYJCClg9WLvL8PAv2J0lr2_2dylyR0fEAMk1-R1PUeUxJmIITetqbuJ6MKQY6u&sai=AMfl-YR6kr26wJEUtY1FjGZUnYO-tCZbQmSn2h7JkfCSx5hrTt9SY3Vt3-ciFMhlyZYH3ROjA7uMy_sVuTQoK8cD9CzFmosHyq4qGLmlMMlSWmsb7_lFiIECJINivgmnxsjFtWD-5SXDXRDKxTEiD9UOXO94&sig=Cg0ArKJSzOv5ox2i9ZLHEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 25 Feb 2024 15:37:49 GMT
css
fonts.googleapis.com/
107 KB
6 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.6TGLITHfW6c.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzyBGdcPSD2W3SHA7E-JQwIzajjGg/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
10714421e06d1b3cd77ddf70bb8d6ad17da0e6f725e33aee3db23c54295977a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 25 Feb 2024 15:37:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 25 Feb 2024 15:37:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Feb 2024 15:37:49 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://livewell.com/
Origin
https://livewell.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 03:51:57 GMT
x-content-type-options
nosniff
age
387952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Feb 2025 03:51:57 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/
125 KB
126 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: livewell.com
URL: https://livewell.com/finance/orsetto-gang-nft/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://livewell.com/
Origin
https://livewell.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 05:34:50 GMT
x-content-type-options
nosniff
age
381779
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Feb 2025 05:34:50 GMT
AGSKWxWvlMWiHY5nME9zVYlWu6Ggn3pjhPfPAufy6NoLMvwBMgzBny1g1BuwNBhSiUPWzy18kU0kY3qfdmiIAe3jpMtFUFPpb3SAN_nYu-5NLjoBKLHv7XWUqg49988vUcE1xV8ff90plA==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWvlMWiHY5nME9zVYlWu6Ggn3pjhPfPAufy6NoLMvwBMgzBny1g1BuwNBhSiUPWzy18kU0kY3qfdmiIAe3jpMtFUFPpb3SAN_nYu-5NLjoBKLHv7XWUqg49988vUcE1xV8ff90plA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.6TGLITHfW6c.es5.O/am=wA/d=1/rs=AJlcJMx_7SBia_meprjJ0MY6Le_YpBmfzw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-to9amH_ADdQ4uFEO7Ro3vQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://livewell.com/finance/orsetto-gang-nft/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Feb 2024 15:37:50 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-to9amH_ADdQ4uFEO7Ro3vQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYQIBbi5ji39-06NoGObzflATLgFWs"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://livewell.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 289A
199 B
298 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://livewell.com/finance/orsetto-gang-nft/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Sun, 25 Feb 2024 15:37:50 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402210101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402210101/pubads_impl.js?cb=31081366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
debcf3d1f4f9ee8ad4fec145f9b9cb998867614b806b0ea79104a2dbfa8c95e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12477
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402210101/pubads_impl.js?cb=31081366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 25 Feb 2024 15:37:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ABEA
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://livewell.com/finance/orsetto-gang-nft/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
7447
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Feb 2024 13:33:43 GMT
expires
Mon, 24 Feb 2025 13:33:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A5D1
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6ec5ad118a76b5cb27388ccab39b1dc29752866ae4868d9beaafc0ddf3f4e537
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0EJ53u_Ed0hXXD70IquSMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://livewell.com/finance/orsetto-gang-nft/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-0EJ53u_Ed0hXXD70IquSMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 25 Feb 2024 15:37:50 GMT
expires
Sun, 25 Feb 2024 15:37:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js
pagead2.googlesyndication.com/bg/ Frame ABEA
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 13:49:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
6496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15302
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Feb 2025 13:49:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A5D1
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402210101&jk=2678596128269357&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame ABEA
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?iUVZzA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 15:37:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402210101&jk=2678596128269357&bg=!JCelJ2jNAAZ3BdUuVwU7ADQBe5WfOPzHNGoJz9cV9qe-bpocLvh5x1XtJFvsoo0U13xqCh6ZJLukptFpt35N9RpbekYkAgAAADRSAAAAAmgBBwoAVQELhE3ejEwMkli96K6vEpyjNqKgha1jY1-EI9mDVOgzBRiwBh5hp860gZgOMbKPMqsa53UKOKVBATfOOY2aGcEhrFYDcaCKcnet_Aim1xSKAUO5QCSZAv5jI6oBLL9VwwyZk8d2cY5Ig650y4qq2TdbkU-iMZNyPwp43zlOgzh4GcrVvOekiWiylrys-hvsEppV9rsG5XMOF9xoquv60aaeWJ45zLNM4Hy6Q-mLIbEmbFrDPCZviNQEX4c-yX5fAlqy4fa3JvdyFqD2-zoc3AN4r9q-7n_vcOK_MmKPsp6BTbOWiKVm_cF_25TevVqb_YhjeZznyW3N6f0IHy2Qkoa3RqGEZTc-gxVMWToLwkmgbe2Vfhk1DaFK8Ad24Hlhkxi5QQMtni6J1y2bkwqjwTxdki8C_fjITVrQIp9YyqI5cJWzYOQhrYc8JdIbOFfgifj5FcDjE1kOYEg2RBtiUz_qwl35TIDiluKDowri6BpmFtOsn6HUJhrT4tuvD8z6INyQX_QTxXyBKTWjpP5a1MYihfyyg9EmFo5E6mkWmejt0rhXHCQ5N81_6lgbQLvzh5TwM7HFN-MXaN-yX9XMuLymGtharkoAgwfFafU1Cf0VfPFae_Wh6Zwyl-eA99ZC-z471n7jA8U4wxYGKuiKP87fA96SEPxOgVTZ5dvIS9wzm2sdJnxa1NSJGYp7NK1bt5Jn3zUesnDUhdWVMF1lXIIvuiXrHDVMM5Lfh3yGmuQoZ4mCUQ10lydpP6-c4an_-JnP9_asrzjHipsZwLM0_cVSjkJJPJ_CHOGxUFRjavruKW8TEceOgDqaEqFoq8OSm_kDD82oK41G8SOjt1mxQeyGHDFRoAJg6SaxfvAWOAMU7E0z5JMhATeU0Y7jPXT6dK_HMal65bjRCTU-MwURdhYVFWyoZDQdKyVHV7ocr2SjwsYxvHaiONHLqhdGqh8psEZHUR7rxUlkWgM59qlakgvjzPmKG_eUSNg4vvo36Ua8xiJh2w7RnxrnUy74ad5TY8XPCuRkGidSHPIUnHDB3JYOFuoc9BRQwkxN8QFALVRaW0IbqGSSgrLmHM1JxNRhBqn80L890lzvXq68qhMPO_goIwwFQ7YvLB2TgwFv6hAb9WSKvP2A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://livewell.com/finance/orsetto-gang-nft/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
z-na.amazon-adsystem.com
URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=35b86c14-d024-4a6f-9893-d2877e199c80

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| dataLayer function| gtag object| adsbygoogle object| ajax_scrol object| mediavineLocalModel object| amcLocalModel object| localModel object| localModelOverrides object| proxyHandler object| $adManagementConfig object| $mediavine object| googletag undefined| $ function| jQuery object| bliss_loadmore_params object| yith_infs_script object| yith_infs_premium object| blog_loadmore_params object| cat_loadmore_params object| epas function| Cookies function| copyToClipboard function| bindLazyloadImg function| rebindLazyloadAds object| google_tag_manager object| google_tag_data object| regeneratorRuntime object| epasAPI object| mvWrapperJsonp object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaGlobal function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_150 object| Criteo object| Criteo_identitytag_150 object| _33across object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YTExZTQwNGNhMDg5ZDc2MWxvYWRlcl9qcw== string| YTExZTQwNGNhMDg5ZDc2MWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| GoogleGcLKhOms object| google_image_requests

12 Cookies

Domain/Path Name / Value
scripts.mediavine.com/ Name: AWSALBCORS
Value: u3aDSCR44Xo8hJbrbXRhJZsaxfxzNso9zJ7oqjvcDRqej2HgBoZZfz9XEMx4hQPWSlA5mfC711o435KJO1SmPiUql6DC7CKtftj0HPs98NphDpwh6vYm/xu78uNf
.livewell.com/ Name: _ga_EYTYKY54ER
Value: GS1.1.1708875469.1.0.1708875469.0.0.0
.livewell.com/ Name: _ga
Value: GA1.1.738305263.1708875469
.livewell.com/ Name: __gads
Value: ID=d085e57f2b77c03d:T=1708875469:RT=1708875469:S=ALNI_MY4PbA65ddWicl3f6GSIugcJLXkLA
.livewell.com/ Name: __gpi
Value: UID=00000d62601a5fb7:T=1708875469:RT=1708875469:S=ALNI_MZmXp1cZ9TifPpWDhUO48jOX28e2w
.livewell.com/ Name: __eoi
Value: ID=b129b5b109edf23a:T=1708875469:RT=1708875469:S=AA-Afja3yGwzV5q-1zAXAhEIduB0
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 7dfa4f72-6ca1-4348-a616-4dcf9ec43364
.doubleclick.net/ Name: IDE
Value: AHWqTUnppZVW2KTfhSS1jYoSPZbB_TTO2wAgIluD2Dupx3qT0JR0If3vST1C38dXKso
.livewell.com/ Name: cto_bundle
Value: UPkfaV94cmpGQUxUSnhaTFU1Uk85bGpneWowaDY3Vlk0a1glMkI4dWc4ZGpWcHRDUHBjdkw5SEQyaUJZOEVURGdyMkdwUyUyQmVzZFFTNWN4QXo1ZWlOSjAlMkYzZlhqVnZvNXY3WWJ2cFIzVHVYWiUyRnp3MjRzcHFBUHJ6b1RpYTZRczdhUUFlUW95UzBvb1I5dnA5c0pBZW1rY3dCaGZYUSUzRCUzRA
.livewell.com/ Name: connectId
Value: {"ttl":86400000,"lastUsed":1708875469776,"lastSynced":1708875469776}
.openx.net/ Name: i
Value: 1261c8a2-75c8-4df9-b74a-a92a39e35065|1708875469

15 Console Messages

Source Level URL
Text
network error URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=35b86c14-d024-4a6f-9893-d2877e199c80
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://livewell.com/finance/orsetto-gang-nft/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://livewell.com/finance/orsetto-gang-nft/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://livewell.com/finance/orsetto-gang-nft/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://livewell.com/finance/orsetto-gang-nft/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://livewell.com/finance/orsetto-gang-nft/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://livewell.com/finance/orsetto-gang-nft/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://livewell.com/finance/orsetto-gang-nft/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://livewell.com/finance/orsetto-gang-nft/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://livewell.com/finance/orsetto-gang-nft/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://livewell.com/finance/orsetto-gang-nft/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://livewell.com/finance/orsetto-gang-nft/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://livewell.com/finance/orsetto-gang-nft/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://livewell.com/finance/orsetto-gang-nft/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://livewell.com/finance/orsetto-gang-nft/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-ima.33across.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
connectid.analytics.yahoo.com
ebefb1dfc4f723380db0071730d124cd.safeframe.googlesyndication.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
invstatic101.creativecdn.com
keywords.mediavine.com
livewell.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
region1.google-analytics.com
scripts.mediavine.com
securepubads.g.doubleclick.net
static.criteo.net
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.google.com
www.googletagmanager.com
www.orsettogang.com
z-na.amazon-adsystem.com
z-na.amazon-adsystem.com
151.101.1.181
172.64.152.89
18.245.31.54
2001:4860:4802:34::36
2600:9000:223c:6c00:10:dd8:5e40:93a1
2606:4700::6810:5714
2606:4700::6811:180e
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a02:2638:3::3
2a02:2638:3::c
2a06:98c1:3120::3
3.71.149.231
34.102.146.192
34.120.135.53
34.96.70.87
34.98.64.218
35.158.167.124
014fd58cad6665430b5bf90b9bcdf86272b087e8062a02ecdae19f44c2325b4c
0270c0c1227fd479fae97bb93f577fddbd11b99d9476e4d07328141e47de5f0b
0590b75f54abd444bf08d56464cdd74fa582d7b4c4ad654eef89713fb02564c7
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
06e517345f30c3bd146d4aac9a4c16e52ab88cc9902b1961fee0e544daf9176b
09c46ffacb2b034a7773e6c62f6abbbdccfbf25dfb6e78179b26b24fb0cdcfe3
0aa754cb7fb279dabfeb7f1419f4dcb57223532300943e222385d6d7bfb3e26e
0d027ad2dad4c2831725b8ad14fcdbc691c6f140ea48c348968846396b04d550
10714421e06d1b3cd77ddf70bb8d6ad17da0e6f725e33aee3db23c54295977a0
11ade773dae659174bf95194e543840cd650efa6147126464d362198510a014f
12f97139f9fe50f02ba4db749deb14c265b7f16c7ccbbc98b2d4cf7a13573f86
15fcae57c22d45033c1563f607b9584bb1439b4f33c570c4dc0af278b88f72f8
165ce2d5d95d9c763587cbff902a517f442bfdac00cec2c7e0dd0ff7c682df1d
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
21e2a2faedf44c85b43ba05569eb7338ce3d81311cddccced14875edebea2170
225a0f73d490599c3c631b22658b5c92335631eacd2ce329509d6b01b38e1a09
230c062e57370629565d539e7bc875c6a8d8f5c39e1ebf9274954d54f5845e07
246c5c320207b803af4f0de7b0f06d494251ea80774f26c87c96a2e77766ffc8
25ab1d2e7196cbe6dabe0a76717807d9dfc98f629515a4e4c35c3666421d91aa
2dd6ba4379c6a5face7079b4906ce06e9bb1b9d31d005949faee94059ac078b2
2f577621dfa0ad80439c819cdba29d9cc5928e4f35d9b6bbb3406aa2f3033811
309c794d20c6824c9c401713bc7ba07938e85509e557ddbc944f6fa17e7b7469
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37c7cc1f76410471198476b9704258d80c53f6ad9cb0d85584fae46b033ba157
37f0c389442e24dc9ff92956b0f76ef6844091f0079a881f1d7ab18cf42b7019
3921a16fc9be4d544b2279d4c9af0b68bd932d33167e3dc6afb28fe9ef90828d
3b43268232a58ec5ac83e519f47de92cd6cef366a46e9e4e6798bccf110fc719
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
420b9de35e72409ab9048afccd2a596fe065ab7f672692289806d625335b3b1c
43a511d78f7f81d97dfa8e64cd0e90b89524847addd8fc33d9f90f1079fcdf9b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
53c37eaabc4b381c3416f69955890cc4a5f7f843e740cdc7af8bf435e2f49227
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55dd893400498ae043476da6607a655bedbd6ef1b66158a65f74ec787dc1757f
55e9b8ba69d2deba32b245f1074db767231f3ff039c84fb7caf223c07b1420a9
5757da8f9b68bf494d494400961ad81925077b35c17caae349c22d5650fd3d59
5b1bc485368d998a7becfc0cd9d68b3c04177bbc92481790c71f7fcb85bb85df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64b24e9d0a34918a2399c67ccb91caf696db1c097073fc599dd39a1507e3b706
6738d8c0c676706db8e822f2d200058db56d132c612ba81967b4a9946c3801c3
6c544d17eb8650884004f007210af8681f171c21879ec75187dfb445d40d6ff6
6ec5ad118a76b5cb27388ccab39b1dc29752866ae4868d9beaafc0ddf3f4e537
752b88a80fb1b4a0e16222f275e6c5eb04c17a242789b511273c27cb90e86e35
768a29d97437a522f7d927d80924095b77b04bd12e5a5bc26c4aa933abd5d0f9
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
7b4b04d1bd4a0d091e4b545bbc5784c14e86a212ee8bc43ec54a6faf873666af
7cb0fcd5fde7e75943b3b9ee2170d624758b6f9026b40fc61f438b7688aae59c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
828b2c1ff9c711a9163db7830f38418d0729aee7f5025b43e03d5ad51a90f581
86f9a8fd4891f2d40afbb02bca846fec699c8c67c919d125b95109c866fdcbf4
8bb4e89bd9cc008194ae1c7a79c884073ead99061f2aeca5f84610e0b225cdbe
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
8f35c432ef7803e28c0614de19f9947158be185d8e94f08906aa958090b31795
9147b03e2448cc9781f6d36688cf9394b7b56ff8deaf7b9fd1d1202070e1731c
92807a96adf208df8b4eafda815a22be4d34c4965e6e2531074fbf0fe3469ad2
9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9decf8ac9bebada0599aebabd8b4325c187df839674b7e662244bb4551fd62be
a1027a1e04dc47a0909de254d4fc39917401c4cd074b21f12a6a37455b8b4334
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a69050e01ebed7e2ec5b47a8933196a94a3c79b402127819fc36783bdf8c4a61
a69aea433e06583acac5594b87daf2c9c9fbe2a445db2eed3e23b9fce017c735
abbabcf31765e84389c69e4b2724c1a061068c5f2bd55d8bea6fb5dedb29eca1
af15a1b1a53fb33fd074965d07748611e316c856786e445755c1cd46a836adff
b27c2a17319343c81f94509ad1fecf3a3113bf84403220c4997ebf6e2d5583c4
b3fc2e213facd2e139220937d154b650072ce4293a483b7e893954cd84019ffe
b74830261e106630a797d84ff1ce0f627b6d4a9ef17fff285bf4fc6dababad2b
ba0b93dbb30c51ee474e19e2c66143c4dc376c295e206026fc0c464f9bdbaa4a
babc997dce79297796615a8a8b73e766c9de8ae0a79dd6a8aa2b39d2264d3c43
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf517bc7c23231dd385a0779b0fa0a963673e4260c6e56f22aae16f0846dd6c3
bfdec2013b12254a3ffe56d23f91c1c031912d29713a6cae47571139aec9349e
c17b834d0c4ad3e7d09bbd0b5ad2e61f4bf4905f31769a5ed4a3184a6dc1a265
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed
c9302d261064558d1e38ee9b0d52fe4fc3825c6d34795b03a78a6e3e9f806ea6
cdf49e455654379110e0f70062f02d4368430b9830d6fffb2e295aeac561a139
cf657f8b2984c69d98770488d888abfc6fa5ac42b6d116e4f8f5c8a200d4f273
dabd882863686bf3be830fcbcfd4984769350ae698c5ab3cf6c9ebaae0ce4f64
dad714d9378d43a60d1aa9efbdb11563b8974e4e847364fb4c788b7b9666ab5f
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
debcf3d1f4f9ee8ad4fec145f9b9cb998867614b806b0ea79104a2dbfa8c95e2
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73e1c1417fc2390d5b71d5f705d426c02b5357a0a212e5e9a25a693346fa275
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
ebbac75c3d9bb6cb33da19ba1f7b1b7a4732cbd84744fca8e008b55ff7142e13
ec1d799ea15ca9389d9dcd1f5d5c9698d612204464a24020099137878484a168
f1280517470c638e05a2b686b74a13681c23ae8594311fa9a0d12fd4e8c43dd1
f573bf5b2536fa701211054e30c72f44c76f38b1ad2236d4f4209980b90a1acf
f7e0c5a222758d6c0549e3d9ed98e71b8e3f3c7a2d81141b1113f39a8110598d
fd03dca96f079c226adb2327d6a03668decb0a09473b21dae7b7fe673be51c80
fd121e64f62e16b941e3add4c49cdafd4e9c25473dff200b353863073149781d
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876